Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/ol_5lqAq59akOvMhBIf87PFkolY.roa
File:                     ol_5lqAq59akOvMhBIf87PFkolY.roa (raw, json)
Hash identifier:          1NAXyrKjO1H0lbMTzBBpto1hwtDeam9qLsVPJtSX3yI=
Subject key identifier:   A2:5F:F9:96:A0:2A:E7:D6:A4:3A:F3:21:04:87:FC:EC:F1:64:A2:56
Certificate issuer:       /CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
Certificate serial:       016E99
Authority key identifier: E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/ol_5lqAq59akOvMhBIf87PFkolY.roa
Signing time:             Fri 03 Jun 2022 13:08:22 +0000
ROA not before:           Fri 03 Jun 2022 13:08:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        178.175.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93849 (0x16e99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
        Validity
            Not Before: Jun  3 13:08:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a25ff996a02ae7d6a43af3210487fcecf164a256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ae:c2:ce:7e:eb:f0:91:df:91:2c:1d:e3:10:
                    73:1e:48:e4:24:e3:d7:15:d4:88:79:f5:09:af:56:
                    f6:7c:dc:90:1e:82:fb:ce:60:c4:aa:fd:db:ff:e4:
                    9d:6d:b8:ed:fb:93:ce:49:6f:14:fe:ad:fc:1b:30:
                    31:81:61:29:6e:f4:a2:29:4d:d6:72:27:2f:d0:60:
                    34:f7:24:fa:38:5e:fe:6d:c0:99:24:d5:31:55:eb:
                    cb:ae:87:14:f6:d3:a9:f4:a2:7f:a4:d2:77:3e:c9:
                    44:20:3c:7d:4e:f1:3e:33:8c:7f:c0:5f:4c:bb:ac:
                    0c:a4:ae:7e:fc:04:66:0b:92:33:d0:4f:84:bf:01:
                    15:35:06:d3:3b:3e:97:b2:45:cd:28:f3:46:31:57:
                    86:03:ea:b8:a1:c6:a7:f7:7b:b3:37:9f:52:71:46:
                    61:99:03:0c:20:e8:55:76:e3:14:f5:1f:0d:21:69:
                    28:61:4c:80:62:69:2d:20:31:e0:04:b6:c5:f0:eb:
                    67:36:90:2f:db:8f:21:09:d0:b7:3d:2d:fa:78:d1:
                    4a:7f:00:3a:37:62:cf:b0:6d:f5:5d:15:29:61:f1:
                    69:1a:91:9d:26:df:5f:8d:74:e4:76:82:58:74:1e:
                    5f:1c:eb:ec:42:d4:be:1b:ac:6f:65:5d:5e:32:eb:
                    4e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:5F:F9:96:A0:2A:E7:D6:A4:3A:F3:21:04:87:FC:EC:F1:64:A2:56
            X509v3 Authority Key Identifier:
                keyid:E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/ol_5lqAq59akOvMhBIf87PFkolY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/6Pmc2IT7XLqz87NOF6gKSK3sP-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.175.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:6d:a6:0c:61:0d:ed:bc:66:5d:c9:e9:97:ff:f5:a6:72:9f:
         f4:1d:49:cb:bd:31:f5:68:d4:ac:fe:99:55:ce:10:b4:d5:79:
         8f:e9:e5:b6:54:e5:9d:75:65:00:0e:49:c0:f4:e5:2e:75:9e:
         88:6a:b7:52:b6:c6:10:ad:3f:c1:42:c4:cf:d9:9c:c1:13:2c:
         1e:e7:55:c8:ff:55:02:ce:86:07:cf:5b:d7:9f:f4:97:6e:15:
         31:c3:5c:51:bf:2f:06:47:0e:e2:59:69:df:01:0b:a6:ed:00:
         d0:64:9d:e6:b7:03:3e:d8:77:8c:c9:f9:8a:48:a6:a9:1d:a6:
         6c:a6:0b:8a:fb:d7:fb:00:43:6a:b4:7b:91:37:b0:12:6e:0e:
         81:a4:2a:c8:f1:5f:b6:61:20:1e:43:ee:b4:89:57:40:d6:56:
         9d:61:bb:73:32:19:c9:5a:cd:4f:db:9c:a3:35:c5:be:76:fd:
         c7:83:f8:11:a6:19:88:7c:6c:5b:13:5e:48:50:b3:79:ae:d0:
         00:59:4a:78:25:ad:5e:f1:2f:3d:9c:fc:99:38:35:db:f9:43:
         76:56:ce:2e:20:db:17:97:dd:6d:07:2a:6a:4a:8a:e5:fd:5f:
         5c:31:85:4f:24:0a:20:67:8d:3a:f5:30:52:30:57:8f:62:33:
         ff:de:70:46
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAW6ZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU4
Zjk5Y2Q4ODRmYjVjYmFiM2YzYjM0ZTE3YTgwYTQ4YWRlYzNmZTUwHhcNMjIwNjAz
MTMwODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMjVmZjk5NmEwMmFl
N2Q2YTQzYWYzMjEwNDg3ZmNlY2YxNjRhMjU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmq7Czn7r8JHfkSwd4xBzHkjkJOPXFdSIefUJr1b2fNyQHoL7
zmDEqv3b/+Sdbbjt+5POSW8U/q38GzAxgWEpbvSiKU3Wcicv0GA09yT6OF7+bcCZ
JNUxVevLrocU9tOp9KJ/pNJ3PslEIDx9TvE+M4x/wF9Mu6wMpK5+/ARmC5Iz0E+E
vwEVNQbTOz6XskXNKPNGMVeGA+q4ocan93uzN59ScUZhmQMMIOhVduMU9R8NIWko
YUyAYmktIDHgBLbF8OtnNpAv248hCdC3PS36eNFKfwA6N2LPsG31XRUpYfFpGpGd
Jt9fjXTkdoJYdB5fHOvsQtS+G6xvZV1eMutOVQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKJf+ZagKufWpDrzIQSH/OzxZKJWMB8GA1UdIwQYMBaAFOj5nNiE+1y6s/Oz
TheoCkit7D/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NlBtYzJJVDdYTHF6ODdOT0Y2Z0tTSzNzUC1VLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy9kODViYzctNThhNi00MDdhLThhY2ItNzUwOWY3ZjRjNWE2LzEv
b2xfNWxxQXE1OWFrT3ZNaEJJZjg3UEZrb2xZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9k
ODViYzctNThhNi00MDdhLThhY2ItNzUwOWY3ZjRjNWE2LzEvNlBtYzJJVDdYTHF6
ODdOT0Y2Z0tTSzNzUC1VLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsq+2MA0GCSqGSIb3DQEBCwUAA4IB
AQB/baYMYQ3tvGZdyemX//Wmcp/0HUnLvTH1aNSs/plVzhC01XmP6eW2VOWddWUA
DknA9OUudZ6IardStsYQrT/BQsTP2ZzBEywe51XI/1UCzoYHz1vXn/SXbhUxw1xR
vy8GRw7iWWnfAQum7QDQZJ3mtwM+2HeMyfmKSKapHaZspguK+9f7AENqtHuRN7AS
bg6BpCrI8V+2YSAeQ+60iVdA1ladYbtzMhnJWs1P25yjNcW+dv3Hg/gRphmIfGxb
E15IULN5rtAAWUp4Ja1e8S89nPyZODXb+UN2Vs4uINsXl91tBypqSorl/V9cMYVP
JAogZ4069TBSMFePYjP/3nBG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org