Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/Bl3XKYeNwbPhabBOdw7iNT1D4o0.roa
File:                     Bl3XKYeNwbPhabBOdw7iNT1D4o0.roa (raw, json)
Hash identifier:          dKwPbBfU+NVaEQDv1+3nXKbl86yoBnbElPf5ZiOsQXE=
Subject key identifier:   06:5D:D7:29:87:8D:C1:B3:E1:69:B0:4E:77:0E:E2:35:3D:43:E2:8D
Certificate issuer:       /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial:       03F894C1
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/Bl3XKYeNwbPhabBOdw7iNT1D4o0.roa
Signing time:             Fri 29 Apr 2022 15:59:50 +0000
ROA not before:           Fri 29 Apr 2022 15:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30762
IP address blocks:        185.236.124.0/24 maxlen: 24
                          185.236.125.0/24 maxlen: 24
                          185.236.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66622657 (0x3f894c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
        Validity
            Not Before: Apr 29 15:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=065dd729878dc1b3e169b04e770ee2353d43e28d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8f:04:64:64:48:d8:7f:6c:b3:3a:d2:d1:de:
                    51:5e:87:68:55:0d:80:ae:6e:51:3c:1d:39:6f:9b:
                    ce:bd:78:6a:71:5f:03:92:0e:9d:8c:1e:5e:c8:f6:
                    b6:26:6a:13:ba:55:93:29:15:f7:09:14:dc:cc:b3:
                    ef:ad:69:be:fe:73:dd:97:a7:a5:71:42:22:79:83:
                    46:db:19:cc:1d:59:45:41:c2:f6:05:d9:b2:12:ea:
                    de:a8:64:ab:99:d2:c9:f2:25:5d:d4:bc:9e:02:95:
                    e6:dd:45:09:b0:ae:2e:98:21:3d:90:91:c5:db:46:
                    d7:9f:32:26:04:5c:9d:ff:33:bb:86:99:f7:b0:23:
                    3f:08:db:27:77:df:d5:fe:81:75:1f:c2:72:92:77:
                    3c:69:d8:e1:ca:a1:4a:43:ee:4d:cb:57:b5:6c:17:
                    f1:06:93:84:97:b5:d7:64:61:b6:73:16:b1:16:a2:
                    b7:74:39:c2:ad:af:9a:1b:13:aa:f5:91:1b:32:d5:
                    44:00:71:6e:db:2f:83:6d:4b:81:88:74:99:15:bd:
                    35:3b:0d:f9:e9:71:7b:22:c2:0f:bc:0f:49:ab:ec:
                    c1:4c:61:d8:75:14:1d:4d:5a:19:a8:2f:30:d7:f3:
                    89:dc:a6:00:18:f4:45:b2:fe:52:62:dd:cd:4b:74:
                    bf:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:5D:D7:29:87:8D:C1:B3:E1:69:B0:4E:77:0E:E2:35:3D:43:E2:8D
            X509v3 Authority Key Identifier:
                keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/Bl3XKYeNwbPhabBOdw7iNT1D4o0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.124.0-185.236.126.255

    Signature Algorithm: sha256WithRSAEncryption
         60:d7:52:b8:a9:1b:4b:6f:20:ca:f8:23:83:e2:d6:d7:cc:0a:
         f8:ce:d3:90:92:49:68:c5:9f:da:78:57:b7:52:94:fb:d7:d6:
         77:80:0a:b3:5e:54:9a:44:a8:f8:33:15:3a:7e:41:56:98:19:
         18:98:51:39:ce:04:12:d3:cf:8e:e4:88:4a:99:d9:71:2a:71:
         50:6b:72:32:e2:9f:f7:4a:b2:fa:0f:a8:67:82:25:1b:3e:e3:
         af:f8:5a:07:36:db:15:86:41:c4:81:63:d4:7a:0e:0c:dd:2f:
         94:ac:1a:e4:d9:54:ee:82:4d:22:89:29:f6:23:03:dd:75:1e:
         b9:ff:1e:1c:22:58:fd:39:1d:26:87:65:b5:47:84:e1:cc:ba:
         54:59:f7:87:3c:06:53:8d:d9:a5:e9:2a:a0:f6:a0:df:45:cd:
         7c:f8:49:09:c9:ec:45:29:d6:5b:f6:c4:5e:70:6d:e0:68:84:
         f8:b8:a9:30:e7:32:88:ca:62:37:ed:f8:64:ec:ff:3a:ab:13:
         33:b3:73:e5:b9:24:0f:92:ec:cf:c2:2f:79:d0:0c:11:1e:d3:
         44:2a:c4:8d:c7:55:6c:6e:22:72:b9:71:32:c2:69:90:d7:53:
         32:25:de:7e:42:8a:5c:d4:f8:5e:a7:09:50:35:46:99:35:52:
         aa:3e:da:3c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA/iUwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTQ3OGM1YWEyMjZhMjc4ZThiMTkwNmYzNzFjNjBjZmM3ZDg3ZThlMB4XDTIyMDQy
OTE1NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY1ZGQ3Mjk4Nzhk
YzFiM2UxNjliMDRlNzcwZWUyMzUzZDQzZTI4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+PBGRkSNh/bLM60tHeUV6HaFUNgK5uUTwdOW+bzr14anFf
A5IOnYweXsj2tiZqE7pVkykV9wkU3Myz761pvv5z3ZenpXFCInmDRtsZzB1ZRUHC
9gXZshLq3qhkq5nSyfIlXdS8ngKV5t1FCbCuLpghPZCRxdtG158yJgRcnf8zu4aZ
97AjPwjbJ3ff1f6BdR/CcpJ3PGnY4cqhSkPuTctXtWwX8QaThJe112RhtnMWsRai
t3Q5wq2vmhsTqvWRGzLVRABxbtsvg21LgYh0mRW9NTsN+elxeyLCD7wPSavswUxh
2HUUHU1aGagvMNfzidymABj0RbL+UmLdzUt0v8MCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQGXdcph43Bs+FpsE53DuI1PUPijTAfBgNVHSMEGDAWgBR6R4xaoiaieOix
kG83HGDPx9h+jjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VrZU1XcUltb25qb3NaQnZOeHhnejhmWWZvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvNTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8x
L0JsM1hLWWVOd2JQaGFiQk9kdzdpTlQxRDRvMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
NTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8xL2VrZU1XcUltb25q
b3NaQnZOeHhnejhmWWZvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuex8AwQAuex+MA0GCSqGSIb3
DQEBCwUAA4IBAQBg11K4qRtLbyDK+COD4tbXzAr4ztOQkkloxZ/aeFe3UpT719Z3
gAqzXlSaRKj4MxU6fkFWmBkYmFE5zgQS08+O5IhKmdlxKnFQa3Iy4p/3SrL6D6hn
giUbPuOv+FoHNtsVhkHEgWPUeg4M3S+UrBrk2VTugk0iiSn2IwPddR65/x4cIlj9
OR0mh2W1R4ThzLpUWfeHPAZTjdml6Sqg9qDfRc18+EkJyexFKdZb9sRecG3gaIT4
uKkw5zKIymI37fhk7P86qxMzs3PluSQPkuzPwi950AwRHtNEKsSNx1VsbiJyuXEy
wmmQ11MyJd5+Qopc1PhepwlQNUaZNVKqPto8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:38 2024 by rpki-client on console-ams.rpki-client.org