Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/P1S3tdYSvzyBHtkF83xPKxTNC3A.roa
File:                     P1S3tdYSvzyBHtkF83xPKxTNC3A.roa (raw, json)
Hash identifier:          Np2mBPqVIn5Ii/0djiAxzV15xizBkrmiXt61Gol0lcA=
Subject key identifier:   3F:54:B7:B5:D6:12:BF:3C:81:1E:D9:05:F3:7C:4F:2B:14:CD:0B:70
Certificate issuer:       /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial:       07B323A4
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/P1S3tdYSvzyBHtkF83xPKxTNC3A.roa
Signing time:             Sat 01 Jan 2022 10:04:17 +0000
ROA not before:           Sat 01 Jan 2022 10:04:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51984
IP address blocks:        185.182.152.0/24 maxlen: 24
                          185.182.155.0/24 maxlen: 24
                          185.182.154.0/24 maxlen: 24
                          185.182.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129180580 (0x7b323a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
        Validity
            Not Before: Jan  1 10:04:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3f54b7b5d612bf3c811ed905f37c4f2b14cd0b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e3:bf:4c:ec:53:bf:a8:ab:ec:24:98:03:45:
                    23:34:dd:24:f1:e8:d6:78:8d:c6:2d:1d:98:50:f2:
                    ef:85:52:a6:4a:4a:ce:61:4b:aa:a1:75:72:8f:f9:
                    37:3e:1f:ee:24:e2:ff:49:a0:4b:9b:ae:dc:6e:e5:
                    8d:67:3d:7e:ea:ff:dc:7b:4f:83:23:ef:f2:f6:47:
                    0e:49:7c:b5:13:61:b8:08:97:c5:9d:a0:c1:82:80:
                    d4:32:29:8c:1d:19:e1:e0:6b:36:e3:c1:46:8d:dd:
                    d3:b9:ad:76:82:83:a5:08:bd:27:3c:8b:89:4c:36:
                    f7:21:8e:f8:7a:98:49:aa:94:8e:94:e4:af:a6:e6:
                    aa:c7:23:66:7d:4b:10:e4:70:f0:8a:85:57:5e:04:
                    72:94:c2:b8:38:81:c6:f1:2f:7c:bd:cf:90:6d:a9:
                    29:7a:77:ec:90:8c:79:a8:da:79:b1:d4:80:e6:65:
                    c4:39:09:6e:3c:85:e2:49:c9:43:87:36:37:c8:a5:
                    2d:8d:42:cc:0d:8b:8e:92:ca:71:69:79:67:da:d9:
                    6e:c8:4d:99:2b:34:25:a9:5c:ed:a5:05:30:5a:08:
                    f3:42:ad:5e:94:16:a0:62:02:26:a5:e1:25:e8:86:
                    e0:06:37:5f:2b:ea:ee:cd:b3:15:8f:47:dc:84:79:
                    fe:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:54:B7:B5:D6:12:BF:3C:81:1E:D9:05:F3:7C:4F:2B:14:CD:0B:70
            X509v3 Authority Key Identifier:
                keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/P1S3tdYSvzyBHtkF83xPKxTNC3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:7a:d4:f3:29:04:62:ca:66:b7:7e:f6:a3:c7:10:f3:0d:39:
