Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/7O0XPowTWBgblBWGtOKAwcUTXsI.roa
File:                     7O0XPowTWBgblBWGtOKAwcUTXsI.roa (raw, json)
Hash identifier:          5fjb630+vAquGLqUg/m9qNnR0uOjoIfwCRQdgAqeUTo=
Subject key identifier:   EC:ED:17:3E:8C:13:58:18:1B:94:15:86:B4:E2:80:C1:C5:13:5E:C2
Certificate issuer:       /CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
Certificate serial:       05DD3771
Authority key identifier: 8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/7O0XPowTWBgblBWGtOKAwcUTXsI.roa
Signing time:             Wed 25 May 2022 08:55:14 +0000
ROA not before:           Wed 25 May 2022 08:55:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211483
IP address blocks:        185.60.76.0/24 maxlen: 24
                          185.60.77.0/24 maxlen: 24
                          185.60.78.0/24 maxlen: 24
                          185.60.79.0/24 maxlen: 24
                          2a04:5b40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98383729 (0x5dd3771)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
        Validity
            Not Before: May 25 08:55:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eced173e8c1358181b941586b4e280c1c5135ec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:90:5c:a0:9c:e3:7c:e8:69:0b:ba:0c:02:2d:
                    5d:69:23:cb:5b:50:73:69:24:8b:80:59:71:32:c1:
                    cf:a8:d5:cc:0c:8d:bb:98:29:b2:0d:52:68:9e:d2:
                    11:31:72:18:50:16:f6:16:87:31:b7:46:3a:ba:db:
                    1b:cc:89:58:eb:91:1e:2f:22:60:75:c5:e6:5e:45:
                    15:5b:8b:32:b0:98:dc:3e:cd:56:98:22:6a:16:b6:
                    c6:a0:54:64:08:13:da:5a:08:de:41:12:86:6d:64:
                    12:f9:8e:61:b1:b7:f9:85:37:ba:86:34:62:94:75:
                    3c:1b:52:8e:b5:5a:f0:b8:2f:55:8f:dc:52:67:c8:
                    5e:d9:f9:25:b0:0d:fa:35:da:c5:94:6d:95:0d:b2:
                    f5:1f:7d:cc:7b:16:e5:bc:3c:48:28:85:20:98:c4:
                    7f:59:c4:71:7b:1e:ca:76:1a:b0:10:2d:65:1d:86:
                    98:fc:93:c9:5e:67:bd:e5:a6:c1:81:0a:ec:1b:36:
                    dc:42:23:d0:21:13:fe:11:dd:e5:c7:bf:4c:21:87:
                    70:96:9f:f0:57:43:eb:e6:1f:c6:47:47:bc:b9:52:
                    d0:bf:8e:2c:e7:e1:78:34:54:13:a9:af:d3:3f:22:
                    e9:7d:b8:15:4b:50:fa:de:4e:5f:22:b0:e8:39:08:
                    37:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:ED:17:3E:8C:13:58:18:1B:94:15:86:B4:E2:80:C1:C5:13:5E:C2
            X509v3 Authority Key Identifier:
                keyid:8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/7O0XPowTWBgblBWGtOKAwcUTXsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.60.76.0/22
