Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/9S6gGlvK6BRYjyBS_5vVeVJ0TMI.roa
File:                     9S6gGlvK6BRYjyBS_5vVeVJ0TMI.roa (raw, json)
Hash identifier:          bDPkQFZvGbwM12Nb2b6C+k+d4/foIRATq4LClKpaFg4=
Subject key identifier:   F5:2E:A0:1A:5B:CA:E8:14:58:8F:20:52:FF:9B:D5:79:52:74:4C:C2
Certificate issuer:       /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial:       0A352CB8
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/9S6gGlvK6BRYjyBS_5vVeVJ0TMI.roa
Signing time:             Sat 01 Jan 2022 15:02:38 +0000
ROA not before:           Sat 01 Jan 2022 15:02:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     393960
IP address blocks:        185.177.228.0/24 maxlen: 24
                          185.177.231.0/24 maxlen: 24
                          185.177.230.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171257016 (0xa352cb8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
        Validity
            Not Before: Jan  1 15:02:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f52ea01a5bcae814588f2052ff9bd57952744cc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:71:d4:4d:2a:4b:e1:b4:3e:50:78:47:52:bc:
                    fe:57:82:82:b2:55:f8:54:49:b0:26:91:1f:50:31:
                    cf:7b:4c:0f:22:c4:f3:f8:09:70:44:23:7d:12:b3:
                    38:06:3e:cf:d9:ee:80:13:84:ab:34:a7:7d:e8:1a:
                    46:da:86:5e:a0:8e:6c:f8:a6:ed:8e:fc:62:11:69:
                    dc:49:d8:d5:6c:23:df:b4:0a:e3:0c:a1:4c:4a:6d:
                    79:5a:cc:73:8d:c3:8d:b4:32:7a:d6:0a:bc:34:10:
                    d4:a1:be:5b:72:b8:e8:79:4d:bd:7f:5e:f3:31:43:
                    e8:d1:07:68:32:cf:32:27:02:4d:4d:4d:dd:29:81:
                    db:be:21:f3:1b:76:dc:82:1b:49:6a:be:20:8c:8c:
                    4b:46:78:f2:e8:84:5e:61:2e:58:b6:1a:99:07:a3:
                    f0:f2:28:2a:5c:67:60:0a:fe:30:79:e4:d7:8e:00:
                    03:66:13:be:4c:3f:a0:31:89:ca:a1:11:cc:37:72:
                    a2:63:cb:b8:ac:a2:74:5e:d2:87:c0:83:a1:1d:6f:
                    ef:a3:ad:e1:8c:2c:00:81:2d:b0:ff:fb:e9:d0:4c:
                    cb:3c:65:fd:92:a9:8b:af:67:1f:1e:dc:0e:3e:b2:
                    7a:06:db:28:eb:82:68:8c:26:ea:ef:7f:89:23:6f:
                    30:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:2E:A0:1A:5B:CA:E8:14:58:8F:20:52:FF:9B:D5:79:52:74:4C:C2
            X509v3 Authority Key Identifier:
                keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/9S6gGlvK6BRYjyBS_5vVeVJ0TMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.228.0/24
                  185.177.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:30:45:0b:ed:25:ed:e8:23:df:c3:9a:f0:0a:27:67:45:d0:
         2a:d0:49:52:76:cc:c0:68:30:98:9f:8d:53:a4:41:47:46:09:
         60:17:e2:f3:9e:ce:71:10:03:e5:d2:6e:34:b6:a4:e9:09:e0:
         28:4a:fe:87:36:b0:7e:1a:38:92:6e:2b:c2:7d:39:3e:05:97:
         a8:2e:3c:a6:53:66:8b:e8:81:89:6b:4c:79:4d:5d:65:f2:1a:
         bb:19:7f:24:6a:66:0f:ae:9f:ac:48:eb:0f:ac:45:f2:86:a2:
         9c:00:88:5f:7c:36:1c:e6:b2:06:3e:16:7c:56:06:98:8a:a6:
         75:5e:1f:97:98:f7:e6:95:f1:f2:6b:d2:e5:af:f5:79:c9:41:
         95:77:04:ee:2c:87:05:aa:c4:db:51:fc:7c:54:13:31:ae:e3:
         e4:62:d8:30:65:bd:3a:4e:8f:61:3e:21:33:ab:c0:00:bb:a5:
         f4:a4:6c:bb:fe:5d:5d:3b:22:05:ff:ac:85:74:50:dd:c6:bf:
         83:bc:33:96:f0:78:37:51:0d:8c:79:bf:bc:e6:96:16:d4:38:
         a1:d2:ab:ab:05:55:1d:81:39:77:c8:b2:2d:93:74:95:d8:48:
         87:ec:9d:a0:a1:56:71:4f:5f:9a:ee:bb:8e:ff:d3:27:08:16:
         3f:c0:21:5d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECjUsuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTU0YWM0YzdmNDUxYzViYjkzODJmYmNkNDZkNzBjNGMwZjlkZTU2MB4XDTIyMDEw
MTE1MDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjUyZWEwMWE1YmNh
ZTgxNDU4OGYyMDUyZmY5YmQ1Nzk1Mjc0NGNjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxx1E0qS+G0PlB4R1K8/leCgrJV+FRJsCaRH1Axz3tMDyLE
8/gJcEQjfRKzOAY+z9nugBOEqzSnfegaRtqGXqCObPim7Y78YhFp3EnY1Wwj37QK
4wyhTEpteVrMc43DjbQyetYKvDQQ1KG+W3K46HlNvX9e8zFD6NEHaDLPMicCTU1N
3SmB274h8xt23IIbSWq+IIyMS0Z48uiEXmEuWLYamQej8PIoKlxnYAr+MHnk144A
A2YTvkw/oDGJyqERzDdyomPLuKyidF7Sh8CDoR1v76Ot4YwsAIEtsP/76dBMyzxl
/ZKpi69nHx7cDj6yegbbKOuCaIwm6u9/iSNvMNsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT1LqAaW8roFFiPIFL/m9V5UnRMwjAfBgNVHSMEGDAWgBR1VKxMf0UcW7k4
L7zUbXDEwPneVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RWU3NUSDlGSEZ1NU9DLTgxRzF3eE1ENTNsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvODdhMDBhLWI2ZjYtNDcyMS1hODI4LWQ5MzM3ZGIzOWQxZi8x
LzlTNmdHbHZLNkJSWWp5QlNfNXZWZVZKMFRNSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
ODdhMDBhLWI2ZjYtNDcyMS1hODI4LWQ5MzM3ZGIzOWQxZi8xL2RWU3NUSDlGSEZ1
NU9DLTgxRzF3eE1ENTNsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmx5AMEAbmx5jANBgkqhkiG9w0B
AQsFAAOCAQEAjzBFC+0l7egj38Oa8AonZ0XQKtBJUnbMwGgwmJ+NU6RBR0YJYBfi
857OcRAD5dJuNLak6QngKEr+hzawfho4km4rwn05PgWXqC48plNmi+iBiWtMeU1d
ZfIauxl/JGpmD66frEjrD6xF8oainACIX3w2HOayBj4WfFYGmIqmdV4fl5j35pXx
8mvS5a/1eclBlXcE7iyHBarE21H8fFQTMa7j5GLYMGW9Ok6PYT4hM6vAALul9KRs
u/5dXTsiBf+shXRQ3ca/g7wzlvB4N1ENjHm/vOaWFtQ4odKrqwVVHYE5d8iyLZN0
ldhIh+ydoKFWcU9fmu67jv/TJwgWP8AhXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:30 2024 by rpki-client on console-ams.rpki-client.org