Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/pk7F5uXZKH43KW48dcjlgZJIlOw.roa
File:                     pk7F5uXZKH43KW48dcjlgZJIlOw.roa (raw, json)
Hash identifier:          cQ8wqPTZUzwE9yNUgvyQdz+saIJMD2F8rWlkeL++gKw=
Subject key identifier:   A6:4E:C5:E6:E5:D9:28:7E:37:29:6E:3C:75:C8:E5:81:92:48:94:EC
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       186F24EB
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/pk7F5uXZKH43KW48dcjlgZJIlOw.roa
Signing time:             Tue 31 May 2022 06:51:14 +0000
ROA not before:           Tue 31 May 2022 06:51:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207676
IP address blocks:        141.101.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 409937131 (0x186f24eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: May 31 06:51:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a64ec5e6e5d9287e37296e3c75c8e581924894ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b1:1d:c6:3c:f1:ee:99:80:51:2c:e0:60:a5:
                    e3:5a:5a:70:c3:cd:36:8f:1d:28:9b:df:de:4e:c8:
                    8e:36:0c:b9:6d:dc:fb:4f:9a:19:94:34:54:b6:b9:
                    2d:6a:35:47:64:a3:2f:02:67:35:21:bd:f6:7d:54:
                    f4:6f:ef:be:4f:1a:90:40:b0:10:96:e2:f6:ee:c0:
                    c0:fa:e0:98:00:ce:99:d0:1c:7d:78:b9:fc:45:e2:
                    37:8d:3d:87:d8:ce:ba:d4:be:89:f8:cd:a3:f1:7c:
                    8b:02:f7:3b:d5:64:a4:d7:36:dc:2a:eb:31:c2:3f:
                    5b:de:ef:f2:71:97:26:a5:50:06:ee:a9:c6:f8:53:
                    21:ca:ec:41:5a:b3:62:50:b3:38:1f:59:e1:4a:c7:
                    f8:2a:a1:3a:87:46:a2:f0:3e:a5:ff:5f:00:09:51:
                    2e:ea:e9:75:00:3f:df:0d:e4:a2:73:71:2b:20:0a:
                    04:f8:89:63:1d:e6:3d:f1:7e:f7:8b:9d:5f:02:eb:
                    40:45:43:d7:c8:8f:07:b0:7d:11:e1:81:ef:73:72:
                    b5:d2:f1:34:19:b8:fe:33:44:30:85:79:b5:94:60:
                    35:e9:aa:bb:10:e8:34:84:81:30:70:d9:01:ed:b8:
                    22:92:98:c1:0d:e5:9c:09:1e:7e:3c:4f:08:ed:b0:
                    90:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:4E:C5:E6:E5:D9:28:7E:37:29:6E:3C:75:C8:E5:81:92:48:94:EC
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/pk7F5uXZKH43KW48dcjlgZJIlOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.101.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:fa:aa:0a:eb:4e:a5:0e:8e:23:eb:d0:64:c6:3e:32:db:8f:
         65:74:4d:fe:6a:2f:a9:bf:72:11:f4:c7:f3:db:f9:bb:d9:2a:
         23:53:23:81:93:28:df:b1:c1:40:04:2a:70:e5:dc:c9:41:09:
         f6:60:43:8a:af:0b:7f:ae:cc:fc:ee:b9:b2:45:47:46:f0:5e:
         e5:f4:2b:ba:ff:87:9c:8b:ea:33:45:35:18:5e:bf:48:46:5a:
         81:5e:95:b3:42:20:a6:1e:ca:1f:2c:fc:3b:30:5e:f3:66:65:
         bf:26:17:e8:b7:9d:ba:bc:b4:69:c2:bf:49:8c:e7:15:f8:7c:
         61:05:69:da:74:b1:f0:37:bf:7a:21:2b:9e:ee:df:af:c1:71:
         10:91:42:02:08:e0:c5:a8:47:4d:04:35:a4:53:5f:2a:6b:e6:
         7d:33:62:a4:35:71:42:74:51:05:1c:cd:b6:ee:7a:5c:63:e1:
         b8:fe:8b:86:b6:72:86:c5:94:90:b5:7b:73:c2:38:71:ed:37:
         a9:29:83:29:2c:19:f8:30:1e:d7:fc:23:4a:d3:3b:26:a8:4f:
         01:50:94:c7:62:e7:aa:b9:35:08:57:20:7f:b9:8c:3d:79:58:
         bb:e3:83:d5:ef:0b:80:93:71:0f:3c:ea:f8:e2:13:0d:cc:8b:
         6b:74:02:08
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGG8k6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDUz
MTA2NTExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0ZWM1ZTZlNWQ5
Mjg3ZTM3Mjk2ZTNjNzVjOGU1ODE5MjQ4OTRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6xHcY88e6ZgFEs4GCl41pacMPNNo8dKJvf3k7IjjYMuW3c
+0+aGZQ0VLa5LWo1R2SjLwJnNSG99n1U9G/vvk8akECwEJbi9u7AwPrgmADOmdAc
fXi5/EXiN409h9jOutS+ifjNo/F8iwL3O9VkpNc23CrrMcI/W97v8nGXJqVQBu6p
xvhTIcrsQVqzYlCzOB9Z4UrH+CqhOodGovA+pf9fAAlRLurpdQA/3w3konNxKyAK
BPiJYx3mPfF+94udXwLrQEVD18iPB7B9EeGB73NytdLxNBm4/jNEMIV5tZRgNemq
uxDoNISBMHDZAe24IpKYwQ3lnAkefjxPCO2wkFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmTsXm5dkofjcpbjx1yOWBkkiU7DAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L3BrN0Y1dVhaS0g0M0tXNDhkY2psZ1pKSWxPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1l+TANBgkqhkiG9w0BAQsFAAOC
AQEAYvqqCutOpQ6OI+vQZMY+MtuPZXRN/movqb9yEfTH89v5u9kqI1MjgZMo37HB
QAQqcOXcyUEJ9mBDiq8Lf67M/O65skVHRvBe5fQruv+HnIvqM0U1GF6/SEZagV6V
s0Igph7KHyz8OzBe82ZlvyYX6Ledury0acK/SYznFfh8YQVp2nSx8De/eiErnu7f
r8FxEJFCAgjgxahHTQQ1pFNfKmvmfTNipDVxQnRRBRzNtu56XGPhuP6LhrZyhsWU
kLV7c8I4ce03qSmDKSwZ+DAe1/wjStM7JqhPAVCUx2Lnqrk1CFcgf7mMPXlYu+OD
1e8LgJNxDzzq+OITDcyLa3QCCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org