Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/aCPwvm-CMEEsHywC25YN46Gq2Qw.roa
File:                     aCPwvm-CMEEsHywC25YN46Gq2Qw.roa (raw, json)
Hash identifier:          Y90pPoWaJBmL1NqraAouceZtudm7mwp6ev9zhzTeluM=
Subject key identifier:   68:23:F0:BE:6F:82:30:41:2C:1F:2C:02:DB:96:0D:E3:A1:AA:D9:0C
Certificate issuer:       /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial:       1BB2ADD9
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/aCPwvm-CMEEsHywC25YN46Gq2Qw.roa
Signing time:             Fri 27 May 2022 08:01:14 +0000
ROA not before:           Fri 27 May 2022 08:01:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        185.27.176.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 464694745 (0x1bb2add9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
        Validity
            Not Before: May 27 08:01:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6823f0be6f8230412c1f2c02db960de3a1aad90c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:1c:05:81:dc:ad:44:fe:55:87:f4:71:bb:55:
                    55:b9:36:cf:4f:f6:b7:cb:a9:f8:1b:69:80:8b:60:
                    6f:56:2f:27:c7:e5:6f:e5:2b:3d:0f:77:13:9e:32:
                    e3:6e:0a:69:53:df:e8:c7:b9:69:c6:70:9a:ca:93:
                    bc:72:0e:78:55:a3:d4:4a:5d:43:df:f9:01:81:b0:
                    58:d5:ab:b3:12:2c:3c:27:2e:4a:53:cc:34:3e:a3:
                    84:1a:d6:45:18:ef:c7:d1:08:b7:ad:c7:f7:d7:d7:
                    55:f1:ea:3e:24:fb:f5:e8:ef:d1:47:ea:e7:7d:50:
                    04:0a:2c:cb:d3:87:e1:56:78:b3:51:a8:a6:0c:d0:
                    d8:48:ff:32:02:ed:11:df:b4:ff:43:e0:3a:01:73:
                    ee:8f:05:33:5c:07:18:ee:d6:b1:d7:c6:58:fe:f3:
                    3a:f2:8d:3c:ab:58:9a:03:b6:dc:8b:a3:46:e1:35:
                    04:55:d8:e9:61:cc:86:a2:00:50:80:5a:d6:5e:60:
                    d8:ad:c2:d3:a7:43:7e:35:c2:b9:ea:01:b0:43:b3:
                    27:72:00:f7:4b:37:f0:4f:3e:6b:98:6b:5c:6b:31:
                    9e:33:92:8a:80:90:87:ab:4b:21:c8:1a:de:ef:b9:
                    32:e3:d5:91:1c:70:f6:7a:69:eb:12:4e:a3:36:f9:
                    87:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:23:F0:BE:6F:82:30:41:2C:1F:2C:02:DB:96:0D:E3:A1:AA:D9:0C
            X509v3 Authority Key Identifier:
                keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/aCPwvm-CMEEsHywC25YN46Gq2Qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.27.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:80:33:10:ba:bb:3a:46:b3:45:48:d7:0f:3b:22:27:ff:2a:
         75:c8:65:32:bb:bb:a9:7f:fc:f9:7a:b9:a8:a6:30:0b:7e:e1:
         31:d1:9a:cd:ed:71:8d:15:8d:a0:74:ba:6e:6a:5a:0f:55:68:
         e9:18:ed:8c:40:db:b1:95:43:85:e6:67:39:55:32:a8:bd:b2:
         07:ab:cd:d4:3c:2f:7e:5f:60:38:6e:96:93:97:30:55:0a:29:
         ba:be:b0:83:1d:52:76:eb:4c:08:c3:69:75:6f:42:58:52:5d:
         c4:69:6f:e9:0e:d2:f7:17:3d:09:0d:6d:83:21:9e:a4:e4:12:
         7d:c6:6d:86:c9:7d:8f:2a:8d:2d:00:e0:f0:74:13:fb:dc:0c:
         be:22:21:52:cf:5e:53:00:f6:94:0c:01:46:0b:aa:db:05:3c:
         81:6d:48:0e:5c:de:53:8b:73:7a:a1:ef:fd:b9:86:1d:71:40:
         ea:aa:d7:bc:6b:31:44:86:a4:d4:b4:7b:98:6c:eb:58:a6:81:
         af:64:98:23:83:75:64:64:8b:1c:77:52:a3:13:0a:26:de:b0:
         fd:31:30:bd:de:8b:75:56:59:56:31:98:62:3a:a5:87:57:0a:
         c8:15:64:d7:e8:77:09:34:51:b8:0f:44:83:e6:af:57:ee:5e:
         ef:bf:99:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG7Kt2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNjMzlkMTg5OWU2OTliZjUxNzc0MThlZTM4MTQ4OWVkZmY0MzgwMB4XDTIyMDUy
NzA4MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgyM2YwYmU2Zjgy
MzA0MTJjMWYyYzAyZGI5NjBkZTNhMWFhZDkwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4cBYHcrUT+VYf0cbtVVbk2z0/2t8up+BtpgItgb1YvJ8fl
b+UrPQ93E54y424KaVPf6Me5acZwmsqTvHIOeFWj1EpdQ9/5AYGwWNWrsxIsPCcu
SlPMND6jhBrWRRjvx9EIt63H99fXVfHqPiT79ejv0Ufq531QBAosy9OH4VZ4s1Go
pgzQ2Ej/MgLtEd+0/0PgOgFz7o8FM1wHGO7WsdfGWP7zOvKNPKtYmgO23IujRuE1
BFXY6WHMhqIAUIBa1l5g2K3C06dDfjXCueoBsEOzJ3IA90s38E8+a5hrXGsxnjOS
ioCQh6tLIcga3u+5MuPVkRxw9npp6xJOozb5h5UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoI/C+b4IwQSwfLALblg3joarZDDAfBgNVHSMEGDAWgBR8PDnRiZ5pm/UX
dBjuOBSJ7f9DgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdzUwWW1lYVp2MUYzUVk3amdVaWUzX1E0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8x
L2FDUHd2bS1DTUVFc0h5d0MyNVlONDZHcTJRdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8xL2ZEdzUwWW1lYVp2
MUYzUVk3amdVaWUzX1E0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkbsDANBgkqhkiG9w0BAQsFAAOC
AQEAbIAzELq7OkazRUjXDzsiJ/8qdchlMru7qX/8+Xq5qKYwC37hMdGaze1xjRWN
oHS6bmpaD1Vo6RjtjEDbsZVDheZnOVUyqL2yB6vN1Dwvfl9gOG6Wk5cwVQopur6w
gx1SdutMCMNpdW9CWFJdxGlv6Q7S9xc9CQ1tgyGepOQSfcZthsl9jyqNLQDg8HQT
+9wMviIhUs9eUwD2lAwBRguq2wU8gW1IDlzeU4tzeqHv/bmGHXFA6qrXvGsxRIak
1LR7mGzrWKaBr2SYI4N1ZGSLHHdSoxMKJt6w/TEwvd6LdVZZVjGYYjqlh1cKyBVk
1+h3CTRRuA9Eg+avV+5e77+ZeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org