Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/01U1Zek5x3Mp2T8ib43cuGob_sI.roa
File:                     01U1Zek5x3Mp2T8ib43cuGob_sI.roa (raw, json)
Hash identifier:          jpwKysE4cvC9hNsfkMdtJOW0ae4+1E5Oek859Us6RFk=
Subject key identifier:   D3:55:35:65:E9:39:C7:73:29:D9:3F:22:6F:8D:DC:B8:6A:1B:FE:C2
Certificate issuer:       /CN=261b941dbe59651fafbba9724a12775e07edb635
Certificate serial:       01824436E00B6C5B8F854AFE8C508D991A17
Authority key identifier: 26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/01U1Zek5x3Mp2T8ib43cuGob_sI.roa
Signing time:             Thu 28 Jul 2022 09:50:23 +0000
ROA not before:           Thu 28 Jul 2022 09:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8218
IP address blocks:        185.172.152.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:44:36:e0:0b:6c:5b:8f:85:4a:fe:8c:50:8d:99:1a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=261b941dbe59651fafbba9724a12775e07edb635
        Validity
            Not Before: Jul 28 09:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3553565e939c77329d93f226f8ddcb86a1bfec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:44:3f:59:56:4a:5a:eb:88:9f:23:97:38:b0:
                    12:1d:34:d8:7e:7b:cc:d5:7c:24:27:7a:72:30:1c:
                    82:75:25:6e:be:c1:a2:5a:e8:ec:0e:dc:8f:2f:43:
                    a4:f1:71:2d:af:84:85:8c:49:87:d3:e7:0c:92:34:
                    be:9e:37:c1:10:a8:22:6c:a6:89:c8:3c:0e:05:e8:
                    b8:a2:b9:8e:60:df:d7:06:e0:cc:a7:4f:18:6c:bc:
                    8f:78:7c:53:ec:e9:e0:7a:e6:8e:ad:b3:c4:b9:19:
                    39:71:eb:30:86:82:b0:79:fa:db:a1:66:91:a5:a3:
                    7f:56:30:fc:28:09:a0:08:9b:f9:a4:23:46:ff:25:
                    49:62:2c:a7:83:27:c3:68:a4:7a:ab:0f:a6:b8:08:
                    05:46:6d:72:8f:d3:d4:6c:05:57:38:13:48:a0:46:
                    36:0a:cc:ee:1b:fc:14:75:7c:c2:df:5c:4e:ce:c5:
                    8b:c7:5e:b8:72:2a:6b:f7:9e:f3:40:fc:8c:54:e8:
                    40:ad:bd:17:64:60:09:3e:5b:7b:dc:ec:d0:91:d7:
                    78:8c:27:86:e3:7b:5e:f7:e3:a9:e1:1b:78:2d:59:
                    9c:5d:33:51:ae:b6:19:65:06:86:94:83:a0:03:90:
                    e6:e5:8d:2e:8f:dc:94:d0:51:dc:1a:9f:ec:be:71:
                    e6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:55:35:65:E9:39:C7:73:29:D9:3F:22:6F:8D:DC:B8:6A:1B:FE:C2
            X509v3 Authority Key Identifier:
                keyid:26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/01U1Zek5x3Mp2T8ib43cuGob_sI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/JhuUHb5ZZR-vu6lyShJ3XgfttjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:14:58:3d:38:26:e2:57:88:d0:1a:f1:fe:de:85:d0:1c:77:
         3e:63:89:bf:41:32:09:bc:c3:0a:81:bc:2e:6f:34:40:f1:ab:
         b6:13:84:8b:96:ab:40:20:aa:35:77:7c:2d:2e:c6:2c:5c:d3:
         e8:4f:38:72:fa:d1:f1:9c:6a:db:d4:06:62:af:bf:c4:9e:d8:
         96:14:7a:c9:a0:10:2f:f2:d0:60:92:73:77:98:52:2a:fb:13:
         e6:18:03:62:46:19:2d:d0:70:b5:37:3d:4a:06:83:c8:35:49:
         c5:36:3f:b3:36:bf:3b:93:19:a3:eb:4b:82:f7:dc:cb:e3:9d:
         7c:df:c0:10:d4:48:4b:a6:20:1e:0d:be:2c:b8:c2:d5:47:2c:
         b2:8d:20:29:2c:45:e6:88:19:70:0c:c6:ca:59:60:88:97:be:
         72:b0:8c:0d:6e:6f:65:38:b4:1a:08:f0:43:4b:6f:d1:ae:89:
         40:bb:aa:ae:89:c2:95:c5:7d:0f:7b:40:5e:f6:f4:a0:04:a8:
         a2:a9:36:31:cb:14:54:22:24:ae:39:df:ee:fd:a7:57:18:fc:
         b3:65:e0:f5:9a:2a:a5:1e:ec:24:93:f0:61:d9:d4:24:0f:50:
         ba:8b:82:a4:42:3c:20:f4:a5:2c:cc:85:af:80:a7:4c:91:9f:
         8e:ab:67:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJENuALbFuPhUr+jFCNmRoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MWI5NDFkYmU1OTY1MWZhZmJiYTk3MjRhMTI3NzVlMDdl
ZGI2MzUwHhcNMjIwNzI4MDk1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU1MzU2NWU5MzljNzczMjlkOTNmMjI2ZjhkZGNiODZhMWJmZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEQ/WVZKWuuInyOXOLASHTTYfnvM
1XwkJ3pyMByCdSVuvsGiWujsDtyPL0Ok8XEtr4SFjEmH0+cMkjS+njfBEKgibKaJ
yDwOBei4ormOYN/XBuDMp08YbLyPeHxT7OngeuaOrbPEuRk5ceswhoKwefrboWaR
paN/VjD8KAmgCJv5pCNG/yVJYiyngyfDaKR6qw+muAgFRm1yj9PUbAVXOBNIoEY2
CszuG/wUdXzC31xOzsWLx164cipr957zQPyMVOhArb0XZGAJPlt73OzQkdd4jCeG
43te9+Op4Rt4LVmcXTNRrrYZZQaGlIOgA5Dm5Y0uj9yU0FHcGp/svnHmdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNVNWXpOcdzKdk/Im+N3LhqG/7CMB8GA1UdIwQY
MBaAFCYblB2+WWUfr7upckoSd14H7bY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAt
Yjk4ZGY1NDRiYzIwLzEvMDFVMVplazV4M01wMlQ4aWI0M2N1R29iX3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAtYjk4ZGY1NDRiYzIw
LzEvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuayYMA0G
CSqGSIb3DQEBCwUAA4IBAQBJFFg9OCbiV4jQGvH+3oXQHHc+Y4m/QTIJvMMKgbwu
bzRA8au2E4SLlqtAIKo1d3wtLsYsXNPoTzhy+tHxnGrb1AZir7/EntiWFHrJoBAv
8tBgknN3mFIq+xPmGANiRhkt0HC1Nz1KBoPINUnFNj+zNr87kxmj60uC99zL4518
38AQ1EhLpiAeDb4suMLVRyyyjSApLEXmiBlwDMbKWWCIl75ysIwNbm9lOLQaCPBD
S2/RrolAu6quicKVxX0Pe0Be9vSgBKiiqTYxyxRUIiSuOd/u/adXGPyzZeD1miql
Huwkk/Bh2dQkD1C6i4KkQjwg9KUszIWvgKdMkZ+Oq2er
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:53 2024 by rpki-client on console-ams.rpki-client.org