Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/uzkdEacgcQ4DyE3B80zCPTGbIu0.roa
File:                     uzkdEacgcQ4DyE3B80zCPTGbIu0.roa (raw, json)
Hash identifier:          ud8OPpnEzqp1bLrH20w2//UkAeljo2ji1HtDYbk8MtU=
Subject key identifier:   BB:39:1D:11:A7:20:71:0E:03:C8:4D:C1:F3:4C:C2:3D:31:9B:22:ED
Certificate issuer:       /CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
Certificate serial:       171E7E7F
Authority key identifier: F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/uzkdEacgcQ4DyE3B80zCPTGbIu0.roa
Signing time:             Sat 01 Jan 2022 05:58:03 +0000
ROA not before:           Sat 01 Jan 2022 05:58:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59779
IP address blocks:        185.57.50.0/24 maxlen: 24
                          185.57.48.0/23 maxlen: 23
                          185.12.180.0/22 maxlen: 22
                          2a02:57e0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 387874431 (0x171e7e7f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
        Validity
            Not Before: Jan  1 05:58:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb391d11a720710e03c84dc1f34cc23d319b22ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:81:2f:ae:14:06:b1:a9:dc:79:8d:a2:36:9b:
                    04:f4:ef:89:47:51:4a:48:2c:f9:38:81:de:b2:87:
                    c8:bc:5d:16:5b:c7:af:72:9a:a9:83:b0:de:e8:3b:
                    c5:bc:c5:e0:75:83:fb:4b:e9:1f:f7:9b:67:36:d9:
                    a3:8e:7b:41:95:8b:3c:08:b8:55:a7:c4:4c:d2:86:
                    fc:b1:a2:79:3c:09:15:67:30:96:72:01:0a:50:36:
                    e2:ba:28:6f:88:3b:3b:73:6d:a8:f3:2b:a0:16:01:
                    14:e8:42:79:f4:ee:31:2e:15:36:37:3a:48:ba:8b:
                    f3:9b:92:f0:7d:7e:a2:15:aa:15:93:39:d4:48:b2:
                    3d:97:5c:e4:2c:19:bb:d8:d5:73:20:56:65:6f:5a:
                    81:57:90:64:47:8f:4d:18:1b:a1:ae:ec:2d:16:9d:
                    4c:0f:3b:fe:97:4e:8a:32:71:38:7a:30:a4:dc:09:
                    2e:eb:f2:57:6b:ff:ce:76:58:00:43:cc:24:8c:ce:
                    33:77:85:7f:5a:00:a5:6b:ac:50:c1:ae:19:15:c5:
                    23:43:9b:bd:90:e3:e2:47:9d:02:b5:48:f9:97:ea:
                    85:f5:e7:bf:6c:d2:a8:1e:4b:2f:98:00:c5:8c:85:
                    e2:55:30:7d:6e:4e:08:6d:1e:76:92:f9:7c:2e:4d:
                    93:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:39:1D:11:A7:20:71:0E:03:C8:4D:C1:F3:4C:C2:3D:31:9B:22:ED
            X509v3 Authority Key Identifier:
                keyid:F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/uzkdEacgcQ4DyE3B80zCPTGbIu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/1-F0AREYYLVH9OPf3X-KlyGCLyG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.180.0/22
                  185.57.48.0-185.57.50.255
