Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/41b72a-0fc0-4a0f-acbf-efc31e08e7cd/1/ltDnztA2p98fX39UzdU_j7nmnUY.roa
File:                     ltDnztA2p98fX39UzdU_j7nmnUY.roa (raw, json)
Hash identifier:          MCgTSdX1MeP7k5DxQ9Tuj0YeHev0/bXdHJqhFKUR+A0=
Subject key identifier:   96:D0:E7:CE:D0:36:A7:DF:1F:5F:7F:54:CD:D5:3F:8F:B9:E6:9D:46
Certificate issuer:       /CN=5a0ad4655aed07c47416e7a945604794eba897ac
Certificate serial:       025A1AF4
Authority key identifier: 5A:0A:D4:65:5A:ED:07:C4:74:16:E7:A9:45:60:47:94:EB:A8:97:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WgrUZVrtB8R0FuepRWBHlOuol6w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/41b72a-0fc0-4a0f-acbf-efc31e08e7cd/1/ltDnztA2p98fX39UzdU_j7nmnUY.roa
Signing time:             Sat 01 Jan 2022 14:58:37 +0000
ROA not before:           Sat 01 Jan 2022 14:58:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211541
IP address blocks:        185.244.226.0/24 maxlen: 24
                          185.244.226.0/29 maxlen: 29
                          2a10:c640::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39459572 (0x25a1af4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a0ad4655aed07c47416e7a945604794eba897ac
        Validity
            Not Before: Jan  1 14:58:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=96d0e7ced036a7df1f5f7f54cdd53f8fb9e69d46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c4:4d:27:0d:43:de:2c:94:81:24:95:62:c6:
                    66:52:93:dc:f0:40:22:36:15:79:1d:7d:13:ed:9f:
                    b1:4a:e0:56:ed:0d:66:d5:23:3c:aa:08:0a:52:6f:
                    1d:d7:0a:d3:0f:ea:95:9a:c0:e9:b1:d9:43:8b:88:
                    ce:8c:cc:20:50:d5:c6:44:50:e6:ea:ee:4c:05:0a:
                    e9:74:8d:b0:47:a8:93:8d:ae:38:3b:49:b9:56:66:
                    8d:6e:ae:eb:17:e4:77:c0:52:2c:cf:c3:d2:81:90:
                    c1:eb:9f:ce:59:87:4f:2e:0e:6d:f7:b0:74:bb:7c:
                    32:6e:49:dc:ac:33:59:8c:6f:f6:f4:89:2d:8c:fb:
                    28:bc:e0:6e:85:29:33:28:0e:7b:88:6e:46:49:09:
                    9b:48:87:05:c4:e8:57:d2:81:23:2f:56:af:1d:04:
                    e9:a8:8e:d5:2b:03:c0:86:46:a8:71:13:5a:cc:1a:
                    7c:2d:9e:22:74:31:e1:8f:7a:79:07:45:03:38:97:
                    ca:19:88:44:24:cf:f8:56:36:71:50:9b:4a:a4:d6:
                    5d:7b:c4:d2:3b:d3:4e:59:fb:d8:10:61:17:b8:bd:
                    c5:77:a3:96:40:e1:86:6f:b9:e0:45:ed:83:9c:06:
                    d4:47:35:e6:37:2f:76:66:0c:ec:08:a5:4c:16:1c:
                    4e:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D0:E7:CE:D0:36:A7:DF:1F:5F:7F:54:CD:D5:3F:8F:B9:E6:9D:46
            X509v3 Authority Key Identifier:
                keyid:5A:0A:D4:65:5A:ED:07:C4:74:16:E7:A9:45:60:47:94:EB:A8:97:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgrUZVrtB8R0FuepRWBHlOuol6w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/41b72a-0fc0-4a0f-acbf-efc31e08e7cd/1/ltDnztA2p98fX39UzdU_j7nmnUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/41b72a-0fc0-4a0f-acbf-efc31e08e7cd/1/WgrUZVrtB8R0FuepRWBHlOuol6w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.226.0/24
