Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/XOs0yo5n9EG1HkqnBxPBfS2P24I.roa
File:                     XOs0yo5n9EG1HkqnBxPBfS2P24I.roa (raw, json)
Hash identifier:          yUWEpXx7sN1FUq7LUK4yH/xw8tLRc9nQXdfWfozJlys=
Subject key identifier:   5C:EB:34:CA:8E:67:F4:41:B5:1E:4A:A7:07:13:C1:7D:2D:8F:DB:82
Certificate issuer:       /CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Certificate serial:       03C95031
Authority key identifier: D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/XOs0yo5n9EG1HkqnBxPBfS2P24I.roa
Signing time:             Sat 01 Jan 2022 08:57:26 +0000
ROA not before:           Sat 01 Jan 2022 08:57:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24931
IP address blocks:        185.54.72.0/22 maxlen: 22
                          2a01:ba20::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63524913 (0x3c95031)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d283616f1362c25d82ec2a70c4b9750565b1197f
        Validity
            Not Before: Jan  1 08:57:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ceb34ca8e67f441b51e4aa70713c17d2d8fdb82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d2:40:f7:01:2f:e1:0f:5d:1f:3f:a1:be:35:
                    cf:65:ee:1e:5e:9e:1e:6d:15:b3:cc:42:d2:e6:e2:
                    97:07:84:df:02:a4:d1:e6:34:81:83:a1:4e:ad:f9:
                    f0:47:9c:01:ca:67:cb:27:91:52:30:02:f1:be:20:
                    48:90:17:d2:a7:76:2b:b4:7a:d1:86:c2:81:82:69:
                    71:f9:fa:41:ed:dd:ae:b6:26:52:33:ae:09:92:b3:
                    7c:f5:fe:c8:0e:04:47:49:29:f4:51:48:33:12:20:
                    db:d6:7b:ec:82:14:e1:9a:d2:7d:76:09:dc:d0:ed:
                    23:38:51:e2:86:65:a2:a1:dd:ce:90:7b:ac:d3:7d:
                    ec:5b:e7:4b:16:92:89:07:1b:6f:e5:00:16:cd:7d:
                    f6:43:f3:12:a2:45:3e:f7:a5:63:d0:c6:39:35:0f:
                    3e:c0:d2:fd:7d:e3:e7:bc:f5:7d:93:2d:5b:7f:4f:
                    46:46:d2:99:a9:e1:4a:08:03:4e:b1:d8:0a:28:ce:
                    e5:c0:38:e3:ca:44:b5:ee:87:97:d3:7b:04:38:2a:
                    12:31:e8:92:96:ae:e1:b0:8a:a0:a2:a1:9c:bf:aa:
                    5b:e2:98:c7:ea:0b:82:9e:b4:fd:29:c8:8a:29:ec:
                    86:eb:68:b7:61:6f:ce:8b:7c:a2:d1:94:ff:c1:12:
                    ad:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:EB:34:CA:8E:67:F4:41:B5:1E:4A:A7:07:13:C1:7D:2D:8F:DB:82
            X509v3 Authority Key Identifier:
                keyid:D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/XOs0yo5n9EG1HkqnBxPBfS2P24I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.72.0/22
                IPv6:
