Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/5IkDyFIwdQA0Bv8C3E7cMrYxS3M.roa
File:                     5IkDyFIwdQA0Bv8C3E7cMrYxS3M.roa (raw, json)
Hash identifier:          X4KyLDCr6Rbu0uzsz4kdpkIVkA6UMNTIGUF1hiRlrdg=
Subject key identifier:   E4:89:03:C8:52:30:75:00:34:06:FF:02:DC:4E:DC:32:B6:31:4B:73
Certificate issuer:       /CN=25a879d628fe5ec8a761c4748679993f9c69f8b4
Certificate serial:       082A7462
Authority key identifier: 25:A8:79:D6:28:FE:5E:C8:A7:61:C4:74:86:79:99:3F:9C:69:F8:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jah51ij-XsinYcR0hnmZP5xp-LQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/5IkDyFIwdQA0Bv8C3E7cMrYxS3M.roa
Signing time:             Sat 01 Jan 2022 15:06:00 +0000
ROA not before:           Sat 01 Jan 2022 15:06:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42473
IP address blocks:        185.245.66.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137000034 (0x82a7462)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a879d628fe5ec8a761c4748679993f9c69f8b4
        Validity
            Not Before: Jan  1 15:06:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e48903c8523075003406ff02dc4edc32b6314b73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:55:22:1c:45:ee:d1:e5:cc:32:86:c8:a8:fd:
                    96:2c:04:aa:51:4a:b6:f4:e9:2e:81:31:39:27:5a:
                    06:dd:20:a7:ff:d4:3e:c7:33:6e:ba:79:ac:fd:46:
                    54:6f:49:1a:68:05:dc:04:b3:06:bd:3b:8a:70:8c:
                    30:d3:09:dd:68:2e:45:94:e9:c7:b5:0c:0a:23:53:
                    dc:95:04:e6:f5:fa:1b:c1:2e:25:57:3a:7d:11:4a:
                    40:20:5f:00:e7:8b:a6:d2:28:0b:50:2c:1c:11:61:
                    33:e9:c2:a8:c2:9d:cd:9a:7b:a0:76:02:8e:42:e4:
                    b0:3f:5e:e7:76:23:74:9a:7b:fe:5a:35:01:f9:b0:
                    cf:4e:cf:06:98:09:d8:37:2a:ad:ce:e2:d1:fc:bb:
                    2e:7e:b6:63:79:bc:bd:a6:95:96:c3:c5:96:f4:a6:
                    47:2a:1d:e2:56:cf:25:fe:5b:fa:6b:ab:dc:a5:7b:
                    f1:bd:47:d6:48:0c:d5:d8:ea:6c:4f:99:81:5d:68:
                    aa:c7:2f:fd:ad:8a:0a:7f:86:96:6d:2d:1d:f2:38:
                    c4:1b:3a:f2:51:99:50:d1:5d:fe:11:a0:38:4a:e2:
                    a4:3f:a5:bd:c8:7c:1b:62:9b:34:4f:32:67:83:64:
                    b3:e9:02:cc:0a:fe:6e:88:15:e0:49:55:e7:d6:1b:
                    25:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:89:03:C8:52:30:75:00:34:06:FF:02:DC:4E:DC:32:B6:31:4B:73
            X509v3 Authority Key Identifier:
                keyid:25:A8:79:D6:28:FE:5E:C8:A7:61:C4:74:86:79:99:3F:9C:69:F8:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jah51ij-XsinYcR0hnmZP5xp-LQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/5IkDyFIwdQA0Bv8C3E7cMrYxS3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/Jah51ij-XsinYcR0hnmZP5xp-LQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:69:13:46:28:d4:96:e8:1d:1d:b3:40:65:1f:7d:12:86:c6:
