Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/wiU2nNC4-3wZV4KMaz4cN7cJFrY.roa
File:                     wiU2nNC4-3wZV4KMaz4cN7cJFrY.roa (raw, json)
Hash identifier:          5e4+juVcwaRtNsVi5kzGBl56LmhowduAQeg1wDMgrMU=
Subject key identifier:   C2:25:36:9C:D0:B8:FB:7C:19:57:82:8C:6B:3E:1C:37:B7:09:16:B6
Certificate issuer:       /CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Certificate serial:       0184C4565550BAA27942B4014AE3E486E2A1
Authority key identifier: E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/wiU2nNC4-3wZV4KMaz4cN7cJFrY.roa
Signing time:             Tue 29 Nov 2022 17:01:43 +0000
ROA not before:           Tue 29 Nov 2022 17:01:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60815
IP address blocks:        185.20.24.0/23 maxlen: 23
                          185.20.24.0/22 maxlen: 22
                          185.20.24.0/24 maxlen: 24
                          185.20.27.0/24 maxlen: 24
                          185.20.26.0/24 maxlen: 24
                          185.20.26.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c4:56:55:50:ba:a2:79:42:b4:01:4a:e3:e4:86:e2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e81074e32822c8bef3a7dcb31280825bd27545c9
        Validity
            Not Before: Nov 29 17:01:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c225369cd0b8fb7c1957828c6b3e1c37b70916b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:30:c0:da:e6:aa:9e:2f:83:ba:ae:d4:06:b7:
                    82:87:58:4f:a3:20:e4:18:e3:25:63:7b:a9:35:5a:
                    f1:71:dd:ab:77:84:25:a6:6d:31:58:e2:cc:7a:61:
                    c4:6b:69:26:8b:78:71:22:f2:f6:0a:27:94:af:d8:
                    a4:d0:1f:f8:51:9d:1c:aa:8b:71:93:b1:cd:89:67:
                    6c:35:42:a7:40:07:c9:1b:7d:a2:00:c2:7c:48:72:
                    62:4c:fc:3b:2f:42:7d:be:f6:e3:b3:c6:c3:14:4c:
                    bd:c0:e2:a5:b9:61:8d:9f:a5:1b:1a:7f:95:8c:bd:
                    19:02:62:57:d0:4f:78:4b:93:8f:88:ed:9b:70:5e:
                    b2:89:64:08:6f:93:02:8c:43:37:20:de:15:0f:ca:
                    e1:60:69:cd:e4:4f:d6:22:bc:b9:e1:29:ab:8c:1c:
                    48:ed:96:09:0b:b2:ea:ee:c2:f8:58:16:8c:48:a4:
                    64:31:65:21:1f:38:5e:bf:fb:b9:1e:72:4a:e3:0c:
                    33:e0:df:0f:90:03:e6:35:11:80:c0:7c:70:5a:25:
                    df:c4:0b:9f:3e:f0:45:f3:04:d4:7c:38:1e:6f:75:
                    89:54:d8:d9:fe:fb:61:f8:0b:a8:62:89:1e:e1:67:
                    1f:1f:1d:cc:a0:56:ab:cc:37:c3:26:e5:a0:89:65:
                    20:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:25:36:9C:D0:B8:FB:7C:19:57:82:8C:6B:3E:1C:37:B7:09:16:B6
            X509v3 Authority Key Identifier:
                keyid:E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/wiU2nNC4-3wZV4KMaz4cN7cJFrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.20.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:ac:df:c5:33:23:c0:b4:ca:53:ab:b3:03:88:80:4f:6c:6c:
         be:61:8e:1f:88:7e:f2:38:cf:1c:ab:b0:04:d7:4f:85:b9:64:
         58:2a:f5:fa:db:37:a1:6a:50:f3:3a:b8:14:9e:59:6b:46:d9:
         18:2a:6b:7a:01:6c:46:65:37:92:5b:c2:ce:7d:db:78:ff:61:
         af:8a:e3:0b:96:c5:0c:ec:dc:2b:f1:cf:74:7c:df:c4:72:a6:
         d9:41:d4:4d:b4:8b:16:50:f1:19:c6:c4:0a:5c:09:f1:ac:39:
         18:6b:ac:7b:98:1f:ae:39:af:ec:64:54:bb:46:89:7c:84:3c:
         89:35:df:1e:a8:6c:db:c0:94:30:23:9c:61:12:2a:55:e8:69:
         5d:7b:69:f1:fc:0c:72:da:0c:30:41:03:4b:34:aa:d1:28:46:
         4d:26:58:c0:3b:3f:ab:6d:a2:39:c2:5e:8f:21:93:e9:7b:8b:
         87:14:d5:c4:ec:da:02:10:98:36:56:f2:d5:64:01:86:e1:30:
         04:09:1b:a8:47:b4:84:1f:5e:e8:73:df:5c:a2:14:a7:a7:ec:
         44:f1:26:79:f2:42:be:0f:b3:9d:7d:4c:9e:0f:be:3a:18:46:
         80:f0:b5:77:31:92:5a:49:6b:db:a2:35:00:16:66:16:f4:cc:
         7e:f8:82:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTEVlVQuqJ5QrQBSuPkhuKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTA3NGUzMjgyMmM4YmVmM2E3ZGNiMzEyODA4MjViZDI3
NTQ1YzkwHhcNMjIxMTI5MTcwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI1MzY5Y2QwYjhmYjdjMTk1NzgyOGM2YjNlMWMzN2I3MDkxNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTDA2uaqni+Duq7UBreCh1hPoyDk
GOMlY3upNVrxcd2rd4Qlpm0xWOLMemHEa2kmi3hxIvL2CieUr9ik0B/4UZ0cqotx
k7HNiWdsNUKnQAfJG32iAMJ8SHJiTPw7L0J9vvbjs8bDFEy9wOKluWGNn6UbGn+V
jL0ZAmJX0E94S5OPiO2bcF6yiWQIb5MCjEM3IN4VD8rhYGnN5E/WIry54SmrjBxI
7ZYJC7Lq7sL4WBaMSKRkMWUhHzhev/u5HnJK4wwz4N8PkAPmNRGAwHxwWiXfxAuf
PvBF8wTUfDgeb3WJVNjZ/vth+AuoYoke4WcfHx3MoFarzDfDJuWgiWUgMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIlNpzQuPt8GVeCjGs+HDe3CRa2MB8GA1UdIwQY
MBaAFOgQdOMoIsi+86fcsxKAglvSdUXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQt
M2U0ZTg0ZjM1Y2QwLzEvd2lVMm5OQzQtM3daVjRLTWF6NGNON2NKRnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQtM2U0ZTg0ZjM1Y2Qw
LzEvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRQYMA0G
CSqGSIb3DQEBCwUAA4IBAQB5rN/FMyPAtMpTq7MDiIBPbGy+YY4fiH7yOM8cq7AE
10+FuWRYKvX62zehalDzOrgUnllrRtkYKmt6AWxGZTeSW8LOfdt4/2GviuMLlsUM
7Nwr8c90fN/EcqbZQdRNtIsWUPEZxsQKXAnxrDkYa6x7mB+uOa/sZFS7Rol8hDyJ
Nd8eqGzbwJQwI5xhEipV6Glde2nx/Axy2gwwQQNLNKrRKEZNJljAOz+rbaI5wl6P
IZPpe4uHFNXE7NoCEJg2VvLVZAGG4TAECRuoR7SEH17oc99cohSnp+xE8SZ58kK+
D7OdfUyeD746GEaA8LV3MZJaSWvbojUAFmYW9Mx++IKt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org