Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/80p7ikSixKxR2GBNLd9wQozMnAI.roa
File:                     80p7ikSixKxR2GBNLd9wQozMnAI.roa (raw, json)
Hash identifier:          KomYubW3LTJVXEL3X3KCsrl0KjiHoyI3eoHZ56UvdNM=
Subject key identifier:   F3:4A:7B:8A:44:A2:C4:AC:51:D8:60:4D:2D:DF:70:42:8C:CC:9C:02
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0735BBE1
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/80p7ikSixKxR2GBNLd9wQozMnAI.roa
Signing time:             Sun 12 Jun 2022 10:41:02 +0000
ROA not before:           Sun 12 Jun 2022 10:41:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52035
IP address blocks:        158.41.24.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120962017 (0x735bbe1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jun 12 10:41:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f34a7b8a44a2c4ac51d8604d2ddf70428ccc9c02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:87:47:0f:ed:f4:c1:9a:bf:5b:c7:2e:86:8a:
                    ae:ed:d5:8e:98:13:64:01:80:d8:62:43:cf:47:20:
                    47:9e:1f:cc:75:30:eb:7d:ef:aa:34:83:fa:8c:9e:
                    82:d9:3f:f4:e1:29:73:be:f7:9e:9e:c5:7f:25:ab:
                    69:54:ec:ca:ff:22:3c:37:be:84:d5:10:17:8f:63:
                    1a:7d:8e:5c:df:5f:d2:af:3c:a8:9d:a0:46:60:47:
                    9f:c7:df:92:3d:fa:90:37:80:3d:59:bf:de:64:c1:
                    ef:a4:6c:6b:bf:f8:7c:2f:57:69:9b:21:72:1b:2a:
                    b1:0b:e0:6c:f6:46:71:d9:60:99:38:f8:eb:ba:26:
                    a3:d7:2a:41:35:99:03:e4:69:18:4f:2e:81:c4:8a:
                    57:ff:a8:34:9a:ed:34:31:e8:8f:99:94:a1:fc:7f:
                    f9:9f:1a:b5:04:b3:24:6b:5c:8d:76:35:d8:b0:c6:
                    ab:46:39:cc:ef:b5:78:86:49:04:0c:55:9c:05:2e:
                    74:a0:8a:6e:75:1f:c4:59:07:75:2b:60:85:e3:18:
                    d8:e0:73:3c:b1:70:56:cd:68:42:1d:2a:98:e1:d5:
                    15:1f:5c:4f:71:03:c7:81:92:7d:f3:f2:17:a6:74:
                    62:9e:7f:c6:46:27:b6:20:6f:1b:18:19:50:ff:d5:
                    58:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:4A:7B:8A:44:A2:C4:AC:51:D8:60:4D:2D:DF:70:42:8C:CC:9C:02
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/80p7ikSixKxR2GBNLd9wQozMnAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.41.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         56:ba:9b:c7:f2:d3:6a:e8:7d:0e:91:68:0d:9c:6d:26:d0:86:
         80:b5:95:87:99:ae:f6:cc:e8:aa:f6:52:0f:fb:39:3f:a6:90:
         cf:64:b8:24:1f:4e:6d:ae:9c:f0:fc:94:35:37:b7:83:48:30:
         00:b7:a6:8c:44:3e:06:15:01:71:f4:0a:d8:42:0e:f2:ec:e6:
         3c:9a:39:92:fc:e5:ab:0c:83:d1:0f:1d:0e:8d:fd:7d:9a:3c:
         07:ac:2f:bf:63:31:55:e5:75:ac:b9:ce:b1:eb:e5:c3:37:0e:
         52:6c:47:6a:71:5e:0c:cd:f3:36:5f:d2:d3:7f:3b:ab:5d:e5:
         64:58:30:d4:b1:32:3a:ee:a7:cd:91:11:04:e4:33:f9:14:6c:
         bc:b4:00:c8:06:0f:15:e4:a0:dc:63:88:ae:bb:6b:4d:05:da:
         da:ac:91:4c:5c:6e:15:2f:61:a8:8f:24:2c:cf:b3:ff:90:73:
         01:b5:a7:24:76:9b:c1:1a:be:31:74:5f:30:86:01:c9:14:ce:
         2e:68:94:52:33:c5:98:0f:2e:9b:c7:4d:d1:e4:2f:ff:b5:ea:
         82:07:c5:a4:37:60:c1:67:ba:b5:af:3f:37:59:7e:e4:e7:ba:
         55:4f:47:e0:5e:7e:8c:12:3f:f8:82:00:be:ec:4f:1b:38:6c:
         04:89:8e:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzW74TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDYx
MjEwNDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM0YTdiOGE0NGEy
YzRhYzUxZDg2MDRkMmRkZjcwNDI4Y2NjOWMwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+HRw/t9MGav1vHLoaKru3VjpgTZAGA2GJDz0cgR54fzHUw
633vqjSD+oyegtk/9OEpc773np7FfyWraVTsyv8iPDe+hNUQF49jGn2OXN9f0q88
qJ2gRmBHn8ffkj36kDeAPVm/3mTB76Rsa7/4fC9XaZshchsqsQvgbPZGcdlgmTj4
67omo9cqQTWZA+RpGE8ugcSKV/+oNJrtNDHoj5mUofx/+Z8atQSzJGtcjXY12LDG
q0Y5zO+1eIZJBAxVnAUudKCKbnUfxFkHdStgheMY2OBzPLFwVs1oQh0qmOHVFR9c
T3EDx4GSffPyF6Z0Yp5/xkYntiBvGxgZUP/VWE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzSnuKRKLErFHYYE0t33BCjMycAjAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
LzgwcDdpa1NpeEt4UjJHQk5MZDl3UW96TW5BSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA54pGDANBgkqhkiG9w0BAQsFAAOC
AQEAVrqbx/LTauh9DpFoDZxtJtCGgLWVh5mu9szoqvZSD/s5P6aQz2S4JB9Oba6c
8PyUNTe3g0gwALemjEQ+BhUBcfQK2EIO8uzmPJo5kvzlqwyD0Q8dDo39fZo8B6wv
v2MxVeV1rLnOsevlwzcOUmxHanFeDM3zNl/S0387q13lZFgw1LEyOu6nzZERBOQz
+RRsvLQAyAYPFeSg3GOIrrtrTQXa2qyRTFxuFS9hqI8kLM+z/5BzAbWnJHabwRq+
MXRfMIYByRTOLmiUUjPFmA8um8dN0eQv/7XqggfFpDdgwWe6ta8/N1l+5Oe6VU9H
4F5+jBI/+IIAvuxPGzhsBImO5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org