Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/EIcPUfun9Ly2B7hS5yNBcP29_Y8.roa
File:                     EIcPUfun9Ly2B7hS5yNBcP29_Y8.roa (raw, json)
Hash identifier:          ZpBU//KRvt/RV3eieea4D5JftugD2ng1o8T+vLInWP4=
Subject key identifier:   10:87:0F:51:FB:A7:F4:BC:B6:07:B8:52:E7:23:41:70:FD:BD:FD:8F
Certificate issuer:       /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial:       30101C7C
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/EIcPUfun9Ly2B7hS5yNBcP29_Y8.roa
Signing time:             Sat 01 Jan 2022 02:01:02 +0000
ROA not before:           Sat 01 Jan 2022 02:01:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207044
IP address blocks:        185.12.157.0/24 maxlen: 24
                          185.12.156.0/23 maxlen: 24
                          185.12.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 806362236 (0x30101c7c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
        Validity
            Not Before: Jan  1 02:01:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10870f51fba7f4bcb607b852e7234170fdbdfd8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:dd:17:53:a5:57:0a:b4:d8:aa:d6:0e:56:03:
                    2c:aa:18:38:f4:89:0c:20:69:63:a7:51:ee:14:ce:
                    e5:1b:aa:a8:04:43:32:63:45:8c:9e:1a:81:18:15:
                    94:cb:63:8d:7a:19:5c:d2:ee:d4:77:d4:63:07:53:
                    35:32:41:ab:26:7c:a3:91:e4:48:7f:92:98:fd:06:
                    d9:40:42:dd:04:94:d2:fe:5c:51:54:fe:0f:bc:15:
                    4f:28:06:b3:0c:fe:79:b8:43:dc:54:b8:de:dc:3a:
                    c0:c5:61:07:fe:a8:ba:23:30:b3:0e:98:2d:10:b9:
                    c5:e2:21:76:c3:10:d4:60:a6:38:71:67:89:17:95:
                    bf:85:b9:68:9a:cc:9d:e3:a2:88:6c:9c:39:21:7d:
                    bc:8c:12:6b:39:c3:3c:d5:7c:95:be:3f:64:8e:6a:
                    ad:5f:ea:6d:06:f5:99:08:e8:82:c1:9a:31:b8:99:
                    fd:c5:b6:1f:a2:5c:2b:24:15:42:86:e3:68:5f:81:
                    9d:70:b2:41:39:12:40:88:91:92:1c:dc:0f:69:82:
                    7c:6f:da:5e:fa:c9:17:3d:69:c4:f1:05:a3:d8:63:
                    06:9f:1c:65:85:49:db:26:a1:85:a2:3b:fa:86:cc:
                    02:c8:10:8b:18:a1:20:30:40:08:99:08:16:98:17:
                    bd:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:87:0F:51:FB:A7:F4:BC:B6:07:B8:52:E7:23:41:70:FD:BD:FD:8F
            X509v3 Authority Key Identifier:
                keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/EIcPUfun9Ly2B7hS5yNBcP29_Y8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:3e:66:a7:4e:29:c0:64:f3:8d:0e:28:be:39:37:3f:53:3b:
         42:c3:cc:94:64:73:5e:33:b4:c5:38:cc:4a:a5:c8:1b:65:c2:
         b1:7f:df:2e:33:55:52:4f:76:19:56:bc:a2:9d:77:8c:da:d9:
         14:76:9d:ce:4b:98:dc:6c:ca:29:d3:23:af:47:c1:2c:82:a7:
         b1:4c:dd:06:4f:d7:fb:5c:19:7a:ed:24:58:1a:8e:6b:26:13:
         b6:b6:cb:ba:f6:f0:8f:c6:57:23:01:5e:ae:9e:d4:e9:31:64:
         76:d9:a9:2d:cc:ee:19:c1:10:e0:4a:20:0b:d0:84:a5:50:e1:
         ba:a3:5c:27:76:3e:a0:7f:ba:30:0e:ed:90:f2:d6:6a:4f:ed:
         85:c1:3a:df:1b:89:d4:8a:78:ca:ae:22:4e:29:78:f5:51:b3:
         d7:1c:48:dc:7e:da:8e:df:3f:2d:4f:46:0e:11:05:71:d0:bc:
         d2:44:e2:09:b8:c3:9a:0e:b1:51:b0:20:68:07:12:f0:b3:7d:
         9b:58:be:b5:35:b1:46:7d:fc:50:e8:97:b3:91:ea:e5:77:e0:
         13:b6:f2:ec:a1:92:c6:95:5c:1f:70:cd:dd:77:97:cf:48:c4:
         c9:ee:11:4c:87:2b:28:f2:b1:99:d4:a2:99:b5:30:f0:26:76:
         3d:4a:cf:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMBAcfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQ3MDVhMzYzZGMxZDhkMGVhNTFjOWI5YTFlY2JkMzgwN2JkMDU0MB4XDTIyMDEw
MTAyMDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA4NzBmNTFmYmE3
ZjRiY2I2MDdiODUyZTcyMzQxNzBmZGJkZmQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPdF1OlVwq02KrWDlYDLKoYOPSJDCBpY6dR7hTO5RuqqARD
MmNFjJ4agRgVlMtjjXoZXNLu1HfUYwdTNTJBqyZ8o5HkSH+SmP0G2UBC3QSU0v5c
UVT+D7wVTygGswz+ebhD3FS43tw6wMVhB/6ouiMwsw6YLRC5xeIhdsMQ1GCmOHFn
iReVv4W5aJrMneOiiGycOSF9vIwSaznDPNV8lb4/ZI5qrV/qbQb1mQjogsGaMbiZ
/cW2H6JcKyQVQobjaF+BnXCyQTkSQIiRkhzcD2mCfG/aXvrJFz1pxPEFo9hjBp8c
ZYVJ2yahhaI7+obMAsgQixihIDBACJkIFpgXvR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQhw9R+6f0vLYHuFLnI0Fw/b39jzAfBgNVHSMEGDAWgBT/RwWjY9wdjQ6l
HJuaHsvTgHvQVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wY0ZvMlBjSFkwT3BSeWJtaDdMMDRCNzBGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMDViM2QxLTExNmYtNGQ2MC1hMTc2LTU2YmJlMzhmNzQwNy8x
L0VJY1BVZnVuOUx5MkI3aFM1eU5CY1AyOV9ZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MDViM2QxLTExNmYtNGQ2MC1hMTc2LTU2YmJlMzhmNzQwNy8xL18wY0ZvMlBjSFkw
T3BSeWJtaDdMMDRCNzBGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkMnDANBgkqhkiG9w0BAQsFAAOC
AQEAjj5mp04pwGTzjQ4ovjk3P1M7QsPMlGRzXjO0xTjMSqXIG2XCsX/fLjNVUk92
GVa8op13jNrZFHadzkuY3GzKKdMjr0fBLIKnsUzdBk/X+1wZeu0kWBqOayYTtrbL
uvbwj8ZXIwFerp7U6TFkdtmpLczuGcEQ4EogC9CEpVDhuqNcJ3Y+oH+6MA7tkPLW
ak/thcE63xuJ1Ip4yq4iTil49VGz1xxI3H7ajt8/LU9GDhEFcdC80kTiCbjDmg6x
UbAgaAcS8LN9m1i+tTWxRn38UOiXs5Hq5XfgE7by7KGSxpVcH3DN3XeXz0jEye4R
TIcrKPKxmdSimbUw8CZ2PUrPLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:22 2024 by rpki-client on console-fra.rpki-client.org