Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9c4fb0-c475-4204-9987-0a91cadbee66/1/0exLFqAAu-T6uEFuF0Lxc_a1tLg.roa
File:                     0exLFqAAu-T6uEFuF0Lxc_a1tLg.roa (raw, json)
Hash identifier:          xX7pTrqrkTOJnqmWOkFFvWG5QowOxt3RMAWTthwYBJs=
Subject key identifier:   D1:EC:4B:16:A0:00:BB:E4:FA:B8:41:6E:17:42:F1:73:F6:B5:B4:B8
Certificate issuer:       /CN=4f6a9444adaa523c5768e9f6be14065183ac20a8
Certificate serial:       07B59404
Authority key identifier: 4F:6A:94:44:AD:AA:52:3C:57:68:E9:F6:BE:14:06:51:83:AC:20:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T2qURK2qUjxXaOn2vhQGUYOsIKg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9c4fb0-c475-4204-9987-0a91cadbee66/1/0exLFqAAu-T6uEFuF0Lxc_a1tLg.roa
Signing time:             Sat 01 Jan 2022 04:03:51 +0000
ROA not before:           Sat 01 Jan 2022 04:03:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42910
IP address blocks:        185.7.179.0/24 maxlen: 24
                          185.7.178.0/24 maxlen: 24
                          185.7.177.0/24 maxlen: 24
                          185.7.176.0/22 maxlen: 22
                          185.7.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129340420 (0x7b59404)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f6a9444adaa523c5768e9f6be14065183ac20a8
        Validity
            Not Before: Jan  1 04:03:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1ec4b16a000bbe4fab8416e1742f173f6b5b4b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fd:d9:9d:c4:ae:2a:d5:63:1f:da:5f:d8:a7:
                    31:67:c8:5b:dd:44:d9:20:ab:f7:41:71:13:a0:0e:
                    cd:de:4f:de:6f:38:45:41:d4:4f:6b:e3:a2:c3:f2:
                    df:a5:58:59:51:be:73:76:41:2f:b6:89:d5:18:f5:
                    da:2d:5b:be:e6:e7:88:b9:73:8a:e7:33:0d:ac:ce:
                    6c:ff:eb:8c:b9:a9:57:09:00:51:32:da:22:15:ea:
                    9a:97:69:37:70:be:7e:22:89:46:3b:7b:ab:3c:18:
                    f0:3f:20:24:50:3c:77:33:f9:45:ca:88:07:32:77:
                    e6:69:8e:df:8b:19:e9:c3:ca:1e:b6:8f:57:0a:b6:
                    fd:54:94:84:d3:86:42:14:f8:5c:ca:b1:86:e8:4f:
                    5c:5a:37:3c:50:b4:4f:77:a0:3c:c6:3d:5d:5a:9d:
                    c7:cb:37:ef:60:b6:f1:4d:5d:1a:93:3b:1a:56:03:
                    cd:f7:6d:d0:48:ae:de:a5:ec:a4:1b:64:e2:d0:84:
                    26:08:22:6a:fb:d1:e9:b6:04:d2:48:fc:3c:e8:66:
                    a3:55:20:f4:a7:3c:5e:a1:bf:5c:82:f5:06:17:39:
                    ca:ac:d6:67:71:18:a0:62:f8:ec:30:d8:32:ef:92:
                    3c:1a:2c:d2:99:df:49:e5:c5:5c:b2:8f:ec:75:b6:
                    ac:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:EC:4B:16:A0:00:BB:E4:FA:B8:41:6E:17:42:F1:73:F6:B5:B4:B8
            X509v3 Authority Key Identifier:
