Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa
File:                     XL2X4eID0JymHPvHdGEKbU2BBno.roa (raw, json)
Hash identifier:          X3dz4RY/dOrV5jW/S93ydVZQx0SYD96vDwipC4aVRB4=
Subject key identifier:   5C:BD:97:E1:E2:03:D0:9C:A6:1C:FB:C7:74:61:0A:6D:4D:81:06:7A
Certificate issuer:       /CN=90a03b68f87da71c271c9cf5c82e955dbc65c104
Certificate serial:       03D7C5E2
Authority key identifier: 90:A0:3B:68:F8:7D:A7:1C:27:1C:9C:F5:C8:2E:95:5D:BC:65:C1:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa
Signing time:             Sat 01 Jan 2022 06:58:39 +0000
ROA not before:           Sat 01 Jan 2022 06:58:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48062
IP address blocks:        185.197.180.0/24 maxlen: 24
                          2a10:f000::/32 maxlen: 32
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64472546 (0x3d7c5e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90a03b68f87da71c271c9cf5c82e955dbc65c104
        Validity
            Not Before: Jan  1 06:58:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cbd97e1e203d09ca61cfbc774610a6d4d81067a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1d:52:5f:d9:3b:46:ec:7a:86:45:8a:94:ed:
                    e6:e9:7e:0c:bf:28:7f:af:08:0b:23:de:3b:41:f4:
                    8d:f0:6a:4f:6d:4d:88:88:14:26:8b:20:0b:0a:7b:
                    cf:a2:b9:53:ea:b6:07:fb:d4:2b:02:06:44:8a:c7:
                    bc:be:54:26:a7:e1:10:0c:d6:a4:c8:53:6c:de:27:
                    25:15:68:1a:32:ac:4a:61:7c:d8:5c:7f:83:ef:ae:
                    3e:23:ee:18:35:47:3c:42:5f:50:f8:c7:01:94:e9:
                    e6:5b:f6:73:79:7a:55:4a:44:6c:97:36:6a:7c:99:
                    5b:6f:ae:50:de:f5:3f:80:2b:52:3a:43:43:d5:b6:
                    59:de:67:5c:e0:5b:5c:b8:f7:e3:37:c0:ac:7d:5b:
                    77:8b:9a:40:62:4b:8a:46:28:60:5b:ef:4d:06:f4:
                    d7:31:df:cb:90:ad:12:21:7c:07:2d:f5:2c:27:b5:
                    58:cd:b0:43:d7:d2:9d:25:49:35:07:b6:59:1d:ae:
                    e8:57:d1:b3:69:7e:b3:bf:82:46:6e:a9:37:92:2d:
                    ea:45:9c:c6:19:c2:67:fe:13:ab:5f:ab:04:18:c7:
                    bc:95:01:bd:fe:58:04:ea:88:1c:86:7e:30:25:89:
                    0b:00:95:48:5c:0c:5c:69:89:ad:35:c9:18:82:a9:
                    8d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:BD:97:E1:E2:03:D0:9C:A6:1C:FB:C7:74:61:0A:6D:4D:81:06:7A
            X509v3 Authority Key Identifier:
                keyid:90:A0:3B:68:F8:7D:A7:1C:27:1C:9C:F5:C8:2E:95:5D:BC:65:C1:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.180.0/24
                IPv6:
