Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/X0qIbljrhWUWcNNfIJbiO5qmvkU.roa
File:                     X0qIbljrhWUWcNNfIJbiO5qmvkU.roa (raw, json)
Hash identifier:          WrY45U5Q5+oCG+7PPppxCTx5xo7IkGwa5vtdoPBeZ+k=
Subject key identifier:   5F:4A:88:6E:58:EB:85:65:16:70:D3:5F:20:96:E2:3B:9A:A6:BE:45
Certificate issuer:       /CN=a56ff71e4b8ec24b1c632b2fa2248739cc572205
Certificate serial:       18C4585C
Authority key identifier: A5:6F:F7:1E:4B:8E:C2:4B:1C:63:2B:2F:A2:24:87:39:CC:57:22:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pW_3HkuOwkscYysvoiSHOcxXIgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/X0qIbljrhWUWcNNfIJbiO5qmvkU.roa
Signing time:             Sat 01 Jan 2022 10:57:49 +0000
ROA not before:           Sat 01 Jan 2022 10:57:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61966
IP address blocks:        185.52.228.0/23 maxlen: 23
                          185.52.230.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415520860 (0x18c4585c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a56ff71e4b8ec24b1c632b2fa2248739cc572205
        Validity
            Not Before: Jan  1 10:57:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f4a886e58eb85651670d35f2096e23b9aa6be45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a6:12:01:f4:0f:c1:4d:5a:f7:5b:25:ae:71:
                    88:0a:c3:a2:fa:3a:a7:3e:df:48:ed:74:9f:3e:34:
                    a4:d9:32:cf:83:89:2e:36:39:22:14:2d:14:04:f8:
                    88:5b:4a:7d:e7:d1:c2:d2:43:1b:5b:ee:ce:da:66:
                    da:a1:a8:aa:40:7a:fa:7b:1d:df:2e:b0:b3:39:fe:
                    7b:cb:f7:f5:ab:b3:4e:aa:0d:05:8b:79:d2:1b:26:
                    c9:79:c0:1c:23:bf:8e:2b:43:f8:f4:5d:f7:59:94:
                    01:fb:0b:63:7e:02:30:96:b0:fd:9a:cf:af:48:4f:
                    69:c9:ab:c0:ab:68:37:8c:76:29:23:c9:11:be:26:
                    d4:8a:6d:85:c4:74:a3:be:2d:97:47:a7:8a:cb:ac:
                    51:10:98:51:11:74:23:91:89:27:8f:bc:1b:64:37:
                    73:ba:0a:0a:59:6a:f7:32:10:f2:c0:5f:43:22:46:
                    bb:2c:6f:51:1f:6c:0f:d3:78:dd:1e:37:28:42:9a:
                    3f:0f:c5:e5:74:bf:9d:ab:99:89:b4:c1:48:63:c0:
                    e7:04:88:63:cc:5a:64:bf:07:fa:fc:41:a1:d1:1f:
                    ae:fd:8d:5a:c7:4e:c3:75:cb:ff:33:5a:84:8a:bf:
                    f4:c4:45:dd:49:0c:8a:43:3c:af:2b:92:ac:13:db:
                    fc:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:4A:88:6E:58:EB:85:65:16:70:D3:5F:20:96:E2:3B:9A:A6:BE:45
            X509v3 Authority Key Identifier:
