Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/sildhcUBd_7VbebBBO2mhWXlbuI.roa
File:                     sildhcUBd_7VbebBBO2mhWXlbuI.roa (raw, json)
Hash identifier:          MCESDtQ0vvL2ee/lVgFbW6mvXvQfJ0tzoi1RKR7HGes=
Subject key identifier:   B2:29:5D:85:C5:01:77:FE:D5:6D:E6:C1:04:ED:A6:85:65:E5:6E:E2
Certificate issuer:       /CN=7b89385c0002330b096567b21514d8e1bc09689f
Certificate serial:       0941B8D7
Authority key identifier: 7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/sildhcUBd_7VbebBBO2mhWXlbuI.roa
Signing time:             Sat 01 Jan 2022 07:00:30 +0000
ROA not before:           Sat 01 Jan 2022 07:00:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51580
IP address blocks:        185.212.16.0/22 maxlen: 24
                          185.143.152.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155302103 (0x941b8d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b89385c0002330b096567b21514d8e1bc09689f
        Validity
            Not Before: Jan  1 07:00:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2295d85c50177fed56de6c104eda68565e56ee2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:27:29:52:14:81:58:7c:b0:6d:f3:9e:9d:05:
                    f4:97:af:33:90:4a:62:f1:50:4d:14:89:fd:2f:c8:
                    2a:31:19:bc:9b:71:b3:d1:04:b0:eb:2a:d7:b5:a8:
                    59:16:d6:14:d5:ca:9c:fa:d8:65:df:06:3b:c9:53:
                    e8:ae:2c:10:19:0c:c8:c1:28:8d:53:ae:33:89:4d:
                    81:b6:11:35:d5:44:f8:22:af:c4:58:c3:85:5e:75:
                    07:e5:2f:9e:1b:19:8c:5d:de:f9:81:5f:46:02:65:
                    88:27:d9:94:8e:43:54:34:06:e2:45:f4:61:7d:f5:
                    f8:6b:d5:ef:e1:87:81:ed:d1:87:12:ba:6a:12:4f:
                    db:40:dc:d3:df:65:14:53:bc:2f:d4:77:96:f7:aa:
                    22:f8:d9:57:8f:bc:80:4b:9c:17:36:52:c5:d6:66:
                    d7:3d:1f:f4:16:69:72:f4:53:a5:50:07:c3:a1:43:
                    94:a3:67:be:b7:16:9c:8d:be:f0:75:9e:7e:e2:bd:
                    50:ac:92:6f:d6:91:c4:90:ec:81:63:19:33:a3:cd:
                    21:bb:28:eb:dd:19:d2:05:89:06:52:f1:cd:f7:26:
                    b2:2c:45:36:c8:41:a1:2a:a9:1f:b3:af:33:50:fb:
                    66:79:68:e3:9c:9d:2a:f5:df:31:c3:78:13:07:cd:
                    db:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:29:5D:85:C5:01:77:FE:D5:6D:E6:C1:04:ED:A6:85:65:E5:6E:E2
            X509v3 Authority Key Identifier:
                keyid:7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/sildhcUBd_7VbebBBO2mhWXlbuI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/e4k4XAACMwsJZWeyFRTY4bwJaJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.143.152.0/22