                  2a10:f000::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:9c:60:ab:78:fb:47:c3:bc:cf:19:6f:89:e2:cf:5e:a7:85:
         14:1d:f6:09:62:a0:7b:9d:8b:43:9c:52:41:55:3f:15:98:27:
         29:e4:04:5f:c3:70:25:91:c2:cf:e9:76:31:9d:c8:09:b2:2d:
         93:21:e7:9a:21:02:9e:b8:2d:af:b0:a3:54:e9:0d:3d:03:db:
         fc:d4:98:e2:ee:7a:c1:09:64:82:14:ad:c0:2a:45:87:8a:4d:
         8c:b1:be:76:2c:87:6d:ea:71:73:a2:dc:59:d8:e6:d3:40:4c:
         e1:7c:10:a3:eb:af:e8:e3:b6:09:d7:20:91:b9:b3:f2:e7:24:
         1d:78:25:26:3d:11:b7:57:80:48:c3:0a:07:71:59:17:2d:11:
         38:38:fa:e5:64:c0:d4:dd:15:a1:fb:25:00:45:76:3d:d3:c3:
         0d:12:04:32:1f:0d:f1:9f:6d:f6:e7:20:44:7b:84:71:f3:b9:
         7a:c4:09:9d:d9:24:ed:e4:be:d5:c9:79:9e:43:79:a0:81:51:
         36:28:65:de:92:0c:8f:53:e9:de:3a:36:ed:0e:f7:6d:9a:2e:
         b5:61:ed:66:5c:5d:ef:4c:67:fe:61:49:ef:84:fd:fa:8f:4d:
         c4:ed:1f:05:ee:fc:fb:e4:50:f5:f0:c6:7a:00:08:83:06:45:
         98:0a:f8:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA9fF4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGEwM2I2OGY4N2RhNzFjMjcxYzljZjVjODJlOTU1ZGJjNjVjMTA0MB4XDTIyMDEw
MTA2NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNiZDk3ZTFlMjAz
ZDA5Y2E2MWNmYmM3NzQ2MTBhNmQ0ZDgxMDY3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsdUl/ZO0bseoZFipTt5ul+DL8of68ICyPeO0H0jfBqT21N
iIgUJosgCwp7z6K5U+q2B/vUKwIGRIrHvL5UJqfhEAzWpMhTbN4nJRVoGjKsSmF8
2Fx/g++uPiPuGDVHPEJfUPjHAZTp5lv2c3l6VUpEbJc2anyZW2+uUN71P4ArUjpD
Q9W2Wd5nXOBbXLj34zfArH1bd4uaQGJLikYoYFvvTQb01zHfy5CtEiF8By31LCe1
WM2wQ9fSnSVJNQe2WR2u6FfRs2l+s7+CRm6pN5It6kWcxhnCZ/4Tq1+rBBjHvJUB
vf5YBOqIHIZ+MCWJCwCVSFwMXGmJrTXJGIKpjeMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcvZfh4gPQnKYc+8d0YQptTYEGejAfBgNVHSMEGDAWgBSQoDto+H2nHCcc
nPXILpVdvGXBBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tLQTdhUGg5cHh3bkhKejF5QzZWWGJ4bHdRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNWFmYzM3LTA5MDktNGQ1NC1iY2VmLWJkMzRlMGE5NWExZS8x
L1hMMlg0ZUlEMEp5bUhQdkhkR0VLYlUyQkJuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NWFmYzM3LTA5MDktNGQ1NC1iY2VmLWJkMzRlMGE5NWExZS8xL2tLQTdhUGg5cHh3
bkhKejF5QzZWWGJ4bHdRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnFtDANBAIAAjAHAwUAKhDwADAN
BgkqhkiG9w0BAQsFAAOCAQEAiZxgq3j7R8O8zxlvieLPXqeFFB32CWKge52LQ5xS
QVU/FZgnKeQEX8NwJZHCz+l2MZ3ICbItkyHnmiECnrgtr7CjVOkNPQPb/NSY4u56
wQlkghStwCpFh4pNjLG+diyHbepxc6LcWdjm00BM4XwQo+uv6OO2Cdcgkbmz8uck
HXglJj0Rt1eASMMKB3FZFy0RODj65WTA1N0VofslAEV2PdPDDRIEMh8N8Z9t9ucg
RHuEcfO5esQJndkk7eS+1cl5nkN5oIFRNihl3pIMj1Pp3jo27Q73bZoutWHtZlxd
70xn/mFJ74T9+o9NxO0fBe78++RQ9fDGegAIgwZFmAr4Og==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:34 2025 by rpki-client