Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/w5ISaOPgXQOi0O3to0OrC2DEBmI.roa
File:                     w5ISaOPgXQOi0O3to0OrC2DEBmI.roa (raw, json)
Hash identifier:          YyCc5tqrPr3TYCryhuScJ5gRg11GxkNnN4ML5U9TC9I=
Subject key identifier:   C3:92:12:68:E3:E0:5D:03:A2:D0:ED:ED:A3:43:AB:0B:60:C4:06:62
Certificate issuer:       /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial:       02FB1EF7
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/w5ISaOPgXQOi0O3to0OrC2DEBmI.roa
Signing time:             Sat 01 Jan 2022 06:06:34 +0000
ROA not before:           Sat 01 Jan 2022 06:06:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        185.236.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50011895 (0x2fb1ef7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
        Validity
            Not Before: Jan  1 06:06:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c3921268e3e05d03a2d0ededa343ab0b60c40662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c4:df:f8:c0:0e:35:a5:cf:46:68:da:db:5d:
                    2a:07:88:97:79:21:18:57:8d:be:71:fc:a8:91:e2:
                    fe:de:3f:03:8f:c2:bd:ce:3b:e7:cb:9d:00:59:39:
                    89:00:94:05:96:db:ba:2d:91:9f:d9:53:e7:01:7f:
                    e0:7c:b3:ed:c4:33:70:09:a2:03:d5:03:ce:26:59:
                    a2:2c:4d:28:41:1d:0d:08:03:ef:3a:e9:1b:ae:f2:
                    17:51:f3:7b:68:d1:bb:3f:86:5f:b1:6a:ee:25:23:
                    85:eb:eb:ca:f0:37:91:c3:b8:69:c2:d7:70:d2:cb:
                    61:67:c2:62:6b:95:38:97:db:17:db:54:31:1f:ff:
                    09:1c:16:5f:15:75:23:b1:e7:a1:bc:99:49:75:43:
                    3f:74:2d:ed:ab:68:75:26:ca:43:1f:a0:16:3a:f5:
                    7e:ea:ca:29:5a:b4:b7:1f:5d:9e:f4:96:13:af:da:
                    97:63:94:84:56:25:29:50:24:c6:c4:6b:38:0e:77:
                    38:a2:6e:d1:58:0e:c7:36:8f:cc:44:02:84:62:4c:
                    e2:2a:2a:39:13:41:5f:1f:11:9a:00:2a:18:be:14:
                    c9:86:46:43:08:30:b2:3d:b5:23:87:87:0b:3c:18:
                    f3:7c:5b:fa:9e:54:5e:c0:3e:f7:a6:db:40:a5:2c:
                    5e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:92:12:68:E3:E0:5D:03:A2:D0:ED:ED:A3:43:AB:0B:60:C4:06:62
            X509v3 Authority Key Identifier:
                keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/w5ISaOPgXQOi0O3to0OrC2DEBmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:3d:e1:63:5c:0f:59:57:31:a7:a8:ac:db:c5:2e:a9:36:66:
         f7:ea:65:28:6e:5c:f7:0f:8f:09:2d:c7:7e:57:86:a1:61:6f:
         73:f0:e8:a2:36:59:27:53:34:cf:f0:9c:9a:2c:ab:5c:cc:ca:
         b2:0f:d1:34:ce:c1:0b:e5:5d:be:52:c3:ff:58:55:c7:7b:f0:
         f0:f5:35:c6:99:02:1d:04:5c:7a:54:c8:34:30:6c:55:fd:bf:
         a2:05:8f:8a:41:e8:e6:38:7c:04:bf:84:7a:04:c1:a5:78:3e:
         8f:3c:6a:83:c0:07:d7:39:44:f2:60:9f:e9:a3:64:ca:6b:29:
         d0:56:5c:fd:3b:5c:08:2a:6b:00:c3:08:df:fe:7f:69:73:89:
         ad:e6:e9:03:27:cd:e7:e9:10:cb:eb:e1:cb:0a:63:0c:87:f8:
         78:b5:38:d9:3e:06:6e:c7:ff:5c:e4:88:f5:f6:d3:bb:26:b7:
         e4:49:a0:70:ee:bc:1d:e7:6c:e7:69:7c:0b:42:1a:21:69:eb:
         53:b4:56:4b:95:12:53:fb:4e:50:fa:ac:77:c5:9e:6c:1a:3c:
         f3:10:f9:90:4c:ea:37:44:a4:a1:e9:ef:7d:3e:18:ea:cb:7c:
         9a:6f:be:6a:a9:3f:52:b3:cd:bd:c5:b7:bd:ea:1f:5a:d7:90:
         0d:65:cd:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvse9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTQ3OGM1YWEyMjZhMjc4ZThiMTkwNmYzNzFjNjBjZmM3ZDg3ZThlMB4XDTIyMDEw
MTA2MDYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzM5MjEyNjhlM2Uw
NWQwM2EyZDBlZGVkYTM0M2FiMGI2MGM0MDY2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvE3/jADjWlz0Zo2ttdKgeIl3khGFeNvnH8qJHi/t4/A4/C
vc4758udAFk5iQCUBZbbui2Rn9lT5wF/4Hyz7cQzcAmiA9UDziZZoixNKEEdDQgD
7zrpG67yF1Hze2jRuz+GX7Fq7iUjhevryvA3kcO4acLXcNLLYWfCYmuVOJfbF9tU
MR//CRwWXxV1I7HnobyZSXVDP3Qt7atodSbKQx+gFjr1furKKVq0tx9dnvSWE6/a
l2OUhFYlKVAkxsRrOA53OKJu0VgOxzaPzEQChGJM4ioqORNBXx8RmgAqGL4UyYZG
Qwgwsj21I4eHCzwY83xb+p5UXsA+96bbQKUsXvkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTDkhJo4+BdA6LQ7e2jQ6sLYMQGYjAfBgNVHSMEGDAWgBR6R4xaoiaieOix
kG83HGDPx9h+jjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VrZU1XcUltb25qb3NaQnZOeHhnejhmWWZvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvNTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8x
L3c1SVNhT1BnWFFPaTBPM3RvME9yQzJERUJtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
NTFhNTIwLWUwOGQtNDNiMy1hNmIwLWQ3NmVjOWNjMGQyOC8xL2VrZU1XcUltb25q
b3NaQnZOeHhnejhmWWZvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnsfDANBgkqhkiG9w0BAQsFAAOC
AQEADD3hY1wPWVcxp6is28UuqTZm9+plKG5c9w+PCS3HfleGoWFvc/DoojZZJ1M0
z/CcmiyrXMzKsg/RNM7BC+VdvlLD/1hVx3vw8PU1xpkCHQRcelTINDBsVf2/ogWP
ikHo5jh8BL+EegTBpXg+jzxqg8AH1zlE8mCf6aNkymsp0FZc/TtcCCprAMMI3/5/
aXOJrebpAyfN5+kQy+vhywpjDIf4eLU42T4Gbsf/XOSI9fbTuya35EmgcO68Heds
52l8C0IaIWnrU7RWS5USU/tOUPqsd8WebBo88xD5kEzqN0SkoenvfT4Y6st8mm++
aqk/UrPNvcW3veofWteQDWXN1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:57 2024 by rpki-client on console-fra.rpki-client.org