         57:e2:2f:88:bc:57:4e:5a:ed:49:e1:c1:a8:dd:47:e8:b0:04:
         93:a5:c1:50:71:a4:02:bf:01:6a:24:04:9a:02:1c:04:b3:1c:
         4c:af:40:fd:42:37:fa:56:42:8f:60:fa:1a:d1:fd:d4:0c:5c:
         cb:c1:1f:e1:8b:60:08:79:2a:39:36:71:d0:c2:05:68:55:43:
         7e:e9:0b:f3:cd:00:7f:f2:ee:2d:d5:70:98:b3:3d:4c:08:f0:
         79:79:06:ba:31:ab:06:4c:3d:84:81:78:c1:bc:9a:07:64:64:
         88:cc:32:9e:0c:27:26:7e:ae:67:41:1d:c1:2b:87:52:a3:c0:
         6f:9e:ca:42:ca:0f:9c:ba:72:c2:93:44:64:54:d8:b0:2d:fb:
         fc:ef:04:6b:35:06:65:9a:32:5f:17:4a:9d:0e:a0:8b:03:24:
         0f:71:3a:28:04:25:ab:4f:2e:f6:3b:06:b2:99:a1:f8:54:2d:
         db:2f:f2:ee:ea:a9:4b:80:c9:50:97:c2:2d:73:18:42:bf:bd:
         2d:d6:65:2c:9a:be:a9:c1:46:66:c2:1f:02:25:b2:08:61:78:
         43:5a:55:12:a4:3e:5c:04:93:e9:c2:59:bf:3a:02:db:9f:95:
         1a:cf:9c:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECCp0YjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWE4NzlkNjI4ZmU1ZWM4YTc2MWM0NzQ4Njc5OTkzZjljNjlmOGI0MB4XDTIyMDEw
MTE1MDYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ4OTAzYzg1MjMw
NzUwMDM0MDZmZjAyZGM0ZWRjMzJiNjMxNGI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFVIhxF7tHlzDKGyKj9liwEqlFKtvTpLoExOSdaBt0gp//U
Psczbrp5rP1GVG9JGmgF3ASzBr07inCMMNMJ3WguRZTpx7UMCiNT3JUE5vX6G8Eu
JVc6fRFKQCBfAOeLptIoC1AsHBFhM+nCqMKdzZp7oHYCjkLksD9e53YjdJp7/lo1
Afmwz07PBpgJ2Dcqrc7i0fy7Ln62Y3m8vaaVlsPFlvSmRyod4lbPJf5b+mur3KV7
8b1H1kgM1djqbE+ZgV1oqscv/a2KCn+Glm0tHfI4xBs68lGZUNFd/hGgOEripD+l
vch8G2KbNE8yZ4Nks+kCzAr+bogV4ElV59YbJT8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkiQPIUjB1ADQG/wLcTtwytjFLczAfBgNVHSMEGDAWgBQlqHnWKP5eyKdh
xHSGeZk/nGn4tDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0phaDUxaWotWHNpblljUjBobm1aUDV4cC1MUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvMjhkNWE3LTQ4ZjEtNDQxNC1hODUzLWQ4NmI0Y2FlZDExZC8x
LzVJa0R5Rkl3ZFFBMEJ2OEMzRTdjTXJZeFMzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
MjhkNWE3LTQ4ZjEtNDQxNC1hODUzLWQ4NmI0Y2FlZDExZC8xL0phaDUxaWotWHNp
blljUjBobm1aUDV4cC1MUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn1QjANBgkqhkiG9w0BAQsFAAOC
AQEACGkTRijUlugdHbNAZR99EobGV+IviLxXTlrtSeHBqN1H6LAEk6XBUHGkAr8B
aiQEmgIcBLMcTK9A/UI3+lZCj2D6GtH91Axcy8Ef4YtgCHkqOTZx0MIFaFVDfukL
880Af/LuLdVwmLM9TAjweXkGujGrBkw9hIF4wbyaB2RkiMwyngwnJn6uZ0EdwSuH
UqPAb57KQsoPnLpywpNEZFTYsC37/O8EazUGZZoyXxdKnQ6giwMkD3E6KAQlq08u
9jsGspmh+FQt2y/y7uqpS4DJUJfCLXMYQr+9LdZlLJq+qcFGZsIfAiWyCGF4Q1pV
EqQ+XAST6cJZvzoC25+VGs+cfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:29 2024 by rpki-client on console-ams.rpki-client.org