Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G7ezD5UI6kbiw4orfD5PKsQ95Uc.roa
File:                     G7ezD5UI6kbiw4orfD5PKsQ95Uc.roa (raw, json)
Hash identifier:          ZRhuooRgu1fFqLFUvDVhREOpNohdGBM7nuxNU2ZVz8A=
Subject key identifier:   1B:B7:B3:0F:95:08:EA:46:E2:C3:8A:2B:7C:3E:4F:2A:C4:3D:E5:47
Certificate issuer:       /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial:       0182250FB73384A0A93184980902FD99F7DE
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G7ezD5UI6kbiw4orfD5PKsQ95Uc.roa
Signing time:             Fri 22 Jul 2022 08:39:23 +0000
ROA not before:           Fri 22 Jul 2022 08:39:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        185.167.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:0f:b7:33:84:a0:a9:31:84:98:09:02:fd:99:f7:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
        Validity
            Not Before: Jul 22 08:39:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bb7b30f9508ea46e2c38a2b7c3e4f2ac43de547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ae:60:46:38:fe:18:07:2e:1d:06:22:9e:3f:
                    34:bd:48:c4:86:0b:df:96:0f:48:6e:3e:0b:e0:79:
                    d1:6d:d9:88:4b:4b:2a:e4:f0:0b:28:c9:73:09:ce:
                    cb:40:a8:b9:a8:44:e1:d2:af:6d:26:d3:b3:04:e7:
                    68:8c:ff:f4:64:44:ba:db:92:6d:9a:4f:45:91:04:
                    99:87:fa:65:a8:a3:e4:d8:93:d0:e7:5c:61:a4:2d:
                    be:ca:1a:f8:a0:6e:a0:dc:bb:ca:94:f1:c8:f5:a6:
                    65:d5:25:26:a2:c2:97:ea:c8:1b:e4:ac:b1:6b:0a:
                    ac:a3:e4:b7:f6:4c:c7:23:a6:56:ea:5d:b9:ac:ad:
                    34:86:f6:c1:2b:a1:79:f4:cc:14:42:e2:ba:26:4a:
                    89:bf:9a:f3:10:79:25:cd:e1:89:83:55:1c:9b:18:
                    5e:51:b3:e1:c6:9e:84:6b:4b:52:fb:b3:35:d3:8c:
                    89:9b:b3:0f:a9:1c:b0:dc:4a:b1:bd:80:fe:82:9c:
                    f5:d8:6c:6f:4d:62:d6:8b:98:a9:54:de:92:17:13:
                    0f:09:4f:3e:e4:fc:09:86:f4:1f:90:72:8e:21:42:
                    20:d6:86:1a:6b:55:bc:33:ad:d4:79:b5:c4:b7:06:
                    83:d7:fb:90:e5:46:27:3f:06:ca:1b:44:d1:c3:46:
                    6f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B7:B3:0F:95:08:EA:46:E2:C3:8A:2B:7C:3E:4F:2A:C4:3D:E5:47
            X509v3 Authority Key Identifier:
                keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/G7ezD5UI6kbiw4orfD5PKsQ95Uc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:66:87:60:87:78:25:44:4c:fc:38:31:f0:54:8c:49:30:c6:
         71:99:5a:61:7d:e6:be:1c:a5:73:a8:1a:64:d7:94:14:41:1d:
         1c:7d:8d:95:13:8a:39:ef:4a:6e:86:84:95:9c:4e:60:95:fa:
         c8:51:15:22:0b:80:6b:bd:e1:77:74:6e:7d:8b:82:17:74:d3:
         9c:d6:d8:55:bd:d8:df:c6:d6:9b:a8:5f:5c:26:cd:f4:ee:cb:
         a5:46:4a:51:b4:08:75:13:89:0d:27:a6:b7:b0:a6:0f:54:33:
         30:1d:a9:29:e6:5f:4e:32:89:18:ac:ec:ca:77:7b:51:1b:8b:
         6f:98:76:bb:f5:30:51:c4:8f:ea:14:e5:7c:33:bd:f1:56:3b:
         d2:60:36:b8:7f:ef:00:e9:d1:b8:f5:e9:31:49:dd:7d:9f:29:
         98:8b:6f:98:2a:f9:75:c7:d2:a6:ef:21:e8:fc:5f:8b:6a:f4:
         cf:90:0e:7c:4a:45:20:e1:75:91:38:c4:68:93:d8:b5:95:dc:
         07:2e:a0:16:39:3c:b6:74:30:02:e0:47:81:bf:af:1c:71:b9:
         ca:7b:d7:7b:a3:b1:21:56:62:3b:5f:76:31:63:12:60:62:98:
         57:bd:a8:85:e6:43:61:48:20:4a:b1:46:1e:2e:47:33:3a:f6:
         b7:a4:a2:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlD7czhKCpMYSYCQL9mffeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGIxNTE5MzgxNmZkMTVkY2ZkMDQ3ZGI0ZWVjYTY3Mjkx
MmJiNjAwHhcNMjIwNzIyMDgzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmI3YjMwZjk1MDhlYTQ2ZTJjMzhhMmI3YzNlNGYyYWM0M2RlNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs65gRjj+GAcuHQYinj80vUjEhgvf
lg9Ibj4L4HnRbdmIS0sq5PALKMlzCc7LQKi5qETh0q9tJtOzBOdojP/0ZES625Jt
mk9FkQSZh/plqKPk2JPQ51xhpC2+yhr4oG6g3LvKlPHI9aZl1SUmosKX6sgb5Kyx
awqso+S39kzHI6ZW6l25rK00hvbBK6F59MwUQuK6JkqJv5rzEHklzeGJg1Ucmxhe
UbPhxp6Ea0tS+7M104yJm7MPqRyw3EqxvYD+gpz12GxvTWLWi5ipVN6SFxMPCU8+
5PwJhvQfkHKOIUIg1oYaa1W8M63UebXEtwaD1/uQ5UYnPwbKG0TRw0Zv+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBu3sw+VCOpG4sOKK3w+TyrEPeVHMB8GA1UdIwQY
MBaAFG8LFRk4Fv0V3P0EfbTuymcpErtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYt
OWNmODQzZjA1NjcwLzEvRzdlekQ1VUk2a2JpdzRvcmZENVBLc1E5NVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYtOWNmODQzZjA1Njcw
LzEvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuafqMA0G
CSqGSIb3DQEBCwUAA4IBAQBKZodgh3glREz8ODHwVIxJMMZxmVphfea+HKVzqBpk
15QUQR0cfY2VE4o570puhoSVnE5glfrIURUiC4BrveF3dG59i4IXdNOc1thVvdjf
xtabqF9cJs307sulRkpRtAh1E4kNJ6a3sKYPVDMwHakp5l9OMokYrOzKd3tRG4tv
mHa79TBRxI/qFOV8M73xVjvSYDa4f+8A6dG49ekxSd19nymYi2+YKvl1x9Km7yHo
/F+LavTPkA58SkUg4XWROMRok9i1ldwHLqAWOTy2dDAC4EeBv68ccbnKe9d7o7Eh
VmI7X3YxYxJgYphXvaiF5kNhSCBKsUYeLkczOva3pKLP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org