Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/hAx0FazPzaS9bGx38tnLhma1ffE.roa
File:                     hAx0FazPzaS9bGx38tnLhma1ffE.roa (raw, json)
Hash identifier:          ahrdkUXTqjk5qIBFbH1zIElZ57GXbK6D6Y/7KFx7xtU=
Subject key identifier:   84:0C:74:15:AC:CF:CD:A4:BD:6C:6C:77:F2:D9:CB:86:66:B5:7D:F1
Certificate issuer:       /CN=99282d77c662e68bb87e83338b76ad6bead93185
Certificate serial:       1045886C
Authority key identifier: 99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/hAx0FazPzaS9bGx38tnLhma1ffE.roa
Signing time:             Sat 01 Jan 2022 05:57:17 +0000
ROA not before:           Sat 01 Jan 2022 05:57:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29208
IP address blocks:        185.176.137.0/24 maxlen: 32
                          185.176.136.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 272992364 (0x1045886c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99282d77c662e68bb87e83338b76ad6bead93185
        Validity
            Not Before: Jan  1 05:57:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=840c7415accfcda4bd6c6c77f2d9cb8666b57df1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7c:2e:4c:2f:86:7f:42:4b:f8:89:ab:5e:8c:
                    34:4b:f6:d4:20:80:fb:c9:c2:63:9c:fc:37:12:93:
                    9b:92:2a:64:f6:e4:f8:4f:cc:a1:33:38:ed:a1:e9:
                    ea:00:71:fd:8c:15:b7:a0:89:55:fc:38:2e:9c:cb:
                    aa:a2:66:51:b2:3b:1a:75:11:ec:21:78:ef:81:f6:
                    4e:9d:19:26:4e:c4:5f:57:e2:a1:e2:11:43:88:1b:
                    d5:cd:64:6f:19:f0:f6:e6:7a:b6:7a:da:48:fa:3e:
                    99:14:57:47:8f:31:39:66:7f:35:bb:db:63:b8:d7:
                    da:81:c5:52:61:46:87:ba:88:dd:28:cf:3c:ac:8c:
                    14:d8:e1:57:aa:d7:78:c0:a6:cb:11:8f:6e:8d:da:
                    69:dd:86:01:86:36:ae:4f:3d:30:cd:a9:74:69:a7:
                    f4:1f:ad:45:5d:2a:3b:7d:c3:e6:2e:b0:70:5b:b7:
                    2a:5e:9d:84:4f:8f:4a:5d:e5:a7:e1:f0:96:f9:00:
                    12:63:cf:57:f4:24:ba:17:15:a9:4e:93:60:5a:cb:
                    b5:19:b5:fb:f6:2d:e7:44:eb:c5:88:05:8a:de:d7:
                    79:f9:62:e1:3c:cd:18:c5:a1:eb:6b:41:5b:fd:51:
                    88:f2:f4:a2:59:94:e4:94:2a:36:ae:e4:19:c8:65:
                    4b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0C:74:15:AC:CF:CD:A4:BD:6C:6C:77:F2:D9:CB:86:66:B5:7D:F1
            X509v3 Authority Key Identifier:
                keyid:99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/hAx0FazPzaS9bGx38tnLhma1ffE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/mSgtd8Zi5ou4foMzi3ata-rZMYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.176.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:5a:64:f3:33:7e:2f:5d:a3:e0:2b:f1:87:b3:29:e9:d4:a4:
