Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/5lKw0TdU6mdOohj8zY27-FlgAMA.roa
File:                     5lKw0TdU6mdOohj8zY27-FlgAMA.roa (raw, json)
Hash identifier:          xwVriJEJWf2+2hFjloKV8eDxGOikJHn+i0WdP0GRbt0=
Subject key identifier:   E6:52:B0:D1:37:54:EA:67:4E:A2:18:FC:CD:8D:BB:F8:59:60:00:C0
Certificate issuer:       /CN=40fc07299711adfa222e27b128b76d1d97450582
Certificate serial:       03707B09
Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/5lKw0TdU6mdOohj8zY27-FlgAMA.roa
Signing time:             Sat 01 Jan 2022 11:02:40 +0000
ROA not before:           Sat 01 Jan 2022 11:02:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204158
IP address blocks:        185.112.4.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57703177 (0x3707b09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582
        Validity
            Not Before: Jan  1 11:02:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e652b0d13754ea674ea218fccd8dbbf8596000c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:42:68:dd:e1:af:9a:10:59:c9:2b:fc:dd:30:
                    da:99:89:a8:17:bd:3b:fd:22:2e:89:41:ea:f6:d2:
                    f3:26:81:ea:db:67:5c:70:31:ca:a8:0d:12:d3:f5:
                    2a:ad:f7:3e:ed:f8:42:b9:2d:12:2e:9f:da:24:eb:
                    0a:e4:a1:d5:09:6e:ca:63:51:3d:03:19:8e:ff:a8:
                    c6:5d:77:37:65:4f:56:68:77:da:49:8e:91:8f:e3:
                    b2:a5:9c:40:64:cd:ad:66:44:6e:dc:fd:2e:dd:6d:
                    ae:d1:fb:e7:fa:d2:c5:e3:b4:88:e6:ce:b0:37:6d:
                    7f:9f:3b:eb:0d:4c:56:47:24:f9:25:70:0e:90:aa:
                    d1:eb:37:0f:5f:4b:91:b0:5f:2b:da:5f:ad:36:a5:
                    57:91:da:b5:c1:d7:71:80:98:34:21:39:e0:23:1f:
                    f9:b2:f5:52:94:4a:c4:ce:1e:0b:87:b0:b0:f4:f4:
                    57:5a:59:6f:3e:36:f5:2a:de:16:5f:18:80:4c:9f:
                    61:5f:31:5d:2c:0b:ad:45:b5:db:e6:b0:9d:59:5f:
                    32:48:91:1f:2b:d2:34:9e:b6:25:11:98:42:79:a6:
                    aa:8e:ca:3b:86:2c:9c:04:36:fe:fe:01:08:09:89:
                    bd:1f:5d:e3:16:eb:ef:08:90:53:9c:0a:9f:1a:de:
                    02:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:52:B0:D1:37:54:EA:67:4E:A2:18:FC:CD:8D:BB:F8:59:60:00:C0
            X509v3 Authority Key Identifier:
                keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/5lKw0TdU6mdOohj8zY27-FlgAMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.112.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:84:37:9a:ba:89:4f:9a:ff:47:a5:46:06:80:5c:15:38:a7:
         72:51:6c:1e:de:b9:28:2a:ca:09:56:20:bb:8f:3b:b1:50:eb:
         ed:6b:aa:7f:a9:75:69:d7:f1:04:93:a8:cc:2c:2f:1e:28:23:
         13:60:ac:b0:2c:2e:b4:9c:4e:b1:69:e7:42:60:cd:ce:4d:e5:
         e6:b0:5e:4a:80:87:91:ef:74:32:d3:d1:88:85:aa:8b:68:d2:
         e8:88:54:77:95:1f:21:e2:4a:1a:ea:3d:04:bc:37:ce:97:23:
         06:5c:d9:84:15:68:e4:27:74:ef:ea:63:0f:6f:68:d3:16:6e:
         96:38:f7:fe:92:57:fa:39:1e:5f:4d:57:0b:61:fc:03:8d:6d:
         01:76:4a:eb:a1:74:16:ff:70:c2:1a:69:1f:8c:dc:57:7c:35:
         5e:de:0c:a0:fc:d8:6d:b7:fc:28:21:67:b4:04:d1:40:b6:d8:
         da:9a:17:dc:fb:82:c3:80:23:82:5e:37:88:30:14:50:c3:54:
         91:4a:98:6a:df:07:76:7d:c0:d2:17:0c:ad:92:4e:27:6a:4e:
         05:f4:dd:35:eb:0c:c1:f5:9e:44:c5:9a:24:0f:9c:91:54:7d:
         06:a3:86:8a:de:d3:c4:c2:bd:15:3b:13:3c:c7:2a:1b:ad:74:
         ef:6b:f9:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3B7CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGZjMDcyOTk3MTFhZGZhMjIyZTI3YjEyOGI3NmQxZDk3NDUwNTgyMB4XDTIyMDEw
MTExMDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY1MmIwZDEzNzU0
ZWE2NzRlYTIxOGZjY2Q4ZGJiZjg1OTYwMDBjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBCaN3hr5oQWckr/N0w2pmJqBe9O/0iLolB6vbS8yaB6ttn
XHAxyqgNEtP1Kq33Pu34QrktEi6f2iTrCuSh1QluymNRPQMZjv+oxl13N2VPVmh3
2kmOkY/jsqWcQGTNrWZEbtz9Lt1trtH75/rSxeO0iObOsDdtf5876w1MVkck+SVw
DpCq0es3D19LkbBfK9pfrTalV5HatcHXcYCYNCE54CMf+bL1UpRKxM4eC4ewsPT0
V1pZbz429SreFl8YgEyfYV8xXSwLrUW12+awnVlfMkiRHyvSNJ62JRGYQnmmqo7K
O4YsnAQ2/v4BCAmJvR9d4xbr7wiQU5wKnxreAqcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTmUrDRN1TqZ06iGPzNjbv4WWAAwDAfBgNVHSMEGDAWgBRA/AcplxGt+iIu
J7Eot20dl0UFgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FQd0hLWmNScmZvaUxpZXhLTGR0SFpkRkJZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNWRjODdhLWYzMjktNGM0NC04MjM1LTc3ZTNiZWFiNjFlYi8x
LzVsS3cwVGRVNm1kT29oajh6WTI3LUZsZ0FNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NWRjODdhLWYzMjktNGM0NC04MjM1LTc3ZTNiZWFiNjFlYi8xL1FQd0hLWmNScmZv
aUxpZXhLTGR0SFpkRkJZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlwBDANBgkqhkiG9w0BAQsFAAOC
AQEAKoQ3mrqJT5r/R6VGBoBcFTinclFsHt65KCrKCVYgu487sVDr7Wuqf6l1adfx
BJOozCwvHigjE2CssCwutJxOsWnnQmDNzk3l5rBeSoCHke90MtPRiIWqi2jS6IhU
d5UfIeJKGuo9BLw3zpcjBlzZhBVo5Cd07+pjD29o0xZuljj3/pJX+jkeX01XC2H8
A41tAXZK66F0Fv9wwhppH4zcV3w1Xt4MoPzYbbf8KCFntATRQLbY2poX3PuCw4Aj
gl43iDAUUMNUkUqYat8Hdn3A0hcMrZJOJ2pOBfTdNesMwfWeRMWaJA+ckVR9BqOG
it7TxMK9FTsTPMcqG61072v5pA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:05 2024 by rpki-client on console-ams.rpki-client.org