Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/A8Ulyf85VFpkUhCmy9iDBS2-pr0.roa
File:                     A8Ulyf85VFpkUhCmy9iDBS2-pr0.roa (raw, json)
Hash identifier:          wlUUC3Pxnt6Fy9AzFb3Krni5c7sNM8brOWMA7M5M00w=
Subject key identifier:   03:C5:25:C9:FF:39:54:5A:64:52:10:A6:CB:D8:83:05:2D:BE:A6:BD
Certificate issuer:       /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial:       BDC716
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/A8Ulyf85VFpkUhCmy9iDBS2-pr0.roa
Signing time:             Mon 11 Apr 2022 07:39:44 +0000
ROA not before:           Mon 11 Apr 2022 07:39:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        185.167.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12437270 (0xbdc716)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
        Validity
            Not Before: Apr 11 07:39:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03c525c9ff39545a645210a6cbd883052dbea6bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ea:84:4b:c9:69:46:b3:f4:fe:8f:98:20:31:
                    82:a1:4c:c7:a1:9c:1b:6f:4f:e0:2f:9f:97:f6:67:
                    39:4b:e2:6c:0e:3c:d4:da:28:a7:4a:fa:fd:68:37:
                    cf:66:90:39:af:33:c1:8e:c1:fb:ed:80:ba:1d:5f:
                    da:7e:a9:b3:87:20:2d:2d:95:42:a0:cc:d4:76:01:
                    b1:f5:97:e1:e3:1e:21:37:d1:81:d3:68:25:c0:62:
                    09:02:fc:d5:4f:c6:a5:fb:c7:40:e8:91:17:5b:d7:
                    a6:f6:1b:f0:f7:22:b9:4b:ac:5d:ff:a1:3f:7a:0f:
                    bd:ee:12:26:30:1f:4d:c8:3f:af:90:3c:a5:58:a1:
                    1d:25:60:29:18:68:33:dd:07:4b:70:c5:0f:5f:8d:
                    fc:38:be:60:4f:62:b2:a3:bf:23:db:0c:fb:18:bd:
                    cc:4b:f4:f0:be:66:14:dd:3a:93:c7:a6:f7:4f:9d:
                    0d:2b:bc:5c:08:53:aa:41:6a:7a:d5:c9:b8:92:4c:
                    54:65:4d:a0:04:ac:45:fa:a2:68:a8:71:60:0b:fd:
                    18:9b:6a:6f:da:17:0a:50:b1:45:2b:96:9f:e0:96:
                    c0:bd:3d:ff:01:12:9b:51:52:7c:ba:16:51:d9:a1:
                    0d:2e:fd:68:b4:5a:ef:3c:83:0a:f5:cf:e3:b2:5b:
                    fa:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:C5:25:C9:FF:39:54:5A:64:52:10:A6:CB:D8:83:05:2D:BE:A6:BD
            X509v3 Authority Key Identifier:
                keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/A8Ulyf85VFpkUhCmy9iDBS2-pr0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:90:d1:82:8b:d1:e2:55:6f:3c:82:ba:07:3d:5f:b4:79:0f:
         e9:75:d1:58:ff:a1:0d:05:6c:2e:80:30:ad:a4:31:93:00:79:
         c5:6d:a7:28:96:d6:48:de:c9:68:79:23:6b:dd:73:07:53:d8:
         6c:08:c0:02:e4:f2:6e:2e:42:38:6d:37:28:4c:0e:f5:4c:7a:
         22:8d:a1:18:b0:42:44:1e:96:11:93:97:c5:37:cd:3d:b0:23:
         07:81:98:31:07:ff:9e:a0:ba:04:f7:b4:6c:6b:67:b0:79:19:
         0d:58:85:dd:7a:73:51:cc:54:7c:92:ac:ae:1e:da:90:46:35:
         ac:81:10:4b:1b:53:3b:8c:d3:9f:95:0a:8a:ae:1b:2e:61:a4:
         39:66:4d:82:10:0b:6f:c5:3c:be:06:67:68:4d:f8:f1:cf:ca:
         3f:a4:c9:50:b5:96:12:d7:cb:11:bd:c4:7e:52:9d:b6:bc:54:
         d5:28:04:85:2b:b7:f8:e8:c6:56:63:84:8f:2f:cc:97:cc:99:
         9f:ec:87:64:81:a9:43:d5:49:f1:b9:00:36:12:54:f3:b4:c3:
         3a:26:54:d2:1e:85:ec:0e:c0:57:26:03:22:57:ff:f8:63:44:
         9d:ff:f8:42:ad:26:cc:e0:ec:cf:fe:67:c7:c6:1b:06:3b:b6:
         78:52:82:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAL3HFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjBiMTUxOTM4MTZmZDE1ZGNmZDA0N2RiNGVlY2E2NzI5MTJiYjYwMB4XDTIyMDQx
MTA3Mzk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNjNTI1YzlmZjM5
NTQ1YTY0NTIxMGE2Y2JkODgzMDUyZGJlYTZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHqhEvJaUaz9P6PmCAxgqFMx6GcG29P4C+fl/ZnOUvibA48
1Noop0r6/Wg3z2aQOa8zwY7B++2Auh1f2n6ps4cgLS2VQqDM1HYBsfWX4eMeITfR
gdNoJcBiCQL81U/GpfvHQOiRF1vXpvYb8PciuUusXf+hP3oPve4SJjAfTcg/r5A8
pVihHSVgKRhoM90HS3DFD1+N/Di+YE9isqO/I9sM+xi9zEv08L5mFN06k8em90+d
DSu8XAhTqkFqetXJuJJMVGVNoASsRfqiaKhxYAv9GJtqb9oXClCxRSuWn+CWwL09
/wESm1FSfLoWUdmhDS79aLRa7zyDCvXP47Jb+tECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDxSXJ/zlUWmRSEKbL2IMFLb6mvTAfBgNVHSMEGDAWgBRvCxUZOBb9Fdz9
BH207spnKRK7YDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J3c1ZHVGdXX1JYY19RUjl0TzdLWnlrU3UyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvOTU4ODQxLWY2YjAtNDI0OS04MDQ2LTljZjg0M2YwNTY3MC8x
L0E4VWx5Zjg1VkZwa1VoQ215OWlEQlMyLXByMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
OTU4ODQxLWY2YjAtNDI0OS04MDQ2LTljZjg0M2YwNTY3MC8xL2J3c1ZHVGdXX1JY
Y19RUjl0TzdLWnlrU3UyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmn6jANBgkqhkiG9w0BAQsFAAOC
AQEAHpDRgovR4lVvPIK6Bz1ftHkP6XXRWP+hDQVsLoAwraQxkwB5xW2nKJbWSN7J
aHkja91zB1PYbAjAAuTybi5COG03KEwO9Ux6Io2hGLBCRB6WEZOXxTfNPbAjB4GY
MQf/nqC6BPe0bGtnsHkZDViF3XpzUcxUfJKsrh7akEY1rIEQSxtTO4zTn5UKiq4b
LmGkOWZNghALb8U8vgZnaE348c/KP6TJULWWEtfLEb3EflKdtrxU1SgEhSu3+OjG
VmOEjy/Ml8yZn+yHZIGpQ9VJ8bkANhJU87TDOiZU0h6F7A7AVyYDIlf/+GNEnf/4
Qq0mzODsz/5nx8YbBju2eFKCTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org