Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/s2ctOBook_yNpz02l0yu8-E2I1M.roa
File:                     s2ctOBook_yNpz02l0yu8-E2I1M.roa (raw, json)
Hash identifier:          uSJmEzOqvoCXUNdiseO8WX1KKeRtKPoYsPyxlOw4a3I=
Subject key identifier:   B3:67:2D:38:1A:28:93:FC:8D:A7:3D:36:97:4C:AE:F3:E1:36:23:53
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       485E8D9A
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/s2ctOBook_yNpz02l0yu8-E2I1M.roa
Signing time:             Sat 01 Jan 2022 03:00:24 +0000
ROA not before:           Sat 01 Jan 2022 03:00:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39556
IP address blocks:        185.232.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1214156186 (0x485e8d9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  1 03:00:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3672d381a2893fc8da73d36974caef3e1362353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a1:d2:cf:f6:df:6f:62:0a:66:f5:38:7f:69:
                    c9:22:d0:ce:94:e0:e7:aa:e9:7e:ea:c5:2d:28:fc:
                    6c:1c:f8:20:18:ed:e2:36:17:b6:f3:1a:6a:12:48:
                    97:1e:44:7c:76:1d:46:9b:5e:49:d9:38:f4:c7:dc:
                    c5:26:47:2c:16:34:0c:ed:f3:46:66:a4:97:f1:ae:
                    a7:ec:fd:66:02:da:df:d0:ba:d6:2a:f8:a9:16:19:
                    40:7d:67:6c:16:b6:d7:e6:14:c8:f8:0a:5b:08:a3:
                    ca:22:31:85:f2:0e:51:74:21:6c:37:dd:e1:ee:cd:
                    c4:3b:4e:04:26:7c:29:2e:8d:54:eb:70:38:6e:9d:
                    79:34:d5:74:d8:88:14:01:63:39:eb:bb:bd:3f:de:
                    95:dc:1e:80:cd:3d:b5:d6:5b:9a:5b:e2:f3:e2:34:
                    d1:56:f2:8e:31:f1:3e:19:65:49:b5:23:01:17:59:
                    5f:38:ec:de:ac:4d:8d:eb:81:8f:18:06:e1:81:03:
                    a0:61:57:bb:90:cd:83:3c:5c:46:74:2d:ff:2a:15:
                    f2:27:aa:a6:61:33:3d:91:04:19:aa:c4:83:f8:48:
                    59:cf:69:f3:ae:24:6f:15:77:a1:0b:13:c2:a1:71:
                    b9:15:3a:f0:19:29:5b:bd:28:82:17:d7:42:59:c6:
                    f8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:67:2D:38:1A:28:93:FC:8D:A7:3D:36:97:4C:AE:F3:E1:36:23:53
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/s2ctOBook_yNpz02l0yu8-E2I1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:01:f5:7f:5e:f6:eb:9d:14:b6:8d:b6:96:e3:bf:73:08:ba:
         3a:ca:8b:bf:65:56:c7:31:07:40:af:15:20:42:f7:2b:d4:f5:
         11:c7:42:30:b4:8f:06:f2:fc:e4:bb:30:4b:a6:05:56:bd:c0:
         13:d8:59:62:4b:35:9e:b9:b2:d7:51:20:3b:6b:36:cf:b8:26:
         58:be:7b:6e:88:b1:18:2f:32:37:eb:71:ad:86:12:dc:56:94:
         2b:7b:0e:95:a3:7c:e6:15:68:44:5c:86:06:74:2e:0e:a7:99:
         8b:86:56:88:87:7f:29:33:42:f1:64:d8:7a:cf:17:9a:3c:d0:
         e3:f5:15:3a:eb:7d:8b:98:5f:68:d1:28:14:1a:65:32:b2:a5:
         ab:f4:2e:27:16:db:06:f6:b7:cd:b0:79:e6:af:0d:7f:78:6d:
         34:71:0d:39:93:16:81:a8:62:8e:61:53:5a:79:21:b8:a4:22:
         17:0d:5a:c8:b4:cd:60:51:aa:d9:d2:95:b6:47:e1:27:5f:d2:
         cc:65:ae:8e:18:4a:81:f3:c9:a3:85:40:62:ef:65:52:04:44:
         9e:6b:20:9b:89:a1:19:05:b6:59:41:17:98:5d:86:43:ae:88:
         95:11:c9:5c:cf:59:e1:fe:8a:b3:0a:2e:bd:f2:4c:07:c8:4b:
         bd:56:5e:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESF6NmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM2NzJkMzgxYTI4
OTNmYzhkYTczZDM2OTc0Y2FlZjNlMTM2MjM1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmh0s/2329iCmb1OH9pySLQzpTg56rpfurFLSj8bBz4IBjt
4jYXtvMaahJIlx5EfHYdRpteSdk49MfcxSZHLBY0DO3zRmakl/Gup+z9ZgLa39C6
1ir4qRYZQH1nbBa21+YUyPgKWwijyiIxhfIOUXQhbDfd4e7NxDtOBCZ8KS6NVOtw
OG6deTTVdNiIFAFjOeu7vT/eldwegM09tdZbmlvi8+I00VbyjjHxPhllSbUjARdZ
Xzjs3qxNjeuBjxgG4YEDoGFXu5DNgzxcRnQt/yoV8ieqpmEzPZEEGarEg/hIWc9p
864kbxV3oQsTwqFxuRU68BkpW70oghfXQlnG+M8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzZy04GiiT/I2nPTaXTK7z4TYjUzAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L3MyY3RPQm9va195TnB6MDJsMHl1OC1FMkkxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnoHDANBgkqhkiG9w0BAQsFAAOC
AQEAigH1f172650Uto22luO/cwi6OsqLv2VWxzEHQK8VIEL3K9T1EcdCMLSPBvL8
5LswS6YFVr3AE9hZYks1nrmy11EgO2s2z7gmWL57boixGC8yN+txrYYS3FaUK3sO
laN85hVoRFyGBnQuDqeZi4ZWiId/KTNC8WTYes8XmjzQ4/UVOut9i5hfaNEoFBpl
MrKlq/QuJxbbBva3zbB55q8Nf3htNHENOZMWgahijmFTWnkhuKQiFw1ayLTNYFGq
2dKVtkfhJ1/SzGWujhhKgfPJo4VAYu9lUgREnmsgm4mhGQW2WUEXmF2GQ66IlRHJ
XM9Z4f6KswouvfJMB8hLvVZe7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org