Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/SA5aVbZ6dB8iV9J5FmNwNYZ7WwE.roa
File:                     SA5aVbZ6dB8iV9J5FmNwNYZ7WwE.roa (raw, json)
Hash identifier:          0iLSxqjCnxNoHSrEpaCziOWe8oaG1XVJNoFe6f7AahU=
Subject key identifier:   48:0E:5A:55:B6:7A:74:1F:22:57:D2:79:16:63:70:35:86:7B:5B:01
Certificate issuer:       /CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
Certificate serial:       0181D8A8649FD67A16FC961A5365105E40BC
Authority key identifier: 26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/SA5aVbZ6dB8iV9J5FmNwNYZ7WwE.roa
Signing time:             Thu 07 Jul 2022 12:35:23 +0000
ROA not before:           Thu 07 Jul 2022 12:35:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62119
IP address blocks:        185.244.160.0/24 maxlen: 24
                          2a12:42c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d8:a8:64:9f:d6:7a:16:fc:96:1a:53:65:10:5e:40:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
        Validity
            Not Before: Jul  7 12:35:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=480e5a55b67a741f2257d27916637035867b5b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5c:ea:9f:1f:c8:7b:7f:01:27:1f:ab:50:4c:
                    24:b8:b3:0e:6f:fa:f7:88:47:56:2b:28:30:29:ea:
                    6a:97:f2:fc:2f:f3:ac:ef:f6:60:b0:33:5c:33:60:
                    fb:4b:93:66:a3:bf:6c:41:7c:c5:6f:28:1c:3f:39:
                    98:dc:f8:f1:67:0e:64:48:96:7e:94:89:bf:eb:b5:
                    57:6b:6b:a0:7f:d1:9a:85:d0:28:27:80:48:d1:72:
                    7c:f2:10:8d:4d:4f:1a:a0:ac:37:bd:cd:98:cd:f0:
                    d0:e4:2f:24:39:21:2f:35:73:63:9e:8b:83:de:ee:
                    0a:c9:3d:5d:92:36:b9:4d:7b:3b:64:31:c8:96:98:
                    a2:58:43:37:b1:d8:39:3b:f3:b3:2e:4c:2d:8a:2c:
                    73:c6:6d:64:a7:06:4d:99:71:6d:f9:c7:ba:dc:9a:
                    ec:40:fd:f8:e4:9c:30:a7:98:d9:84:ca:2b:f0:3b:
                    36:f7:5b:37:30:bc:4b:76:2f:55:7c:96:71:bb:d6:
                    6b:86:99:c2:df:1b:18:50:fc:1b:81:c9:48:9d:d0:
                    52:42:36:d9:29:dd:cf:2c:71:0b:0e:86:b3:94:1f:
                    8d:ab:a5:db:f0:1c:ba:ac:b3:a9:15:8f:17:89:32:
                    26:66:5c:71:c7:f9:e7:19:e6:8d:68:e6:74:a3:52:
                    8f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:0E:5A:55:B6:7A:74:1F:22:57:D2:79:16:63:70:35:86:7B:5B:01
            X509v3 Authority Key Identifier:
                keyid:26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/SA5aVbZ6dB8iV9J5FmNwNYZ7WwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.160.0/24
                IPv6:
