Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bphlYKPqWs3Jt-SAughIFzRwNEo.roa
File:                     bphlYKPqWs3Jt-SAughIFzRwNEo.roa (raw, json)
Hash identifier:          tfs97jVJ7zCYNJiN66D+MbJELVDo6nLgIsKuAWsbD2s=
Subject key identifier:   6E:98:65:60:A3:EA:5A:CD:C9:B7:E4:80:BA:08:48:17:34:70:34:4A
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       0161296D
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bphlYKPqWs3Jt-SAughIFzRwNEo.roa
Signing time:             Fri 13 May 2022 20:14:40 +0000
ROA not before:           Fri 13 May 2022 20:14:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        185.145.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23144813 (0x161296d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: May 13 20:14:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e986560a3ea5acdc9b7e480ba0848173470344a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3b:33:f6:b5:4f:4d:11:0c:2d:be:56:bf:9f:
                    26:ec:14:ae:43:a9:3b:66:0f:5e:04:df:a4:1d:9a:
                    2e:2d:84:ff:41:3e:85:a6:a0:e1:66:c2:72:c4:9f:
                    0f:67:18:2d:f5:df:2f:24:43:42:41:fb:b7:01:e9:
                    a3:5f:ee:65:54:f9:11:7f:92:ac:b5:e3:38:dc:78:
                    12:0e:6b:12:59:55:cc:05:2f:ca:f1:53:5c:c2:98:
                    c5:32:54:0b:3a:32:41:3f:37:74:5b:c1:87:2f:df:
                    53:f8:c9:41:db:ff:0d:b3:3c:28:46:bc:eb:68:af:
                    1f:12:94:d0:05:b1:01:12:6c:45:1c:ef:5c:5a:05:
                    8a:4a:7e:7b:f1:dc:13:c3:58:fb:0f:3c:56:3e:8a:
                    c3:fa:65:d6:63:e0:73:1f:9c:f1:3e:ab:47:d0:6a:
                    90:aa:ed:51:4a:ca:8d:08:f9:e0:31:62:b6:12:43:
                    cf:b8:e5:74:cc:e8:0e:e3:fa:a0:6e:e6:82:2c:1f:
                    7e:50:c3:78:62:b3:42:2d:48:70:07:bd:1d:b8:c3:
                    31:64:49:d7:d1:b9:21:18:24:ee:0a:9e:cb:25:39:
                    7e:d2:ce:7b:69:ca:05:d2:06:ae:34:6a:5b:fd:3f:
                    91:01:a1:12:19:b7:f6:1c:fd:2e:47:3f:28:c8:ec:
                    b1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:98:65:60:A3:EA:5A:CD:C9:B7:E4:80:BA:08:48:17:34:70:34:4A
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bphlYKPqWs3Jt-SAughIFzRwNEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:c5:8d:3e:35:cb:03:2f:32:97:df:bb:19:54:c5:89:8c:ef:
         fd:0f:e9:1a:ae:0c:f4:0e:42:77:66:9e:63:9f:0e:33:96:95:
         d7:7a:ec:b9:56:36:06:e5:2e:86:36:98:b7:56:ed:47:b1:3c:
         3b:91:92:87:07:3e:f5:40:d0:da:d0:8e:02:2e:ec:a1:b3:b6:
         c7:ce:f4:ad:8f:40:33:44:33:ea:53:3a:21:1b:e4:cc:9d:9b:
         65:ee:55:26:97:01:60:64:ae:f9:b1:ff:1e:8b:4e:3c:79:80:
         a8:93:47:1a:b2:3e:20:3c:c9:13:0c:22:72:3b:06:5a:7d:7a:
         c8:7c:8f:15:1f:0b:10:d9:1f:90:86:96:fa:d0:5f:d1:f5:ae:
         8e:bb:e3:93:62:06:3c:f4:4a:08:bd:48:49:9f:f2:5c:aa:d1:
         46:ad:3d:8d:23:89:8c:f9:72:1d:b0:a3:0f:11:6d:2c:1e:c2:
         7e:45:07:ea:12:fe:c0:ff:d6:bf:01:3e:fc:e5:28:07:0d:7e:
         aa:0f:86:07:55:70:64:ca:4b:6b:f4:02:35:44:29:8f:b7:65:
         7c:54:78:b4:60:6f:15:e9:51:a1:62:41:66:20:33:00:38:e2:
         89:bf:40:ad:2e:42:c6:af:8e:98:10:d8:5a:b0:25:57:c6:39:
         e4:53:87:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWEpbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTgyOTYzZmYxYWE3MGFiMTBkMWQzM2U4NmIxZDZkNDk0ZDZjZTUxMB4XDTIyMDUx
MzIwMTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU5ODY1NjBhM2Vh
NWFjZGM5YjdlNDgwYmEwODQ4MTczNDcwMzQ0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMo7M/a1T00RDC2+Vr+fJuwUrkOpO2YPXgTfpB2aLi2E/0E+
haag4WbCcsSfD2cYLfXfLyRDQkH7twHpo1/uZVT5EX+SrLXjONx4Eg5rEllVzAUv
yvFTXMKYxTJUCzoyQT83dFvBhy/fU/jJQdv/DbM8KEa862ivHxKU0AWxARJsRRzv
XFoFikp+e/HcE8NY+w88Vj6Kw/pl1mPgcx+c8T6rR9BqkKrtUUrKjQj54DFithJD
z7jldMzoDuP6oG7mgiwfflDDeGKzQi1IcAe9HbjDMWRJ19G5IRgk7gqeyyU5ftLO
e2nKBdIGrjRqW/0/kQGhEhm39hz9Lkc/KMjssWMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRumGVgo+pazcm35IC6CEgXNHA0SjAfBgNVHSMEGDAWgBQugpY/8apwqxDR
0z6GsdbUlNbOUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvS1dQX0dxY0tzUTBkTS1ockhXMUpUV3psRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvOTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8x
L2JwaGxZS1BxV3MzSnQtU0F1Z2hJRnpSd05Fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
OTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8xL0xvS1dQX0dxY0tz
UTBkTS1ockhXMUpUV3psRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmRNDANBgkqhkiG9w0BAQsFAAOC
AQEAWsWNPjXLAy8yl9+7GVTFiYzv/Q/pGq4M9A5Cd2aeY58OM5aV13rsuVY2BuUu
hjaYt1btR7E8O5GShwc+9UDQ2tCOAi7sobO2x870rY9AM0Qz6lM6IRvkzJ2bZe5V
JpcBYGSu+bH/HotOPHmAqJNHGrI+IDzJEwwicjsGWn16yHyPFR8LENkfkIaW+tBf
0fWujrvjk2IGPPRKCL1ISZ/yXKrRRq09jSOJjPlyHbCjDxFtLB7CfkUH6hL+wP/W
vwE+/OUoBw1+qg+GB1VwZMpLa/QCNUQpj7dlfFR4tGBvFelRoWJBZiAzADjiib9A
rS5Cxq+OmBDYWrAlV8Y55FOHsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org