Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/jUN1fgedoeQRUEFhqn8m3qcml_Y.roa
File:                     jUN1fgedoeQRUEFhqn8m3qcml_Y.roa (raw, json)
Hash identifier:          MviZRLjtY2VmcwscTrDQCuFElVxNB1fSABOIENmtwA0=
Subject key identifier:   8D:43:75:7E:07:9D:A1:E4:11:50:41:61:AA:7F:26:DE:A7:26:97:F6
Certificate issuer:       /CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Certificate serial:       070D223B
Authority key identifier: 26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/jUN1fgedoeQRUEFhqn8m3qcml_Y.roa
Signing time:             Sat 01 Jan 2022 05:52:26 +0000
ROA not before:           Sat 01 Jan 2022 05:52:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204324
IP address blocks:        185.252.41.0/24 maxlen: 24
                          185.252.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118301243 (0x70d223b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=266e0c40e4e9370db99ad27a97298d7d05598f73
        Validity
            Not Before: Jan  1 05:52:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8d43757e079da1e411504161aa7f26dea72697f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cf:ce:07:50:99:32:23:d4:a4:39:ec:d4:cd:
                    45:25:93:f0:a6:3e:53:5e:5a:9c:aa:1b:52:be:dd:
                    8c:07:64:e5:77:bc:b1:c7:16:0b:61:0e:23:ff:a4:
                    eb:f7:95:35:8e:43:88:f2:e6:7a:aa:87:47:c4:05:
                    59:d6:8a:a8:3d:ce:43:57:c6:0d:f8:80:a3:42:1b:
                    32:9e:69:78:0b:be:e2:af:c0:2e:cd:6b:da:e7:c6:
                    ba:75:0c:7c:d6:e7:5e:d3:ba:be:e4:32:a0:c7:c3:
                    7a:3b:3a:18:e0:95:ec:82:43:db:6c:e8:86:01:3e:
                    db:0d:a4:a9:fc:c1:bc:c8:72:15:49:2a:b9:7d:1a:
                    f2:08:81:e9:9d:52:44:08:88:8c:ab:13:55:16:e1:
                    39:c5:78:64:ee:23:de:ac:95:43:fc:f3:7e:da:16:
                    3c:9a:07:42:b2:0c:c4:1c:c7:8e:9f:e9:4c:b0:5a:
                    ca:a3:44:ff:36:e2:24:d6:10:9f:8c:77:ac:49:fe:
                    7e:6d:79:dd:a4:e9:53:cb:24:54:2e:71:4b:bf:f4:
                    93:17:8c:5c:f4:8f:09:ff:53:36:2b:03:00:f1:37:
                    cc:83:ee:7f:ea:84:b3:1d:eb:71:bb:f5:aa:13:c3:
                    c4:ee:05:c7:4c:dd:dd:57:6d:1c:c1:b1:9c:52:62:
                    7f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:43:75:7E:07:9D:A1:E4:11:50:41:61:AA:7F:26:DE:A7:26:97:F6
            X509v3 Authority Key Identifier:
                keyid:26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/jUN1fgedoeQRUEFhqn8m3qcml_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.252.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:e0:e6:24:6b:dd:bd:9d:0a:2d:3b:df:cd:72:c0:89:a4:94:
