Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/Zhwq23cX-TDZpIylZARgY6GGZMw.roa
File:                     Zhwq23cX-TDZpIylZARgY6GGZMw.roa (raw, json)
Hash identifier:          PUqF3CYaxmjAbUHYDErp8KbR9gbF2KEtXn6HFcUN+Ik=
Subject key identifier:   66:1C:2A:DB:77:17:F9:30:D9:A4:8C:A5:64:04:60:63:A1:86:64:CC
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       CDA096
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/Zhwq23cX-TDZpIylZARgY6GGZMw.roa
Signing time:             Tue 01 Mar 2022 18:38:57 +0000
ROA not before:           Tue 01 Mar 2022 18:38:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        185.115.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13475990 (0xcda096)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Mar  1 18:38:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=661c2adb7717f930d9a48ca564046063a18664cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:80:7c:0c:4b:d9:21:f9:56:2f:4b:b4:60:70:
                    60:e0:c7:9f:c3:ce:81:7f:3d:84:83:09:50:6e:53:
                    19:5f:8c:e1:7e:93:06:61:ff:c9:32:d2:69:f7:c6:
                    d9:54:01:a7:63:67:69:32:25:96:37:f8:8b:ed:ee:
                    ff:77:5c:67:65:01:eb:5f:20:49:c7:30:a4:d5:df:
                    33:bb:50:a9:ac:a0:0f:ac:88:73:3d:82:39:4d:33:
                    8b:29:a1:1e:d2:69:41:6e:e9:53:2b:48:59:85:34:
                    a2:20:a9:da:95:f3:cb:50:46:a1:03:84:68:19:3f:
                    ce:16:64:fe:d3:49:bc:41:ef:f3:e8:f8:4f:97:a1:
                    1b:8f:c7:0d:13:bd:9b:07:76:77:cc:37:44:29:3b:
                    02:28:e1:a9:f4:a7:5c:78:fb:a4:9e:ae:41:0d:6a:
                    fc:e1:73:f6:a2:ed:a6:ba:b0:44:71:3c:08:ae:fa:
                    2c:e8:a6:e2:63:29:f2:ef:1f:22:ce:05:3a:09:62:
                    50:ea:6a:3a:44:c6:f8:45:de:56:53:4b:3d:4e:0e:
                    03:b9:89:64:3e:fd:c7:7c:90:eb:cb:f5:bb:ba:1e:
                    3d:de:89:8c:3d:28:3e:c2:7c:99:6d:23:85:91:ce:
                    6d:f2:7c:54:1f:a7:eb:ca:a5:6f:b9:d0:b1:20:0c:
                    18:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:1C:2A:DB:77:17:F9:30:D9:A4:8C:A5:64:04:60:63:A1:86:64:CC
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/Zhwq23cX-TDZpIylZARgY6GGZMw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:a3:66:25:9b:6f:2c:8f:52:6e:df:05:83:93:af:03:bf:8b:
         bb:12:1a:e9:60:83:45:f2:a5:b6:df:3e:ca:0a:34:87:4e:0c:
         1e:4a:11:fe:d7:89:db:c1:5e:b4:f7:66:07:bb:6f:ba:a6:af:
         0d:50:35:ed:2f:4e:9d:d4:b5:06:88:ec:f1:5b:e8:f8:0e:7b:
         c6:96:76:b8:51:42:2e:80:65:ed:20:ba:72:f1:53:9b:28:f8:
         98:da:05:be:2f:45:b9:82:99:98:70:70:f6:b5:56:ce:b3:86:
         a2:eb:ae:87:07:ca:33:bd:21:ea:94:c8:33:6b:a9:77:07:3c:
         20:b1:75:8e:5b:fb:31:4a:ec:12:90:dc:bf:2f:a7:5b:a8:6a:
         86:ac:ee:fb:d2:69:52:f1:c0:e6:b1:94:89:6c:09:b0:88:ae:
         52:89:6b:ce:69:16:20:5b:89:28:8d:fc:ef:97:37:34:04:dc:
         ad:c2:5a:b1:85:0a:03:e4:bc:fe:40:eb:4a:ce:68:b7:ed:80:
         09:82:94:c3:61:57:5d:7d:fd:3e:9b:d3:e6:89:db:e3:6b:04:
         6a:8e:bb:b1:6e:42:0b:d5:49:38:1b:00:47:30:2d:1b:a5:71:
         52:dd:55:23:59:df:03:81:a9:5c:ff:2d:d9:3e:7a:95:97:61:
         3d:aa:c3:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAM2gljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODEwN2FiNjkyMWVmOGNiMmRlY2EzZWI3NjY0NzhjZmYzZTVmYzZkMB4XDTIyMDMw
MTE4Mzg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjYxYzJhZGI3NzE3
ZjkzMGQ5YTQ4Y2E1NjQwNDYwNjNhMTg2NjRjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeAfAxL2SH5Vi9LtGBwYODHn8POgX89hIMJUG5TGV+M4X6T
BmH/yTLSaffG2VQBp2NnaTIlljf4i+3u/3dcZ2UB618gSccwpNXfM7tQqaygD6yI
cz2COU0ziymhHtJpQW7pUytIWYU0oiCp2pXzy1BGoQOEaBk/zhZk/tNJvEHv8+j4
T5ehG4/HDRO9mwd2d8w3RCk7AijhqfSnXHj7pJ6uQQ1q/OFz9qLtprqwRHE8CK76
LOim4mMp8u8fIs4FOgliUOpqOkTG+EXeVlNLPU4OA7mJZD79x3yQ68v1u7oePd6J
jD0oPsJ8mW0jhZHObfJ8VB+n68qlb7nQsSAMGJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmHCrbdxf5MNmkjKVkBGBjoYZkzDAfBgNVHSMEGDAWgBQoEHq2kh74yy3s
o+t2ZHjP8+X8bTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tCQjZ0cEllLU1zdDdLUHJkbVI0el9QbF9HMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvMDg4MjZlLTc3ZDAtNDM3Yi1hMWMyLWMwZmIzZWY3NjQwZS8x
L1pod3EyM2NYLVREWnBJeWxaQVJnWTZHR1pNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
MDg4MjZlLTc3ZDAtNDM3Yi1hMWMyLWMwZmIzZWY3NjQwZS8xL0tCQjZ0cEllLU1z
dDdLUHJkbVI0el9QbF9HMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlzzzANBgkqhkiG9w0BAQsFAAOC
AQEAmqNmJZtvLI9Sbt8Fg5OvA7+LuxIa6WCDRfKltt8+ygo0h04MHkoR/teJ28Fe
tPdmB7tvuqavDVA17S9OndS1Bojs8Vvo+A57xpZ2uFFCLoBl7SC6cvFTmyj4mNoF
vi9FuYKZmHBw9rVWzrOGouuuhwfKM70h6pTIM2updwc8ILF1jlv7MUrsEpDcvy+n
W6hqhqzu+9JpUvHA5rGUiWwJsIiuUolrzmkWIFuJKI3875c3NATcrcJasYUKA+S8
/kDrSs5ot+2ACYKUw2FXXX39PpvT5onb42sEao67sW5CC9VJOBsARzAtG6VxUt1V
I1nfA4GpXP8t2T56lZdhParDuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org