Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QEbo8rrPSQWMrzi6APsLwt7GBEo.roa
File:                     QEbo8rrPSQWMrzi6APsLwt7GBEo.roa (raw, json)
Hash identifier:          MH9UoGIXb+sOpQfgIKd2kyQ3a9zOaF/8PVy2nppNAO0=
Subject key identifier:   40:46:E8:F2:BA:CF:49:05:8C:AF:38:BA:00:FB:0B:C2:DE:C6:04:4A
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       071D5086
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QEbo8rrPSQWMrzi6APsLwt7GBEo.roa
Signing time:             Wed 01 Jun 2022 15:41:23 +0000
ROA not before:           Wed 01 Jun 2022 15:41:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        185.81.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119361670 (0x71d5086)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jun  1 15:41:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4046e8f2bacf49058caf38ba00fb0bc2dec6044a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:89:63:73:0a:e9:26:b6:72:b1:3c:28:07:32:
                    83:d1:21:aa:1b:4d:cd:d3:b5:53:08:bc:a8:68:4f:
                    e1:10:01:6c:ff:d7:3c:01:6a:f0:e2:24:e0:21:5d:
                    79:0f:c7:98:fa:07:ac:fe:3b:6c:0c:fa:81:83:77:
                    08:99:bf:e6:c9:d4:d4:29:35:5f:40:60:e3:d1:43:
                    b0:69:4f:df:40:c8:4d:00:d3:cf:6f:08:35:68:92:
                    ab:9d:cb:0b:0e:18:cb:ea:36:46:f0:79:e3:dc:80:
                    3c:c9:a8:99:a7:f9:ac:a3:4d:fc:17:c6:f8:99:55:
                    02:c6:5a:a1:db:5e:90:b9:1f:09:5b:56:16:6f:2b:
                    9d:70:86:03:1f:6b:a6:23:20:c8:e0:0a:db:a4:bc:
                    f7:af:59:6f:bf:14:7b:e2:a4:ec:bc:62:9b:51:45:
                    52:2a:fb:14:c8:fa:eb:41:5e:4e:8e:cc:71:29:15:
                    df:6e:b2:44:bb:4b:64:13:5a:3b:56:52:9c:9f:bf:
                    d6:db:bc:76:da:69:c2:1e:e9:06:6c:6f:b4:c0:43:
                    91:d8:ab:03:4a:64:7e:1f:c5:e9:34:3a:4e:17:64:
                    30:a8:85:c4:68:2f:99:af:4f:ff:37:e0:ab:30:c4:
                    4d:41:c5:d0:9e:23:e7:2a:f1:f8:77:e0:2e:22:ba:
                    9d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:46:E8:F2:BA:CF:49:05:8C:AF:38:BA:00:FB:0B:C2:DE:C6:04:4A
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QEbo8rrPSQWMrzi6APsLwt7GBEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:2f:d0:a2:ff:2b:23:6b:cf:8d:d3:7f:9d:25:f5:9a:87:9f:
         2b:f0:2f:d6:c0:7d:8d:02:f1:84:00:15:7c:41:60:c6:5d:e7:
         c3:24:63:08:4e:90:8f:47:9f:9e:3f:1d:15:c3:95:29:ba:0a:
         3e:2a:37:d3:11:2d:03:f4:39:87:ca:a2:7a:3f:aa:b4:0a:b7:
         3c:48:e9:6a:5d:5f:d4:7f:64:cb:a0:99:92:a4:66:4b:62:b9:
         79:41:f6:18:9b:d3:4d:0d:d8:2c:09:4a:6f:78:e4:c0:de:96:
         0b:1b:bc:ae:6d:d2:d4:d9:af:cf:bc:bf:28:b1:70:c0:f4:75:
         50:10:9b:51:d3:25:e5:94:1c:65:cc:87:7b:21:1f:2c:1c:b6:
         84:6c:08:7c:ee:b0:a8:e9:6f:f4:13:95:54:05:cc:67:2b:a0:
         ae:d4:b4:78:ff:02:18:83:24:b0:8e:3f:fe:70:23:04:0e:2f:
         f6:36:1e:e7:41:d1:fd:58:0b:61:09:22:07:65:56:1a:43:f9:
         39:99:3c:00:3b:b3:59:29:af:4a:a7:93:00:74:90:20:09:8f:
         12:b8:50:0e:15:ba:60:50:5c:05:a0:0d:8d:55:be:4b:a6:f0:
         9a:85:8f:f9:b8:58:97:08:84:38:30:86:ae:9e:34:97:c9:a9:
         3a:1a:94:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBx1QhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDYw
MTE1NDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA0NmU4ZjJiYWNm
NDkwNThjYWYzOGJhMDBmYjBiYzJkZWM2MDQ0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSJY3MK6Sa2crE8KAcyg9EhqhtNzdO1Uwi8qGhP4RABbP/X
PAFq8OIk4CFdeQ/HmPoHrP47bAz6gYN3CJm/5snU1Ck1X0Bg49FDsGlP30DITQDT
z28INWiSq53LCw4Yy+o2RvB549yAPMmomaf5rKNN/BfG+JlVAsZaodtekLkfCVtW
Fm8rnXCGAx9rpiMgyOAK26S8969Zb78Ue+Kk7Lxim1FFUir7FMj660FeTo7McSkV
326yRLtLZBNaO1ZSnJ+/1tu8dtppwh7pBmxvtMBDkdirA0pkfh/F6TQ6ThdkMKiF
xGgvma9P/zfgqzDETUHF0J4j5yrx+HfgLiK6nbsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRARujyus9JBYyvOLoA+wvC3sYESjAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L1FFYm84cnJQU1FXTXJ6aTZBUHNMd3Q3R0JFby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlRHDANBgkqhkiG9w0BAQsFAAOC
AQEAUC/Qov8rI2vPjdN/nSX1moefK/Av1sB9jQLxhAAVfEFgxl3nwyRjCE6Qj0ef
nj8dFcOVKboKPio30xEtA/Q5h8qiej+qtAq3PEjpal1f1H9ky6CZkqRmS2K5eUH2
GJvTTQ3YLAlKb3jkwN6WCxu8rm3S1Nmvz7y/KLFwwPR1UBCbUdMl5ZQcZcyHeyEf
LBy2hGwIfO6wqOlv9BOVVAXMZyugrtS0eP8CGIMksI4//nAjBA4v9jYe50HR/VgL
YQkiB2VWGkP5OZk8ADuzWSmvSqeTAHSQIAmPErhQDhW6YFBcBaANjVW+S6bwmoWP
+bhYlwiEODCGrp40l8mpOhqUrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org