         09:00:d5:8b:26:c6:0a:02:9d:74:f9:1b:dc:b4:e0:69:1c:d6:
         a9:40:5e:37:c7:92:82:e6:37:67:a8:5e:c3:2d:0b:fe:eb:d5:
         6c:fd:65:08:98:d0:83:c5:b2:23:09:22:b7:57:b3:63:76:fc:
         93:73:65:db:b0:79:fd:48:a9:93:2d:4e:4f:dd:5b:3f:dc:f6:
         7a:37:9e:9b:f6:b3:1a:37:73:0f:fa:9b:c4:df:39:74:19:d1:
         45:b8:d5:17:3a:5e:57:72:b0:6b:d1:19:b6:76:f4:87:01:2b:
         56:ce:59:7d:cc:7f:b7:c2:a8:06:d3:5c:f7:a2:6d:9a:84:65:
         9e:2e:50:62:83:d8:e0:63:42:33:1e:0e:38:80:4c:99:14:ae:
         db:e9:1c:9a:a6:9e:b9:dc:11:30:45:1c:44:65:82:ff:14:bf:
         68:e0:30:d7:2c:29:e0:85:27:7b:1d:05:5d:f9:af:7f:d7:cb:
         db:b0:e7:5c:39:b1:bc:29:48:33:e1:4b:f0:33:35:0e:d4:0d:
         b8:e5:92:52:9d:e6:fe:c7:bb:8a:c5:30:36:28:55:fa:ad:16:
         d2:1e:7d:0e:70:44:25:52:5f:a8:2f:05:7b:6e:8b:39:16:39:
         9c:e7:27:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEEWIbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTI4MmQ3N2M2NjJlNjhiYjg3ZTgzMzM4Yjc2YWQ2YmVhZDkzMTg1MB4XDTIyMDEw
MTA1NTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQwYzc0MTVhY2Nm
Y2RhNGJkNmM2Yzc3ZjJkOWNiODY2NmI1N2RmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJ8Lkwvhn9CS/iJq16MNEv21CCA+8nCY5z8NxKTm5IqZPbk
+E/MoTM47aHp6gBx/YwVt6CJVfw4LpzLqqJmUbI7GnUR7CF474H2Tp0ZJk7EX1fi
oeIRQ4gb1c1kbxnw9uZ6tnraSPo+mRRXR48xOWZ/NbvbY7jX2oHFUmFGh7qI3SjP
PKyMFNjhV6rXeMCmyxGPbo3aad2GAYY2rk89MM2pdGmn9B+tRV0qO33D5i6wcFu3
Kl6dhE+PSl3lp+HwlvkAEmPPV/QkuhcVqU6TYFrLtRm1+/Yt50TrxYgFit7Xefli
4TzNGMWh62tBW/1RiPL0olmU5JQqNq7kGchlS5ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSEDHQVrM/NpL1sbHfy2cuGZrV98TAfBgNVHSMEGDAWgBSZKC13xmLmi7h+
gzOLdq1r6tkxhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TZ3RkOFppNW91NGZvTXppM2F0YS1yWk1ZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNjFjNjFkLTVlZDgtNDc2Ni05YjRiLTA1NmI5YzIzMWYzNC8x
L2hBeDBGYXpQemFTOWJHeDM4dG5MaG1hMWZmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NjFjNjFkLTVlZDgtNDc2Ni05YjRiLTA1NmI5YzIzMWYzNC8xL21TZ3RkOFppNW91
NGZvTXppM2F0YS1yWk1ZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmwiDANBgkqhkiG9w0BAQsFAAOC
AQEAZVpk8zN+L12j4Cvxh7Mp6dSkCQDViybGCgKddPkb3LTgaRzWqUBeN8eSguY3
Z6hewy0L/uvVbP1lCJjQg8WyIwkit1ezY3b8k3Nl27B5/Uipky1OT91bP9z2ejee
m/azGjdzD/qbxN85dBnRRbjVFzpeV3Kwa9EZtnb0hwErVs5Zfcx/t8KoBtNc96Jt
moRlni5QYoPY4GNCMx4OOIBMmRSu2+kcmqaeudwRMEUcRGWC/xS/aOAw1ywp4IUn
ex0FXfmvf9fL27DnXDmxvClIM+FL8DM1DtQNuOWSUp3m/se7isUwNihV+q0W0h59
DnBEJVJfqC8Fe26LORY5nOcnfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:00 2024 by rpki-client on console-fra.rpki-client.org