Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/7nFzXLN_z2oj2pwQqNViPtdRvHU.roa
File:                     7nFzXLN_z2oj2pwQqNViPtdRvHU.roa (raw, json)
Hash identifier:          uj4qaxHi7qvB6dxbO/4zyVZLYcMfWbRTgd352eyPLNg=
Subject key identifier:   EE:71:73:5C:B3:7F:CF:6A:23:DA:9C:10:A8:D5:62:3E:D7:51:BC:75
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       0254E111
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/7nFzXLN_z2oj2pwQqNViPtdRvHU.roa
Signing time:             Sat 01 Jan 2022 11:01:39 +0000
ROA not before:           Sat 01 Jan 2022 11:01:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50839
IP address blocks:        185.1.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39117073 (0x254e111)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 11:01:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee71735cb37fcf6a23da9c10a8d5623ed751bc75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d2:e7:1d:8d:82:66:0a:ff:f4:11:f3:70:42:
                    4f:6a:7f:ff:7d:6f:1c:e5:0d:11:e9:d4:bd:06:7d:
                    3b:7c:42:46:f5:f9:93:bc:2a:cc:34:d7:a8:fd:48:
                    c5:ec:64:51:57:52:f0:3e:b9:36:60:8a:c7:4d:5e:
                    99:2f:51:58:8d:ef:3d:9f:bf:23:0a:47:4d:4a:62:
                    76:79:37:ab:58:22:4b:d5:8e:59:54:16:48:d0:bc:
                    72:32:08:7a:4e:6b:db:07:fc:25:41:a3:2d:a7:2f:
                    b8:bf:bc:e8:f4:23:87:a5:f4:c0:df:8d:4e:5f:88:
                    df:12:d6:14:a4:ae:d4:ef:8b:e8:60:a1:c6:98:1c:
                    66:58:c6:04:c9:2c:a7:6f:27:e6:79:5f:8c:93:2d:
                    c5:c8:50:30:92:76:79:62:1a:f1:6a:f6:ca:cf:38:
                    22:8d:34:ed:8b:15:44:55:5b:39:94:a0:e1:ef:9e:
                    e3:80:c0:cc:77:af:a8:74:f9:3d:e0:fc:79:cf:d8:
                    af:3b:f6:af:3e:17:43:f6:50:d7:86:48:73:ee:26:
                    5d:18:ab:a1:e6:bd:5d:57:c0:c2:06:84:35:cb:6f:
                    f5:61:7e:ad:a5:d8:14:89:32:99:7d:aa:8d:95:3b:
                    38:bb:a0:c9:f5:20:03:9f:98:ec:25:bb:22:e5:bc:
                    48:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:71:73:5C:B3:7F:CF:6A:23:DA:9C:10:A8:D5:62:3E:D7:51:BC:75
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/7nFzXLN_z2oj2pwQqNViPtdRvHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:57:9a:2c:e0:9d:d4:b6:ff:b9:36:47:58:92:6d:a0:65:02:
         25:2b:ec:68:f6:bc:60:3f:bd:e6:fb:86:9c:03:d3:65:03:1d:
         d2:36:6c:fa:ae:21:d2:a4:86:e1:92:92:6c:fa:7d:b1:6d:a2:
         21:0c:27:75:bb:01:c1:14:85:c8:56:8b:60:bc:cf:73:13:69:
         59:57:2d:df:75:73:99:e5:50:a2:af:74:b4:9a:be:da:c0:13:
         f6:1c:8e:ee:30:0c:06:32:43:72:06:ba:06:c8:88:88:5a:98:
         6b:17:88:5c:27:8c:81:0a:c2:d3:89:62:c1:6e:60:d6:ed:78:
         ca:f7:d4:71:40:d6:09:0a:d4:43:db:bb:81:14:df:5b:59:5b:
         6c:5e:ca:00:59:a2:92:96:fb:60:45:73:c6:8f:4f:30:79:0a:
         56:27:2a:45:f0:93:73:d6:4e:2b:72:00:f1:55:9a:a4:c9:22:
         b0:da:d0:f0:56:be:6a:aa:68:f9:a8:f0:d6:01:dd:55:82:1a:
         94:b2:6d:e0:ce:a3:58:b9:72:94:25:00:cf:a6:6e:4b:b4:c3:
         55:80:4e:a5:5b:0d:d8:57:ee:7e:2e:07:a3:89:f5:4c:c8:e5:
         61:c4:f2:ee:14:14:11:55:1b:b9:33:01:01:8b:b6:79:8c:32:
         c7:60:2b:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAlThETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDEw
MTExMDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU3MTczNWNiMzdm
Y2Y2YTIzZGE5YzEwYThkNTYyM2VkNzUxYmM3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDS5x2NgmYK//QR83BCT2p//31vHOUNEenUvQZ9O3xCRvX5
k7wqzDTXqP1IxexkUVdS8D65NmCKx01emS9RWI3vPZ+/IwpHTUpidnk3q1giS9WO
WVQWSNC8cjIIek5r2wf8JUGjLacvuL+86PQjh6X0wN+NTl+I3xLWFKSu1O+L6GCh
xpgcZljGBMksp28n5nlfjJMtxchQMJJ2eWIa8Wr2ys84Io007YsVRFVbOZSg4e+e
44DAzHevqHT5PeD8ec/Yrzv2rz4XQ/ZQ14ZIc+4mXRiroea9XVfAwgaENctv9WF+
raXYFIkymX2qjZU7OLugyfUgA5+Y7CW7IuW8SKECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTucXNcs3/PaiPanBCo1WI+11G8dTAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
LzduRnpYTE5fejJvajJwd1FxTlZpUHRkUnZIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkBzjANBgkqhkiG9w0BAQsFAAOC
AQEATleaLOCd1Lb/uTZHWJJtoGUCJSvsaPa8YD+95vuGnAPTZQMd0jZs+q4h0qSG
4ZKSbPp9sW2iIQwndbsBwRSFyFaLYLzPcxNpWVct33VzmeVQoq90tJq+2sAT9hyO
7jAMBjJDcga6BsiIiFqYaxeIXCeMgQrC04liwW5g1u14yvfUcUDWCQrUQ9u7gRTf
W1lbbF7KAFmikpb7YEVzxo9PMHkKVicqRfCTc9ZOK3IA8VWapMkisNrQ8Fa+aqpo
+ajw1gHdVYIalLJt4M6jWLlylCUAz6ZuS7TDVYBOpVsN2Ffufi4Ho4n1TMjlYcTy
7hQUEVUbuTMBAYu2eYwyx2AreQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org