Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1Uw57pyCPsdZuP2YBy7iLRMbZS0.roa
File:                     1Uw57pyCPsdZuP2YBy7iLRMbZS0.roa (raw, json)
Hash identifier:          L1jWtxkzo0EEnUQ2soAVa/niPxmgsbGzghTrPB/B+t8=
Subject key identifier:   D5:4C:39:EE:9C:82:3E:C7:59:B8:FD:98:07:2E:E2:2D:13:1B:65:2D
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       1686BE66
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1Uw57pyCPsdZuP2YBy7iLRMbZS0.roa
Signing time:             Sat 01 Jan 2022 06:01:54 +0000
ROA not before:           Sat 01 Jan 2022 06:01:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        185.104.12.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377929318 (0x1686be66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Jan  1 06:01:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d54c39ee9c823ec759b8fd98072ee22d131b652d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:81:d5:45:12:32:8e:b7:94:a4:2e:fe:2b:18:
                    ef:ee:a2:6f:c0:66:f4:a7:9c:3a:66:87:81:29:b8:
                    16:81:bd:19:a0:a8:5a:8f:72:ff:56:b5:84:10:88:
                    9a:07:59:7b:be:98:73:2d:56:02:e1:5b:24:59:2a:
                    43:57:62:1f:bf:12:05:91:e4:1c:5d:26:02:18:a3:
                    c9:b8:6c:e3:d1:a8:46:0d:24:7c:3f:f2:64:18:bf:
                    d4:42:dd:7e:5b:6e:7d:13:b8:f1:6b:38:3a:24:5a:
                    9a:6d:74:8d:bf:e0:37:17:a7:2c:31:b7:4c:75:0b:
                    5c:eb:b2:1f:d7:1c:39:1b:47:5e:4d:02:cb:f4:8e:
                    e1:16:2e:e8:9c:7f:7d:08:fa:a3:9c:f8:cf:76:69:
                    b4:e5:a6:4c:a6:88:08:1a:79:99:83:9d:2e:0f:e6:
                    99:be:ec:51:26:1e:c5:ea:3a:1c:af:e3:f8:ed:1e:
                    45:c2:99:d5:f9:71:28:48:70:b5:93:60:f4:69:67:
                    4a:2e:34:50:be:2b:5c:3a:08:0c:6b:4d:1c:34:a6:
                    96:92:70:7d:26:ff:b8:55:f7:e4:4d:e0:83:b0:c7:
                    00:35:b0:23:fe:9c:98:3f:2c:51:9e:ea:64:fc:04:
                    1b:86:f4:a1:ce:c8:d4:a3:40:5b:7d:b7:34:66:9c:
                    bc:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:4C:39:EE:9C:82:3E:C7:59:B8:FD:98:07:2E:E2:2D:13:1B:65:2D
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1Uw57pyCPsdZuP2YBy7iLRMbZS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:cb:cd:9f:79:8e:eb:40:64:e2:7f:e6:55:37:00:99:3b:d4:
         85:41:0d:db:13:bd:37:60:1e:26:2f:8a:0c:f8:78:98:d0:23:
         35:cc:a0:cc:76:e0:9b:5a:70:52:66:e9:02:da:d2:e8:28:29:
         61:ff:d3:84:a3:14:fb:2a:93:8d:2e:5b:b0:ba:d6:cc:45:a0:
         57:11:d9:08:3c:fc:6f:9d:73:0e:94:ca:32:35:c6:1f:46:ca:
         d5:a3:ba:15:77:7a:d0:c6:c0:66:0d:c7:0e:87:5d:63:7e:01:
         57:ae:42:d7:72:b3:c1:0e:0b:33:0e:d8:5f:65:f7:f1:a3:56:
         7b:a3:b7:92:14:a3:d0:c6:94:46:85:75:c2:36:56:c2:cf:c6:
         3e:43:c0:8a:18:df:e9:3e:7c:93:78:19:91:bd:fa:b1:fa:94:
         7f:00:6a:87:d2:2b:86:03:58:c2:c0:bf:cf:50:4b:77:52:84:
         10:2a:4d:81:de:c5:17:59:f7:d7:bf:f4:e1:28:44:d0:31:5a:
         b9:9f:c6:b0:5c:3f:19:df:e7:3c:43:68:7c:d6:20:ba:e8:08:
         ee:58:5f:aa:3f:c9:fd:1a:6e:49:94:8b:69:8d:58:41:9e:4f:
         35:77:5b:f8:39:c1:72:79:30:16:76:9e:c6:2d:f3:72:04:11:
         41:8d:da:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFoa+ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MB4XDTIyMDEw
MTA2MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU0YzM5ZWU5Yzgy
M2VjNzU5YjhmZDk4MDcyZWUyMmQxMzFiNjUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGB1UUSMo63lKQu/isY7+6ib8Bm9KecOmaHgSm4FoG9GaCo
Wo9y/1a1hBCImgdZe76Ycy1WAuFbJFkqQ1diH78SBZHkHF0mAhijybhs49GoRg0k
fD/yZBi/1ELdfltufRO48Ws4OiRamm10jb/gNxenLDG3THULXOuyH9ccORtHXk0C
y/SO4RYu6Jx/fQj6o5z4z3ZptOWmTKaICBp5mYOdLg/mmb7sUSYexeo6HK/j+O0e
RcKZ1flxKEhwtZNg9GlnSi40UL4rXDoIDGtNHDSmlpJwfSb/uFX35E3gg7DHADWw
I/6cmD8sUZ7qZPwEG4b0oc7I1KNAW323NGacvM8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVTDnunII+x1m4/ZgHLuItExtlLTAfBgNVHSMEGDAWgBQFUWBbZ17OTg/O
cXWuMak/qCcrpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8x
LzFVdzU3cHlDUHNkWnVQMllCeTdpTFJNYlpTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0
UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArloDDANBgkqhkiG9w0BAQsFAAOC
AQEAlsvNn3mO60Bk4n/mVTcAmTvUhUEN2xO9N2AeJi+KDPh4mNAjNcygzHbgm1pw
UmbpAtrS6CgpYf/ThKMU+yqTjS5bsLrWzEWgVxHZCDz8b51zDpTKMjXGH0bK1aO6
FXd60MbAZg3HDoddY34BV65C13KzwQ4LMw7YX2X38aNWe6O3khSj0MaURoV1wjZW
ws/GPkPAihjf6T58k3gZkb36sfqUfwBqh9IrhgNYwsC/z1BLd1KEECpNgd7FF1n3
17/04ShE0DFauZ/GsFw/Gd/nPENofNYguugI7lhfqj/J/RpuSZSLaY1YQZ5PNXdb
+DnBcnkwFnaexi3zcgQRQY3agg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org