         05:d0:0e:54:8c:46:c1:fb:d2:6f:80:29:34:fc:f2:19:c1:cd:
         1b:83:81:09:06:ed:28:b0:bf:37:07:ee:c9:8f:d3:28:b3:3a:
         c0:56:ed:82:a4:6b:34:ce:bb:07:16:fd:b3:2a:16:66:39:a2:
         44:ff:eb:74:5a:2a:1d:ae:d4:9c:52:81:8d:99:a8:f7:98:4c:
         6f:e0:d4:36:c9:2b:d0:9c:93:4d:99:43:54:15:28:32:df:6a:
         48:4f:a7:31:e5:b0:c9:70:eb:ba:97:04:b3:8e:4a:84:c1:78:
         f4:30:88:dd:93:31:74:81:76:0e:b0:a6:da:8c:9b:21:27:67:
         62:20:91:93:8a:80:cc:7a:3a:8d:19:c9:b6:ff:f1:d6:07:22:
         95:c3:34:b4:b9:f1:c7:dc:10:78:f2:bd:b4:34:10:0e:38:b8:
         d6:2c:81:2b:e8:19:a1:68:e9:6f:5e:2d:b7:09:50:36:53:6e:
         b2:a6:d8:89:f5:7f:33:44:a0:f9:f6:1b:c4:8f:dc:bf:cd:e2:
         b5:32:e9:19:50:75:8c:a6:e2:7f:93:ed:60:2e:eb:8a:6f:6c:
         dc:b1:8e:a0:0b:5c:75:c9:c6:1b:e9:55:2c:ad:74:4a:59:f1:
         b9:bb:c7:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7MjpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmFhMzU0MDFlNTI5N2IzYjUyN2U4NGY5M2VhOGFhMTEwZDk3Yjk1MB4XDTIyMDEw
MTEwMDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y1NGI3YjVkNjEy
YmYzYzgxMWVkOTA1ZjM3YzRmMmIxNGNkMGI3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXjv0zsU7+oq+wkmANFIzTdJPHo1niNxi0dmFDy74VSpkpK
zmFLqqF1co/5Nz4f7iTi/0mgS5uu3G7ljWc9fur/3HtPgyPv8vZHDkl8tRNhuAiX
xZ2gwYKA1DIpjB0Z4eBrNuPBRo3d07mtdoKDpQi9JzyLiUw29yGO+HqYSaqUjpTk
r6bmqscjZn1LEORw8IqFV14EcpTCuDiBxvEvfL3PkG2pKXp37JCMeajaebHUgOZl
xDkJbjyF4knJQ4c2N8ilLY1CzA2LjpLKcWl5Z9rZbshNmSs0Jalc7aUFMFoI80Kt
XpQWoGICJqXhJeiG4AY3Xyvq7s2zFY9H3IR5/mUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/VLe11hK/PIEe2QXzfE8rFM0LcDAfBgNVHSMEGDAWgBRbqjVAHlKXs7Un
6E+T6oqhENl7lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c2bzFRQjVTbDdPMUotaFBrLXFLb1JEWmU1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvYTFkY2ZiLTgwMTAtNDE0ZS05ZTNhLTQ0MDAxNzAwYjhjYS8x
L1AxUzN0ZFlTdnp5Qkh0a0Y4M3hQS3hUTkMzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
YTFkY2ZiLTgwMTAtNDE0ZS05ZTNhLTQ0MDAxNzAwYjhjYS8xL1c2bzFRQjVTbDdP
MUotaFBrLXFLb1JEWmU1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm2mDANBgkqhkiG9w0BAQsFAAOC
AQEAAnrU8ykEYspmt372o8cQ8w05BdAOVIxGwfvSb4ApNPzyGcHNG4OBCQbtKLC/
NwfuyY/TKLM6wFbtgqRrNM67Bxb9syoWZjmiRP/rdFoqHa7UnFKBjZmo95hMb+DU
Nskr0JyTTZlDVBUoMt9qSE+nMeWwyXDrupcEs45KhMF49DCI3ZMxdIF2DrCm2oyb
ISdnYiCRk4qAzHo6jRnJtv/x1gcilcM0tLnxx9wQePK9tDQQDji41iyBK+gZoWjp
b14ttwlQNlNusqbYifV/M0Sg+fYbxI/cv83itTLpGVB1jKbif5PtYC7rim9s3LGO
oAtcdcnGG+lVLK10SlnxubvH5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:28 2024 by rpki-client on console-ams.rpki-client.org