Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dRxcyphn9zmTM4S4WPj1cbpYkJ0.roa
File:                     dRxcyphn9zmTM4S4WPj1cbpYkJ0.roa (raw, json)
Hash identifier:          s6YBJEc8BjeuDb7ASrZFwhBCZgTZW78MpyW+54K51NI=
Subject key identifier:   75:1C:5C:CA:98:67:F7:39:93:33:84:B8:58:F8:F5:71:BA:58:90:9D
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       0DEEB29F
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dRxcyphn9zmTM4S4WPj1cbpYkJ0.roa
Signing time:             Sat 01 Jan 2022 10:54:13 +0000
ROA not before:           Sat 01 Jan 2022 10:54:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207787
IP address blocks:        185.101.246.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 233747103 (0xdeeb29f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jan  1 10:54:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=751c5cca9867f739933384b858f8f571ba58909d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:36:01:02:d1:d8:b5:01:37:1f:c8:38:37:e1:
                    3f:87:7d:18:8e:e2:67:df:da:e1:80:25:81:72:3d:
                    9c:85:86:4b:4d:7a:50:1e:83:f4:9d:17:48:73:18:
                    09:66:4c:cd:d4:bc:4e:4b:84:fb:1f:a1:6f:f5:20:
                    c5:f8:d6:d7:8c:1a:99:2a:1f:a4:e9:9b:ce:8a:7c:
                    04:a7:c4:41:ac:2f:8c:59:2b:a8:8b:31:be:ee:6b:
                    f1:8f:06:75:84:c2:bc:92:14:d7:a6:1e:62:46:47:
                    36:56:49:ca:22:e6:4b:fc:9a:d9:57:27:af:4e:16:
                    55:74:e7:32:e0:a7:7d:fa:33:9a:46:80:b0:5a:ad:
                    ef:6f:6e:86:0a:c7:36:e0:f5:1e:48:e0:6a:42:85:
                    17:9b:f6:8a:cf:5a:74:c5:b4:89:18:ea:8a:cf:1b:
                    58:a0:b5:d6:cf:75:83:b0:36:25:b8:b9:89:a0:d3:
                    bd:82:a2:fa:78:25:9d:16:30:05:fa:48:e0:38:17:
                    f4:61:8e:ff:3a:81:a7:b0:69:65:ab:dd:0a:94:f4:
                    40:62:a9:36:f4:2c:1e:a7:d8:11:3c:18:1f:36:f5:
                    fc:fe:6b:c7:ef:b4:22:e2:ae:aa:8c:fa:04:47:36:
                    d8:f8:46:dc:e9:96:cd:5e:f8:b2:cf:85:f1:8e:c1:
                    70:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:1C:5C:CA:98:67:F7:39:93:33:84:B8:58:F8:F5:71:BA:58:90:9D
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/dRxcyphn9zmTM4S4WPj1cbpYkJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.101.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:1b:2b:e0:ff:ff:38:c4:a1:6a:5c:10:78:e9:c1:68:2e:51:
         7b:f1:af:c1:d8:b8:c6:53:19:86:6d:6e:75:c0:72:98:7e:8e:
         26:19:35:52:33:12:d6:6d:19:48:49:5e:f3:ab:0d:42:4d:0c:
         3c:ac:5d:e9:61:1d:a9:0c:b3:92:7c:47:67:c9:a9:fe:97:ed:
         fe:2b:e4:9d:5c:5a:ae:67:65:27:b0:fc:22:2d:8c:bb:26:d2:
         4d:9c:7a:30:29:96:38:58:d2:7b:a4:17:b7:9b:2c:17:4e:de:
         65:ba:eb:f7:03:20:59:08:aa:cd:bb:ae:b9:9c:9d:c7:f4:2a:
         09:01:9e:2d:03:79:37:05:9f:56:68:66:32:01:88:57:8f:c8:
         c6:a6:a1:30:55:0a:3e:c3:12:fc:e0:b6:62:86:4e:b4:df:7c:
         c7:ed:8d:23:22:d3:83:4c:bd:75:a6:23:0e:67:9a:a8:0b:32:
         c7:94:07:89:7f:fe:b5:34:93:f2:65:dc:db:8a:ff:fa:7a:bd:
         23:e4:6c:f1:0b:31:5a:e8:34:5f:8c:e9:9b:44:61:49:15:e0:
         e3:04:48:27:93:97:5a:a2:fa:5c:4b:e0:5b:ad:30:99:a8:e5:
         c2:e3:aa:b0:5a:e6:e2:be:da:b8:95:d7:6a:31:1f:82:4a:1e:
         1c:42:df:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDe6ynzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUxYzVjY2E5ODY3
ZjczOTkzMzM4NGI4NThmOGY1NzFiYTU4OTA5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI02AQLR2LUBNx/IODfhP4d9GI7iZ9/a4YAlgXI9nIWGS016
UB6D9J0XSHMYCWZMzdS8TkuE+x+hb/UgxfjW14wamSofpOmbzop8BKfEQawvjFkr
qIsxvu5r8Y8GdYTCvJIU16YeYkZHNlZJyiLmS/ya2Vcnr04WVXTnMuCnffozmkaA
sFqt729uhgrHNuD1HkjgakKFF5v2is9adMW0iRjqis8bWKC11s91g7A2Jbi5iaDT
vYKi+nglnRYwBfpI4DgX9GGO/zqBp7BpZavdCpT0QGKpNvQsHqfYETwYHzb1/P5r
x++0IuKuqoz6BEc22PhG3OmWzV74ss+F8Y7BcNcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR1HFzKmGf3OZMzhLhY+PVxuliQnTAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
L2RSeGN5cGhuOXptVE00UzRXUGoxY2JwWWtKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVh
T2g1VG03d2tTSTNTSUY5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALll9jANBgkqhkiG9w0BAQsFAAOC
AQEATxsr4P//OMShalwQeOnBaC5Re/Gvwdi4xlMZhm1udcBymH6OJhk1UjMS1m0Z
SEle86sNQk0MPKxd6WEdqQyzknxHZ8mp/pft/ivknVxarmdlJ7D8Ii2MuybSTZx6
MCmWOFjSe6QXt5ssF07eZbrr9wMgWQiqzbuuuZydx/QqCQGeLQN5NwWfVmhmMgGI
V4/IxqahMFUKPsMS/OC2YoZOtN98x+2NIyLTg0y9daYjDmeaqAsyx5QHiX/+tTST
8mXc24r/+nq9I+Rs8QsxWug0X4zpm0RhSRXg4wRIJ5OXWqL6XEvgW60wmajlwuOq
sFrm4r7auJXXajEfgkoeHELf3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org