                keyid:4F:6A:94:44:AD:AA:52:3C:57:68:E9:F6:BE:14:06:51:83:AC:20:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2qURK2qUjxXaOn2vhQGUYOsIKg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9c4fb0-c475-4204-9987-0a91cadbee66/1/0exLFqAAu-T6uEFuF0Lxc_a1tLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9c4fb0-c475-4204-9987-0a91cadbee66/1/T2qURK2qUjxXaOn2vhQGUYOsIKg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.7.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:66:6c:47:37:0b:13:0a:ee:77:7c:57:27:06:27:c8:5c:32:
         69:36:26:89:73:40:09:66:20:d2:54:9c:d4:9b:8f:da:5f:7a:
         85:e1:68:81:ea:aa:84:e0:e2:ec:7a:9e:60:0a:46:4e:09:f0:
         83:fe:04:37:e9:c3:14:e6:be:04:82:79:32:8d:8c:9c:cf:a3:
         a8:fb:08:53:2c:8b:b6:cb:b0:30:7e:75:60:a1:86:ec:10:38:
         d3:d2:7b:d5:a0:2c:54:9a:4a:e3:d2:a4:68:4b:ee:0d:85:92:
         7d:e3:46:5b:95:f5:cb:80:20:3e:09:31:11:a5:07:74:fe:fa:
         23:c0:e5:86:5b:d3:77:31:7e:9d:6f:98:9e:3a:d6:74:80:06:
         70:1d:71:3a:57:f2:d8:73:9a:79:51:47:c3:e4:74:b4:51:76:
         7f:22:c1:bc:69:b5:8d:2b:ac:0c:ad:35:43:4a:29:2e:20:af:
         b7:47:27:42:47:2e:f5:fd:33:d6:13:8f:d3:85:1a:5d:d4:dd:
         ff:48:5a:cf:4d:fa:bc:f2:16:c5:ba:4b:d2:da:4f:2b:b0:3b:
         34:06:0a:90:7b:4c:e3:d8:15:00:db:d0:9d:da:32:03:4f:fc:
         5a:2a:3e:21:3f:3c:0c:94:4e:5e:9c:26:78:bd:3f:62:d9:86:
         33:eb:9b:ac
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7WUBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjZhOTQ0NGFkYWE1MjNjNTc2OGU5ZjZiZTE0MDY1MTgzYWMyMGE4MB4XDTIyMDEw
MTA0MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFlYzRiMTZhMDAw
YmJlNGZhYjg0MTZlMTc0MmYxNzNmNmI1YjRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf92Z3ErirVYx/aX9inMWfIW91E2SCr90FxE6AOzd5P3m84
RUHUT2vjosPy36VYWVG+c3ZBL7aJ1Rj12i1bvubniLlziuczDazObP/rjLmpVwkA
UTLaIhXqmpdpN3C+fiKJRjt7qzwY8D8gJFA8dzP5RcqIBzJ35mmO34sZ6cPKHraP
Vwq2/VSUhNOGQhT4XMqxhuhPXFo3PFC0T3egPMY9XVqdx8s372C28U1dGpM7GlYD
zfdt0Eiu3qXspBtk4tCEJggiavvR6bYE0kj8POhmo1Ug9Kc8XqG/XIL1Bhc5yqzW
Z3EYoGL47DDYMu+SPBos0pnfSeXFXLKP7HW2rDMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTR7EsWoAC75Pq4QW4XQvFz9rW0uDAfBgNVHSMEGDAWgBRPapRErapSPFdo
6fa+FAZRg6wgqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1QycVVSSzJxVWp4WGFPbjJ2aFFHVVlPc0lLZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOWM0ZmIwLWM0NzUtNDIwNC05OTg3LTBhOTFjYWRiZWU2Ni8x
LzBleExGcUFBdS1UNnVFRnVGMEx4Y19hMXRMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OWM0ZmIwLWM0NzUtNDIwNC05OTg3LTBhOTFjYWRiZWU2Ni8xL1QycVVSSzJxVWp4
WGFPbjJ2aFFHVVlPc0lLZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkHsDANBgkqhkiG9w0BAQsFAAOC
AQEANmZsRzcLEwrud3xXJwYnyFwyaTYmiXNACWYg0lSc1JuP2l96heFogeqqhODi
7HqeYApGTgnwg/4EN+nDFOa+BIJ5Mo2MnM+jqPsIUyyLtsuwMH51YKGG7BA409J7
1aAsVJpK49KkaEvuDYWSfeNGW5X1y4AgPgkxEaUHdP76I8DlhlvTdzF+nW+YnjrW
dIAGcB1xOlfy2HOaeVFHw+R0tFF2fyLBvGm1jSusDK01Q0opLiCvt0cnQkcu9f0z
1hOP04UaXdTd/0haz036vPIWxbpL0tpPK7A7NAYKkHtM49gVANvQndoyA0/8Wio+
IT88DJROXpwmeL0/YtmGM+ubrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org