                IPv6:
                  2a02:57e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ab:e9:7c:7e:55:83:f5:5b:73:25:b7:84:4c:3d:a2:a6:2b:7c:
         bb:8a:8b:e1:27:9c:49:a9:88:b5:51:8c:32:89:6a:f1:64:86:
         02:b5:0d:23:6f:ec:d8:0d:a6:7c:28:c9:6b:27:03:e9:bd:f1:
         41:cf:86:b3:8c:07:d5:55:e7:27:8d:13:83:39:94:d9:1c:91:
         e7:06:c0:8f:4b:a1:9f:cc:f5:93:ee:a8:47:82:e1:74:02:43:
         33:a3:fe:c9:d2:09:81:ce:f0:79:f1:dc:6b:38:b9:8d:cc:8e:
         08:94:bc:c8:fe:0a:29:1d:3e:23:6b:b8:b2:46:8b:2b:da:58:
         a7:78:b1:c4:8f:4b:ca:de:d7:01:99:a4:b8:c5:b5:74:68:48:
         86:97:8c:08:d3:9b:32:51:bb:2f:b0:87:94:87:94:e8:27:35:
         d4:5f:56:35:ed:e5:d7:d7:cd:36:62:e4:5f:cf:2b:7a:8e:d2:
         e1:fd:19:60:a6:64:fc:97:3a:8d:ff:47:08:3b:98:b9:08:af:
         2d:20:be:3d:dd:1f:73:6e:a6:aa:2e:d4:a3:1a:0c:1a:cd:5f:
         fa:bf:12:f3:a8:f6:96:89:98:5c:59:a6:73:11:1e:32:da:fc:
         5d:77:41:41:ea:64:f6:3e:7f:ea:97:d4:c3:08:1b:3a:10:49:
         b2:4d:78:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEFx5+fzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODVkMDA0NDQ2MTgyZDUxZmQzOGY3Zjc1ZmUyYTVjODYwOGJjODZkMB4XDTIyMDEw
MTA1NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmIzOTFkMTFhNzIw
NzEwZTAzYzg0ZGMxZjM0Y2MyM2QzMTliMjJlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOBL64UBrGp3HmNojabBPTviUdRSkgs+TiB3rKHyLxdFlvH
r3KaqYOw3ug7xbzF4HWD+0vpH/ebZzbZo457QZWLPAi4VafETNKG/LGieTwJFWcw
lnIBClA24roob4g7O3NtqPMroBYBFOhCefTuMS4VNjc6SLqL85uS8H1+ohWqFZM5
1EiyPZdc5CwZu9jVcyBWZW9agVeQZEePTRgboa7sLRadTA87/pdOijJxOHowpNwJ
LuvyV2v/znZYAEPMJIzOM3eFf1oApWusUMGuGRXFI0ObvZDj4kedArVI+ZfqhfXn
v2zSqB5LL5gAxYyF4lUwfW5OCG0edpL5fC5Nk/sCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBS7OR0RpyBxDgPITcHzTMI9MZsi7TAfBgNVHSMEGDAWgBT4XQBERhgtUf04
9/df4qXIYIvIbTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRjBBUkVZWUxWSDlPUGYzWC1LbHlHQ0x5RzAuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzJhL2M5ZGI1Mi1hYzkxLTQwNmEtOWY5NS0wODBlZTBhOTdmNmEv
MS91emtkRWFjZ2NRNER5RTNCODB6Q1BUR2JJdTAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJh
L2M5ZGI1Mi1hYzkxLTQwNmEtOWY5NS0wODBlZTBhOTdmNmEvMS8xLUYwQVJFWVlM
Vkg5T1BmM1gtS2x5R0NMeUcwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuQy0MAwDBAS5OTADBAC5OTIw
DQQCAAIwBwMFACoCV+AwDQYJKoZIhvcNAQELBQADggEBAKvpfH5Vg/VbcyW3hEw9
oqYrfLuKi+EnnEmpiLVRjDKJavFkhgK1DSNv7NgNpnwoyWsnA+m98UHPhrOMB9VV
5yeNE4M5lNkckecGwI9LoZ/M9ZPuqEeC4XQCQzOj/snSCYHO8Hnx3Gs4uY3MjgiU
vMj+CikdPiNruLJGiyvaWKd4scSPS8re1wGZpLjFtXRoSIaXjAjTmzJRuy+wh5SH
lOgnNdRfVjXt5dfXzTZi5F/PK3qO0uH9GWCmZPyXOo3/Rwg7mLkIry0gvj3dH3Nu
pqou1KMaDBrNX/q/EvOo9paJmFxZpnMRHjLa/F13QUHqZPY+f+qX1MMIGzoQSbJN
eNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:18 2024 by rpki-client on console-ams.rpki-client.org