Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/2cI5JnIN1UrCshs_zmo-NtuTW1Y.roa
File:                     2cI5JnIN1UrCshs_zmo-NtuTW1Y.roa (raw, json)
Hash identifier:          3FlSUCs93Dxe9lfQXKZ40Vd35pxj+LqFPHjD+dKVHFc=
Subject key identifier:   D9:C2:39:26:72:0D:D5:4A:C2:B2:1B:3F:CE:6A:3E:36:DB:93:5B:56
Certificate issuer:       /CN=de01c443831cf930b7478708d76a3cf44d89a162
Certificate serial:       03A1930B
Authority key identifier: DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/2cI5JnIN1UrCshs_zmo-NtuTW1Y.roa
Signing time:             Sat 01 Jan 2022 02:52:17 +0000
ROA not before:           Sat 01 Jan 2022 02:52:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62263
IP address blocks:        185.42.24.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60920587 (0x3a1930b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de01c443831cf930b7478708d76a3cf44d89a162
        Validity
            Not Before: Jan  1 02:52:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d9c23926720dd54ac2b21b3fce6a3e36db935b56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a8:16:a8:d6:6c:b6:e2:b1:56:1e:fc:80:61:
                    bc:1d:3e:19:5a:3d:7c:38:e3:6d:31:43:5b:8b:36:
                    1a:e8:26:63:82:8e:b8:bd:05:be:c0:4e:8e:c6:30:
                    f3:bb:92:06:71:70:76:eb:5a:cc:6d:be:ff:54:04:
                    95:ba:f7:52:a5:dc:77:42:e4:d1:01:04:e4:0d:56:
                    24:b8:4d:90:b8:40:69:32:5b:df:f7:b0:aa:9c:09:
                    ea:bd:82:a1:f9:3d:0e:90:e5:17:78:8f:a9:84:9a:
                    c3:4b:8e:8f:fd:f7:32:b2:42:97:00:ad:da:e8:12:
                    c1:84:b4:f7:62:2a:0f:cd:92:0b:4d:c6:0f:da:ee:
                    af:bf:b2:87:c1:89:f8:f0:38:83:95:8d:a6:ed:5c:
                    20:54:1a:17:fa:f6:bc:96:9f:54:83:11:98:4e:6b:
                    04:68:27:e8:bc:76:cc:b5:61:4d:d9:d4:ee:cd:5d:
                    b0:82:af:d6:10:c3:89:c8:5b:fa:d4:18:15:e3:ba:
                    7d:c2:e4:dd:27:76:d6:f8:3b:04:ad:18:a7:12:5a:
                    09:a1:e2:53:6f:ab:d1:b7:7d:5e:b7:8b:a2:53:d7:
                    df:32:8f:d4:1b:c7:68:98:09:8d:d4:23:e6:d3:48:
                    6a:b3:9c:3a:c5:fe:8c:30:8c:0e:16:7d:fb:d8:1a:
                    10:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:C2:39:26:72:0D:D5:4A:C2:B2:1B:3F:CE:6A:3E:36:DB:93:5B:56
            X509v3 Authority Key Identifier:
                keyid:DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/2cI5JnIN1UrCshs_zmo-NtuTW1Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/3gHEQ4Mc-TC3R4cI12o89E2JoWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:f3:f1:c0:49:8b:04:b2:de:8b:ef:02:b0:7f:ce:34:e0:20:
