Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ZuRB0rbuOiv5tiIRLEkhW3gJp_M.roa
File:                     ZuRB0rbuOiv5tiIRLEkhW3gJp_M.roa (raw, json)
Hash identifier:          q/rfSxaY2GECFsW0JbAHdBPEMf09M+21sFlJLv3IYiM=
Subject key identifier:   66:E4:41:D2:B6:EE:3A:2B:F9:B6:22:11:2C:49:21:5B:78:09:A7:F3
Certificate issuer:       /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial:       0D12A180
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ZuRB0rbuOiv5tiIRLEkhW3gJp_M.roa
Signing time:             Sat 01 Jan 2022 03:53:51 +0000
ROA not before:           Sat 01 Jan 2022 03:53:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204870
IP address blocks:        185.174.154.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 219324800 (0xd12a180)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
        Validity
            Not Before: Jan  1 03:53:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66e441d2b6ee3a2bf9b622112c49215b7809a7f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:68:5b:f5:b4:04:12:7c:23:af:d8:5d:90:0e:
                    d7:35:4b:68:9c:36:90:a1:ff:6e:8b:f3:16:1e:2f:
                    29:90:50:3b:5e:41:8a:c0:dc:e9:76:55:8a:35:24:
                    71:01:96:84:6a:ba:f4:df:52:ba:c9:f9:3a:19:82:
                    58:c9:04:95:d7:0d:7c:e9:a3:80:38:15:30:22:7b:
                    1d:1e:ac:3d:1d:11:a2:5e:99:25:54:f6:4f:57:97:
                    08:e5:38:9f:93:d7:64:52:0c:3b:ca:46:dc:cc:7a:
                    1d:44:bb:f7:1b:28:ef:f3:db:c5:97:fb:02:31:70:
                    0c:17:3e:bd:39:01:73:f4:b5:02:c3:0c:68:55:ba:
                    67:aa:42:67:82:12:a7:5b:da:2c:aa:5d:6a:60:04:
                    13:77:7a:95:d2:4e:6a:04:31:81:05:4b:ba:27:41:
                    05:99:9f:65:6d:d7:87:aa:fa:5c:d6:59:51:24:7f:
                    89:94:29:d2:39:b4:25:cd:17:00:12:a0:8c:b4:9e:
                    c0:ff:86:41:4a:6a:97:e8:39:15:67:5c:43:b8:c9:
                    6c:d8:f6:8e:2a:17:b3:68:06:aa:9e:14:0c:02:32:
                    a6:03:93:e8:58:e4:73:96:40:3f:0d:fd:ed:65:42:
                    d1:44:fb:fb:13:93:14:15:25:83:51:d1:3c:f0:ba:
                    e5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E4:41:D2:B6:EE:3A:2B:F9:B6:22:11:2C:49:21:5B:78:09:A7:F3
            X509v3 Authority Key Identifier:
                keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ZuRB0rbuOiv5tiIRLEkhW3gJp_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.174.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:39:28:60:6a:a0:b9:e4:56:3c:84:cb:8e:9f:a0:3c:2e:11:
         d7:77:fb:83:67:c7:d1:97:c8:61:3e:e1:9a:75:2f:5b:53:8d:
         e0:f5:da:63:67:42:1e:a0:1c:fb:1c:63:f3:83:80:5e:cc:89:
         43:06:c3:e3:23:17:d2:73:c7:ae:08:14:d8:73:20:59:ab:74:
         1b:af:a0:2f:b9:cf:40:f5:b1:49:4a:09:21:6a:74:69:e7:fb:
         df:f5:01:c9:4e:25:57:c7:5f:51:cd:3f:67:48:3f:84:b4:e9:
         be:fd:6c:0a:f9:18:76:a6:91:a3:67:40:8b:f8:26:a9:b6:59:
         fb:ac:3c:5f:5a:b6:93:4a:3e:cd:98:1e:24:cd:20:f1:02:59:
         7a:90:12:9e:a3:e5:2c:4f:e4:ce:9f:e4:b2:b3:91:a6:ce:e6:
         53:c0:e3:9c:c5:14:47:a7:ec:1d:c6:04:84:45:76:5d:59:1e:
         08:9f:52:98:37:e1:48:bc:47:86:2a:65:96:64:1d:90:3b:ce:
         f4:21:e3:2f:bb:e3:e7:1a:94:8b:ea:f4:45:2d:9a:80:73:57:
         8b:ec:e8:23:57:62:6c:53:8f:80:d8:cb:a6:4b:f9:96:f1:8d:
         cb:3f:37:8a:cb:04:81:3b:82:e8:a0:1a:47:96:8e:12:ea:9c:
         09:c1:2c:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDRKhgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmU4ZjU2YmMxZjUwMTAyOTE2ODFiYzJkOGMwMmY5YWNiZjcxNGEwMB4XDTIyMDEw
MTAzNTM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZlNDQxZDJiNmVl
M2EyYmY5YjYyMjExMmM0OTIxNWI3ODA5YTdmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVoW/W0BBJ8I6/YXZAO1zVLaJw2kKH/bovzFh4vKZBQO15B
isDc6XZVijUkcQGWhGq69N9Susn5OhmCWMkEldcNfOmjgDgVMCJ7HR6sPR0Rol6Z
JVT2T1eXCOU4n5PXZFIMO8pG3Mx6HUS79xso7/PbxZf7AjFwDBc+vTkBc/S1AsMM
aFW6Z6pCZ4ISp1vaLKpdamAEE3d6ldJOagQxgQVLuidBBZmfZW3Xh6r6XNZZUSR/
iZQp0jm0Jc0XABKgjLSewP+GQUpql+g5FWdcQ7jJbNj2jioXs2gGqp4UDAIypgOT
6Fjkc5ZAPw397WVC0UT7+xOTFBUlg1HRPPC65TkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRm5EHStu46K/m2IhEsSSFbeAmn8zAfBgNVHSMEGDAWgBTi6PVrwfUBApFo
G8LYwC+ay/cUoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR1ajFhOEgxQVFLUmFCdkMyTUF2bXN2M0ZLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8x
L1p1UkIwcmJ1T2l2NXRpSVJMRWtoVzNnSnBfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8xLzR1ajFhOEgxQVFL
UmFCdkMyTUF2bXN2M0ZLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmumjANBgkqhkiG9w0BAQsFAAOC
AQEAgjkoYGqgueRWPITLjp+gPC4R13f7g2fH0ZfIYT7hmnUvW1ON4PXaY2dCHqAc
+xxj84OAXsyJQwbD4yMX0nPHrggU2HMgWat0G6+gL7nPQPWxSUoJIWp0aef73/UB
yU4lV8dfUc0/Z0g/hLTpvv1sCvkYdqaRo2dAi/gmqbZZ+6w8X1q2k0o+zZgeJM0g
8QJZepASnqPlLE/kzp/ksrORps7mU8DjnMUUR6fsHcYEhEV2XVkeCJ9SmDfhSLxH
hipllmQdkDvO9CHjL7vj5xqUi+r0RS2agHNXi+zoI1dibFOPgNjLpkv5lvGNyz83
issEgTuC6KAaR5aOEuqcCcEsTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org