Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/h1Gz3nkGJE2u35Z9PlXZcwc4MXw.roa
File:                     h1Gz3nkGJE2u35Z9PlXZcwc4MXw.roa (raw, json)
Hash identifier:          pfOKYALZa/3tnhJD/cwhXSe1Dw6MaDB0jLSMmnB51F4=
Subject key identifier:   87:51:B3:DE:79:06:24:4D:AE:DF:96:7D:3E:55:D9:73:07:38:31:7C
Certificate issuer:       /CN=11535f8fa4b5f51533d724eaf90dba99715fc6fc
Certificate serial:       142B3630
Authority key identifier: 11:53:5F:8F:A4:B5:F5:15:33:D7:24:EA:F9:0D:BA:99:71:5F:C6:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EVNfj6S19RUz1yTq-Q26mXFfxvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/h1Gz3nkGJE2u35Z9PlXZcwc4MXw.roa
Signing time:             Sat 01 Jan 2022 13:07:28 +0000
ROA not before:           Sat 01 Jan 2022 13:07:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204195
IP address blocks:        185.115.236.0/22 maxlen: 22
                          2a06:2780::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338376240 (0x142b3630)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11535f8fa4b5f51533d724eaf90dba99715fc6fc
        Validity
            Not Before: Jan  1 13:07:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8751b3de7906244daedf967d3e55d9730738317c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:29:64:27:79:de:48:e2:61:bb:f5:5a:95:6d:
                    f3:28:19:2c:8f:2a:be:bb:33:49:8a:a6:e3:90:f0:
                    22:ad:8f:3a:08:41:cc:76:be:24:c2:b4:dc:47:98:
                    2c:4a:28:55:d0:54:20:ac:18:87:a7:d6:14:70:49:
                    a7:ea:63:4c:47:37:68:f0:51:62:d9:d2:0a:ae:56:
                    13:d7:b1:ee:cf:38:0d:57:75:d3:81:fe:9b:53:33:
                    47:ab:7b:17:13:f8:c2:c6:06:2c:fc:08:fd:ed:44:
                    bd:a2:e8:35:7c:be:da:60:a5:a0:0e:76:41:27:ea:
                    8b:09:fd:5e:56:a8:99:01:65:31:ea:4f:36:2a:30:
                    eb:5a:ec:56:21:1b:14:c8:e0:d7:74:a3:4f:55:32:
                    2d:cb:d8:d9:54:29:bd:35:41:08:12:a7:6f:c1:98:
                    b1:61:7c:c7:46:82:6a:64:6d:9d:87:4f:da:71:54:
                    b2:6d:07:14:6f:42:51:8c:a4:ff:af:6f:bf:3f:29:
                    4b:a5:9e:ae:49:99:8d:6c:a1:33:a3:c0:ac:e0:56:
                    f8:30:df:c8:83:14:a4:41:1d:49:84:98:c5:52:cf:
                    06:4f:a0:2c:78:74:8d:34:b2:78:3b:d6:9d:89:c2:
                    e6:fa:de:4f:01:57:c4:5f:99:65:f1:b8:09:9d:a3:
                    21:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:51:B3:DE:79:06:24:4D:AE:DF:96:7D:3E:55:D9:73:07:38:31:7C
            X509v3 Authority Key Identifier:
                keyid:11:53:5F:8F:A4:B5:F5:15:33:D7:24:EA:F9:0D:BA:99:71:5F:C6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVNfj6S19RUz1yTq-Q26mXFfxvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/h1Gz3nkGJE2u35Z9PlXZcwc4MXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/EVNfj6S19RUz1yTq-Q26mXFfxvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.236.0/22