                  185.212.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:de:bd:32:fe:53:16:dc:05:51:46:32:d8:dd:c4:39:8f:f2:
         8e:c9:26:0a:60:e9:6c:56:3b:d3:f2:1f:5c:79:5d:86:fc:91:
         14:d4:b4:9b:85:de:de:25:8d:9a:99:9a:7f:f6:b6:a2:f9:95:
         e7:5f:a8:2b:90:93:cf:ba:a6:4a:92:aa:43:d4:22:ba:39:4f:
         66:04:24:ca:d5:72:9a:2b:85:05:1d:4c:d2:be:6f:56:3b:6f:
         c2:9c:24:20:02:d1:1e:50:b9:3b:6e:cf:83:12:27:a4:90:12:
         17:de:37:2a:41:04:96:76:31:62:8f:61:1a:11:75:3a:f3:f9:
         88:3e:92:6b:60:d9:5b:14:9f:e5:26:ec:8d:62:32:48:1e:0c:
         74:10:b9:a0:c6:d5:fd:7a:00:c5:db:96:aa:74:93:27:4d:5e:
         3c:b4:eb:a3:80:a7:79:c7:d2:c3:97:3c:bf:8b:53:29:b2:15:
         44:77:58:60:0f:4e:15:65:a6:b2:1d:e4:5f:e5:77:44:40:17:
         c2:94:1f:3f:8e:1c:97:d7:65:2b:60:4d:fc:14:c4:8d:b6:1a:
         83:0d:32:b8:e4:f7:37:05:41:6b:a8:bd:7d:f2:af:03:b5:36:
         ef:fc:7c:cd:6e:d4:cf:ba:af:1a:d6:0e:05:ad:94:b8:d6:df:
         e9:d3:56:27
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECUG41zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Yjg5Mzg1YzAwMDIzMzBiMDk2NTY3YjIxNTE0ZDhlMWJjMDk2ODlmMB4XDTIyMDEw
MTA3MDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIyOTVkODVjNTAx
NzdmZWQ1NmRlNmMxMDRlZGE2ODU2NWU1NmVlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8nKVIUgVh8sG3znp0F9JevM5BKYvFQTRSJ/S/IKjEZvJtx
s9EEsOsq17WoWRbWFNXKnPrYZd8GO8lT6K4sEBkMyMEojVOuM4lNgbYRNdVE+CKv
xFjDhV51B+UvnhsZjF3e+YFfRgJliCfZlI5DVDQG4kX0YX31+GvV7+GHge3RhxK6
ahJP20Dc099lFFO8L9R3lveqIvjZV4+8gEucFzZSxdZm1z0f9BZpcvRTpVAHw6FD
lKNnvrcWnI2+8HWefuK9UKySb9aRxJDsgWMZM6PNIbso690Z0gWJBlLxzfcmsixF
NshBoSqpH7OvM1D7Znlo45ydKvXfMcN4EwfN21UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSyKV2FxQF3/tVt5sEE7aaFZeVu4jAfBgNVHSMEGDAWgBR7iThcAAIzCwll
Z7IVFNjhvAlonzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U0azRYQUFDTXdzSlpXZXlGUlRZNGJ3SmFKOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvMzc5ODE2LWQ2YjQtNDJiNS05NWFkLWZlMjc5MjFlMTU0Mi8x
L3NpbGRoY1VCZF83VmJlYkJCTzJtaFdYbGJ1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
Mzc5ODE2LWQ2YjQtNDJiNS05NWFkLWZlMjc5MjFlMTU0Mi8xL2U0azRYQUFDTXdz
SlpXZXlGUlRZNGJ3SmFKOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmPmAMEArnUEDANBgkqhkiG9w0B
AQsFAAOCAQEAC969Mv5TFtwFUUYy2N3EOY/yjskmCmDpbFY70/IfXHldhvyRFNS0
m4Xe3iWNmpmaf/a2ovmV51+oK5CTz7qmSpKqQ9QiujlPZgQkytVymiuFBR1M0r5v
VjtvwpwkIALRHlC5O27PgxInpJASF943KkEElnYxYo9hGhF1OvP5iD6Sa2DZWxSf
5SbsjWIySB4MdBC5oMbV/XoAxduWqnSTJ01ePLTro4CnecfSw5c8v4tTKbIVRHdY
YA9OFWWmsh3kX+V3REAXwpQfP44cl9dlK2BN/BTEjbYagw0yuOT3NwVBa6i9ffKv
A7U27/x8zW7Uz7qvGtYOBa2UuNbf6dNWJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org