                keyid:A5:6F:F7:1E:4B:8E:C2:4B:1C:63:2B:2F:A2:24:87:39:CC:57:22:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pW_3HkuOwkscYysvoiSHOcxXIgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/X0qIbljrhWUWcNNfIJbiO5qmvkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/pW_3HkuOwkscYysvoiSHOcxXIgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.52.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:fc:1b:65:ab:5e:a1:a3:03:c3:14:02:a9:cb:ed:79:92:ce:
         9f:39:00:99:9f:13:ca:b0:8c:fc:05:5d:60:91:7e:45:0f:b3:
         04:54:b9:85:35:60:6d:ee:88:b4:76:33:5a:38:48:bd:64:8d:
         64:01:1d:7c:1a:88:d0:65:06:7f:49:c2:01:56:3c:8a:3d:6f:
         a2:37:27:ad:33:02:b1:dd:87:56:e7:47:ac:5e:17:f0:75:ae:
         a9:8b:d1:c7:f3:f1:81:c0:d8:78:f1:3d:1e:cb:17:26:b5:01:
         88:08:30:9e:cd:2a:5d:b3:bc:48:f4:53:b3:7e:a3:56:92:86:
         ba:6b:ad:63:eb:1f:61:06:1b:a2:da:15:53:66:8c:79:bb:ae:
         cf:d7:da:9f:89:61:40:e9:47:5a:81:1c:02:35:f5:e4:11:cd:
         3a:b3:d3:76:0b:cc:a4:3b:82:85:50:55:15:de:69:63:eb:ab:
         bb:dc:1e:1d:52:68:f4:dc:61:3b:4f:39:ea:7c:8d:c4:42:20:
         b7:b9:4e:72:5d:d9:99:31:16:7f:da:4f:c4:3d:5a:68:ab:d6:
         7c:b3:58:90:19:b7:5d:8e:85:fc:c0:2e:fe:65:0b:32:6a:55:
         4e:30:3b:58:bf:f2:09:32:17:e5:16:6c:98:0d:e3:aa:2e:23:
         9d:37:39:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGMRYXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTZmZjcxZTRiOGVjMjRiMWM2MzJiMmZhMjI0ODczOWNjNTcyMjA1MB4XDTIyMDEw
MTEwNTc0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY0YTg4NmU1OGVi
ODU2NTE2NzBkMzVmMjA5NmUyM2I5YWE2YmU0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKmEgH0D8FNWvdbJa5xiArDovo6pz7fSO10nz40pNkyz4OJ
LjY5IhQtFAT4iFtKfefRwtJDG1vuztpm2qGoqkB6+nsd3y6wszn+e8v39auzTqoN
BYt50hsmyXnAHCO/jitD+PRd91mUAfsLY34CMJaw/ZrPr0hPacmrwKtoN4x2KSPJ
Eb4m1IpthcR0o74tl0enisusURCYURF0I5GJJ4+8G2Q3c7oKCllq9zIQ8sBfQyJG
uyxvUR9sD9N43R43KEKaPw/F5XS/nauZibTBSGPA5wSIY8xaZL8H+vxBodEfrv2N
WsdOw3XL/zNahIq/9MRF3UkMikM8ryuSrBPb/CsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfSohuWOuFZRZw018gluI7mqa+RTAfBgNVHSMEGDAWgBSlb/ceS47CSxxj
Ky+iJIc5zFciBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BXXzNIa3VPd2tzY1l5c3ZvaVNIT2N4WElnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNGEzMTM5LThlMWItNGExZS04N2RhLWU2YWFiYjA2YmJiMC8x
L1gwcUlibGpyaFdVV2NOTmZJSmJpTzVxbXZrVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NGEzMTM5LThlMWItNGExZS04N2RhLWU2YWFiYjA2YmJiMC8xL3BXXzNIa3VPd2tz
Y1l5c3ZvaVNIT2N4WElnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk05DANBgkqhkiG9w0BAQsFAAOC
AQEAaPwbZateoaMDwxQCqcvteZLOnzkAmZ8TyrCM/AVdYJF+RQ+zBFS5hTVgbe6I
tHYzWjhIvWSNZAEdfBqI0GUGf0nCAVY8ij1vojcnrTMCsd2HVudHrF4X8HWuqYvR
x/PxgcDYePE9HssXJrUBiAgwns0qXbO8SPRTs36jVpKGumutY+sfYQYbotoVU2aM
ebuuz9fan4lhQOlHWoEcAjX15BHNOrPTdgvMpDuChVBVFd5pY+uru9weHVJo9Nxh
O0856nyNxEIgt7lOcl3ZmTEWf9pPxD1aaKvWfLNYkBm3XY6F/MAu/mULMmpVTjA7
WL/yCTIX5RZsmA3jqi4jnTc5Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org