Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/c5mKu1bDus0LgkSpCeTKRG5kAlQ.roa
File:                     c5mKu1bDus0LgkSpCeTKRG5kAlQ.roa (raw, json)
Hash identifier:          6mIToYqQBJpxEmoJyC6v6uiHAIMvtep/hYGbBww3wk8=
Subject key identifier:   73:99:8A:BB:56:C3:BA:CD:0B:82:44:A9:09:E4:CA:44:6E:64:02:54
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1B75B024
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/c5mKu1bDus0LgkSpCeTKRG5kAlQ.roa
Signing time:             Wed 16 Mar 2022 05:27:57 +0000
ROA not before:           Wed 16 Mar 2022 05:27:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34078
IP address blocks:        185.180.128.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 460697636 (0x1b75b024)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Mar 16 05:27:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=73998abb56c3bacd0b8244a909e4ca446e640254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:5a:50:47:2a:8d:c7:d9:1b:b3:63:a3:a0:54:
                    b1:15:17:3f:2c:d7:a8:27:bd:15:28:98:c8:fd:d1:
                    f7:e8:b9:24:15:53:76:0f:51:6e:ca:4c:f7:d8:47:
                    4d:9a:ad:54:b4:78:ff:36:41:5c:22:6a:9f:fd:b5:
                    42:21:8c:6d:92:e6:c8:82:07:2b:12:87:8a:91:7b:
                    ec:b4:b0:cd:48:ad:93:eb:e8:48:ff:6f:fe:03:43:
                    62:bb:b8:b2:57:c1:24:f1:31:25:c5:80:f4:98:b1:
                    ba:6a:58:8b:40:6b:eb:7d:e7:6a:11:85:ff:29:b9:
                    26:57:b2:bc:c6:91:ef:4f:c9:99:24:a8:12:68:ab:
                    c1:2d:06:7b:f4:14:a4:62:21:14:e8:79:f5:11:25:
                    d6:8b:77:f8:2a:ec:09:81:8e:66:e4:cd:91:c3:f3:
                    47:f8:a8:a8:83:2d:61:85:03:b0:df:21:87:2f:b0:
                    f6:d9:70:76:f8:e5:b6:e5:5d:49:00:af:9f:c3:3e:
                    6e:e8:b4:20:f0:b5:f8:a1:cc:f7:1a:67:7a:18:cc:
                    da:2b:53:af:86:29:0b:95:7c:95:71:41:7e:da:10:
                    71:dc:a6:e8:48:1b:68:3a:13:6e:1b:96:0c:5d:07:
                    5c:1d:3c:fe:e4:12:ee:67:42:7e:23:2b:c5:c0:76:
                    84:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:99:8A:BB:56:C3:BA:CD:0B:82:44:A9:09:E4:CA:44:6E:64:02:54
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/c5mKu1bDus0LgkSpCeTKRG5kAlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.180.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:8d:38:d6:89:d4:26:89:4b:5d:98:8e:8c:97:73:53:50:eb:
         9c:43:6d:b9:35:4b:8b:ba:38:8c:f4:24:39:b2:11:74:8d:7e:
         21:54:05:ae:41:ab:26:40:3f:6a:3b:d2:32:a9:c8:b9:bc:10:
         1c:4c:03:09:df:8a:58:c5:7f:3a:0f:2b:be:5f:44:a8:4e:82:
         ea:8e:f8:1a:3a:7b:45:37:57:f4:20:80:dd:ad:19:9e:65:d5:
         fb:58:65:06:4e:d9:7b:0d:9d:01:79:fe:2c:a8:50:69:da:74:
         b7:0e:cb:17:bd:90:13:b5:b2:0e:a9:c4:6c:f3:bb:54:d8:16:
         18:fb:ae:4b:93:d9:9a:5e:7b:20:dc:30:2f:9e:10:ab:76:82:
         14:a0:55:f8:34:32:1e:60:dc:69:39:57:90:d2:fa:a5:3f:57:
         44:f3:93:3a:47:fb:06:b6:e4:b4:64:fd:1b:89:48:eb:09:3e:
         e7:03:0e:b9:62:6f:f8:cd:3e:31:a2:f3:b9:32:c3:a5:ac:71:
         1d:f7:e1:d9:ce:c1:39:a1:7c:15:29:e4:00:a6:93:51:73:64:
         c0:7c:ac:06:90:e8:9e:cb:9a:a6:c6:8b:57:3c:f8:fb:69:b7:
         ef:3b:c0:65:b0:98:4d:42:10:21:18:29:f5:6e:57:de:ca:44:
         83:0f:23:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG3WwJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDMx
NjA1Mjc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM5OThhYmI1NmMz
YmFjZDBiODI0NGE5MDllNGNhNDQ2ZTY0MDI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIlaUEcqjcfZG7Njo6BUsRUXPyzXqCe9FSiYyP3R9+i5JBVT
dg9RbspM99hHTZqtVLR4/zZBXCJqn/21QiGMbZLmyIIHKxKHipF77LSwzUitk+vo
SP9v/gNDYru4slfBJPExJcWA9JixumpYi0Br633nahGF/ym5JleyvMaR70/JmSSo
EmirwS0Ge/QUpGIhFOh59REl1ot3+CrsCYGOZuTNkcPzR/ioqIMtYYUDsN8hhy+w
9tlwdvjltuVdSQCvn8M+bui0IPC1+KHM9xpnehjM2itTr4YpC5V8lXFBftoQcdym
6EgbaDoTbhuWDF0HXB08/uQS7mdCfiMrxcB2hGkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRzmYq7VsO6zQuCRKkJ5MpEbmQCVDAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L2M1bUt1MWJEdXMwTGdrU3BDZVRLUkc1a0FsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm0gDANBgkqhkiG9w0BAQsFAAOC
AQEAbY041onUJolLXZiOjJdzU1DrnENtuTVLi7o4jPQkObIRdI1+IVQFrkGrJkA/
ajvSMqnIubwQHEwDCd+KWMV/Og8rvl9EqE6C6o74Gjp7RTdX9CCA3a0ZnmXV+1hl
Bk7Zew2dAXn+LKhQadp0tw7LF72QE7WyDqnEbPO7VNgWGPuuS5PZml57INwwL54Q
q3aCFKBV+DQyHmDcaTlXkNL6pT9XRPOTOkf7BrbktGT9G4lI6wk+5wMOuWJv+M0+
MaLzuTLDpaxxHffh2c7BOaF8FSnkAKaTUXNkwHysBpDonsuapsaLVzz4+2m37zvA
ZbCYTUIQIRgp9W5X3spEgw8jbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org