                  2a12:42c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         46:27:d6:e5:68:7c:30:89:0d:c4:c7:cd:ec:60:33:4e:8d:7d:
         96:52:00:45:e9:ef:55:55:33:01:f7:40:1d:75:8f:d7:64:4b:
         e7:aa:5a:14:e7:73:c9:71:be:7f:04:67:f8:74:14:dd:52:f4:
         77:84:af:8a:94:da:2a:40:01:07:e4:da:8f:32:47:c8:9b:4b:
         5a:c7:2d:f2:72:3b:db:36:fc:79:a9:26:ed:6c:0b:e4:44:bb:
         fe:04:46:df:c2:e7:6d:37:b2:95:cc:23:97:e0:33:a5:20:0b:
         44:72:44:ea:2e:ec:b7:ce:c7:94:4f:38:78:dd:93:b0:3a:2b:
         b2:c2:86:54:a3:bd:29:98:50:9d:6c:3d:3b:7a:40:fc:53:47:
         fe:fc:b7:13:6d:b2:c0:52:6d:a0:78:20:2f:ee:b7:55:64:04:
         a9:1d:aa:54:b8:c7:c6:63:61:90:9b:16:0d:bc:23:cd:af:e6:
         4b:58:f1:53:b2:94:aa:ac:18:93:07:77:77:1a:76:66:bc:75:
         69:b3:30:51:53:f2:eb:b1:b5:bd:7a:94:9e:6a:67:23:6d:b2:
         51:80:2d:c9:05:2b:22:82:0d:64:00:0a:ba:4c:ce:63:3e:74:
         5a:e6:9b:89:f3:cc:44:c0:d5:35:4c:8f:2d:17:cc:a7:34:44:
         80:9e:83:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHYqGSf1noW/JYaU2UQXkC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWI4YTM3NDg0NDBjOWQ1YzJjNTA4YmQwM2I0NmQ3Mjcz
ZWVlNTYwHhcNMjIwNzA3MTIzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBlNWE1NWI2N2E3NDFmMjI1N2QyNzkxNjYzNzAzNTg2N2I1YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFzqnx/Ie38BJx+rUEwkuLMOb/r3
iEdWKygwKepql/L8L/Os7/ZgsDNcM2D7S5Nmo79sQXzFbygcPzmY3PjxZw5kSJZ+
lIm/67VXa2ugf9GahdAoJ4BI0XJ88hCNTU8aoKw3vc2YzfDQ5C8kOSEvNXNjnouD
3u4KyT1dkja5TXs7ZDHIlpiiWEM3sdg5O/OzLkwtiixzxm1kpwZNmXFt+ce63Jrs
QP345Jwwp5jZhMor8Ds291s3MLxLdi9VfJZxu9ZrhpnC3xsYUPwbgclIndBSQjbZ
Kd3PLHELDoazlB+Nq6Xb8By6rLOpFY8XiTImZlxxx/nnGeaNaOZ0o1KPmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEgOWlW2enQfIlfSeRZjcDWGe1sBMB8GA1UdIwQY
MBaAFCabijdIRAydXCxQi9A7RtcnPu5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnB1S04waEVESjFjTEZDTDBEdEcxeWMtN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NGFhZTQtNzcxYy00MjlhLWE3Y2Qt
Zjg3YmMxNzNkMmFhLzEvU0E1YVZiWjZkQjhpVjlKNUZtTndOWVo3V3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NGFhZTQtNzcxYy00MjlhLWE3Y2QtZjg3YmMxNzNkMmFh
LzEvSnB1S04waEVESjFjTEZDTDBEdEcxeWMtN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufSgMA0E
AgACMAcDBQMqEkLAMA0GCSqGSIb3DQEBCwUAA4IBAQBGJ9blaHwwiQ3Ex83sYDNO
jX2WUgBF6e9VVTMB90AddY/XZEvnqloU53PJcb5/BGf4dBTdUvR3hK+KlNoqQAEH
5NqPMkfIm0taxy3ycjvbNvx5qSbtbAvkRLv+BEbfwudtN7KVzCOX4DOlIAtEckTq
Luy3zseUTzh43ZOwOiuywoZUo70pmFCdbD07ekD8U0f+/LcTbbLAUm2geCAv7rdV
ZASpHapUuMfGY2GQmxYNvCPNr+ZLWPFTspSqrBiTB3d3GnZmvHVpszBRU/LrsbW9
epSeamcjbbJRgC3JBSsigg1kAAq6TM5jPnRa5puJ88xEwNU1TI8tF8ynNESAnoN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:57 2024 by rpki-client on console-ams.rpki-client.org