                IPv6:
                  2a10:c640::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:92:b3:2e:a0:a5:9b:8e:75:18:0a:a3:c0:f7:15:74:0c:3b:
         72:9e:86:73:40:78:fa:47:9a:b2:7c:ec:16:bc:d6:62:17:c9:
         3d:1f:c9:15:33:95:27:6e:c3:34:08:3e:ed:1a:c2:6e:ef:94:
         46:79:1d:99:87:b0:af:0c:24:f1:b5:e6:4c:9d:7f:d3:f8:1d:
         40:ee:fc:e9:3b:30:d9:b9:7d:86:50:fe:50:b1:a1:a9:73:37:
         7a:f8:f6:26:e4:89:f7:45:d9:ae:37:b2:80:61:00:85:99:22:
         51:a3:ca:12:81:05:0d:af:a2:a2:02:3f:7c:29:8e:d1:b3:6b:
         bd:e6:13:45:72:77:d7:75:c0:da:78:cc:b3:f1:fd:89:cb:5a:
         2a:35:13:c7:86:eb:62:d9:1f:a5:98:bc:1a:04:82:aa:b6:1b:
         ed:da:81:fe:20:36:a4:cc:10:6d:5c:5f:70:87:7d:91:5e:32:
         a6:81:15:4a:b5:65:8a:c1:7b:b5:6d:5d:7b:fe:f2:d0:71:42:
         03:bc:ec:03:b9:10:eb:2e:9f:08:f9:51:11:e6:10:8d:af:b1:
         c6:e5:7e:3c:3b:34:0d:29:b5:f2:3f:74:b8:5e:0d:18:46:f0:
         fc:f1:03:6a:12:45:8b:41:95:e0:03:1b:dc:35:07:15:e4:05:
         66:d5:93:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAloa9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTBhZDQ2NTVhZWQwN2M0NzQxNmU3YTk0NTYwNDc5NGViYTg5N2FjMB4XDTIyMDEw
MTE0NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZkMGU3Y2VkMDM2
YTdkZjFmNWY3ZjU0Y2RkNTNmOGZiOWU2OWQ0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPETScNQ94slIEklWLGZlKT3PBAIjYVeR19E+2fsUrgVu0N
ZtUjPKoIClJvHdcK0w/qlZrA6bHZQ4uIzozMIFDVxkRQ5uruTAUK6XSNsEeok42u
ODtJuVZmjW6u6xfkd8BSLM/D0oGQweufzlmHTy4ObfewdLt8Mm5J3KwzWYxv9vSJ
LYz7KLzgboUpMygOe4huRkkJm0iHBcToV9KBIy9Wrx0E6aiO1SsDwIZGqHETWswa
fC2eInQx4Y96eQdFAziXyhmIRCTP+FY2cVCbSqTWXXvE0jvTTln72BBhF7i9xXej
lkDhhm+54EXtg5wG1Ec15jcvdmYM7AilTBYcTuMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSW0OfO0Dan3x9ff1TN1T+PueadRjAfBgNVHSMEGDAWgBRaCtRlWu0HxHQW
56lFYEeU66iXrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dnclVaVnJ0QjhSMEZ1ZXBSV0JIbE91b2w2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvNDFiNzJhLTBmYzAtNGEwZi1hY2JmLWVmYzMxZTA4ZTdjZC8x
L2x0RG56dEEycDk4ZlgzOVV6ZFVfajdubW5VWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
NDFiNzJhLTBmYzAtNGEwZi1hY2JmLWVmYzMxZTA4ZTdjZC8xL1dnclVaVnJ0QjhS
MEZ1ZXBSV0JIbE91b2w2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALn04jAPBAIAAjAJAwcAKhDGQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQANkrMuoKWbjnUYCqPA9xV0DDtynoZzQHj6R5qy
fOwWvNZiF8k9H8kVM5UnbsM0CD7tGsJu75RGeR2Zh7CvDCTxteZMnX/T+B1A7vzp
OzDZuX2GUP5QsaGpczd6+PYm5In3RdmuN7KAYQCFmSJRo8oSgQUNr6KiAj98KY7R
s2u95hNFcnfXdcDaeMyz8f2Jy1oqNRPHhuti2R+lmLwaBIKqthvt2oH+IDakzBBt
XF9wh32RXjKmgRVKtWWKwXu1bV17/vLQcUIDvOwDuRDrLp8I+VER5hCNr7HG5X48
OzQNKbXyP3S4Xg0YRvD88QNqEkWLQZXgAxvcNQcV5AVm1ZMn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org