Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/g5d6Emtk8rzEwiHFWkpmLuzwb-o.roa
File:                     g5d6Emtk8rzEwiHFWkpmLuzwb-o.roa (raw, json)
Hash identifier:          B0NQdvKRXHBhr9kvU2tBP10xrWaV9e36DVGz9RBkygo=
Subject key identifier:   83:97:7A:12:6B:64:F2:BC:C4:C2:21:C5:5A:4A:66:2E:EC:F0:6F:EA
Certificate issuer:       /CN=22f35c611c29234bf4b40b35990ddfa293a537f9
Certificate serial:       02A4CA8D
Authority key identifier: 22:F3:5C:61:1C:29:23:4B:F4:B4:0B:35:99:0D:DF:A2:93:A5:37:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvNcYRwpI0v0tAs1mQ3fopOlN_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/g5d6Emtk8rzEwiHFWkpmLuzwb-o.roa
Signing time:             Sat 01 Jan 2022 06:54:13 +0000
ROA not before:           Sat 01 Jan 2022 06:54:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48492
IP address blocks:        185.181.108.0/22 maxlen: 24
                          185.75.224.0/22 maxlen: 24
                          2a0d:4f00::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44354189 (0x2a4ca8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f35c611c29234bf4b40b35990ddfa293a537f9
        Validity
            Not Before: Jan  1 06:54:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=83977a126b64f2bcc4c221c55a4a662eecf06fea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:77:26:17:a3:b0:8d:c0:e7:40:a4:f7:d6:49:
                    f0:4a:d8:57:dc:3c:af:cc:13:2d:e4:69:1a:52:26:
                    0b:1c:a2:1f:1e:f3:f8:f7:be:d0:4c:2e:76:5c:1a:
                    41:2c:86:f8:b0:32:97:6e:c4:b3:87:6b:bc:90:3c:
                    73:f2:26:49:e2:17:dc:b1:f6:d4:0b:38:c2:c2:32:
                    1c:57:83:00:23:b2:cd:b9:33:4f:00:da:96:4f:3c:
                    84:55:b7:f4:5d:ca:39:9f:15:39:da:11:e6:e9:e7:
                    da:4e:44:0a:c3:6a:92:f7:a1:49:f8:9c:6f:b6:45:
                    f2:7c:52:b9:4a:07:0e:a7:f3:5e:de:54:11:b8:3c:
                    c5:d7:e4:22:e8:ee:29:c1:ba:39:71:5e:cc:2b:0f:
                    3d:5a:d6:25:d6:5a:a9:28:84:74:47:b8:71:66:a4:
                    ed:5f:ba:51:ed:2d:a9:10:43:b3:24:2e:b2:de:5e:
                    a1:fd:65:d6:1b:b3:91:08:1d:00:e1:aa:fb:7c:52:
                    53:ac:99:ee:09:10:75:f6:27:00:84:63:5a:ab:cd:
                    85:8b:dd:d2:89:c5:60:73:09:81:e7:cf:dc:60:35:
                    34:c6:58:fc:ec:4f:f8:78:77:25:f5:e8:89:52:bb:
                    66:27:33:e3:8d:9e:01:79:47:56:7a:c2:25:23:7e:
                    4e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:97:7A:12:6B:64:F2:BC:C4:C2:21:C5:5A:4A:66:2E:EC:F0:6F:EA
            X509v3 Authority Key Identifier:
                keyid:22:F3:5C:61:1C:29:23:4B:F4:B4:0B:35:99:0D:DF:A2:93:A5:37:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNcYRwpI0v0tAs1mQ3fopOlN_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/g5d6Emtk8rzEwiHFWkpmLuzwb-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/f8cda4-c818-4dc0-b605-163247eb0e07/1/IvNcYRwpI0v0tAs1mQ3fopOlN_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.224.0/22
