Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/SO58QWlkqn2GPf7llelCb4gdGUw.roa
File:                     SO58QWlkqn2GPf7llelCb4gdGUw.roa (raw, json)
Hash identifier:          dZVo+GiMFxjjua43tfIRTqiIK1dtf4WRg1dlnCOvCws=
Subject key identifier:   48:EE:7C:41:69:64:AA:7D:86:3D:FE:E5:95:E9:42:6F:88:1D:19:4C
Certificate issuer:       /CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Certificate serial:       018312576EA6FB14D0C1B0D0C62379350130
Authority key identifier: 7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/SO58QWlkqn2GPf7llelCb4gdGUw.roa
Signing time:             Tue 06 Sep 2022 10:27:43 +0000
ROA not before:           Tue 06 Sep 2022 10:27:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12859
IP address blocks:        185.173.22.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:12:57:6e:a6:fb:14:d0:c1:b0:d0:c6:23:79:35:01:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
        Validity
            Not Before: Sep  6 10:27:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48ee7c416964aa7d863dfee595e9426f881d194c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ee:77:16:e5:07:ee:e6:2e:c7:6f:3e:68:85:
                    d3:7f:b7:ff:ea:a5:71:03:fd:17:c5:86:9b:fb:0c:
                    56:7a:cb:e8:ec:37:50:8b:2f:50:25:de:5c:de:6c:
                    0d:7e:20:4d:f3:84:84:df:69:05:d4:ed:fa:93:4d:
                    cb:94:e3:cd:4f:e0:aa:33:8e:cd:9d:47:ba:50:dd:
                    82:2c:01:bd:4a:91:ed:41:fa:09:63:b7:df:f9:d5:
                    ec:a8:ef:fe:18:8d:d5:3a:71:90:31:cc:b4:78:c3:
                    34:67:41:eb:be:cf:81:1f:f9:15:c0:a0:10:dd:9c:
                    68:14:17:e7:f1:90:c2:4f:45:2a:42:a2:b8:79:48:
                    b5:a1:d1:e5:58:d9:66:ec:c8:29:ca:5d:b9:79:b2:
                    4c:93:b2:05:4e:47:29:15:6b:f0:81:0f:92:8c:32:
                    87:8c:cf:f6:e0:a0:6b:ed:f4:3b:3c:13:6d:44:bc:
                    80:5e:3b:2d:08:7a:71:76:41:ad:4c:1e:64:a2:18:
                    85:fa:21:f6:7f:79:30:33:bf:2c:d2:f8:8c:ac:ac:
                    05:8d:cc:60:8e:bb:01:c6:aa:9c:84:49:0e:0c:f5:
                    c4:bc:a4:be:4c:7a:2f:eb:6d:78:a6:58:c2:f9:a3:
                    b4:06:62:c3:06:bd:fa:e0:6b:fe:20:3a:56:3b:cb:
                    d1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:EE:7C:41:69:64:AA:7D:86:3D:FE:E5:95:E9:42:6F:88:1D:19:4C
            X509v3 Authority Key Identifier:
                keyid:7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/SO58QWlkqn2GPf7llelCb4gdGUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:93:a1:f3:2d:61:97:70:10:50:f8:3f:0d:71:f9:3a:1b:ef:
         81:fa:65:41:e4:9a:6f:25:0f:15:0e:9a:ad:34:02:75:7d:a9:
         e5:cb:f0:a8:9e:2a:46:7b:f0:f5:f4:70:77:ba:78:e8:a5:54:
         98:6d:cb:85:28:6a:c2:2d:d6:cf:a7:d9:f3:72:b8:52:f9:05:
         2c:90:dd:95:4d:58:d3:5c:32:0b:2e:05:9d:7e:ef:ca:f1:f1:
         96:2a:73:1d:c3:52:8a:33:b9:5b:1d:83:2e:f8:1f:27:c8:b6:
         c9:79:ed:40:13:c0:07:b5:d9:0c:ca:a0:a6:45:33:45:7d:25:
         e6:b7:cc:7d:87:62:c9:16:ba:72:26:7d:bd:75:46:73:9b:05:
         5f:29:0a:a3:d4:17:c4:8f:60:51:f3:4f:87:9b:1a:8f:f6:24:
         18:e3:eb:94:c6:ae:98:0b:62:9f:e9:8a:c7:ef:3e:d9:be:1e:
         00:40:ff:83:40:10:57:1f:44:e9:4b:ec:23:b6:0b:24:d6:ba:
         a7:d3:c4:5e:0c:c1:2d:1f:f7:db:b1:d3:cc:d9:7a:35:27:95:
         0b:48:a2:bd:14:07:5d:d3:ae:65:a8:8c:c1:13:13:25:1a:d1:
         df:ca:b3:2a:95:b5:cb:ed:58:18:63:26:38:8c:75:6d:b3:f0:
         29:f5:61:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMSV26m+xTQwbDQxiN5NQEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODdmNmI5MTE5ZmE5ZGNkM2UxMmU3ZTZiZmI3MDZkZmY5
Nzg4MjUwHhcNMjIwOTA2MTAyNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVlN2M0MTY5NjRhYTdkODYzZGZlZTU5NWU5NDI2Zjg4MWQxOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe53FuUH7uYux28+aIXTf7f/6qVx
A/0XxYab+wxWesvo7DdQiy9QJd5c3mwNfiBN84SE32kF1O36k03LlOPNT+CqM47N
nUe6UN2CLAG9SpHtQfoJY7ff+dXsqO/+GI3VOnGQMcy0eMM0Z0Hrvs+BH/kVwKAQ
3ZxoFBfn8ZDCT0UqQqK4eUi1odHlWNlm7Mgpyl25ebJMk7IFTkcpFWvwgQ+SjDKH
jM/24KBr7fQ7PBNtRLyAXjstCHpxdkGtTB5kohiF+iH2f3kwM78s0viMrKwFjcxg
jrsBxqqchEkODPXEvKS+THov6214pljC+aO0BmLDBr364Gv+IDpWO8vR0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjufEFpZKp9hj3+5ZXpQm+IHRlMMB8GA1UdIwQY
MBaAFHuH9rkRn6nc0+Eufmv7cG3/l4glMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYt
ZDc4NTE0ZTllODEyLzEvU081OFFXbGtxbjJHUGY3bGxlbENiNGdkR1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYtZDc4NTE0ZTllODEy
LzEvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua0WMA0G
CSqGSIb3DQEBCwUAA4IBAQDGk6HzLWGXcBBQ+D8Ncfk6G++B+mVB5JpvJQ8VDpqt
NAJ1fanly/ConipGe/D19HB3unjopVSYbcuFKGrCLdbPp9nzcrhS+QUskN2VTVjT
XDILLgWdfu/K8fGWKnMdw1KKM7lbHYMu+B8nyLbJee1AE8AHtdkMyqCmRTNFfSXm
t8x9h2LJFrpyJn29dUZzmwVfKQqj1BfEj2BR80+HmxqP9iQY4+uUxq6YC2Kf6YrH
7z7Zvh4AQP+DQBBXH0TpS+wjtgsk1rqn08ReDMEtH/fbsdPM2Xo1J5ULSKK9FAdd
065lqIzBExMlGtHfyrMqlbXL7VgYYyY4jHVts/Ap9WHP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org