Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/44KjR5LEzfupx8B_APJu1hBF81c.roa
File:                     44KjR5LEzfupx8B_APJu1hBF81c.roa (raw, json)
Hash identifier:          l2DxEGutJUj8aJXEadKYyWCRc8QON9i6aWHzV2WycTI=
Subject key identifier:   E3:82:A3:47:92:C4:CD:FB:A9:C7:C0:7F:00:F2:6E:D6:10:45:F3:57
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       018211993D473E923A72B1B7196883A7C80B
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/44KjR5LEzfupx8B_APJu1hBF81c.roa
Signing time:             Mon 18 Jul 2022 13:57:11 +0000
ROA not before:           Mon 18 Jul 2022 13:57:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.39.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:99:3d:47:3e:92:3a:72:b1:b7:19:68:83:a7:c8:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jul 18 13:57:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e382a34792c4cdfba9c7c07f00f26ed61045f357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:da:14:89:c4:60:44:c3:bd:ed:7a:61:81:69:
                    95:95:04:7c:81:5c:c5:c1:e3:37:de:bb:21:47:47:
                    2c:f9:0b:bb:d1:bd:5b:37:f9:c9:69:1f:4c:64:08:
                    20:02:f5:bb:62:00:3a:b2:cd:72:5e:3a:f7:23:3f:
                    ca:a8:c0:7c:fa:5b:29:83:75:a7:cf:ca:a3:2d:28:
                    c0:6b:53:80:24:04:f9:84:42:2e:84:66:68:57:e6:
                    bc:7e:db:30:14:22:86:d2:2e:0b:f3:14:fb:7e:01:
                    0f:09:a2:42:a0:4f:ab:a1:80:00:24:23:2c:36:de:
                    0c:f6:fb:21:a6:07:dd:53:60:42:c3:b6:c7:48:a1:
                    c5:9e:83:72:f8:8f:42:70:7b:9d:01:5a:bf:97:f6:
                    53:02:d7:d9:50:52:79:9d:a2:dc:c9:ee:e6:84:c1:
                    05:cb:0c:4e:08:18:9d:2e:b6:2e:b2:24:a2:64:e3:
                    01:0a:2c:49:f5:f9:6f:f6:7a:85:38:a4:26:63:5f:
                    7a:82:9d:e7:03:ec:e5:3b:0e:c4:9e:fb:ed:d9:0e:
                    26:98:f8:7d:e0:b8:7e:2f:b9:97:5c:1a:5f:3b:7a:
                    76:f8:92:3d:52:1e:ab:b3:77:88:29:ce:f5:93:7a:
                    99:0b:80:86:82:73:f6:ee:3e:24:c1:f5:10:37:f8:
                    0e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:82:A3:47:92:C4:CD:FB:A9:C7:C0:7F:00:F2:6E:D6:10:45:F3:57
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/44KjR5LEzfupx8B_APJu1hBF81c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:4a:7d:f7:b1:60:16:d5:84:30:d2:24:cb:66:37:7d:ab:22:
         19:65:16:25:8d:52:31:de:4b:f6:e6:39:1b:3c:f8:dd:09:1b:
         3c:ea:61:37:44:e7:15:69:a8:f1:80:a3:09:d8:60:10:39:ad:
         8f:73:78:49:1f:69:b3:41:90:26:60:a2:fa:74:a3:c4:9c:5e:
         df:d2:08:89:39:64:a8:2e:94:60:9c:2b:5e:9e:9d:f1:e5:cd:
         f4:1e:61:f1:4d:39:43:ba:9d:9d:5e:d3:f9:62:05:92:5b:25:
         a8:6d:5c:cf:67:0e:bb:7a:f5:c7:61:c0:46:87:2f:8e:26:e7:
         3f:27:fe:be:39:9b:98:64:74:a3:6a:50:45:5a:94:db:db:3c:
         6b:1a:75:d6:bb:f3:21:c9:7e:b0:b5:08:3c:83:a6:c8:b6:28:
         44:c7:36:7a:07:fa:7c:5a:f9:62:22:86:24:72:dd:28:b1:6e:
         ed:17:76:77:84:dc:9a:6c:cb:24:73:2a:73:08:0d:16:96:c8:
         19:bc:c8:de:fd:a6:0d:41:5f:01:c3:f4:6d:4a:15:08:04:d1:
         d3:1a:32:e6:ce:a6:69:62:74:32:b5:51:80:07:9e:bd:4a:c7:
         26:3f:e8:6e:56:cc:3d:3d:04:1a:8d:67:73:b0:59:e7:88:69:
         32:1e:8f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIRmT1HPpI6crG3GWiDp8gLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjIwNzE4MTM1NzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgyYTM0NzkyYzRjZGZiYTljN2MwN2YwMGYyNmVkNjEwNDVmMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNoUicRgRMO97XphgWmVlQR8gVzF
weM33rshR0cs+Qu70b1bN/nJaR9MZAggAvW7YgA6ss1yXjr3Iz/KqMB8+lspg3Wn
z8qjLSjAa1OAJAT5hEIuhGZoV+a8ftswFCKG0i4L8xT7fgEPCaJCoE+roYAAJCMs
Nt4M9vshpgfdU2BCw7bHSKHFnoNy+I9CcHudAVq/l/ZTAtfZUFJ5naLcye7mhMEF
ywxOCBidLrYusiSiZOMBCixJ9flv9nqFOKQmY196gp3nA+zlOw7Envvt2Q4mmPh9
4Lh+L7mXXBpfO3p2+JI9Uh6rs3eIKc71k3qZC4CGgnP27j4kwfUQN/gORwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOCo0eSxM37qcfAfwDybtYQRfNXMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvNDRLalI1TEV6ZnVweDhCX0FQSnUxaEJGODFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSczMA0G
CSqGSIb3DQEBCwUAA4IBAQBuSn33sWAW1YQw0iTLZjd9qyIZZRYljVIx3kv25jkb
PPjdCRs86mE3ROcVaajxgKMJ2GAQOa2Pc3hJH2mzQZAmYKL6dKPEnF7f0giJOWSo
LpRgnCtenp3x5c30HmHxTTlDup2dXtP5YgWSWyWobVzPZw67evXHYcBGhy+OJuc/
J/6+OZuYZHSjalBFWpTb2zxrGnXWu/MhyX6wtQg8g6bItihExzZ6B/p8WvliIoYk
ct0osW7tF3Z3hNyabMskcypzCA0WlsgZvMje/aYNQV8Bw/RtShUIBNHTGjLmzqZp
YnQytVGAB569SscmP+huVsw9PQQajWdzsFnniGkyHo9N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org