                IPv6:
                  2a06:2780::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:f4:9a:22:9f:59:ce:1c:93:1c:8d:b0:6c:e9:74:13:fe:4d:
         e2:4b:af:1d:6e:2f:29:1d:20:60:2e:17:e6:9d:aa:4a:de:b5:
         67:d6:8a:ed:d8:7f:e3:1f:3d:51:17:89:90:e3:47:f7:6c:c3:
         a8:2d:92:db:4f:b8:dd:38:c5:2c:fa:5d:32:c3:b3:7e:42:b2:
         2e:79:db:27:bd:69:d0:c3:f0:5c:37:20:9c:f6:0d:b1:29:68:
         25:a0:54:70:00:77:4a:9e:98:68:e7:c4:23:71:23:16:c9:19:
         f4:32:ee:6d:62:8f:b2:da:de:d3:b0:e1:d3:d7:56:bf:1c:76:
         91:37:7e:fa:da:55:71:bc:aa:b9:b1:95:31:8d:3e:18:d1:26:
         45:a9:24:97:93:f5:a8:f3:d9:f2:d2:fb:47:0a:ce:5c:75:6a:
         fb:c4:70:5a:00:5d:ee:cb:9a:9d:7e:38:54:ce:76:68:e5:da:
         48:d9:af:cd:e4:26:bd:c2:68:2d:8c:a1:40:f8:97:16:17:fb:
         20:91:38:2c:db:df:af:14:bb:f8:2f:c0:8b:63:71:de:04:b1:
         22:a7:83:dc:a6:16:9f:c8:3b:81:15:73:3a:3f:ec:8a:5c:7c:
         45:a0:9e:8f:5a:8c:c0:33:0c:cc:17:af:df:2e:05:4f:f0:fa:
         48:ed:21:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFCs2MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTUzNWY4ZmE0YjVmNTE1MzNkNzI0ZWFmOTBkYmE5OTcxNWZjNmZjMB4XDTIyMDEw
MTEzMDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc1MWIzZGU3OTA2
MjQ0ZGFlZGY5NjdkM2U1NWQ5NzMwNzM4MzE3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMpZCd53kjiYbv1WpVt8ygZLI8qvrszSYqm45DwIq2POghB
zHa+JMK03EeYLEooVdBUIKwYh6fWFHBJp+pjTEc3aPBRYtnSCq5WE9ex7s84DVd1
04H+m1MzR6t7FxP4wsYGLPwI/e1EvaLoNXy+2mCloA52QSfqiwn9XlaomQFlMepP
Niow61rsViEbFMjg13SjT1UyLcvY2VQpvTVBCBKnb8GYsWF8x0aCamRtnYdP2nFU
sm0HFG9CUYyk/69vvz8pS6WerkmZjWyhM6PArOBW+DDfyIMUpEEdSYSYxVLPBk+g
LHh0jTSyeDvWnYnC5vreTwFXxF+ZZfG4CZ2jIecCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSHUbPeeQYkTa7fln0+VdlzBzgxfDAfBgNVHSMEGDAWgBQRU1+PpLX1FTPX
JOr5DbqZcV/G/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VWTmZqNlMxOVJVejF5VHEtUTI2bVhGZnh2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvMDZkNjgzLTVhNTUtNDJhZC05MWQ5LTVmMmVlNWNlNDU4MS8x
L2gxR3ozbmtHSkUydTM1WjlQbFhaY3djNE1Ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
MDZkNjgzLTVhNTUtNDJhZC05MWQ5LTVmMmVlNWNlNDU4MS8xL0VWTmZqNlMxOVJV
ejF5VHEtUTI2bVhGZnh2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlz7DANBAIAAjAHAwUDKgYngDAN
BgkqhkiG9w0BAQsFAAOCAQEAYvSaIp9ZzhyTHI2wbOl0E/5N4kuvHW4vKR0gYC4X
5p2qSt61Z9aK7dh/4x89UReJkONH92zDqC2S20+43TjFLPpdMsOzfkKyLnnbJ71p
0MPwXDcgnPYNsSloJaBUcAB3Sp6YaOfEI3EjFskZ9DLubWKPstre07Dh09dWvxx2
kTd++tpVcbyqubGVMY0+GNEmRakkl5P1qPPZ8tL7RwrOXHVq+8RwWgBd7suanX44
VM52aOXaSNmvzeQmvcJoLYyhQPiXFhf7IJE4LNvfrxS7+C/Ai2Nx3gSxIqeD3KYW
n8g7gRVzOj/silx8RaCej1qMwDMMzBev3y4FT/D6SO0hwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:16 2024 by rpki-client on console-fra.rpki-client.org