Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/2U5SqBU8fym9QRHA59NEoSaa1QY.roa
File:                     2U5SqBU8fym9QRHA59NEoSaa1QY.roa (raw, json)
Hash identifier:          2toeReya5PXeKYd+eRgz+3KAOMMwJXoBdVyardHxdwI=
Subject key identifier:   D9:4E:52:A8:15:3C:7F:29:BD:41:11:C0:E7:D3:44:A1:26:9A:D5:06
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       04873F57
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/2U5SqBU8fym9QRHA59NEoSaa1QY.roa
Signing time:             Sun 03 Apr 2022 11:52:23 +0000
ROA not before:           Sun 03 Apr 2022 11:52:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        185.255.196.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75972439 (0x4873f57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Apr  3 11:52:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d94e52a8153c7f29bd4111c0e7d344a1269ad506
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a4:4b:52:4b:3c:e1:08:c4:82:bb:59:11:95:
                    76:24:bb:c4:e0:70:0a:58:c6:98:2a:3a:c7:d3:58:
                    b6:d3:20:2a:02:00:33:22:58:6f:44:bd:d3:93:85:
                    f0:9c:4e:51:9c:48:9c:bf:fb:30:ec:ba:b6:31:9e:
                    26:85:2a:c8:2b:13:66:e7:6d:06:3b:50:5e:4a:5d:
                    be:58:bd:90:ee:06:c8:95:c5:87:11:4c:04:32:0f:
                    88:f9:16:0a:68:b6:de:27:73:af:13:53:e1:ba:9b:
                    b8:66:21:3a:77:05:db:c9:c8:8d:69:aa:37:b4:0e:
                    1a:d8:8d:35:55:ee:b6:40:b5:b9:6b:0e:2a:27:1f:
                    e2:01:d9:40:8d:61:ac:b7:00:26:ce:e6:b7:f4:db:
                    d0:c2:cd:16:c7:cb:08:1d:80:56:c1:1b:23:97:32:
                    bd:19:77:a8:01:86:a7:ef:87:9e:99:33:f7:05:31:
                    dc:5a:76:e3:a8:31:61:eb:84:0c:c4:18:03:0f:4d:
                    35:8e:77:dd:06:d1:45:10:65:71:74:21:bd:e5:57:
                    cd:50:e1:cf:44:11:3c:67:99:c3:2c:2a:db:c2:78:
                    08:c0:13:9b:42:00:85:ba:2f:d4:7f:60:2e:2b:c8:
                    c6:44:4a:db:88:c0:84:0f:f9:b2:97:54:9a:6a:af:
                    45:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:4E:52:A8:15:3C:7F:29:BD:41:11:C0:E7:D3:44:A1:26:9A:D5:06
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/2U5SqBU8fym9QRHA59NEoSaa1QY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:47:d0:ec:f5:4e:3f:62:f6:bc:1b:ee:e6:05:77:0d:6c:13:
         8c:c5:6d:03:37:42:45:03:4a:a0:6f:7b:e9:64:2b:5e:21:f6:
         15:69:d8:99:08:1a:7d:60:4d:e1:33:49:e1:0e:b5:a6:ed:ad:
         92:c9:43:7f:85:f6:1d:4c:05:04:af:f4:28:c5:67:e0:7e:7d:
         ac:bc:b8:dc:bb:da:5d:55:cb:50:89:ec:95:2c:ab:86:7b:d3:
         75:a3:c6:8d:69:87:be:fd:e9:67:09:cb:a5:fb:b4:fd:32:e3:
         9a:3b:3b:c4:b5:c3:c2:08:da:8a:06:49:a3:b2:ce:09:d9:37:
         a0:4d:84:b0:ef:2e:0b:47:98:4a:93:59:a1:e3:c3:7a:b1:12:
         bb:00:91:33:21:25:19:5b:32:c5:af:55:0b:ac:02:a7:1f:b0:
         37:05:d8:7c:03:bd:fa:ea:ca:b7:01:6c:76:9d:08:3c:44:48:
         37:ee:aa:11:d7:80:4b:25:30:74:4a:e3:3a:f5:77:d3:71:a6:
         c3:64:b2:c8:de:39:31:79:5a:f0:b8:90:03:46:6e:4d:76:1f:
         a3:01:0c:b6:f8:af:91:50:2f:01:bf:14:10:a6:b2:ff:fa:0d:
         7d:68:f9:23:6e:21:e4:14:7f:e3:31:ea:fb:08:45:49:05:05:
         e9:aa:7c:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIc/VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMB4XDTIyMDQw
MzExNTIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk0ZTUyYTgxNTNj
N2YyOWJkNDExMWMwZTdkMzQ0YTEyNjlhZDUwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIekS1JLPOEIxIK7WRGVdiS7xOBwCljGmCo6x9NYttMgKgIA
MyJYb0S905OF8JxOUZxInL/7MOy6tjGeJoUqyCsTZudtBjtQXkpdvli9kO4GyJXF
hxFMBDIPiPkWCmi23idzrxNT4bqbuGYhOncF28nIjWmqN7QOGtiNNVXutkC1uWsO
Kicf4gHZQI1hrLcAJs7mt/Tb0MLNFsfLCB2AVsEbI5cyvRl3qAGGp++Hnpkz9wUx
3Fp246gxYeuEDMQYAw9NNY533QbRRRBlcXQhveVXzVDhz0QRPGeZwywq28J4CMAT
m0IAhbov1H9gLivIxkRK24jAhA/5spdUmmqvRR8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZTlKoFTx/Kb1BEcDn00ShJprVBjAfBgNVHSMEGDAWgBRYBtpaWSUSdc6x
hpThdBU1Ku3WqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBYmFXbGtsRW5YT3NZYVU0WFFWTlNydDFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8x
LzJVNVNxQlU4ZnltOVFSSEE1OU5Fb1NhYTFRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5Y
T3NZYVU0WFFWTlNydDFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn/xDANBgkqhkiG9w0BAQsFAAOC
AQEAJUfQ7PVOP2L2vBvu5gV3DWwTjMVtAzdCRQNKoG976WQrXiH2FWnYmQgafWBN
4TNJ4Q61pu2tkslDf4X2HUwFBK/0KMVn4H59rLy43LvaXVXLUInslSyrhnvTdaPG
jWmHvv3pZwnLpfu0/TLjmjs7xLXDwgjaigZJo7LOCdk3oE2EsO8uC0eYSpNZoePD
erESuwCRMyElGVsyxa9VC6wCpx+wNwXYfAO9+urKtwFsdp0IPERIN+6qEdeASyUw
dErjOvV303Gmw2SyyN45MXla8LiQA0ZuTXYfowEMtvivkVAvAb8UEKay//oNfWj5
I24h5BR/4zHq+whFSQUF6ap8/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org