Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa
File:                     AGR7FOkSu38PD5LZh5UJOaEikYA.roa (raw, json)
Hash identifier:          4zH25BU6uXjkAsk5LkiiO+9W1rImA7EqFz8GXO/mZGE=
Subject key identifier:   00:64:7B:14:E9:12:BB:7F:0F:0F:92:D9:87:95:09:39:A1:22:91:80
Certificate issuer:       /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial:       0184868A57F1133AF76FBB216F555EB57249
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa
Signing time:             Thu 17 Nov 2022 17:02:04 +0000
ROA not before:           Thu 17 Nov 2022 17:02:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209968
IP address blocks:        185.23.5.0/24 maxlen: 24
                          2a09:be44::/30 maxlen: 48
                          2a0e:ec00::/32 maxlen: 48
                          2a09:be41::/32 maxlen: 48
                          2a12:49c0::/29 maxlen: 48
                          2a09:be42::/31 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:86:8a:57:f1:13:3a:f7:6f:bb:21:6f:55:5e:b5:72:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
        Validity
            Not Before: Nov 17 17:02:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=00647b14e912bb7f0f0f92d987950939a1229180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4e:fa:6e:9a:85:38:b2:99:02:cb:f2:24:fe:
                    82:3b:f8:0b:b4:d7:37:33:3f:16:bf:75:ab:4c:63:
                    b0:8f:56:82:40:1e:cb:3c:3d:32:6a:77:4b:6f:c1:
                    81:cf:74:ec:18:06:49:b5:7a:f7:82:21:2c:d0:94:
                    05:af:63:cf:ab:24:92:4b:8e:0e:e5:43:2a:92:d5:
                    4b:bc:a0:bd:54:08:0d:96:db:bd:e2:fd:8e:59:0a:
                    e1:e7:e8:03:3c:a4:84:5e:74:4c:ca:dc:31:3e:76:
                    2a:36:4c:ac:de:6b:9c:92:b9:c7:12:f5:bc:03:ab:
                    84:8a:10:d5:00:fe:31:67:e0:95:8f:cc:8f:57:31:
                    0c:cb:b3:7b:56:ad:bd:41:91:c5:e6:74:da:9c:98:
                    4b:c4:43:ef:0d:ff:81:37:40:fe:78:a5:0c:14:aa:
                    ff:ce:d2:6f:b3:f6:5c:f1:cf:c1:c4:a7:3a:22:0a:
                    14:b0:82:e1:57:4b:dd:d8:e9:9c:8e:63:79:1b:d1:
                    6c:9f:ab:da:e2:55:2c:a0:23:c9:ab:f7:e4:77:6a:
                    47:a3:23:d0:4e:3c:69:30:96:fa:98:de:c8:15:c2:
                    3e:2a:fa:05:50:c1:a7:bf:f4:c3:11:96:c6:e7:04:
                    ed:d7:4c:31:21:57:2b:2e:da:93:98:f8:93:5d:8b:
                    a1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:64:7B:14:E9:12:BB:7F:0F:0F:92:D9:87:95:09:39:A1:22:91:80
            X509v3 Authority Key Identifier:
                keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.5.0/24
                IPv6:
                  2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0e:ec00::/32
                  2a12:49c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:47:af:d9:f6:66:02:98:1f:28:8c:5d:e3:5e:68:be:8f:8e:
         17:af:ec:6e:2e:30:3d:35:69:0f:9c:02:80:67:93:8e:f5:c3:
         bd:22:6e:bd:de:22:92:6f:c1:ef:86:39:e1:64:01:ee:7f:d6:
         bb:5d:84:a8:f4:4d:cf:59:b4:46:8c:b3:f7:94:7f:59:fa:ef:
         e9:e9:50:a8:b9:46:d5:8f:b4:fe:7f:dd:e9:66:6d:ce:b5:bb:
         4e:33:a4:72:76:a5:e6:88:db:0a:2c:c7:bd:4e:42:0d:df:e6:
         02:35:54:8c:22:e1:04:2d:a2:b2:26:ee:84:25:3f:d8:27:a8:
         30:6d:41:6b:88:b6:68:7b:fe:2e:d0:01:b3:c2:5b:f5:be:a5:
         6f:ba:db:50:b4:0a:6b:e9:6f:12:6f:b5:0f:fe:b3:15:c2:85:
         78:12:ef:2c:c2:75:41:c7:c8:d3:68:70:3d:a8:4b:31:91:3b:
         2b:a2:a9:2a:38:a6:3e:d1:ae:50:ce:d1:76:4e:8b:e0:66:c9:
         34:a3:9f:e3:19:0a:d0:17:ee:db:80:5e:56:49:7a:3c:12:1e:
         3e:7b:57:a1:1a:fd:5c:e8:e9:db:cf:f0:23:99:09:22:55:28:
         5d:9e:8b:0c:17:41:45:10:b3:1c:70:db:63:6e:c2:63:9e:14:
         71:0e:8e:b0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYSGilfxEzr3b7shb1VetXJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjIxMTE3MTcwMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY0N2IxNGU5MTJiYjdmMGYwZjkyZDk4Nzk1MDkzOWExMjI5MTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk76bpqFOLKZAsvyJP6CO/gLtNc3
Mz8Wv3WrTGOwj1aCQB7LPD0yandLb8GBz3TsGAZJtXr3giEs0JQFr2PPqySSS44O
5UMqktVLvKC9VAgNltu94v2OWQrh5+gDPKSEXnRMytwxPnYqNkys3muckrnHEvW8
A6uEihDVAP4xZ+CVj8yPVzEMy7N7Vq29QZHF5nTanJhLxEPvDf+BN0D+eKUMFKr/
ztJvs/Zc8c/BxKc6IgoUsILhV0vd2OmcjmN5G9Fsn6va4lUsoCPJq/fkd2pHoyPQ
TjxpMJb6mN7IFcI+KvoFUMGnv/TDEZbG5wTt10wxIVcrLtqTmPiTXYuhhwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFABkexTpErt/Dw+S2YeVCTmhIpGAMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvQUdSN0ZPa1N1MzhQRDVMWmg1VUpPYUVpa1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAuRcFMCQE
AgACMB4wDgMFACoJvkEDBQMqCb5AAwUAKg7sAAMFAyoSScAwDQYJKoZIhvcNAQEL
BQADggEBAI1Hr9n2ZgKYHyiMXeNeaL6Pjhev7G4uMD01aQ+cAoBnk471w70ibr3e
IpJvwe+GOeFkAe5/1rtdhKj0Tc9ZtEaMs/eUf1n67+npUKi5RtWPtP5/3elmbc61
u04zpHJ2peaI2wosx71OQg3f5gI1VIwi4QQtorIm7oQlP9gnqDBtQWuItmh7/i7Q
AbPCW/W+pW+621C0CmvpbxJvtQ/+sxXChXgS7yzCdUHHyNNocD2oSzGROyuiqSo4
pj7RrlDO0XZOi+BmyTSjn+MZCtAX7tuAXlZJejwSHj57V6Ea/Vzo6dvP8COZCSJV
KF2eiwwXQUUQsxxw22NuwmOeFHEOjrA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org