                  2a01:ba20::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:0c:11:9d:ac:bb:a9:25:07:30:ae:84:06:ea:9e:ab:85:28:
         b9:a8:b2:36:1a:3f:e8:a7:29:14:71:ec:95:19:3c:6d:10:70:
         9d:79:5d:ad:3b:9e:1d:5d:dd:88:60:31:5b:56:f9:20:0a:9a:
         2b:af:24:eb:02:cc:4f:5b:5f:a2:c0:61:2d:04:f3:e4:73:36:
         bb:34:3b:0b:58:74:fa:1b:45:dc:cd:3b:0d:c7:29:09:ca:c9:
         81:cc:63:a7:f1:86:0a:bd:4f:78:de:3e:2b:70:61:96:25:03:
         8c:fe:ac:aa:98:a1:4b:eb:c1:6c:48:6a:ad:a1:a2:93:40:2f:
         8a:74:36:af:69:8a:87:d0:27:89:1a:cc:bb:f6:f6:7e:92:fd:
         21:f6:98:bf:d9:44:73:53:77:db:70:e2:5b:e7:20:10:37:9f:
         c8:51:50:4e:ee:d0:fe:ac:d1:33:14:e7:11:81:c5:a2:aa:33:
         5c:43:f2:16:58:bf:73:e8:7c:bf:e3:69:79:4d:25:01:8f:49:
         19:ed:5e:64:33:ab:48:c6:80:89:43:1c:8b:65:5a:68:ff:2f:
         9c:13:f3:de:36:8b:dc:e9:bf:d8:9f:59:43:2b:53:e6:26:61:
         6d:2b:ef:8e:02:66:fd:5b:8b:2a:58:c9:1a:bd:ad:07:ca:48:
         f2:4f:0b:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA8lQMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjgzNjE2ZjEzNjJjMjVkODJlYzJhNzBjNGI5NzUwNTY1YjExOTdmMB4XDTIyMDEw
MTA4NTcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNlYjM0Y2E4ZTY3
ZjQ0MWI1MWU0YWE3MDcxM2MxN2QyZDhmZGI4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDSQPcBL+EPXR8/ob41z2XuHl6eHm0Vs8xC0ubilweE3wKk
0eY0gYOhTq358EecAcpnyyeRUjAC8b4gSJAX0qd2K7R60YbCgYJpcfn6Qe3drrYm
UjOuCZKzfPX+yA4ER0kp9FFIMxIg29Z77IIU4ZrSfXYJ3NDtIzhR4oZloqHdzpB7
rNN97FvnSxaSiQcbb+UAFs199kPzEqJFPvelY9DGOTUPPsDS/X3j57z1fZMtW39P
RkbSmanhSggDTrHYCijO5cA448pEte6Hl9N7BDgqEjHokpau4bCKoKKhnL+qW+KY
x+oLgp60/SnIiinshutot2Fvzot8otGU/8ESrQkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRc6zTKjmf0QbUeSqcHE8F9LY/bgjAfBgNVHSMEGDAWgBTSg2FvE2LCXYLs
KnDEuXUFZbEZfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBvTmhieE5pd2wyQzdDcHd4TGwxQldXeEdYOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvMmZiY2NjLTY0YjYtNGY2Ni04OTY5LWE2ZDI3YzQzMTgxOC8x
L1hPczB5bzVuOUVHMUhrcW5CeFBCZlMyUDI0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
MmZiY2NjLTY0YjYtNGY2Ni04OTY5LWE2ZDI3YzQzMTgxOC8xLzBvTmhieE5pd2wy
QzdDcHd4TGwxQldXeEdYOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk2SDANBAIAAjAHAwUAKgG6IDAN
BgkqhkiG9w0BAQsFAAOCAQEAAgwRnay7qSUHMK6EBuqeq4UouaiyNho/6KcpFHHs
lRk8bRBwnXldrTueHV3diGAxW1b5IAqaK68k6wLMT1tfosBhLQTz5HM2uzQ7C1h0
+htF3M07DccpCcrJgcxjp/GGCr1PeN4+K3BhliUDjP6sqpihS+vBbEhqraGik0Av
inQ2r2mKh9AniRrMu/b2fpL9IfaYv9lEc1N323DiW+cgEDefyFFQTu7Q/qzRMxTn
EYHFoqozXEPyFli/c+h8v+NpeU0lAY9JGe1eZDOrSMaAiUMci2VaaP8vnBPz3jaL
3Om/2J9ZQytT5iZhbSvvjgJm/VuLKljJGr2tB8pI8k8Llg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:35 2024 by rpki-client on console-ams.rpki-client.org