Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/2jA5JOylV1lhMhGL6RpQtVOabmU.roa
File:                     2jA5JOylV1lhMhGL6RpQtVOabmU.roa (raw, json)
Hash identifier:          +7UAYfua2qWeh0sjGpfWxrJCYzsmdIDO9AiAqoftSg4=
Subject key identifier:   DA:30:39:24:EC:A5:57:59:61:32:11:8B:E9:1A:50:B5:53:9A:6E:65
Certificate issuer:       /CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Certificate serial:       14ED5FD0
Authority key identifier: 95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/2jA5JOylV1lhMhGL6RpQtVOabmU.roa
Signing time:             Fri 11 Feb 2022 11:55:38 +0000
ROA not before:           Fri 11 Feb 2022 11:55:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43459
IP address blocks:        86.105.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 351100880 (0x14ed5fd0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
        Validity
            Not Before: Feb 11 11:55:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=da303924eca557596132118be91a50b5539a6e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a7:21:ad:e3:48:9c:06:f1:83:2f:75:8d:e9:
                    c8:ea:68:ce:1c:50:84:0b:e5:f3:e9:13:4d:e1:c0:
                    83:01:c5:42:33:b8:4e:59:ae:08:bc:41:9e:54:de:
                    84:75:23:f7:51:46:76:e0:a6:90:62:b9:fe:f0:b5:
                    02:d7:3e:4d:c9:2d:44:41:45:2f:15:36:a2:35:0a:
                    d4:d8:c1:e0:bc:9e:f5:fd:cb:82:a8:35:4d:18:bb:
                    6e:b5:88:8e:f7:f2:a8:10:32:70:76:52:9c:32:7b:
                    1e:4d:c9:51:57:6e:cc:f6:92:a2:42:f6:85:ad:38:
                    26:0e:d6:52:25:74:d3:6b:76:32:fb:66:be:f7:40:
                    c0:93:6b:00:02:4f:0e:cd:64:c3:df:33:d4:16:41:
                    1b:8f:64:65:3c:df:81:cd:fb:23:1f:85:15:cf:86:
                    1e:4d:b3:a0:16:88:eb:06:ed:3a:19:02:cd:10:76:
                    52:16:85:79:c2:43:a0:20:f7:04:49:d3:67:e2:cc:
                    12:70:72:a2:21:16:7f:d6:f4:a6:15:78:2c:c1:7c:
                    ae:3b:21:0c:45:cb:49:9d:9f:e1:8f:af:d5:84:4c:
                    d5:bb:c7:b2:5f:b1:5d:69:0d:b4:27:b5:37:2d:18:
                    ef:ce:01:28:84:ae:8f:a0:f9:91:bc:a4:c2:e4:46:
                    51:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:30:39:24:EC:A5:57:59:61:32:11:8B:E9:1A:50:B5:53:9A:6E:65
            X509v3 Authority Key Identifier:
                keyid:95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/2jA5JOylV1lhMhGL6RpQtVOabmU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.105.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:26:8f:96:a8:9d:dc:c0:48:c9:d8:c8:e1:ce:42:b8:1f:04:
         8a:34:04:c4:29:4d:a5:f1:29:42:77:6b:ce:17:16:b0:c5:ae:
         d5:97:70:95:b1:f9:c4:2a:fb:d2:a7:fd:f3:a3:ee:08:08:74:
         f1:36:96:61:ce:df:95:05:3e:9e:84:8d:3f:6f:6a:bc:4c:82:
         fb:ec:17:4f:b9:a8:ff:de:33:e0:72:20:21:f2:17:49:86:d0:
         71:7b:d3:d4:81:0c:b1:ec:4f:af:4a:e7:dd:12:d2:9d:b1:04:
         d4:e6:74:e1:98:56:0d:49:4b:1c:e5:33:fd:43:26:e3:11:0c:
         31:a8:10:42:d3:54:8f:78:30:c3:87:f7:f8:d2:a3:35:06:2f:
         9b:8d:f9:15:01:78:1c:19:91:bd:a4:ba:29:99:b8:20:28:9f:
         7b:d6:24:7e:c3:a0:80:f9:06:99:fe:0d:c8:6f:f6:9b:1e:23:
         5b:69:1d:c1:b2:42:a9:8d:d7:75:b7:52:ec:cc:50:91:02:12:
         95:5b:11:85:37:39:66:d5:02:04:a9:49:05:fc:57:23:56:c6:
         e1:fb:3b:15:7a:dd:3e:e5:49:c7:bd:90:c8:84:c5:24:87:2d:
         62:59:ac:a4:6f:09:2e:81:74:c9:ca:1a:3c:5f:45:d4:5b:a2:
         8c:a4:66:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFO1f0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTVmY2Y5Mjc5OGE5ZGJiMzBhYmQyYjlmYTI5YmZhODgwNDIyMGYzMB4XDTIyMDIx
MTExNTUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEzMDM5MjRlY2E1
NTc1OTYxMzIxMThiZTkxYTUwYjU1MzlhNmU2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKynIa3jSJwG8YMvdY3pyOpozhxQhAvl8+kTTeHAgwHFQjO4
TlmuCLxBnlTehHUj91FGduCmkGK5/vC1Atc+TcktREFFLxU2ojUK1NjB4Lye9f3L
gqg1TRi7brWIjvfyqBAycHZSnDJ7Hk3JUVduzPaSokL2ha04Jg7WUiV002t2Mvtm
vvdAwJNrAAJPDs1kw98z1BZBG49kZTzfgc37Ix+FFc+GHk2zoBaI6wbtOhkCzRB2
UhaFecJDoCD3BEnTZ+LMEnByoiEWf9b0phV4LMF8rjshDEXLSZ2f4Y+v1YRM1bvH
sl+xXWkNtCe1Ny0Y784BKISuj6D5kbykwuRGUfECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaMDkk7KVXWWEyEYvpGlC1U5puZTAfBgNVHSMEGDAWgBSVX8+SeYqduzCr
0rn6Kb+ogEIg8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xWX1Brbm1LbmJzd3E5SzUtaW1fcUlCQ0lQTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvZGYxNDBhLTBhYzMtNDEwNS1iODNhLTA1MTg4NmQwZWQ0ZS8x
LzJqQTVKT3lsVjFsaE1oR0w2UnBRdFZPYWJtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
ZGYxNDBhLTBhYzMtNDEwNS1iODNhLTA1MTg4NmQwZWQ0ZS8xL2xWX1Brbm1LbmJz
d3E5SzUtaW1fcUlCQ0lQTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFZpxjANBgkqhkiG9w0BAQsFAAOC
AQEAPiaPlqid3MBIydjI4c5CuB8EijQExClNpfEpQndrzhcWsMWu1ZdwlbH5xCr7
0qf986PuCAh08TaWYc7flQU+noSNP29qvEyC++wXT7mo/94z4HIgIfIXSYbQcXvT
1IEMsexPr0rn3RLSnbEE1OZ04ZhWDUlLHOUz/UMm4xEMMagQQtNUj3gww4f3+NKj
NQYvm435FQF4HBmRvaS6KZm4ICife9YkfsOggPkGmf4NyG/2mx4jW2kdwbJCqY3X
dbdS7MxQkQISlVsRhTc5ZtUCBKlJBfxXI1bG4fs7FXrdPuVJx72QyITFJIctYlms
pG8JLoF0ycoaPF9F1FuijKRmow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:31 2024 by rpki-client on console-ams.rpki-client.org