Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1zPJZhMRBwO08_vU45nSXJgb7Ew.roa
File:                     1zPJZhMRBwO08_vU45nSXJgb7Ew.roa (raw, json)
Hash identifier:          X+Ggij2DsE+ryBWGXyulRh9lF/Lp23t4GzpgPGIeM3I=
Subject key identifier:   D7:33:C9:66:13:11:07:03:B4:F3:FB:D4:E3:99:D2:5C:98:1B:EC:4C
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       391F2AFB
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1zPJZhMRBwO08_vU45nSXJgb7Ew.roa
Signing time:             Tue 18 Jan 2022 08:55:54 +0000
ROA not before:           Tue 18 Jan 2022 08:55:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60458
IP address blocks:        212.80.21.0/24 maxlen: 24
                          212.80.20.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 958343931 (0x391f2afb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jan 18 08:55:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d733c96613110703b4f3fbd4e399d25c981bec4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:41:8c:9a:ce:cb:de:af:b2:15:e6:1b:26:35:
                    29:34:22:dd:3b:f1:cd:a4:80:2f:f9:75:5f:ed:02:
                    8e:95:e9:8a:92:63:8a:62:22:ca:9e:2e:b2:7a:46:
                    6e:62:35:6d:5c:ea:16:13:e3:a1:74:fe:c6:37:8f:
                    9f:30:51:a9:0c:ca:e8:e8:60:54:b9:77:a7:a5:ce:
                    9a:27:da:f5:19:10:16:a0:2f:f0:85:a2:eb:35:0f:
                    ec:e7:ad:4a:fb:98:25:27:11:ce:ed:f1:fd:82:27:
                    bb:95:f0:88:f3:9c:85:32:7e:e1:1f:18:e9:cc:35:
                    cf:6f:fc:c6:ca:eb:5b:5d:96:65:c0:b5:0e:01:37:
                    90:06:63:c8:2a:11:f0:62:c0:6e:83:14:81:ba:e8:
                    e9:59:17:ee:5c:95:38:b1:7a:b8:0b:90:e4:00:1f:
                    55:81:7d:ba:e9:25:78:3b:82:fe:80:be:87:80:82:
                    bb:27:96:49:bd:9c:42:f0:f4:ca:2d:d7:c5:0f:d7:
                    b9:ab:e8:aa:29:38:3f:e4:37:82:4c:e2:58:c0:9f:
                    64:5b:67:66:9f:93:5b:e8:82:e3:c8:04:9e:26:48:
                    6d:90:55:87:ec:9b:b8:b3:c9:68:ee:af:a3:22:a2:
                    9b:98:e4:e3:61:01:a0:40:70:14:ff:4f:d4:e0:08:
                    a5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:33:C9:66:13:11:07:03:B4:F3:FB:D4:E3:99:D2:5C:98:1B:EC:4C
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1zPJZhMRBwO08_vU45nSXJgb7Ew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.149.0/24
                  212.80.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:1f:ff:79:1b:db:0b:17:b3:32:3e:34:92:a4:bd:24:5e:0a:
         1e:00:57:71:10:5f:9d:61:fc:6d:22:a0:83:db:8e:b5:ca:1a:
         90:d7:2a:e2:19:4a:d0:bb:7a:79:df:39:79:05:5a:30:58:57:
         b2:d2:0f:c8:cc:12:b9:55:ce:e4:79:35:87:86:7d:56:49:16:
         95:70:c9:0a:f3:31:ed:24:7d:23:5c:82:83:60:f5:27:7e:b6:
         36:c5:21:63:06:2f:81:6d:27:55:66:46:de:1e:1b:60:0a:b9:
         37:7c:30:f7:6a:8b:c4:07:10:90:b4:73:3d:47:fc:83:2c:66:
         7f:3a:4b:fd:7f:9d:c8:8a:f5:fa:fb:42:09:3e:74:bc:fd:a7:
         ea:e9:d4:9f:35:77:b2:7c:71:92:4d:b7:3b:81:bc:d6:45:4f:
         18:8f:76:3e:08:3a:21:5a:fd:c6:1e:a4:0d:8e:81:4b:42:c8:
         15:0b:c6:38:b4:5f:85:d2:eb:61:79:8d:65:ea:ea:b9:ef:4d:
         43:4b:a7:0e:4f:b0:f2:f7:46:8c:15:4c:b5:5d:5a:a6:39:a4:
         01:df:9f:42:3e:9e:58:89:15:a1:36:5a:c4:eb:c5:dd:0e:99:
         ec:9c:32:e7:af:be:82:fc:05:81:03:69:b1:61:04:41:e6:8c:
         ee:91:79:b2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOR8q+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDEx
ODA4NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDczM2M5NjYxMzEx
MDcwM2I0ZjNmYmQ0ZTM5OWQyNWM5ODFiZWM0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9BjJrOy96vshXmGyY1KTQi3TvxzaSAL/l1X+0CjpXpipJj
imIiyp4usnpGbmI1bVzqFhPjoXT+xjePnzBRqQzK6OhgVLl3p6XOmifa9RkQFqAv
8IWi6zUP7OetSvuYJScRzu3x/YInu5XwiPOchTJ+4R8Y6cw1z2/8xsrrW12WZcC1
DgE3kAZjyCoR8GLAboMUgbro6VkX7lyVOLF6uAuQ5AAfVYF9uukleDuC/oC+h4CC
uyeWSb2cQvD0yi3XxQ/Xuavoqik4P+Q3gkziWMCfZFtnZp+TW+iC48gEniZIbZBV
h+ybuLPJaO6voyKim5jk42EBoEBwFP9P1OAIpTMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTXM8lmExEHA7Tz+9TjmdJcmBvsTDAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
LzF6UEpaaE1SQndPMDhfdlU0NW5TWEpnYjdFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkYlQMEAdRQFDANBgkqhkiG9w0B
AQsFAAOCAQEAHB//eRvbCxezMj40kqS9JF4KHgBXcRBfnWH8bSKgg9uOtcoakNcq
4hlK0Lt6ed85eQVaMFhXstIPyMwSuVXO5Hk1h4Z9VkkWlXDJCvMx7SR9I1yCg2D1
J362NsUhYwYvgW0nVWZG3h4bYAq5N3ww92qLxAcQkLRzPUf8gyxmfzpL/X+dyIr1
+vtCCT50vP2n6unUnzV3snxxkk23O4G81kVPGI92Pgg6IVr9xh6kDY6BS0LIFQvG
OLRfhdLrYXmNZerque9NQ0unDk+w8vdGjBVMtV1apjmkAd+fQj6eWIkVoTZaxOvF
3Q6Z7Jwy56++gvwFgQNpsWEEQeaM7pF5sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org