Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/pxNTCzhbCvS-MTVmexDfAmUqwRc.roa
File:                     pxNTCzhbCvS-MTVmexDfAmUqwRc.roa (raw, json)
Hash identifier:          8o0E9VBuwW3acYWBNUwzPxZ9pTsBAh6s1J9sDamv8Fw=
Subject key identifier:   A7:13:53:0B:38:5B:0A:F4:BE:31:35:66:7B:10:DF:02:65:2A:C1:17
Certificate issuer:       /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial:       1685FCE5
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/pxNTCzhbCvS-MTVmexDfAmUqwRc.roa
Signing time:             Fri 25 Feb 2022 14:36:39 +0000
ROA not before:           Fri 25 Feb 2022 14:36:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208763
IP address blocks:        185.86.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377879781 (0x1685fce5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
        Validity
            Not Before: Feb 25 14:36:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a713530b385b0af4be3135667b10df02652ac117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:06:85:7c:cf:5d:5a:8e:f7:a3:4b:d9:1d:b2:
                    06:2b:6b:cd:4e:91:c0:7b:e5:c0:57:b0:62:a1:e7:
                    d5:fa:a8:4e:bc:fb:a5:64:31:c9:6e:9e:b1:57:51:
                    51:2d:9a:1b:e0:31:c0:30:dd:b1:1c:21:24:55:f6:
                    3f:75:0d:17:77:ad:c9:52:16:34:a7:d2:bd:ec:3c:
                    f4:81:f1:1a:ac:1f:a7:b6:19:bf:55:e0:d4:b7:a0:
                    80:4b:a8:6b:4c:c7:a1:90:b6:11:7c:33:b7:74:cd:
                    bb:a6:e0:ef:35:7a:62:83:43:11:77:86:91:1d:19:
                    4c:eb:49:dd:06:91:e5:b6:33:ab:7b:3b:70:2c:ac:
                    18:dd:d6:2a:f3:d7:51:8b:b2:ed:77:db:53:f8:a5:
                    16:ca:7f:ca:12:68:04:96:52:d8:6f:d8:3c:06:7f:
                    99:0e:bd:55:bb:6c:de:22:91:81:45:1b:80:67:93:
                    20:09:6b:1b:f6:25:ff:10:8a:e7:2e:fc:af:68:dc:
                    15:d3:18:10:82:c5:d7:bd:bb:cc:37:1f:41:88:9d:
                    4d:6b:f6:bc:4b:31:2c:f5:6a:ab:ed:04:66:7f:24:
                    44:f9:9c:8e:dd:10:5f:7a:83:ac:7d:06:f8:e3:94:
                    5c:6e:ee:16:14:16:ef:5f:5f:2f:37:cd:89:3c:eb:
                    88:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:13:53:0B:38:5B:0A:F4:BE:31:35:66:7B:10:DF:02:65:2A:C1:17
            X509v3 Authority Key Identifier:
                keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/pxNTCzhbCvS-MTVmexDfAmUqwRc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.86.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:5d:a3:6b:33:cc:75:f5:5b:73:c9:8c:f3:0c:d4:02:12:8d:
         87:1d:d9:7a:b3:5b:01:cb:d2:28:18:6f:a5:11:f6:0d:ed:09:
         f8:13:d8:bb:dd:6f:fc:b4:00:45:3b:ab:c8:7c:f0:2b:61:c6:
         72:64:85:f0:8f:98:cc:d4:aa:0f:58:32:61:82:e1:92:a7:b3:
         74:af:3b:72:b3:64:51:33:6f:03:18:ed:cc:62:b6:c7:5c:56:
         ae:cb:33:4a:71:f2:f4:1d:49:c9:87:f1:fd:35:90:01:ca:3a:
         1c:d8:16:f5:a6:99:b3:56:34:b1:9d:84:30:f8:8f:30:77:bc:
         21:9f:3a:00:64:cc:54:3f:12:23:84:7e:e9:cf:50:7a:3f:22:
         fe:85:ed:dc:0e:a5:f3:46:bc:0e:f0:98:7a:76:14:50:d4:cd:
         7c:2f:91:5a:dd:37:6b:62:35:f9:11:3d:e4:45:96:f1:5c:b6:
         df:66:76:2d:5e:e2:0c:b5:61:44:c2:ab:44:f8:a6:9f:2b:ce:
         e5:46:f7:91:e5:94:21:1b:16:ca:da:b3:44:b3:c9:8e:94:93:
         85:43:57:06:21:98:46:f7:c9:4b:74:25:32:b4:39:cd:cc:da:
         93:38:61:00:46:9c:a4:5e:70:99:37:f3:7c:b9:6c:81:54:27:
         85:6d:14:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFoX85TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Mzk3NWQ1ZGE5ZGE4YTA3NGIzM2ZiY2I1YzA5ZDUwM2EzYjQ0M2ExMB4XDTIyMDIy
NTE0MzYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcxMzUzMGIzODVi
MGFmNGJlMzEzNTY2N2IxMGRmMDI2NTJhYzExNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAGhXzPXVqO96NL2R2yBitrzU6RwHvlwFewYqHn1fqoTrz7
pWQxyW6esVdRUS2aG+AxwDDdsRwhJFX2P3UNF3etyVIWNKfSvew89IHxGqwfp7YZ
v1Xg1LeggEuoa0zHoZC2EXwzt3TNu6bg7zV6YoNDEXeGkR0ZTOtJ3QaR5bYzq3s7
cCysGN3WKvPXUYuy7XfbU/ilFsp/yhJoBJZS2G/YPAZ/mQ69Vbts3iKRgUUbgGeT
IAlrG/Yl/xCK5y78r2jcFdMYEILF1727zDcfQYidTWv2vEsxLPVqq+0EZn8kRPmc
jt0QX3qDrH0G+OOUXG7uFhQW719fLzfNiTzriA8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnE1MLOFsK9L4xNWZ7EN8CZSrBFzAfBgNVHSMEGDAWgBRzl11dqdqKB0sz
+8tcCdUDo7RDoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M1ZGRYYW5haWdkTE1fdkxYQW5WQTZPMFE2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvZjAxNzJlLTY5YzItNDIyZi04Mjk2LTllODBkMGQ4N2MyZC8x
L3B4TlRDemhiQ3ZTLU1UVm1leERmQW1VcXdSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
ZjAxNzJlLTY5YzItNDIyZi04Mjk2LTllODBkMGQ4N2MyZC8xL2M1ZGRYYW5haWdk
TE1fdkxYQW5WQTZPMFE2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlW4TANBgkqhkiG9w0BAQsFAAOC
AQEAu12jazPMdfVbc8mM8wzUAhKNhx3ZerNbAcvSKBhvpRH2De0J+BPYu91v/LQA
RTuryHzwK2HGcmSF8I+YzNSqD1gyYYLhkqezdK87crNkUTNvAxjtzGK2x1xWrssz
SnHy9B1JyYfx/TWQAco6HNgW9aaZs1Y0sZ2EMPiPMHe8IZ86AGTMVD8SI4R+6c9Q
ej8i/oXt3A6l80a8DvCYenYUUNTNfC+RWt03a2I1+RE95EWW8Vy232Z2LV7iDLVh
RMKrRPimnyvO5Ub3keWUIRsWytqzRLPJjpSThUNXBiGYRvfJS3QlMrQ5zczakzhh
AEacpF5wmTfzfLlsgVQnhW0U2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:55 2024 by rpki-client on console-ams.rpki-client.org