Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/h_AmqXRPPYVPbtAH0CXftYPWMrA.roa
File:                     h_AmqXRPPYVPbtAH0CXftYPWMrA.roa (raw, json)
Hash identifier:          z8tiiD8ujcX5+LsZPAa1vjArjaR4y+pYPhGHdpwhZLA=
Subject key identifier:   87:F0:26:A9:74:4F:3D:85:4F:6E:D0:07:D0:25:DF:B5:83:D6:32:B0
Certificate issuer:       /CN=4b25df8620374243e3c5eab25550af24e0eff48c
Certificate serial:       0623CB
Authority key identifier: 4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/h_AmqXRPPYVPbtAH0CXftYPWMrA.roa
Signing time:             Wed 13 Apr 2022 09:15:23 +0000
ROA not before:           Wed 13 Apr 2022 09:15:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43279
IP address blocks:        185.208.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 402379 (0x623cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b25df8620374243e3c5eab25550af24e0eff48c
        Validity
            Not Before: Apr 13 09:15:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87f026a9744f3d854f6ed007d025dfb583d632b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:83:2a:f5:98:85:b6:34:27:17:0a:b9:00:60:
                    51:cc:dc:ee:71:77:8a:89:a0:d9:63:21:38:4e:f2:
                    57:ad:65:27:0d:a4:0b:e2:93:e3:7c:b8:40:ad:82:
                    ce:67:85:62:03:a7:2b:98:f6:54:09:b1:fc:29:ac:
                    4c:4e:69:6f:23:58:73:10:9e:da:a4:cf:b5:f5:24:
                    70:f7:6e:04:08:8d:05:76:54:e0:00:85:f9:0c:c4:
                    d9:fc:22:4c:e7:fc:12:14:ff:40:d9:4f:06:f7:3b:
                    d3:a8:58:be:1f:ce:d3:a7:10:a4:c0:24:55:81:dc:
                    a7:de:50:4a:20:18:da:47:31:51:9f:80:99:ca:41:
                    b7:c3:19:a1:75:8d:ce:d2:c8:01:83:11:76:52:4d:
                    c4:6c:32:d3:58:56:52:1b:13:ea:e5:d9:60:50:6e:
                    58:02:03:a6:d3:47:23:0e:45:f3:b6:dc:4c:b8:4f:
                    c7:68:3e:3a:aa:bc:a4:63:91:c7:15:62:5f:15:9d:
                    f7:77:11:22:e0:39:bb:46:fa:a8:14:f5:9c:66:7c:
                    8f:3e:c5:9a:3a:44:30:1d:f4:43:14:d7:a1:6c:b6:
                    6c:7b:50:9b:41:e6:87:bb:16:00:79:45:63:54:bd:
                    e0:e9:3c:6e:14:4b:c0:80:78:3b:d5:c4:9f:7d:46:
                    51:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:F0:26:A9:74:4F:3D:85:4F:6E:D0:07:D0:25:DF:B5:83:D6:32:B0
            X509v3 Authority Key Identifier:
                keyid:4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/h_AmqXRPPYVPbtAH0CXftYPWMrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:22:54:55:69:6c:bb:ed:9f:13:1a:24:7c:3b:0e:39:92:41:
         15:b3:3d:bd:45:bc:cc:a0:e7:0c:64:21:33:83:1e:ed:f7:a1:
         48:62:51:54:0d:b4:bd:10:c8:bb:6d:2a:10:ac:32:84:d5:a0:
         e7:97:30:d7:bb:1e:87:d0:f5:9c:e7:61:ab:f2:59:00:c9:54:
         cb:1d:bf:89:55:c5:6e:4d:20:35:25:a1:80:64:d9:f7:d8:c0:
         b8:5a:a7:49:1e:e4:d1:d7:e6:36:f2:13:95:a5:f5:0f:17:40:
         0d:5c:c1:07:df:3d:0c:46:8f:ea:bd:f7:f0:c4:a6:be:ce:45:
         44:7a:47:16:9e:15:78:33:15:32:ba:ef:65:7d:53:a0:dc:cb:
         f9:b5:47:a8:21:c3:b3:ac:29:af:c5:b8:77:70:e8:9f:35:22:
         34:41:d6:5b:98:07:ad:4b:e7:53:73:4e:86:8b:46:47:12:53:
         25:29:e1:9d:eb:dc:b4:64:6b:25:c9:44:e1:86:cb:a3:f4:fc:
         64:02:52:b0:a7:43:76:18:e3:fa:c9:dc:be:7c:b1:c4:52:7a:
         9a:4c:a5:de:3d:ad:25:d8:57:c0:a3:25:08:a7:64:ac:2c:0c:
         39:d7:f5:32:09:b6:f8:ee:f2:5a:c4:97:6c:66:35:e8:40:02:
         54:ed:f9:d1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBiPLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
MjVkZjg2MjAzNzQyNDNlM2M1ZWFiMjU1NTBhZjI0ZTBlZmY0OGMwHhcNMjIwNDEz
MDkxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4N2YwMjZhOTc0NGYz
ZDg1NGY2ZWQwMDdkMDI1ZGZiNTgzZDYzMmIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsYMq9ZiFtjQnFwq5AGBRzNzucXeKiaDZYyE4TvJXrWUnDaQL
4pPjfLhArYLOZ4ViA6crmPZUCbH8KaxMTmlvI1hzEJ7apM+19SRw924ECI0FdlTg
AIX5DMTZ/CJM5/wSFP9A2U8G9zvTqFi+H87TpxCkwCRVgdyn3lBKIBjaRzFRn4CZ
ykG3wxmhdY3O0sgBgxF2Uk3EbDLTWFZSGxPq5dlgUG5YAgOm00cjDkXzttxMuE/H
aD46qrykY5HHFWJfFZ33dxEi4Dm7RvqoFPWcZnyPPsWaOkQwHfRDFNehbLZse1Cb
QeaHuxYAeUVjVL3g6TxuFEvAgHg71cSffUZRyQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIfwJql0Tz2FT27QB9Al37WD1jKwMB8GA1UdIwQYMBaAFEsl34YgN0JD48Xq
slVQryTg7/SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJkLzEv
aF9BbXFYUlBQWVZQYnRBSDBDWGZ0WVBXTXJBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9h
NzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJkLzEvU3lYZmhpQTNRa1Bq
eGVxeVZWQ3ZKT0R2OUl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudDoMA0GCSqGSIb3DQEBCwUAA4IB
AQCGIlRVaWy77Z8TGiR8Ow45kkEVsz29RbzMoOcMZCEzgx7t96FIYlFUDbS9EMi7
bSoQrDKE1aDnlzDXux6H0PWc52Gr8lkAyVTLHb+JVcVuTSA1JaGAZNn32MC4WqdJ
HuTR1+Y28hOVpfUPF0ANXMEH3z0MRo/qvffwxKa+zkVEekcWnhV4MxUyuu9lfVOg
3Mv5tUeoIcOzrCmvxbh3cOifNSI0QdZbmAetS+dTc06Gi0ZHElMlKeGd69y0ZGsl
yUThhsuj9PxkAlKwp0N2GOP6ydy+fLHEUnqaTKXePa0l2FfAoyUIp2SsLAw51/Uy
Cbb47vJaxJdsZjXoQAJU7fnR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:05 2024 by rpki-client on console-ams.rpki-client.org