Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/XOVIqwxsbK0RgLXBngyWRrkFB8k.roa
File:                     XOVIqwxsbK0RgLXBngyWRrkFB8k.roa (raw, json)
Hash identifier:          RQ4oUrQy5QCuUDcXT4oFPGSnp1wi6uCXMw/A59+6Jl0=
Subject key identifier:   5C:E5:48:AB:0C:6C:6C:AD:11:80:B5:C1:9E:0C:96:46:B9:05:07:C9
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       082CE854
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/XOVIqwxsbK0RgLXBngyWRrkFB8k.roa
Signing time:             Thu 30 Jun 2022 06:43:02 +0000
ROA not before:           Thu 30 Jun 2022 06:43:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.155.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137160788 (0x82ce854)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Jun 30 06:43:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ce548ab0c6c6cad1180b5c19e0c9646b90507c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:51:83:84:21:89:9f:0a:c7:fc:2a:e5:2c:33:
                    c9:b9:67:25:3c:14:f1:69:5c:3d:ab:a8:2f:bf:18:
                    05:7f:3e:71:0f:5f:cd:4a:b6:b7:0c:fa:8d:8d:64:
                    ea:cb:74:c0:c5:be:84:5d:f7:72:2a:87:41:0a:83:
                    02:00:4d:e4:c4:c7:6a:f4:6d:51:7c:b4:0f:36:9f:
                    1a:ef:e9:08:8f:de:07:4b:f5:1f:d7:d8:53:6a:ab:
                    d4:1c:5d:d0:cf:7b:bb:72:a0:84:e4:fd:4a:ea:ab:
                    ca:b1:2d:ec:15:46:5c:ef:58:45:28:d4:58:34:b0:
                    59:8b:e5:f6:4d:a0:5a:c0:c5:30:47:05:f5:41:49:
                    20:67:b2:fe:c9:62:22:a4:49:69:91:aa:29:3f:53:
                    ff:bc:48:32:b1:ee:ab:f0:e7:5b:db:7c:48:40:23:
                    91:b1:42:ff:98:3a:ef:67:9e:d7:ad:76:ac:b5:ee:
                    9d:a7:1f:24:37:42:15:8e:3e:21:cf:ec:3f:f7:b5:
                    f1:67:75:a8:46:11:13:da:61:f8:ab:d8:c5:82:14:
                    5e:1d:03:65:a5:c2:06:f4:1e:6c:6d:4c:3e:68:ba:
                    51:11:37:3b:4b:15:32:57:d7:9a:86:8d:1f:f6:59:
                    d8:99:8b:62:9f:67:42:a9:66:8e:90:b4:6e:f6:a8:
                    1b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E5:48:AB:0C:6C:6C:AD:11:80:B5:C1:9E:0C:96:46:B9:05:07:C9
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/XOVIqwxsbK0RgLXBngyWRrkFB8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:27:89:6c:e3:e9:10:b9:3c:a4:a1:a0:f1:d5:43:aa:51:04:
         3b:82:ca:1b:16:d0:5d:f6:72:fd:05:8a:b9:3d:6b:1f:5f:97:
         cd:cb:2c:86:ab:28:50:b2:34:47:6d:6e:bf:c7:19:80:fe:91:
         bc:5f:48:52:fb:98:d1:94:0e:ba:a7:2a:ab:01:bf:54:2c:c4:
         65:be:75:b5:d6:4c:e7:b2:91:5d:d9:c8:2f:dd:98:a0:3b:6f:
         26:16:23:8b:50:02:7e:63:1c:ec:e1:b7:1b:3d:68:ed:1c:ab:
         38:17:5a:3c:58:bf:b2:c2:c3:8b:e3:ea:57:b2:89:66:06:60:
         75:11:9f:db:0a:40:d0:6f:b0:cc:c0:42:e2:07:be:b3:59:44:
         7e:ef:fc:c6:1d:d4:40:5e:84:7d:a8:7e:7b:19:71:be:5d:11:
         9c:ef:71:89:b6:26:24:06:03:35:b2:46:72:6d:80:a6:67:08:
         db:ff:f7:0d:9c:3d:ba:7f:fe:30:2b:08:25:38:b1:d3:2c:d8:
         f7:5a:e4:0f:c0:a9:2b:07:a3:d5:bb:89:2c:ed:a5:58:30:20:
         0f:5a:de:68:8d:ae:a6:25:83:07:20:06:65:38:59:d1:86:10:
         8c:d4:b8:e0:0e:8d:35:4c:88:e4:d8:26:e5:b0:76:3f:87:1c:
         d6:29:c1:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECCzoVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzE4YjczNDM0OWJmMzI3ZDk0NTNiOTY1MDFlNDRiMTkyZTU1MTQyMB4XDTIyMDYz
MDA2NDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNlNTQ4YWIwYzZj
NmNhZDExODBiNWMxOWUwYzk2NDZiOTA1MDdjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlRg4QhiZ8Kx/wq5SwzyblnJTwU8WlcPauoL78YBX8+cQ9f
zUq2twz6jY1k6st0wMW+hF33ciqHQQqDAgBN5MTHavRtUXy0DzafGu/pCI/eB0v1
H9fYU2qr1Bxd0M97u3KghOT9SuqryrEt7BVGXO9YRSjUWDSwWYvl9k2gWsDFMEcF
9UFJIGey/sliIqRJaZGqKT9T/7xIMrHuq/DnW9t8SEAjkbFC/5g672ee1612rLXu
nacfJDdCFY4+Ic/sP/e18Wd1qEYRE9ph+KvYxYIUXh0DZaXCBvQebG1MPmi6URE3
O0sVMlfXmoaNH/ZZ2JmLYp9nQqlmjpC0bvaoG98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc5UirDGxsrRGAtcGeDJZGuQUHyTAfBgNVHSMEGDAWgBQ3GLc0NJvzJ9lF
O5ZQHkSxkuVRQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L054aTNORFNiOHlmWlJUdVdVQjVFc1pMbFVVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvN2JmOGE4LWU0OWMtNDA2ZS04ZWI3LWM4MjNjYzhmMzgzNy8x
L1hPVklxd3hzYkswUmdMWEJuZ3lXUnJrRkI4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
N2JmOGE4LWU0OWMtNDA2ZS04ZWI3LWM4MjNjYzhmMzgzNy8xL054aTNORFNiOHlm
WlJUdVdVQjVFc1pMbFVVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmbNjANBgkqhkiG9w0BAQsFAAOC
AQEANieJbOPpELk8pKGg8dVDqlEEO4LKGxbQXfZy/QWKuT1rH1+XzcsshqsoULI0
R21uv8cZgP6RvF9IUvuY0ZQOuqcqqwG/VCzEZb51tdZM57KRXdnIL92YoDtvJhYj
i1ACfmMc7OG3Gz1o7RyrOBdaPFi/ssLDi+PqV7KJZgZgdRGf2wpA0G+wzMBC4ge+
s1lEfu/8xh3UQF6Efah+exlxvl0RnO9xibYmJAYDNbJGcm2ApmcI2//3DZw9un/+
MCsIJTix0yzY91rkD8CpKwej1buJLO2lWDAgD1reaI2upiWDByAGZThZ0YYQjNS4
4A6NNUyI5Ngm5bB2P4cc1inBAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org