Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xigbfwjdoYrXDECvBPOKWeFIBBU.roa
File:                     xigbfwjdoYrXDECvBPOKWeFIBBU.roa (raw, json)
Hash identifier:          TzUBZFa8mRwkiliUZYNBcXmT0/B8gZkM9P/fhThmBFQ=
Subject key identifier:   C6:28:1B:7F:08:DD:A1:8A:D7:0C:40:AF:04:F3:8A:59:E1:48:04:15
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       03143996
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xigbfwjdoYrXDECvBPOKWeFIBBU.roa
Signing time:             Wed 22 Jun 2022 19:00:32 +0000
ROA not before:           Wed 22 Jun 2022 19:00:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.22.57.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51657110 (0x3143996)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jun 22 19:00:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6281b7f08dda18ad70c40af04f38a59e1480415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fd:e1:a8:71:1a:d8:b4:a9:fd:f3:bf:d5:f9:
                    00:93:71:eb:d5:ec:0d:40:dd:3f:8e:a2:81:5d:f7:
                    ce:fe:02:ef:32:5b:d3:81:27:aa:8a:f6:0f:2b:b8:
                    f1:62:34:78:e3:c1:02:70:19:0b:5c:8b:80:f7:cd:
                    91:e0:21:d3:14:dc:a3:e2:7c:85:a5:2d:fa:02:04:
                    42:3c:16:f7:95:86:e7:26:87:cc:f0:fd:02:a1:fb:
                    e7:73:c6:69:2d:13:8e:50:80:6d:23:c1:dd:56:34:
                    53:e4:45:5a:ff:0a:7c:73:e5:f5:a8:1b:ce:6f:c5:
                    85:a7:52:70:a7:95:cc:dc:e7:94:d8:dc:48:72:c5:
                    fc:79:9c:f2:e7:e9:d6:ef:ef:40:13:fd:39:16:81:
                    f7:0b:9c:f5:dd:8d:4c:19:36:01:df:61:83:69:2d:
                    e8:0a:fd:bc:af:18:39:be:f4:ad:7d:d1:dc:83:0d:
                    14:44:83:b9:8c:1e:82:fd:0a:f1:50:02:dd:81:15:
                    92:72:c4:a6:40:4f:fe:f4:0a:ed:1f:1f:7f:f9:c1:
                    84:47:5c:f1:d7:72:a7:f4:8a:50:82:05:fc:a4:b9:
                    68:b7:59:b7:43:ca:11:a2:32:8b:98:c7:3b:e4:2b:
                    b4:0a:87:18:9e:aa:e4:c8:e0:f5:cc:57:c0:ea:67:
                    c2:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:28:1B:7F:08:DD:A1:8A:D7:0C:40:AF:04:F3:8A:59:E1:48:04:15
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xigbfwjdoYrXDECvBPOKWeFIBBU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.22.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:e6:be:e4:e9:38:33:a4:84:1e:96:12:7d:87:77:5a:00:4a:
         2f:6b:d3:42:ac:83:30:53:94:8b:a9:df:8e:0d:89:41:4e:22:
         aa:9f:52:d4:c1:e0:1e:29:b7:56:54:ef:a2:ba:04:73:74:9c:
         a6:c6:7c:0f:46:a9:cc:6e:80:7d:83:34:b7:b5:90:e6:08:3c:
         f5:59:7f:b2:91:3f:a0:e7:c3:9d:ab:94:01:a2:3c:26:20:fc:
         03:28:4e:4b:14:ee:92:02:26:f2:85:9a:da:ac:3c:3a:ea:23:
         a0:99:c5:0c:73:00:15:90:b6:79:d8:e9:3c:63:52:c2:1d:34:
         1f:b1:f1:23:a3:ac:8b:ac:cd:86:d6:c0:5c:8f:2d:85:f7:d5:
         f1:d2:84:98:e3:5b:c3:1f:70:b1:c8:3c:e8:9d:46:23:63:d2:
         81:2f:d9:90:86:b3:8d:4f:33:c2:8a:0f:20:b1:e3:d5:f3:58:
         b8:4b:f3:3d:8a:5c:58:81:15:31:a8:67:b2:6c:08:85:38:76:
         d8:f9:f9:56:8d:24:00:31:64:3b:39:e1:7c:d1:bd:4b:4d:83:
         66:57:51:e2:24:bd:36:54:89:1c:a1:90:91:32:c1:d7:86:c7:
         b8:90:d5:3a:63:3d:d4:e4:f5:32:1b:41:7a:a2:c4:0d:2d:0c:
         91:ed:9d:b3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxQ5ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWMyYzFhZmQ0YmRlYzk4MDUwNmZhMDdkZjdjODY2MmQ1NTRmYTQ2MB4XDTIyMDYy
MjE5MDAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYyODFiN2YwOGRk
YTE4YWQ3MGM0MGFmMDRmMzhhNTllMTQ4MDQxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAND94ahxGti0qf3zv9X5AJNx69XsDUDdP46igV33zv4C7zJb
04Enqor2Dyu48WI0eOPBAnAZC1yLgPfNkeAh0xTco+J8haUt+gIEQjwW95WG5yaH
zPD9AqH753PGaS0TjlCAbSPB3VY0U+RFWv8KfHPl9agbzm/FhadScKeVzNznlNjc
SHLF/Hmc8ufp1u/vQBP9ORaB9wuc9d2NTBk2Ad9hg2kt6Ar9vK8YOb70rX3R3IMN
FESDuYwegv0K8VAC3YEVknLEpkBP/vQK7R8ff/nBhEdc8ddyp/SKUIIF/KS5aLdZ
t0PKEaIyi5jHO+QrtAqHGJ6q5Mjg9cxXwOpnwt8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGKBt/CN2hitcMQK8E84pZ4UgEFTAfBgNVHSMEGDAWgBTqwsGv1L3smAUG
+gfffIZi1VT6RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZzTEJyOVM5N0pnRkJ2b0gzM3lHWXRWVS1rWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvNTg5YTZiLTRkN2UtNDAxMi1hMGZjLWMwY2ViMDM3YWQ0Mi8x
L3hpZ2Jmd2pkb1lyWERFQ3ZCUE9LV2VGSUJCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
NTg5YTZiLTRkN2UtNDAxMi1hMGZjLWMwY2ViMDM3YWQ0Mi8xLzZzTEJyOVM5N0pn
RkJ2b0gzM3lHWXRWVS1rWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkWOTANBgkqhkiG9w0BAQsFAAOC
AQEAm+a+5Ok4M6SEHpYSfYd3WgBKL2vTQqyDMFOUi6nfjg2JQU4iqp9S1MHgHim3
VlTvoroEc3ScpsZ8D0apzG6AfYM0t7WQ5gg89Vl/spE/oOfDnauUAaI8JiD8AyhO
SxTukgIm8oWa2qw8OuojoJnFDHMAFZC2edjpPGNSwh00H7HxI6Osi6zNhtbAXI8t
hffV8dKEmONbwx9wscg86J1GI2PSgS/ZkIazjU8zwooPILHj1fNYuEvzPYpcWIEV
MahnsmwIhTh22Pn5Vo0kADFkOznhfNG9S02DZldR4iS9NlSJHKGQkTLB14bHuJDV
OmM91OT1MhtBeqLEDS0Mke2dsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org