         70:37:90:bb:b6:df:e9:43:7f:61:72:fa:a9:b5:34:f9:2e:c3:
         c5:9b:97:9b:8f:70:6c:10:9d:18:59:de:35:b6:65:25:1c:53:
         2b:28:7b:a7:7c:09:cc:ab:79:b7:65:66:d9:ba:17:6a:cf:53:
         eb:93:54:f7:e1:51:7c:c0:37:22:f3:b8:9c:ef:d7:04:ba:9e:
         72:a5:80:fe:ed:47:43:82:34:ea:08:8d:43:0f:1a:32:30:92:
         d9:77:5f:f6:34:cd:eb:a0:b9:b3:58:5b:ef:1d:01:6f:76:b3:
         9b:48:e8:8a:b6:8e:78:39:05:54:d2:f2:8a:16:37:67:55:3f:
         b6:b7:8a:1b:08:ff:5d:69:98:cf:f0:df:5b:de:b4:ff:c2:7f:
         63:41:3a:98:2e:26:6d:2d:c3:12:fc:8f:3e:76:55:11:c9:7a:
         fb:9f:51:95:41:a4:32:88:ef:1e:8b:b8:41:dc:e1:d8:08:39:
         c5:98:bd:dd:41:42:00:bd:db:92:cc:c5:6c:de:97:a7:75:49:
         5f:4d:75:ea:24:6c:d0:a7:03:2e:81:c0:51:36:60:76:39:14:
         5d:25:62:1b:44:42:3a:1a:12:81:61:aa:18:91:18:ae:da:d3:
         06:62:2b:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6GTCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTAxYzQ0MzgzMWNmOTMwYjc0Nzg3MDhkNzZhM2NmNDRkODlhMTYyMB4XDTIyMDEw
MTAyNTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDljMjM5MjY3MjBk
ZDU0YWMyYjIxYjNmY2U2YTNlMzZkYjkzNWI1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOoFqjWbLbisVYe/IBhvB0+GVo9fDjjbTFDW4s2GugmY4KO
uL0FvsBOjsYw87uSBnFwdutazG2+/1QElbr3UqXcd0Lk0QEE5A1WJLhNkLhAaTJb
3/ewqpwJ6r2Cofk9DpDlF3iPqYSaw0uOj/33MrJClwCt2ugSwYS092IqD82SC03G
D9rur7+yh8GJ+PA4g5WNpu1cIFQaF/r2vJafVIMRmE5rBGgn6Lx2zLVhTdnU7s1d
sIKv1hDDichb+tQYFeO6fcLk3Sd21vg7BK0YpxJaCaHiU2+r0bd9XreLolPX3zKP
1BvHaJgJjdQj5tNIarOcOsX+jDCMDhZ9+9gaEBcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZwjkmcg3VSsKyGz/Oaj4225NbVjAfBgNVHSMEGDAWgBTeAcRDgxz5MLdH
hwjXajz0TYmhYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNnSEVRNE1jLVRDM1I0Y0kxMm84OUUySm9XSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvMWNiOGNhLTU5OTMtNGQxNy1hNjFlLWVlNzMyOGFkY2M3Yy8x
LzJjSTVKbklOMVVyQ3Noc196bW8tTnR1VFcxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
MWNiOGNhLTU5OTMtNGQxNy1hNjFlLWVlNzMyOGFkY2M3Yy8xLzNnSEVRNE1jLVRD
M1I0Y0kxMm84OUUySm9XSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkqGDANBgkqhkiG9w0BAQsFAAOC
AQEANPPxwEmLBLLei+8CsH/ONOAgcDeQu7bf6UN/YXL6qbU0+S7DxZuXm49wbBCd
GFneNbZlJRxTKyh7p3wJzKt5t2Vm2boXas9T65NU9+FRfMA3IvO4nO/XBLqecqWA
/u1HQ4I06giNQw8aMjCS2Xdf9jTN66C5s1hb7x0Bb3azm0joiraOeDkFVNLyihY3
Z1U/treKGwj/XWmYz/DfW960/8J/Y0E6mC4mbS3DEvyPPnZVEcl6+59RlUGkMojv
Hou4Qdzh2Ag5xZi93UFCAL3bkszFbN6Xp3VJX0116iRs0KcDLoHAUTZgdjkUXSVi
G0RCOhoSgWGqGJEYrtrTBmIrtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:09 2024 by rpki-client on console-ams.rpki-client.org