                IPv6:
                  2a04:5b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         12:5e:c8:5d:ce:ff:8c:86:fa:1c:49:8b:93:09:9c:5e:73:f8:
         fe:58:1a:be:eb:94:69:df:b4:4e:a2:74:d4:62:c2:10:ee:bd:
         ad:dc:2b:dc:9c:92:f3:79:a5:b7:c0:bb:33:33:b8:ea:db:82:
         fe:e8:79:e1:0f:31:93:f5:0a:ba:18:40:19:19:7a:fd:17:25:
         b3:10:c0:7a:6f:2f:21:9d:30:25:0f:90:c6:74:7b:48:31:11:
         08:e9:46:20:a2:2d:d4:d8:79:9f:7a:09:bb:16:dd:a7:6c:aa:
         36:a4:db:ac:91:03:c7:18:7e:8e:37:5a:91:ba:30:56:4f:c7:
         b6:9e:07:26:eb:c5:f1:96:81:36:f5:e9:21:f7:ea:b1:cb:c7:
         51:4d:47:cc:89:4c:70:f5:58:af:62:8c:bc:ea:a9:1d:6d:7a:
         1d:f9:86:4e:8e:02:11:f1:99:aa:6f:28:b8:39:cb:50:e8:23:
         df:47:6d:34:98:fb:76:42:bf:b6:9a:ea:9a:d9:b7:2b:ff:a4:
         82:8b:a0:c9:a1:fa:19:3d:2d:8a:1b:ad:f7:fc:7d:1d:92:29:
         fa:f4:14:df:f7:cf:bf:44:96:11:0c:c7:f8:08:09:cb:fd:79:
         b7:4d:32:f0:9f:39:90:05:bd:ba:cf:56:14:4c:23:6c:e5:29:
         82:ef:be:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBd03cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzA1YjM2NGZjZjMxOWNjZjUzYzVmMmU4YzYzNDI5MGFjMGViMTI5MB4XDTIyMDUy
NTA4NTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNlZDE3M2U4YzEz
NTgxODFiOTQxNTg2YjRlMjgwYzFjNTEzNWVjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSQXKCc43zoaQu6DAItXWkjy1tQc2kki4BZcTLBz6jVzAyN
u5gpsg1SaJ7SETFyGFAW9haHMbdGOrrbG8yJWOuRHi8iYHXF5l5FFVuLMrCY3D7N
Vpgiaha2xqBUZAgT2loI3kEShm1kEvmOYbG3+YU3uoY0YpR1PBtSjrVa8LgvVY/c
UmfIXtn5JbAN+jXaxZRtlQ2y9R99zHsW5bw8SCiFIJjEf1nEcXseynYasBAtZR2G
mPyTyV5nveWmwYEK7Bs23EIj0CET/hHd5ce/TCGHcJaf8FdD6+YfxkdHvLlS0L+O
LOfheDRUE6mv0z8i6X24FUtQ+t5OXyKw6DkINxsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTs7Rc+jBNYGBuUFYa04oDBxRNewjAfBgNVHSMEGDAWgBSMBbNk/PMZzPU8
Xy6MY0KQrA6xKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pBV3paUHp6R2N6MVBGOHVqR05Da0t3T3NTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMmQzNDZiLTg4MjUtNDY4MS05NGUzLTk4NDQxNjA3YjIyOC8x
LzdPMFhQb3dUV0JnYmxCV0d0T0tBd2NVVFhzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MmQzNDZiLTg4MjUtNDY4MS05NGUzLTk4NDQxNjA3YjIyOC8xL2pBV3paUHp6R2N6
MVBGOHVqR05Da0t3T3NTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk8TDANBAIAAjAHAwUAKgRbQDAN
BgkqhkiG9w0BAQsFAAOCAQEAEl7IXc7/jIb6HEmLkwmcXnP4/lgavuuUad+0TqJ0
1GLCEO69rdwr3JyS83mlt8C7MzO46tuC/uh54Q8xk/UKuhhAGRl6/RclsxDAem8v
IZ0wJQ+QxnR7SDERCOlGIKIt1Nh5n3oJuxbdp2yqNqTbrJEDxxh+jjdakbowVk/H
tp4HJuvF8ZaBNvXpIffqscvHUU1HzIlMcPVYr2KMvOqpHW16HfmGTo4CEfGZqm8o
uDnLUOgj30dtNJj7dkK/tprqmtm3K/+kgougyaH6GT0tihut9/x9HZIp+vQU3/fP
v0SWEQzH+AgJy/15t00y8J85kAW9us9WFEwjbOUpgu++6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:04 2024 by rpki-client on console-fra.rpki-client.org