Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/2sb4JnILrEUADVhhNjYVfUrmk9s.roa
File:                     2sb4JnILrEUADVhhNjYVfUrmk9s.roa (raw, json)
Hash identifier:          YZe8QdGkvcdqtRCfcq0A0Sn6vMoaEfMoXHh8+dazxGc=
Subject key identifier:   DA:C6:F8:26:72:0B:AC:45:00:0D:58:61:36:36:15:7D:4A:E6:93:DB
Certificate issuer:       /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial:       03E861E6
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/2sb4JnILrEUADVhhNjYVfUrmk9s.roa
Signing time:             Wed 04 May 2022 04:55:30 +0000
ROA not before:           Wed 04 May 2022 04:55:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        185.248.50.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65561062 (0x3e861e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
        Validity
            Not Before: May  4 04:55:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dac6f826720bac45000d58613636157d4ae693db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ee:1d:3e:28:e8:da:49:f6:4b:20:4d:5f:53:
                    89:b5:80:02:54:e2:95:70:63:7e:43:d0:76:72:3c:
                    d9:5f:de:d1:78:6a:f8:b9:53:50:e3:5f:c0:bd:da:
                    19:6f:b0:e0:d0:42:01:48:74:fd:b0:f5:d9:49:ae:
                    25:32:2e:bd:a2:c5:4a:e5:6b:ff:c5:e6:6d:83:69:
                    2b:1a:8d:e2:09:27:00:5e:a9:b7:a9:76:2f:ed:b3:
                    92:86:c4:37:c9:cc:56:4e:7c:e7:d3:ce:57:e6:03:
                    be:f0:1c:16:75:9b:45:69:1e:7b:fc:aa:8a:ba:d3:
                    9e:f1:30:f6:cc:59:5a:af:db:a2:e9:80:b7:ed:88:
                    14:02:cd:83:ac:8a:bc:65:4a:a7:62:36:af:17:88:
                    d4:8a:79:c0:2e:14:c5:41:55:23:3a:4a:8c:57:8e:
                    e7:26:3a:4e:84:88:70:3b:7c:1d:0a:24:af:9d:48:
                    97:38:fb:42:42:9a:8e:69:3a:81:c6:c0:2a:47:63:
                    ba:b1:5e:29:f0:80:4f:69:3c:72:ef:f2:e9:21:e4:
                    90:1f:12:a9:e7:54:64:9f:81:44:6f:2c:52:0c:58:
                    51:13:e6:46:8a:b7:60:dc:2b:a0:38:86:5b:10:79:
                    53:a9:f9:89:71:b8:a9:47:50:a0:3a:fc:47:3b:6b:
                    44:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C6:F8:26:72:0B:AC:45:00:0D:58:61:36:36:15:7D:4A:E6:93:DB
            X509v3 Authority Key Identifier:
                keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/2sb4JnILrEUADVhhNjYVfUrmk9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:ae:c0:d2:e2:b4:6e:24:18:59:6c:da:ef:c8:30:e6:16:64:
         45:ed:59:b6:75:8d:4e:e3:24:eb:ca:75:92:e9:c0:a7:d9:8a:
         a7:9d:05:ab:b1:97:d5:9c:67:f8:0f:49:33:01:92:d5:72:fb:
         6b:3f:b8:8b:34:30:57:4b:45:32:be:35:b8:c9:d5:62:67:d0:
         94:8f:4c:b0:f0:c9:d9:bb:da:3b:9c:b4:65:a0:ec:76:c2:dd:
         28:28:02:37:2f:12:ba:a6:b7:15:29:78:47:c8:e6:2a:39:93:
         a2:a7:ab:1a:96:0d:1f:a4:4b:c9:45:8f:73:8f:e8:7a:6b:5a:
         24:a2:bb:c5:03:f9:00:ac:3b:0d:43:d3:31:32:47:90:ef:63:
         38:61:0e:33:ed:b8:59:d4:58:df:ec:8e:3b:c3:a6:64:e2:a7:
         0d:23:be:f0:0b:c1:b9:6f:ba:bf:8e:98:f6:af:3b:6e:3a:b1:
         a4:ae:63:96:8c:29:67:96:b4:16:bf:8e:fe:db:71:63:9c:78:
         48:47:e1:f5:89:7b:64:ce:9a:18:2e:19:68:a4:85:aa:28:48:
         54:93:51:26:83:53:35:1f:d1:58:e1:2f:1f:64:51:62:61:0a:
         a3:42:2e:46:f3:6e:aa:d5:8e:8d:a8:ba:5b:24:3c:21:8d:0a:
         36:a7:e2:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+hh5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzQxNDExZTkzZTI1ZDVlYzY1MDk5NTY5YjFiNWM1ZmFkYzFhZTNkMB4XDTIyMDUw
NDA0NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjNmY4MjY3MjBi
YWM0NTAwMGQ1ODYxMzYzNjE1N2Q0YWU2OTNkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnuHT4o6NpJ9ksgTV9TibWAAlTilXBjfkPQdnI82V/e0Xhq
+LlTUONfwL3aGW+w4NBCAUh0/bD12UmuJTIuvaLFSuVr/8XmbYNpKxqN4gknAF6p
t6l2L+2zkobEN8nMVk5859POV+YDvvAcFnWbRWkee/yqirrTnvEw9sxZWq/boumA
t+2IFALNg6yKvGVKp2I2rxeI1Ip5wC4UxUFVIzpKjFeO5yY6ToSIcDt8HQokr51I
lzj7QkKajmk6gcbAKkdjurFeKfCAT2k8cu/y6SHkkB8SqedUZJ+BRG8sUgxYURPm
Roq3YNwroDiGWxB5U6n5iXG4qUdQoDr8RztrRK8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaxvgmcgusRQANWGE2NhV9SuaT2zAfBgNVHSMEGDAWgBTcQUEek+JdXsZQ
mVabG1xfrcGuPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNFRkJIcFBpWFY3R1VKbFdteHRjWDYzQnJqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvM2Q0NzMxLThjZjMtNDMyNy1hZTZhLTUxMzg3ZDE2MGJhOS8x
LzJzYjRKbklMckVVQURWaGhOallWZlVybWs5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
M2Q0NzMxLThjZjMtNDMyNy1hZTZhLTUxMzg3ZDE2MGJhOS8xLzNFRkJIcFBpWFY3
R1VKbFdteHRjWDYzQnJqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn4MjANBgkqhkiG9w0BAQsFAAOC
AQEAaa7A0uK0biQYWWza78gw5hZkRe1ZtnWNTuMk68p1kunAp9mKp50Fq7GX1Zxn
+A9JMwGS1XL7az+4izQwV0tFMr41uMnVYmfQlI9MsPDJ2bvaO5y0ZaDsdsLdKCgC
Ny8Suqa3FSl4R8jmKjmToqerGpYNH6RLyUWPc4/oemtaJKK7xQP5AKw7DUPTMTJH
kO9jOGEOM+24WdRY3+yOO8OmZOKnDSO+8AvBuW+6v46Y9q87bjqxpK5jlowpZ5a0
Fr+O/ttxY5x4SEfh9Yl7ZM6aGC4ZaKSFqihIVJNRJoNTNR/RWOEvH2RRYmEKo0Iu
RvNuqtWOjai6WyQ8IY0KNqfi9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:07 2024 by rpki-client on console-ams.rpki-client.org