Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/fd5f04-1d26-4451-a6ae-9867642c2f10/1/1H1N9NhbEgz3tlRfSpvMBoSFd0s.roa
File:                     1H1N9NhbEgz3tlRfSpvMBoSFd0s.roa (raw, json)
Hash identifier:          LASqJKkVfssKfL+rDQt+NVOFo3pxcaDkhEjGwPAMsHs=
Subject key identifier:   D4:7D:4D:F4:D8:5B:12:0C:F7:B6:54:5F:4A:9B:CC:06:84:85:77:4B
Certificate issuer:       /CN=51e140495bd06c2e8efacb7ed0a31516db1f405f
Certificate serial:       5EF0
Authority key identifier: 51:E1:40:49:5B:D0:6C:2E:8E:FA:CB:7E:D0:A3:15:16:DB:1F:40:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UeFASVvQbC6O-st-0KMVFtsfQF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/fd5f04-1d26-4451-a6ae-9867642c2f10/1/1H1N9NhbEgz3tlRfSpvMBoSFd0s.roa
Signing time:             Fri 18 Mar 2022 09:03:23 +0000
ROA not before:           Fri 18 Mar 2022 09:03:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        185.234.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24304 (0x5ef0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51e140495bd06c2e8efacb7ed0a31516db1f405f
        Validity
            Not Before: Mar 18 09:03:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d47d4df4d85b120cf7b6545f4a9bcc068485774b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:27:44:38:86:8f:91:0f:16:56:f6:59:54:49:
                    e7:33:78:75:d1:0e:eb:f9:93:21:18:90:9e:2f:c1:
                    e0:40:23:0f:4f:f7:f4:10:12:50:e7:46:cf:49:b3:
                    89:8f:ec:fb:68:8e:dc:cc:07:45:dc:f4:43:ae:9e:
                    d4:43:86:d3:cc:47:a0:5e:a5:44:9b:01:bb:39:66:
                    bf:6e:f8:b9:95:0c:1d:be:22:e4:52:e0:4d:80:28:
                    b8:d1:76:ea:0a:f5:d9:e1:e3:95:fd:3c:89:3a:e2:
                    1e:39:5a:f5:4b:f5:4f:27:d7:ae:67:c9:5a:aa:bf:
                    29:f2:56:54:4b:92:57:03:07:d6:78:64:c7:30:df:
                    bc:e3:74:f2:13:56:fe:2e:e3:51:ba:52:db:fd:33:
                    61:ff:6f:78:fc:89:44:9a:05:50:0f:de:0c:29:28:
                    5c:12:0c:89:78:67:26:73:90:e5:0a:5a:07:04:57:
                    96:ff:12:cd:e8:c9:4d:f9:27:2a:2c:e2:84:59:bb:
                    f3:75:1e:eb:0d:7a:5a:fb:cc:c0:92:11:10:a6:c3:
                    3f:1f:3f:a2:91:7a:46:05:dd:e7:41:cf:4b:40:7d:
                    d4:b7:ed:9b:cf:b8:f9:a1:66:5c:d4:9d:9f:ec:1a:
                    e1:ff:a8:8e:0c:1d:74:89:6a:d2:86:7c:d2:ef:4d:
                    62:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7D:4D:F4:D8:5B:12:0C:F7:B6:54:5F:4A:9B:CC:06:84:85:77:4B
            X509v3 Authority Key Identifier:
                keyid:51:E1:40:49:5B:D0:6C:2E:8E:FA:CB:7E:D0:A3:15:16:DB:1F:40:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UeFASVvQbC6O-st-0KMVFtsfQF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/fd5f04-1d26-4451-a6ae-9867642c2f10/1/1H1N9NhbEgz3tlRfSpvMBoSFd0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/fd5f04-1d26-4451-a6ae-9867642c2f10/1/UeFASVvQbC6O-st-0KMVFtsfQF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:9a:1a:e7:b2:c1:96:00:aa:e5:6f:bb:8c:f9:a6:66:ab:85:
