Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7GFXeldnKSEDQddKLtw6uT5sGmA.roa
File:                     7GFXeldnKSEDQddKLtw6uT5sGmA.roa (raw, json)
Hash identifier:          W5OndQEPEiaH+dhqPECdF/h4zBq4COlVOXpVx1ZOLDI=
Subject key identifier:   EC:61:57:7A:57:67:29:21:03:41:D7:4A:2E:DC:3A:B9:3E:6C:1A:60
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       12351E5F
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7GFXeldnKSEDQddKLtw6uT5sGmA.roa
Signing time:             Sun 03 Jul 2022 15:52:25 +0000
ROA not before:           Sun 03 Jul 2022 15:52:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202562
IP address blocks:        185.186.10.0/24 maxlen: 24
                          2a0b:6b86:300::/40 maxlen: 48
                          2a0b:6b83::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305471071 (0x12351e5f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jul  3 15:52:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec61577a576729210341d74a2edc3ab93e6c1a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:ad:69:25:c6:68:56:0a:dc:aa:df:d8:70:78:
                    47:58:e8:c3:f4:12:33:fe:ef:b2:41:1a:63:24:a9:
                    3b:a9:22:e7:1b:6c:44:86:15:f6:ea:a6:94:a3:68:
                    b7:ef:57:50:05:14:2a:27:84:9b:d8:5d:b9:b8:f3:
                    0d:4c:17:66:20:17:bc:f4:98:19:4c:a7:a2:de:8e:
                    94:d3:3b:44:8f:3b:d8:d7:e6:fa:d3:ec:d2:93:0b:
                    da:54:11:69:7e:96:d9:c4:79:ff:a3:ce:c9:03:99:
                    86:7a:a0:ee:0e:46:e3:e9:bc:73:34:1d:fb:d3:ef:
                    f9:15:d9:48:2d:5d:ec:1e:42:59:fe:fa:41:38:21:
                    b1:69:a6:ee:35:b8:99:0a:c3:a4:1b:b3:a9:c0:dc:
                    6e:c4:3c:d9:60:6e:53:91:7c:a5:a6:7c:91:a7:2d:
                    a2:f3:c9:7a:e1:52:f9:32:71:7d:36:03:a1:c2:9b:
                    14:e5:93:89:9f:d1:36:48:db:d6:8f:6a:3e:3a:ba:
                    4f:13:38:1c:ae:f1:a4:c2:b2:df:06:13:c9:78:9f:
                    2c:99:19:92:69:74:47:b1:28:e5:5c:71:7d:47:d7:
                    6b:4a:e7:f8:64:96:f0:03:9e:85:73:f8:4d:b6:f1:
                    84:ed:f1:07:0b:dd:f1:7e:39:20:01:04:ba:3a:61:
                    d4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:61:57:7A:57:67:29:21:03:41:D7:4A:2E:DC:3A:B9:3E:6C:1A:60
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/7GFXeldnKSEDQddKLtw6uT5sGmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.10.0/24
                IPv6:
                  2a0b:6b83::/32
                  2a0b:6b86:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         a4:e9:ec:ef:ae:0f:47:d9:fb:80:7f:1f:7a:9b:6b:47:6f:ff:
         a6:6d:82:06:c1:0d:c5:77:fc:f5:bb:d4:ec:f5:88:25:49:ef:
         5b:44:9b:cb:f2:38:ef:32:cb:1e:e9:87:b7:b1:f0:b2:d8:6f:
         07:f5:97:93:b9:10:fd:bd:d7:36:15:f1:46:ea:cf:a5:61:2d:
         1e:36:65:eb:6a:7b:58:84:1c:51:3f:35:77:4a:3f:a4:39:1e:
         4f:dc:ce:7c:82:41:df:0b:2b:39:2a:52:1d:7b:ab:6e:50:5a:
         dd:00:88:52:ef:b4:de:ed:68:ea:cb:e2:ca:5d:7a:67:6d:6e:
         d9:96:2e:b9:a9:8d:a0:a1:78:4f:36:a2:ac:fb:da:6d:01:6b:
         0e:97:f9:89:91:aa:2e:41:29:76:02:3f:04:74:03:a4:48:48:
         e1:48:83:58:e7:ac:57:6b:b3:d2:b0:51:41:c9:a8:9b:7d:c3:
         40:cc:a8:8f:a8:12:40:87:9a:67:64:61:d0:7c:f8:8a:01:13:
         48:39:35:2b:3f:66:af:b8:48:bf:f7:ac:df:6f:95:d9:a1:09:
         cc:e0:30:30:c3:ec:76:e5:cc:4f:00:06:a3:a8:4f:53:49:d4:
         b2:37:37:9e:54:3d:5b:1c:c3:1f:3c:55:9a:90:21:79:86:b6:
         9c:08:89:11
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEEjUeXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDcw
MzE1NTIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM2MTU3N2E1NzY3
MjkyMTAzNDFkNzRhMmVkYzNhYjkzZTZjMWE2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmtaSXGaFYK3Krf2HB4R1jow/QSM/7vskEaYySpO6ki5xts
RIYV9uqmlKNot+9XUAUUKieEm9hdubjzDUwXZiAXvPSYGUynot6OlNM7RI872Nfm
+tPs0pML2lQRaX6W2cR5/6POyQOZhnqg7g5G4+m8czQd+9Pv+RXZSC1d7B5CWf76
QTghsWmm7jW4mQrDpBuzqcDcbsQ82WBuU5F8paZ8kactovPJeuFS+TJxfTYDocKb
FOWTiZ/RNkjb1o9qPjq6TxM4HK7xpMKy3wYTyXifLJkZkml0R7Eo5VxxfUfXa0rn
+GSW8AOehXP4TbbxhO3xBwvd8X45IAEEujph1EsCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTsYVd6V2cpIQNB10ou3Dq5PmwaYDAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
LzdHRlhlbGRuS1NFRFFkZEtMdHc2dVQ1c0dtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwDAQCAAEwBgMEALm6CjAVBAIAAjAPAwUAKgtrgwMG
ACoLa4YDMA0GCSqGSIb3DQEBCwUAA4IBAQCk6ezvrg9H2fuAfx96m2tHb/+mbYIG
wQ3Fd/z1u9Ts9YglSe9bRJvL8jjvMsse6Ye3sfCy2G8H9ZeTuRD9vdc2FfFG6s+l
YS0eNmXrantYhBxRPzV3Sj+kOR5P3M58gkHfCys5KlIde6tuUFrdAIhS77Te7Wjq
y+LKXXpnbW7Zli65qY2goXhPNqKs+9ptAWsOl/mJkaouQSl2Aj8EdAOkSEjhSINY
56xXa7PSsFFByaibfcNAzKiPqBJAh5pnZGHQfPiKARNIOTUrP2avuEi/96zfb5XZ
oQnM4DAww+x25cxPAAajqE9TSdSyNzeeVD1bHMMfPFWakCF5hracCIkR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:14 2024 by rpki-client on console-ams.rpki-client.org