Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/q25jlcUbQcrroOMrnHuB0iWrbU0.roa
File:                     q25jlcUbQcrroOMrnHuB0iWrbU0.roa (raw, json)
Hash identifier:          9mY2v8bDfBQeTwfljDoiTIMvIkymsdYwqYEXEj4TCtQ=
Subject key identifier:   AB:6E:63:95:C5:1B:41:CA:EB:A0:E3:2B:9C:7B:81:D2:25:AB:6D:4D
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0668FED0
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/q25jlcUbQcrroOMrnHuB0iWrbU0.roa
Signing time:             Thu 10 Mar 2022 17:02:25 +0000
ROA not before:           Thu 10 Mar 2022 17:02:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        185.179.218.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107544272 (0x668fed0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Mar 10 17:02:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab6e6395c51b41caeba0e32b9c7b81d225ab6d4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:78:08:ff:ec:cb:84:14:53:c6:01:9a:f0:e6:
                    20:f8:61:a4:32:01:33:50:37:17:49:f1:20:db:7c:
                    c3:90:e1:e6:9b:5c:9d:9f:fc:ee:0d:98:94:30:01:
                    33:bd:cf:b4:c7:94:da:87:14:69:39:ac:5f:0f:9d:
                    81:e1:3b:fb:f8:91:3e:00:d1:20:62:6f:d3:34:b8:
                    f4:f5:ea:6f:ef:65:c2:a6:2c:2b:45:80:3d:14:a8:
                    bb:9b:af:47:18:fa:ed:24:0f:90:66:7f:88:d3:36:
                    b0:62:bf:f6:dc:a1:1d:fe:cb:3a:04:f7:39:ef:37:
                    ac:75:e8:7d:f3:07:9a:48:52:8f:32:b5:90:32:3b:
                    9c:b1:04:f4:02:8d:c7:1c:f1:06:c9:32:e8:1c:d1:
                    39:5b:ae:89:33:08:75:b6:0f:fe:08:52:7e:a1:b8:
                    99:71:a1:5c:68:e3:fb:63:9e:80:3a:2e:38:70:fc:
                    be:20:5a:12:85:42:ac:3e:4b:e5:58:35:e1:af:11:
                    cf:05:1c:d1:96:e2:5a:8c:c5:9a:84:dc:74:b9:db:
                    7a:47:2e:de:e0:ec:f4:ec:a2:82:8f:d3:53:b1:50:
                    5a:9d:5a:53:90:7f:c9:20:df:52:ac:43:f2:a4:8f:
                    53:9f:ec:ad:c6:e8:39:3d:a4:ba:6b:e2:32:e3:74:
                    3f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:6E:63:95:C5:1B:41:CA:EB:A0:E3:2B:9C:7B:81:D2:25:AB:6D:4D
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/q25jlcUbQcrroOMrnHuB0iWrbU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.179.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:97:f5:ff:41:3a:d2:dc:d8:ff:db:4b:5b:9d:a8:07:59:21:
         b4:98:fd:72:d7:38:16:dd:d7:62:85:12:5f:77:17:59:03:0d:
         4f:29:34:1e:e6:2c:d0:95:2a:a5:bb:84:dc:b5:ab:e0:9e:40:
         c3:65:f5:a2:cc:32:36:72:59:3b:f2:64:ce:a6:26:ea:fd:1c:
         ec:76:47:b1:8c:06:30:8b:a7:74:cc:57:37:35:5d:55:49:58:
         5f:05:3c:0e:0c:04:85:cb:b8:2b:ba:a9:e9:95:98:7c:1a:d5:
         6f:43:50:d3:89:31:a7:9f:d9:73:f2:2c:98:ad:a8:9f:55:04:
         de:58:2f:f1:e9:9b:29:f8:bf:06:a9:51:0e:d7:12:f9:ea:9a:
         28:74:22:70:dd:a6:ca:1a:e0:f8:13:cc:e5:23:6c:21:1c:15:
         af:a1:9b:75:0c:e8:2f:e5:27:08:06:8d:88:db:04:67:02:86:
         80:a0:9d:45:c2:57:57:92:cf:60:18:31:fa:c9:db:7e:bd:9a:
         d1:11:e4:99:e8:61:ea:95:12:60:2d:3a:57:fd:d6:13:81:bd:
         10:5a:f6:bc:51:18:dd:2d:b7:a2:bb:91:c7:5e:35:8a:6e:9c:
         d2:1d:2f:39:44:08:d1:e4:17:cd:19:99:49:23:08:bd:c7:63:
         76:27:88:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmj+0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDMx
MDE3MDIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI2ZTYzOTVjNTFi
NDFjYWViYTBlMzJiOWM3YjgxZDIyNWFiNmQ0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMp4CP/sy4QUU8YBmvDmIPhhpDIBM1A3F0nxINt8w5Dh5ptc
nZ/87g2YlDABM73PtMeU2ocUaTmsXw+dgeE7+/iRPgDRIGJv0zS49PXqb+9lwqYs
K0WAPRSou5uvRxj67SQPkGZ/iNM2sGK/9tyhHf7LOgT3Oe83rHXoffMHmkhSjzK1
kDI7nLEE9AKNxxzxBsky6BzROVuuiTMIdbYP/ghSfqG4mXGhXGjj+2OegDouOHD8
viBaEoVCrD5L5Vg14a8RzwUc0ZbiWozFmoTcdLnbekcu3uDs9Oyigo/TU7FQWp1a
U5B/ySDfUqxD8qSPU5/srcboOT2kumviMuN0P48CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrbmOVxRtByuug4yuce4HSJattTTAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L3EyNWpsY1ViUWNycm9PTXJuSHVCMGlXcmJVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmz2jANBgkqhkiG9w0BAQsFAAOC
AQEAiZf1/0E60tzY/9tLW52oB1khtJj9ctc4Ft3XYoUSX3cXWQMNTyk0HuYs0JUq
pbuE3LWr4J5Aw2X1oswyNnJZO/JkzqYm6v0c7HZHsYwGMIundMxXNzVdVUlYXwU8
DgwEhcu4K7qp6ZWYfBrVb0NQ04kxp5/Zc/IsmK2on1UE3lgv8embKfi/BqlRDtcS
+eqaKHQicN2myhrg+BPM5SNsIRwVr6GbdQzoL+UnCAaNiNsEZwKGgKCdRcJXV5LP
YBgx+snbfr2a0RHkmehh6pUSYC06V/3WE4G9EFr2vFEY3S23oruRx141im6c0h0v
OUQI0eQXzRmZSSMIvcdjdieIRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org