         e4:bb:a5:cb:6f:4d:56:2f:65:dd:e9:1e:34:d9:76:f8:07:36:
         d0:f1:1f:8d:ba:57:6a:0f:8f:cf:dc:91:ff:8b:06:a0:27:f8:
         81:69:ee:65:17:45:24:33:1a:79:84:59:a9:18:ca:79:3b:c7:
         f3:02:62:25:43:73:0f:a6:65:66:35:f8:a9:1a:e9:ea:d8:7e:
         df:27:0d:ad:92:dc:0c:38:bd:7f:a5:87:d9:45:73:8f:0a:06:
         4b:01:9b:72:75:79:cf:e2:9d:9c:a5:f4:93:61:f4:46:b4:9d:
         c5:42:a7:e4:45:6a:0b:07:fe:04:c7:ff:ce:b1:d4:31:e3:e0:
         94:15:f8:e3:bf:88:45:21:06:6d:d3:a3:8c:4f:a7:7e:7f:f1:
         65:9e:a1:e2:62:a7:64:17:78:80:dd:ea:f2:a1:08:5f:38:b6:
         6c:d1:3d:27:4f:58:87:51:09:e2:41:38:7d:99:e1:3d:b7:a9:
         34:f3:fe:db:c5:4a:32:c0:77:1d:ea:66:09:33:cc:1c:b2:cf:
         1e:b1:7d:2a:53:e5:dd:c9:54:74:9b:2f:fc:c5:72:74:a5:33:
         9e:8d:d1:1b:42:24:9f:4c:a7:1d:e7:f7:ea:3c:4b:d0:be:72:
         ea:15:06:06
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICXvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFl
MTQwNDk1YmQwNmMyZThlZmFjYjdlZDBhMzE1MTZkYjFmNDA1ZjAeFw0yMjAzMTgw
OTAzMjNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQ0N2Q0ZGY0ZDg1YjEy
MGNmN2I2NTQ1ZjRhOWJjYzA2ODQ4NTc3NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBJ0Q4ho+RDxZW9llUSeczeHXRDuv5kyEYkJ4vweBAIw9P9/QQ
ElDnRs9Js4mP7PtojtzMB0Xc9EOuntRDhtPMR6BepUSbAbs5Zr9u+LmVDB2+IuRS
4E2AKLjRduoK9dnh45X9PIk64h45WvVL9U8n165nyVqqvynyVlRLklcDB9Z4ZMcw
37zjdPITVv4u41G6Utv9M2H/b3j8iUSaBVAP3gwpKFwSDIl4ZyZzkOUKWgcEV5b/
Es3oyU35Jyos4oRZu/N1HusNelr7zMCSERCmwz8fP6KRekYF3edBz0tAfdS37ZvP
uPmhZlzUnZ/sGuH/qI4MHXSJatKGfNLvTWJZAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQU1H1N9NhbEgz3tlRfSpvMBoSFd0swHwYDVR0jBBgwFoAUUeFASVvQbC6O+st+
0KMVFtsfQF8wDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9V
ZUZBU1Z2UWJDNk8tc3QtMEtNVkZ0c2ZRRjguY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzBiL2ZkNWYwNC0xZDI2LTQ0NTEtYTZhZS05ODY3NjQyYzJmMTAvMS8x
SDFOOU5oYkVnejN0bFJmU3B2TUJvU0ZkMHMucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBiL2Zk
NWYwNC0xZDI2LTQ0NTEtYTZhZS05ODY3NjQyYzJmMTAvMS9VZUZBU1Z2UWJDNk8t
c3QtMEtNVkZ0c2ZRRjguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC56ogwDQYJKoZIhvcNAQELBQADggEB
AFCaGueywZYAquVvu4z5pmarheS7pctvTVYvZd3pHjTZdvgHNtDxH426V2oPj8/c
kf+LBqAn+IFp7mUXRSQzGnmEWakYynk7x/MCYiVDcw+mZWY1+Kka6erYft8nDa2S
3Aw4vX+lh9lFc48KBksBm3J1ec/inZyl9JNh9Ea0ncVCp+RFagsH/gTH/86x1DHj
4JQV+OO/iEUhBm3To4xPp35/8WWeoeJip2QXeIDd6vKhCF84tmzRPSdPWIdRCeJB
OH2Z4T23qTTz/tvFSjLAdx3qZgkzzByyzx6xfSpT5d3JVHSbL/zFcnSlM56N0RtC
JJ9Mpx3n9+o8S9C+cuoVBgY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:25 2024 by rpki-client on console-ams.rpki-client.org