Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/h8Daklw-fkQ17lPxW38TwMTwLmk.roa
File:                     h8Daklw-fkQ17lPxW38TwMTwLmk.roa (raw, json)
Hash identifier:          X1adQY1xbLvwaBZymozqP+eZ3W8CcQInXLWlkzqpyF4=
Subject key identifier:   87:C0:DA:92:5C:3E:7E:44:35:EE:53:F1:5B:7F:13:C0:C4:F0:2E:69
Certificate issuer:       /CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
Certificate serial:       0CDEDAD1
Authority key identifier: B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/h8Daklw-fkQ17lPxW38TwMTwLmk.roa
Signing time:             Sat 01 Jan 2022 04:51:15 +0000
ROA not before:           Sat 01 Jan 2022 04:51:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209093
IP address blocks:        185.243.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215931601 (0xcdedad1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
        Validity
            Not Before: Jan  1 04:51:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87c0da925c3e7e4435ee53f15b7f13c0c4f02e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c9:43:61:ea:b0:70:5b:6d:64:2a:b8:f1:46:
                    25:a6:a0:fa:7c:c5:78:89:5b:ea:68:63:41:43:13:
                    36:5f:c8:13:08:a8:c4:8f:b0:da:77:0e:18:d2:df:
                    22:cf:46:d6:48:b8:a7:6c:1e:b2:76:e7:4d:26:19:
                    d3:c2:03:fb:2e:78:94:f8:a0:e6:fa:df:76:53:91:
                    c6:52:26:b8:f1:de:a6:b5:80:0c:2a:78:b2:98:16:
                    0a:69:43:2d:97:7f:05:df:fc:e1:86:63:ec:f3:f5:
                    4a:b7:73:d3:1e:7e:c0:b2:5a:54:ba:ff:5e:f0:76:
                    a9:13:f1:f3:c0:39:fd:b3:42:6f:00:75:17:14:c8:
                    c6:b0:1a:07:11:49:fe:de:75:a6:46:91:eb:39:ac:
                    95:5c:ec:58:74:4b:e6:bd:8c:96:5c:93:3e:05:52:
                    65:eb:c4:f6:df:1c:73:e8:b0:38:a1:cc:c9:06:43:
                    c8:11:da:ea:39:98:87:ea:33:7c:36:47:6c:7f:40:
                    3d:87:e1:e0:b0:c7:02:4e:a6:fc:fa:6e:ff:fe:10:
                    de:da:c7:51:62:1e:39:d5:db:ad:0a:e9:b9:69:71:
                    eb:5b:6c:ac:50:63:92:d8:01:eb:37:7b:3d:ed:14:
                    9d:1b:56:a1:69:32:71:9d:9a:b5:c9:b6:a5:79:f4:
                    75:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C0:DA:92:5C:3E:7E:44:35:EE:53:F1:5B:7F:13:C0:C4:F0:2E:69
            X509v3 Authority Key Identifier:
                keyid:B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/h8Daklw-fkQ17lPxW38TwMTwLmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/sFoGBOdodvoD5q2Gh_odtsY9OQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:30:23:13:dc:2c:fe:6c:ba:f8:9a:98:36:0c:7f:f9:5f:ad:
         bc:99:f8:0b:d5:92:0f:91:59:81:7e:14:ed:01:21:ea:9a:da:
         06:9e:4c:ca:8a:43:e1:27:8f:29:c2:8e:13:7b:40:5b:91:0f:
         c8:a1:69:8b:3c:b5:1b:7d:34:51:12:a4:2e:2f:25:98:d5:42:
         57:9a:7d:d0:bc:04:95:cc:95:e9:ee:f3:a1:17:6e:5f:bd:e9:
         e5:a7:11:04:cd:3f:57:58:f8:80:96:95:47:b2:f8:09:bd:25:
         55:43:ad:e7:a0:4e:f8:e9:7b:25:48:a1:82:9b:21:d6:8e:dc:
         fd:85:be:b8:f1:74:68:a3:6a:77:db:5e:d9:17:a1:89:2b:20:
         b1:b9:27:71:cf:14:02:5d:0f:00:90:2c:b4:04:61:50:b9:9d:
         63:5f:a2:3b:1a:53:be:25:2e:5e:f1:dd:a1:62:b8:e7:8b:e5:
         1b:a6:0e:ef:0b:b3:6f:be:f4:f5:2d:bd:e2:3a:1e:c3:56:4b:
         e5:98:4a:26:25:91:f9:09:cb:48:77:ab:1d:9d:ad:db:5a:4f:
         76:9e:1b:d0:fc:16:5c:30:c1:e6:24:96:7f:7c:e5:59:17:a0:
         43:01:78:5f:89:94:cc:3b:54:ad:bb:9a:76:87:f1:81:b2:b3:
         5a:82:37:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDN7a0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVhMDYwNGU3Njg3NmZhMDNlNmFkODY4N2ZhMWRiNmM2M2QzOTA4MB4XDTIyMDEw
MTA0NTExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdjMGRhOTI1YzNl
N2U0NDM1ZWU1M2YxNWI3ZjEzYzBjNGYwMmU2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3JQ2HqsHBbbWQquPFGJaag+nzFeIlb6mhjQUMTNl/IEwio
xI+w2ncOGNLfIs9G1ki4p2wesnbnTSYZ08ID+y54lPig5vrfdlORxlImuPHeprWA
DCp4spgWCmlDLZd/Bd/84YZj7PP1Srdz0x5+wLJaVLr/XvB2qRPx88A5/bNCbwB1
FxTIxrAaBxFJ/t51pkaR6zmslVzsWHRL5r2MllyTPgVSZevE9t8cc+iwOKHMyQZD
yBHa6jmYh+ozfDZHbH9APYfh4LDHAk6m/Ppu//4Q3trHUWIeOdXbrQrpuWlx61ts
rFBjktgB6zd7Pe0UnRtWoWkycZ2atcm2pXn0dS0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHwNqSXD5+RDXuU/FbfxPAxPAuaTAfBgNVHSMEGDAWgBSwWgYE52h2+gPm
rYaH+h22xj05CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGb0dCT2RvZHZvRDVxMkdoX29kdHNZOU9RZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvODFhYTQ5LThiNGEtNGMyOC1hNTc4LWE2MDU3MTdkMzRhZS8x
L2g4RGFrbHctZmtRMTdsUHhXMzhUd01Ud0xtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
ODFhYTQ5LThiNGEtNGMyOC1hNTc4LWE2MDU3MTdkMzRhZS8xL3NGb0dCT2RvZHZv
RDVxMkdoX29kdHNZOU9RZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnzFTANBgkqhkiG9w0BAQsFAAOC
AQEAYTAjE9ws/my6+JqYNgx/+V+tvJn4C9WSD5FZgX4U7QEh6praBp5MyopD4SeP
KcKOE3tAW5EPyKFpizy1G300URKkLi8lmNVCV5p90LwElcyV6e7zoRduX73p5acR
BM0/V1j4gJaVR7L4Cb0lVUOt56BO+Ol7JUihgpsh1o7c/YW+uPF0aKNqd9te2Reh
iSsgsbkncc8UAl0PAJAstARhULmdY1+iOxpTviUuXvHdoWK454vlG6YO7wuzb770
9S294joew1ZL5ZhKJiWR+QnLSHerHZ2t21pPdp4b0PwWXDDB5iSWf3zlWRegQwF4
X4mUzDtUrbuadofxgbKzWoI3TA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org