                  185.181.108.0/22
                IPv6:
                  2a0d:4f00::/29

    Signature Algorithm: sha256WithRSAEncryption
         89:8c:06:13:8e:4b:34:f2:2e:a6:31:c5:c4:f9:95:22:fd:28:
         9c:d6:2d:c5:92:24:4c:98:d7:fb:4c:0f:52:fa:27:6d:e6:55:
         b7:e4:20:27:20:fe:99:50:a0:4c:06:38:d8:ea:65:6e:74:64:
         98:f2:47:ae:ff:5c:73:1f:99:fc:06:2a:f7:73:c2:f5:40:54:
         89:61:50:43:ec:c4:f1:08:48:84:32:7d:d7:b0:c1:5c:94:5f:
         59:77:fb:33:42:dd:33:f6:17:e5:91:80:ca:d3:df:73:dc:9e:
         ab:77:f8:80:26:59:a2:27:51:73:3d:f4:a9:13:90:06:73:d5:
         ba:cf:d1:d1:99:45:43:7e:b6:d8:4e:ef:7a:6f:58:82:7e:a8:
         2f:3b:b2:e3:0c:4c:d9:ee:71:6d:0b:63:8a:a8:45:97:29:9c:
         a3:30:2a:4c:c0:8b:fd:75:9a:17:7b:a7:a2:0a:04:6f:46:c9:
         a2:08:0b:cd:be:5e:0b:c7:20:60:b9:36:ad:b2:65:67:8a:78:
         ad:c5:57:f4:63:f4:b8:3a:22:b0:56:85:3e:71:51:e0:6d:dc:
         5c:29:6d:89:45:75:7a:b5:20:1f:c4:25:5c:3a:a9:8e:55:f2:
         f2:c3:a3:9e:cd:bb:05:78:7e:94:a3:56:38:23:d1:6d:a5:f6:
         72:58:67:54
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAqTKjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNWM2MTFjMjkyMzRiZjRiNDBiMzU5OTBkZGZhMjkzYTUzN2Y5MB4XDTIyMDEw
MTA2NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM5NzdhMTI2YjY0
ZjJiY2M0YzIyMWM1NWE0YTY2MmVlY2YwNmZlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMB3JhejsI3A50Ck99ZJ8ErYV9w8r8wTLeRpGlImCxyiHx7z
+Pe+0EwudlwaQSyG+LAyl27Es4drvJA8c/ImSeIX3LH21As4wsIyHFeDACOyzbkz
TwDalk88hFW39F3KOZ8VOdoR5unn2k5ECsNqkvehSficb7ZF8nxSuUoHDqfzXt5U
Ebg8xdfkIujuKcG6OXFezCsPPVrWJdZaqSiEdEe4cWak7V+6Ue0tqRBDsyQust5e
of1l1huzkQgdAOGq+3xSU6yZ7gkQdfYnAIRjWqvNhYvd0onFYHMJgefP3GA1NMZY
/OxP+Hh3JfXoiVK7Zicz442eAXlHVnrCJSN+TjUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSDl3oSa2TyvMTCIcVaSmYu7PBv6jAfBgNVHSMEGDAWgBQi81xhHCkjS/S0
CzWZDd+ik6U3+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TmNZUndwSTB2MHRBczFtUTNmb3BPbE5fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvZjhjZGE0LWM4MTgtNGRjMC1iNjA1LTE2MzI0N2ViMGUwNy8x
L2c1ZDZFbXRrOHJ6RXdpSEZXa3BtTHV6d2Itby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
ZjhjZGE0LWM4MTgtNGRjMC1iNjA1LTE2MzI0N2ViMGUwNy8xL0l2TmNZUndwSTB2
MHRBczFtUTNmb3BPbE5fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlL4AMEArm1bDANBAIAAjAHAwUD
Kg1PADANBgkqhkiG9w0BAQsFAAOCAQEAiYwGE45LNPIupjHFxPmVIv0onNYtxZIk
TJjX+0wPUvonbeZVt+QgJyD+mVCgTAY42OplbnRkmPJHrv9ccx+Z/AYq93PC9UBU
iWFQQ+zE8QhIhDJ917DBXJRfWXf7M0LdM/YX5ZGAytPfc9yeq3f4gCZZoidRcz30
qROQBnPVus/R0ZlFQ3622E7vem9Ygn6oLzuy4wxM2e5xbQtjiqhFlymcozAqTMCL
/XWaF3unogoEb0bJoggLzb5eC8cgYLk2rbJlZ4p4rcVX9GP0uDoisFaFPnFR4G3c
XCltiUV1erUgH8QlXDqpjlXy8sOjns27BXh+lKNWOCPRbaX2clhnVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:06 2024 by rpki-client on console-fra.rpki-client.org