         88:15:77:4e:5d:5d:40:49:6c:a2:63:b8:9f:29:c6:ae:5a:a3:
         ff:f9:9c:2a:29:41:90:40:1b:a2:08:04:79:76:36:c7:3a:cf:
         4f:3e:e5:a9:c8:63:e8:7d:6c:1b:36:90:b8:9f:72:d7:f9:41:
         da:c9:8d:44:b8:a0:8e:4d:2a:6b:a1:95:05:0b:32:3f:47:4d:
         3b:8f:0c:a2:f1:b7:23:36:d2:54:28:e7:2b:a1:60:3b:b1:0c:
         9c:f3:72:92:db:ca:d1:3f:6a:13:0c:bc:5d:c0:f2:54:9b:56:
         3a:b0:6d:e4:4f:cb:d7:f7:7c:c7:da:ab:b1:c1:65:c3:9f:ed:
         c6:f4:93:c3:c0:6c:be:e4:53:d6:f6:5e:92:d7:65:7c:0d:47:
         4d:dc:06:d8:d0:0b:95:bb:e1:4b:a4:f1:e6:e1:85:94:63:01:
         4f:37:13:87:64:46:a5:f8:8c:7f:bf:c7:a8:11:56:1c:91:a1:
         3e:74:f7:d5:bb:3a:27:54:9c:c8:af:0a:d6:3a:b4:50:ae:55:
         70:b1:55:29:bf:55:97:86:b5:03:44:cb:b9:4d:08:ee:27:00:
         46:5e:35:d7:d8:8f:61:71:4b:d7:05:0a:2b:74:3f:06:70:2a:
         00:ea:74:cb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBw0iOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjZlMGM0MGU0ZTkzNzBkYjk5YWQyN2E5NzI5OGQ3ZDA1NTk4ZjczMB4XDTIyMDEw
MTA1NTIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ0Mzc1N2UwNzlk
YTFlNDExNTA0MTYxYWE3ZjI2ZGVhNzI2OTdmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrPzgdQmTIj1KQ57NTNRSWT8KY+U15anKobUr7djAdk5Xe8
sccWC2EOI/+k6/eVNY5DiPLmeqqHR8QFWdaKqD3OQ1fGDfiAo0IbMp5peAu+4q/A
Ls1r2ufGunUMfNbnXtO6vuQyoMfDejs6GOCV7IJD22zohgE+2w2kqfzBvMhyFUkq
uX0a8giB6Z1SRAiIjKsTVRbhOcV4ZO4j3qyVQ/zzftoWPJoHQrIMxBzHjp/pTLBa
yqNE/zbiJNYQn4x3rEn+fm153aTpU8skVC5xS7/0kxeMXPSPCf9TNisDAPE3zIPu
f+qEsx3rcbv1qhPDxO4Fx0zd3VdtHMGxnFJif6cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNQ3V+B52h5BFQQWGqfybepyaX9jAfBgNVHSMEGDAWgBQmbgxA5Ok3Dbma
0nqXKY19BVmPczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptNE1RT1RwTncyNW10SjZseW1OZlFWWmozTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvOWU1N2FhLTg5MDEtNGJkOC04Mjk1LTljMWE1MzU4MGUzOS8x
L2pVTjFmZ2Vkb2VRUlVFRmhxbjhtM3FjbWxfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
OWU1N2FhLTg5MDEtNGJkOC04Mjk1LTljMWE1MzU4MGUzOS8xL0ptNE1RT1RwTncy
NW10SjZseW1OZlFWWmozTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn8KDANBgkqhkiG9w0BAQsFAAOC
AQEAjeDmJGvdvZ0KLTvfzXLAiaSUiBV3Tl1dQElsomO4nynGrlqj//mcKilBkEAb
oggEeXY2xzrPTz7lqchj6H1sGzaQuJ9y1/lB2smNRLigjk0qa6GVBQsyP0dNO48M
ovG3IzbSVCjnK6FgO7EMnPNyktvK0T9qEwy8XcDyVJtWOrBt5E/L1/d8x9qrscFl
w5/txvSTw8BsvuRT1vZektdlfA1HTdwG2NALlbvhS6Tx5uGFlGMBTzcTh2RGpfiM
f7/HqBFWHJGhPnT31bs6J1ScyK8K1jq0UK5VcLFVKb9Vl4a1A0TLuU0I7icARl41
19iPYXFL1wUKK3Q/BnAqAOp0yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:27 2024 by rpki-client on console-fra.rpki-client.org