Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/5IVdzPXFK4u2XnQcgdmSWvz6yDI.roa
File:                     5IVdzPXFK4u2XnQcgdmSWvz6yDI.roa (raw, json)
Hash identifier:          RLznEraPFS1yq3CsdDbW+XEC4j3dXGCBxu3gsY/JcOs=
Subject key identifier:   E4:85:5D:CC:F5:C5:2B:8B:B6:5E:74:1C:81:D9:92:5A:FC:FA:C8:32
Certificate issuer:       /CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Certificate serial:       05BEE59D
Authority key identifier: 52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/5IVdzPXFK4u2XnQcgdmSWvz6yDI.roa
Signing time:             Sat 01 Jan 2022 02:00:56 +0000
ROA not before:           Sat 01 Jan 2022 02:00:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205385
IP address blocks:        185.220.51.0/24 maxlen: 24
                          185.220.48.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96396701 (0x5bee59d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529ca5a6e5d67421f3f2cd21138cb70704850955
        Validity
            Not Before: Jan  1 02:00:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4855dccf5c52b8bb65e741c81d9925afcfac832
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d0:12:5c:12:09:4c:7c:3e:25:7f:86:c5:5a:
                    a0:50:78:99:65:9f:34:bf:69:bd:33:eb:c6:5f:a9:
                    22:00:3c:0b:59:c7:15:a3:66:54:fb:6b:be:d5:29:
                    f3:9a:fc:ef:57:08:15:35:77:02:95:a1:2b:ce:68:
                    25:27:7d:29:27:5a:17:bb:ad:85:01:ea:da:01:b3:
                    a6:65:cb:c2:46:30:24:11:52:58:f9:bc:80:e5:70:
                    6f:7d:ae:13:59:70:33:0e:00:97:58:3a:15:7f:50:
                    fb:4f:d3:29:69:19:73:45:3b:d8:8c:ba:37:8e:87:
                    4c:92:69:41:46:b2:15:4c:a6:e9:01:9e:21:16:40:
                    74:27:73:13:41:51:02:f4:39:4a:36:af:91:5c:3d:
                    c0:cc:49:d3:49:53:fb:0c:db:17:df:22:bd:b6:51:
                    6e:2c:a7:49:2a:bd:aa:63:3a:8a:d8:ae:85:6f:0a:
                    30:08:f2:b9:8e:8a:56:e6:05:e8:cb:fc:b7:8f:ad:
                    30:61:d2:c5:b3:ad:4b:f0:c2:a3:a3:8f:39:bf:8c:
                    74:87:47:e8:3d:b5:6d:b3:83:36:ce:83:d2:ba:94:
                    a8:39:f3:40:0c:66:d2:a7:da:26:fe:a4:3b:dd:05:
                    fc:c8:d0:06:da:a3:94:f1:18:9c:aa:9d:8f:c9:c7:
                    50:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:85:5D:CC:F5:C5:2B:8B:B6:5E:74:1C:81:D9:92:5A:FC:FA:C8:32
            X509v3 Authority Key Identifier:
                keyid:52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/5IVdzPXFK4u2XnQcgdmSWvz6yDI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/UpylpuXWdCHz8s0hE4y3BwSFCVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:77:79:07:64:54:da:42:f1:5c:9b:02:28:44:ee:86:8e:d5:
         0b:95:fb:b8:b7:8a:5b:20:17:99:b3:21:55:97:ef:6e:9a:40:
         69:b1:72:e0:5d:af:be:85:a0:50:e2:8a:cd:6c:80:70:a7:f8:
         6c:3c:c9:b2:c9:78:14:fe:0f:54:47:10:89:2b:c5:fc:4d:d2:
         bf:11:fa:49:ff:4f:25:0a:be:05:1e:b0:3a:ce:15:b1:95:b3:
         8c:fa:94:81:2c:f6:d6:6b:9f:61:ce:8a:6d:8f:84:ce:d9:2e:
         41:06:7a:1b:01:5d:5f:71:2a:bb:46:b8:a3:52:84:51:03:57:
         45:df:b3:ed:84:4e:03:04:ef:ad:cb:62:d3:dc:86:57:be:d8:
         eb:f5:3d:58:56:78:43:1f:1e:fb:46:91:cf:33:f4:d9:81:28:
         90:23:6c:fe:2e:6d:06:3d:51:02:7b:66:3c:e4:41:6d:a9:08:
         06:32:05:f2:2e:c2:82:c2:5b:23:16:56:99:e7:d8:5e:7a:e5:
         11:1b:d9:57:54:53:e4:24:76:0b:fd:c2:b9:be:d6:14:17:9f:
         a5:0b:88:d8:12:1d:4f:23:ba:ea:e6:29:a3:20:76:bc:38:f4:
         8d:6b:17:3d:64:06:5e:a4:bf:79:f5:df:56:05:05:42:2d:0d:
         06:ea:f9:a6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBb7lnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljYTVhNmU1ZDY3NDIxZjNmMmNkMjExMzhjYjcwNzA0ODUwOTU1MB4XDTIyMDEw
MTAyMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ4NTVkY2NmNWM1
MmI4YmI2NWU3NDFjODFkOTkyNWFmY2ZhYzgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/QElwSCUx8PiV/hsVaoFB4mWWfNL9pvTPrxl+pIgA8C1nH
FaNmVPtrvtUp85r871cIFTV3ApWhK85oJSd9KSdaF7uthQHq2gGzpmXLwkYwJBFS
WPm8gOVwb32uE1lwMw4Al1g6FX9Q+0/TKWkZc0U72Iy6N46HTJJpQUayFUym6QGe
IRZAdCdzE0FRAvQ5SjavkVw9wMxJ00lT+wzbF98ivbZRbiynSSq9qmM6itiuhW8K
MAjyuY6KVuYF6Mv8t4+tMGHSxbOtS/DCo6OPOb+MdIdH6D21bbODNs6D0rqUqDnz
QAxm0qfaJv6kO90F/MjQBtqjlPEYnKqdj8nHUN8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkhV3M9cUri7ZedByB2ZJa/PrIMjAfBgNVHSMEGDAWgBRSnKWm5dZ0IfPy
zSETjLcHBIUJVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VweWxwdVhXZENIejhzMGhFNHkzQndTRkNWVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvNjBmOWFjLTA1M2EtNDY4OS1iMDgxLTNhM2E5ZjAyNDJiOC8x
LzVJVmR6UFhGSzR1MlhuUWNnZG1TV3Z6NnlESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
NjBmOWFjLTA1M2EtNDY4OS1iMDgxLTNhM2E5ZjAyNDJiOC8xL1VweWxwdVhXZENI
ejhzMGhFNHkzQndTRkNWVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArncMDANBgkqhkiG9w0BAQsFAAOC
AQEAdXd5B2RU2kLxXJsCKETuho7VC5X7uLeKWyAXmbMhVZfvbppAabFy4F2vvoWg
UOKKzWyAcKf4bDzJssl4FP4PVEcQiSvF/E3SvxH6Sf9PJQq+BR6wOs4VsZWzjPqU
gSz21mufYc6KbY+EztkuQQZ6GwFdX3Equ0a4o1KEUQNXRd+z7YROAwTvrcti09yG
V77Y6/U9WFZ4Qx8e+0aRzzP02YEokCNs/i5tBj1RAntmPORBbakIBjIF8i7CgsJb
IxZWmefYXnrlERvZV1RT5CR2C/3Cub7WFBefpQuI2BIdTyO66uYpoyB2vDj0jWsX
PWQGXqS/efXfVgUFQi0NBur5pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org