Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/eH2xP2H20Ow0aLSnFBOVCd1gF_I.roa
File:                     eH2xP2H20Ow0aLSnFBOVCd1gF_I.roa (raw, json)
Hash identifier:          n0vphqyxba5W888g1GVEeskDZUIySWEmx4o9nNuYlCI=
Subject key identifier:   78:7D:B1:3F:61:F6:D0:EC:34:68:B4:A7:14:13:95:09:DD:60:17:F2
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       01642521
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/eH2xP2H20Ow0aLSnFBOVCd1gF_I.roa
Signing time:             Sun 15 May 2022 10:45:40 +0000
ROA not before:           Sun 15 May 2022 10:45:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.145.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23340321 (0x1642521)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: May 15 10:45:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=787db13f61f6d0ec3468b4a714139509dd6017f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:dc:69:81:3d:84:ec:02:37:61:9f:68:4c:ec:
                    dd:0c:f7:c3:3d:29:96:ba:00:2c:57:a3:0e:2d:14:
                    ac:f3:0e:c0:05:c9:d9:b6:ec:09:15:a9:60:50:5c:
                    ef:0d:ec:75:e6:d9:9d:8c:91:da:ab:5d:30:71:b6:
                    91:16:5a:37:cb:aa:3a:75:c5:69:e0:06:e5:b8:4f:
                    14:74:cd:a0:2c:ea:9e:97:56:22:f6:ac:5d:46:0a:
                    0c:d0:f5:92:92:4f:ef:db:17:da:99:51:21:c2:6c:
                    b1:3a:c9:f5:82:fd:9f:fd:be:10:45:87:86:1e:05:
                    1a:c3:e0:76:0e:f8:73:5b:79:c2:10:b1:cb:59:7b:
                    08:13:3a:af:5d:ab:34:d8:1b:a2:7d:a8:ec:48:4e:
                    97:a9:5f:51:ed:88:d8:79:e4:d2:8c:6e:01:c4:2c:
                    62:d4:32:34:da:ad:a3:2d:ea:00:5f:73:13:d0:61:
                    5b:13:f5:b2:53:0d:2c:ed:95:aa:ac:47:e9:fe:05:
                    69:b5:9a:83:06:a3:c2:da:4c:09:7a:ee:10:21:3d:
                    e2:3e:85:bc:3a:4c:e7:d3:bf:b1:38:98:63:1b:1f:
                    12:ae:d0:e3:97:11:2d:5e:14:92:36:b5:e0:23:84:
                    0d:ef:5b:6c:fa:b5:c7:3a:4c:9b:c7:95:da:18:f8:
                    f8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:7D:B1:3F:61:F6:D0:EC:34:68:B4:A7:14:13:95:09:DD:60:17:F2
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/eH2xP2H20Ow0aLSnFBOVCd1gF_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:d8:68:a3:eb:27:4c:b0:fe:5e:24:f9:9a:5a:df:e0:f8:ee:
         96:97:e2:3d:26:b8:5c:da:91:bf:b9:e9:00:35:67:dc:c4:86:
         39:da:50:ba:0a:a7:11:07:36:10:da:ae:24:20:de:a9:f0:ed:
         5a:8a:f0:ba:01:bc:36:8e:ad:98:07:ad:0b:24:37:5e:e1:0b:
         dd:fa:49:77:be:29:99:98:95:ff:40:d8:91:00:bf:07:6e:50:
         fe:5c:dd:ae:45:b7:13:70:7c:12:cf:4a:e7:4b:92:c6:3b:37:
         45:ca:8c:c6:1b:db:a1:e5:e3:1c:91:36:95:72:94:1c:f3:64:
         11:50:65:58:c2:9d:f4:57:ec:4e:65:34:d3:8b:43:38:e3:f8:
         a6:f3:f1:0d:96:fd:90:82:c4:32:15:af:4c:d5:37:be:b1:42:
         5a:11:29:4f:94:40:03:de:9b:4f:82:bb:c6:d4:a9:85:39:91:
         c3:69:cc:5f:bc:97:ea:04:d5:61:c3:3c:0e:d9:ec:0d:29:af:
         2d:f4:bb:2c:78:12:19:8c:77:f5:10:38:d3:f7:61:6b:a9:af:
         11:f5:ae:ca:bb:45:3f:09:3f:98:c9:15:14:3f:48:2d:3b:80:
         ef:68:66:57:2f:af:3d:11:8d:60:4e:05:be:52:69:d0:95:1b:
         5f:03:7c:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWQlITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTgyOTYzZmYxYWE3MGFiMTBkMWQzM2U4NmIxZDZkNDk0ZDZjZTUxMB4XDTIyMDUx
NTEwNDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg3ZGIxM2Y2MWY2
ZDBlYzM0NjhiNGE3MTQxMzk1MDlkZDYwMTdmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzcaYE9hOwCN2GfaEzs3Qz3wz0plroALFejDi0UrPMOwAXJ
2bbsCRWpYFBc7w3sdebZnYyR2qtdMHG2kRZaN8uqOnXFaeAG5bhPFHTNoCzqnpdW
IvasXUYKDND1kpJP79sX2plRIcJssTrJ9YL9n/2+EEWHhh4FGsPgdg74c1t5whCx
y1l7CBM6r12rNNgbon2o7EhOl6lfUe2I2Hnk0oxuAcQsYtQyNNqtoy3qAF9zE9Bh
WxP1slMNLO2VqqxH6f4FabWagwajwtpMCXruECE94j6FvDpM59O/sTiYYxsfEq7Q
45cRLV4Ukja14COEDe9bbPq1xzpMm8eV2hj4+DUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR4fbE/YfbQ7DRotKcUE5UJ3WAX8jAfBgNVHSMEGDAWgBQugpY/8apwqxDR
0z6GsdbUlNbOUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvS1dQX0dxY0tzUTBkTS1ockhXMUpUV3psRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvOTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8x
L2VIMnhQMkgyME93MGFMU25GQk9WQ2QxZ0ZfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
OTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8xL0xvS1dQX0dxY0tz
UTBkTS1ockhXMUpUV3psRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmRNDANBgkqhkiG9w0BAQsFAAOC
AQEADdhoo+snTLD+XiT5mlrf4PjulpfiPSa4XNqRv7npADVn3MSGOdpQugqnEQc2
ENquJCDeqfDtWorwugG8No6tmAetCyQ3XuEL3fpJd74pmZiV/0DYkQC/B25Q/lzd
rkW3E3B8Es9K50uSxjs3RcqMxhvboeXjHJE2lXKUHPNkEVBlWMKd9FfsTmU004tD
OOP4pvPxDZb9kILEMhWvTNU3vrFCWhEpT5RAA96bT4K7xtSphTmRw2nMX7yX6gTV
YcM8DtnsDSmvLfS7LHgSGYx39RA40/dha6mvEfWuyrtFPwk/mMkVFD9ILTuA72hm
Vy+vPRGNYE4FvlJp0JUbXwN8Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org