Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/ODw-y0ctXRGf62dqQyeMYQpCTXs.roa
File:                     ODw-y0ctXRGf62dqQyeMYQpCTXs.roa (raw, json)
Hash identifier:          5fpEEFBqLvnHqwSZh2Xg7jEfMOqZdbVmGlDsdNifczQ=
Subject key identifier:   38:3C:3E:CB:47:2D:5D:11:9F:EB:67:6A:43:27:8C:61:0A:42:4D:7B
Certificate issuer:       /CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
Certificate serial:       91621B
Authority key identifier: 21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/ODw-y0ctXRGf62dqQyeMYQpCTXs.roa
Signing time:             Sat 01 Jan 2022 01:50:51 +0000
ROA not before:           Sat 01 Jan 2022 01:50:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16371
IP address blocks:        185.25.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9527835 (0x91621b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
        Validity
            Not Before: Jan  1 01:50:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=383c3ecb472d5d119feb676a43278c610a424d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:52:2b:dc:64:db:4b:fb:7c:34:90:45:9f:c7:
                    08:31:a3:2b:73:1e:a8:4c:92:da:60:32:28:cd:ff:
                    b0:71:6e:ca:e4:1e:90:fb:dc:d3:bf:ca:ea:53:bf:
                    66:91:ba:c5:79:fd:09:b7:c5:ca:fb:19:ad:f3:47:
                    fa:5f:e2:60:6e:c3:94:91:e7:3a:39:52:b4:08:78:
                    b5:a2:c1:b2:02:3a:64:27:bb:b8:61:34:d6:a4:de:
                    0d:9d:92:40:a8:2e:8c:19:c1:08:b3:d0:26:9d:0f:
                    19:b3:4f:bb:09:ec:33:6a:18:52:50:2a:38:64:4f:
                    b5:44:3a:ea:23:dc:bd:3b:0d:60:6c:48:9e:16:13:
                    63:43:23:7d:0b:76:41:35:5f:a1:03:31:04:e9:87:
                    a5:89:c8:dd:96:e1:84:1a:f8:fe:da:fe:8f:9d:a6:
                    d1:5d:77:04:66:95:74:d6:5a:e6:64:b8:1f:01:dc:
                    00:c5:6d:9b:69:7d:3a:3d:22:9e:12:6a:74:f4:a0:
                    bf:47:b9:eb:e1:61:51:54:73:94:2d:e3:69:c0:eb:
                    c9:07:e2:c4:a8:24:2b:7c:8e:90:7d:b0:57:d3:9e:
                    d1:b0:58:04:ae:39:60:c3:8e:79:7f:13:a2:2d:c4:
                    4e:84:85:e7:7a:1d:b2:10:99:1c:22:0b:94:ca:16:
                    9c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3C:3E:CB:47:2D:5D:11:9F:EB:67:6A:43:27:8C:61:0A:42:4D:7B
            X509v3 Authority Key Identifier:
                keyid:21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/ODw-y0ctXRGf62dqQyeMYQpCTXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.25.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:fb:b5:f2:de:34:28:47:a2:ec:42:70:37:af:bd:0e:2c:ac:
         cb:9f:30:41:82:79:db:94:d8:58:1a:46:3b:2f:5b:dd:d9:8e:
         49:24:9f:20:61:cb:27:6a:5b:b0:24:d1:ce:7a:41:36:38:96:
         61:1c:f1:a7:42:0c:1e:03:2a:c4:d8:1d:cd:39:5b:05:bc:5a:
         49:1c:f7:83:93:b1:6b:b3:9d:aa:df:0c:e0:ac:5d:46:0e:4a:
         3f:d3:48:fb:ee:ec:b4:ee:1b:06:bc:00:8e:a5:95:08:97:d5:
         a3:6b:a3:92:2a:e1:e6:9a:1e:37:48:2f:91:a7:13:83:b1:28:
         6e:87:19:fa:db:f3:e9:bb:d4:88:c3:5a:9b:b3:89:8f:b8:67:
         22:71:63:a2:db:41:d9:e4:08:f2:0b:c3:3a:a3:59:0b:6a:30:
         71:00:0f:4d:61:d3:34:41:23:d6:88:d6:8a:1b:6a:1c:d4:75:
         b8:67:5d:bb:d4:0e:c8:03:a6:32:c4:5f:3b:dd:ef:58:18:c0:
         41:d3:bd:e5:5c:94:12:19:15:7e:13:50:3c:ba:43:35:03:0d:
         99:97:24:92:82:7d:fc:35:f6:1a:74:a5:52:fd:dc:54:99:ec:
         6c:35:48:8b:ec:7f:c6:d4:57:6f:6a:8b:04:01:4f:9b:aa:4a:
         9e:5c:c9:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJFiGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWMxNjcyZGJiYmY3MTY1YTZhODNiMzIyN2E3MTE5ZjBkMzFlOGVlMB4XDTIyMDEw
MTAxNTA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgzYzNlY2I0NzJk
NWQxMTlmZWI2NzZhNDMyNzhjNjEwYTQyNGQ3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPRSK9xk20v7fDSQRZ/HCDGjK3MeqEyS2mAyKM3/sHFuyuQe
kPvc07/K6lO/ZpG6xXn9CbfFyvsZrfNH+l/iYG7DlJHnOjlStAh4taLBsgI6ZCe7
uGE01qTeDZ2SQKgujBnBCLPQJp0PGbNPuwnsM2oYUlAqOGRPtUQ66iPcvTsNYGxI
nhYTY0MjfQt2QTVfoQMxBOmHpYnI3ZbhhBr4/tr+j52m0V13BGaVdNZa5mS4HwHc
AMVtm2l9Oj0inhJqdPSgv0e56+FhUVRzlC3jacDryQfixKgkK3yOkH2wV9Oe0bBY
BK45YMOOeX8Toi3EToSF53odshCZHCILlMoWnH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4PD7LRy1dEZ/rZ2pDJ4xhCkJNezAfBgNVHSMEGDAWgBQhwWctu79xZaao
OzInpxGfDTHo7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ljRm5MYnVfY1dXbXFEc3lKNmNSbncweDZPNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvYzA1ZDRjLTk2ZDMtNGI1Ny1hZTM0LTM0NzdjN2ZjZDRkOS8x
L09Edy15MGN0WFJHZjYyZHFReWVNWVFwQ1RYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
YzA1ZDRjLTk2ZDMtNGI1Ny1hZTM0LTM0NzdjN2ZjZDRkOS8xL0ljRm5MYnVfY1dX
bXFEc3lKNmNSbncweDZPNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkZcDANBgkqhkiG9w0BAQsFAAOC
AQEAr/u18t40KEei7EJwN6+9Diysy58wQYJ525TYWBpGOy9b3dmOSSSfIGHLJ2pb
sCTRznpBNjiWYRzxp0IMHgMqxNgdzTlbBbxaSRz3g5Oxa7Odqt8M4KxdRg5KP9NI
++7stO4bBrwAjqWVCJfVo2ujkirh5poeN0gvkacTg7EobocZ+tvz6bvUiMNam7OJ
j7hnInFjottB2eQI8gvDOqNZC2owcQAPTWHTNEEj1ojWihtqHNR1uGddu9QOyAOm
MsRfO93vWBjAQdO95VyUEhkVfhNQPLpDNQMNmZckkoJ9/DX2GnSlUv3cVJnsbDVI
i+x/xtRXb2qLBAFPm6pKnlzJTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org