Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8iaM8JfAxT7pybj07C2WsuGJ7to.roa
File:                     8iaM8JfAxT7pybj07C2WsuGJ7to.roa (raw, json)
Hash identifier:          YEvVVO+Uqh8CkcyU5UTy8T2RP8GP3iqS75peepJQzY8=
Subject key identifier:   F2:26:8C:F0:97:C0:C5:3E:E9:C9:B8:F4:EC:2D:96:B2:E1:89:EE:DA
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       0184D21EBE3A46E2190A2E820BA53F322E23
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8iaM8JfAxT7pybj07C2WsuGJ7to.roa
Signing time:             Fri 02 Dec 2022 09:15:40 +0000
ROA not before:           Fri 02 Dec 2022 09:15:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211415
IP address blocks:        185.220.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:d2:1e:be:3a:46:e2:19:0a:2e:82:0b:a5:3f:32:2e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Dec  2 09:15:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f2268cf097c0c53ee9c9b8f4ec2d96b2e189eeda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f6:ea:e2:15:b8:dc:2c:a5:cb:62:ec:01:23:
                    5d:92:6f:88:39:73:2f:f0:09:47:6f:e0:48:6f:50:
                    ec:5b:1f:ca:77:14:b0:26:4d:2c:9d:6c:7c:47:3e:
                    c1:6d:45:30:08:f8:06:02:ef:43:62:d7:c9:14:ed:
                    6b:6c:80:7e:5a:02:5b:68:bb:dd:e2:54:ac:e1:a7:
                    94:57:bb:0e:e4:67:db:3f:f9:b2:87:67:e7:ff:66:
                    45:b1:ff:7a:d5:86:cf:1e:a9:a6:16:61:57:7f:3d:
                    7e:30:33:63:7b:47:5e:fc:e2:e5:3d:3b:b0:2e:46:
                    b3:3a:2d:d8:35:5b:89:2e:ea:db:4d:a0:9b:d0:76:
                    2a:9f:fb:78:c5:90:88:cf:59:81:c7:7b:f8:03:90:
                    dc:fd:fd:a8:87:82:aa:92:29:cb:f4:70:28:39:81:
                    cc:fa:b8:44:d5:3b:c4:2e:1f:2a:1d:c8:fa:d7:d2:
                    72:3d:a6:5c:65:cb:1a:35:0c:83:b9:f9:84:55:93:
                    1f:6c:1d:c0:b4:07:1e:2f:11:64:93:0b:78:67:93:
                    59:77:bd:a5:c1:1a:97:68:f7:6d:a3:ba:4c:ea:e0:
                    b1:2b:2b:c7:c7:9a:29:dc:76:13:30:75:98:d2:ff:
                    91:b7:e2:c2:80:18:4c:86:22:d8:10:1d:c1:fa:a6:
                    80:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:26:8C:F0:97:C0:C5:3E:E9:C9:B8:F4:EC:2D:96:B2:E1:89:EE:DA
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8iaM8JfAxT7pybj07C2WsuGJ7to.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:c4:9a:2e:d2:74:65:6f:a7:d8:75:4f:a7:9a:d1:31:f9:74:
         7e:73:6f:52:93:2c:f6:0d:7d:ef:85:95:5c:9e:f4:e9:47:7d:
         53:33:07:16:39:8f:40:5b:17:84:f0:bd:9d:08:4d:8d:9d:a3:
         07:54:9a:e7:8e:97:b7:75:9f:fe:11:b4:9f:18:c0:57:32:94:
         02:d4:f5:3c:1f:f1:23:14:bc:a2:77:2d:8c:65:e8:68:73:43:
         2c:60:3c:2d:cd:c1:b3:c1:af:ee:b4:94:d3:39:b2:4b:32:df:
         64:e3:6d:72:0e:10:2b:4b:90:1e:de:8a:07:b1:74:2b:b0:a0:
         2f:d6:87:87:47:97:ea:37:1a:94:2b:4a:11:58:c0:cc:bf:1e:
         c5:39:64:f2:25:94:62:db:15:a2:c7:9c:32:be:fa:c4:95:91:
         e3:ce:28:b8:9c:84:11:8c:cc:fb:3c:5e:af:8f:d8:8d:46:2e:
         9a:32:f8:20:84:35:f7:4f:90:72:e6:0e:ca:4f:38:63:aa:f8:
         4a:ee:6b:85:7a:c3:61:f0:78:0b:98:7a:b8:60:54:a1:0d:52:
         fb:42:7e:12:f3:1d:eb:c6:07:47:0d:4a:df:61:61:15:1b:c4:
         f7:70:e9:d2:d1:09:a7:fa:81:ba:60:bc:41:78:16:89:a0:3c:
         b6:43:9b:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSHr46RuIZCi6CC6U/Mi4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjIxMjAyMDkxNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI2OGNmMDk3YzBjNTNlZTljOWI4ZjRlYzJkOTZiMmUxODllZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvbq4hW43Cyly2LsASNdkm+IOXMv
8AlHb+BIb1DsWx/KdxSwJk0snWx8Rz7BbUUwCPgGAu9DYtfJFO1rbIB+WgJbaLvd
4lSs4aeUV7sO5GfbP/myh2fn/2ZFsf961YbPHqmmFmFXfz1+MDNje0de/OLlPTuw
LkazOi3YNVuJLurbTaCb0HYqn/t4xZCIz1mBx3v4A5Dc/f2oh4KqkinL9HAoOYHM
+rhE1TvELh8qHcj619JyPaZcZcsaNQyDufmEVZMfbB3AtAceLxFkkwt4Z5NZd72l
wRqXaPdto7pM6uCxKyvHx5op3HYTMHWY0v+Rt+LCgBhMhiLYEB3B+qaAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPImjPCXwMU+6cm49OwtlrLhie7aMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvOGlhTThKZkF4VDdweWJqMDdDMldzdUdKN3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudyTMA0G
CSqGSIb3DQEBCwUAA4IBAQBaxJou0nRlb6fYdU+nmtEx+XR+c29Skyz2DX3vhZVc
nvTpR31TMwcWOY9AWxeE8L2dCE2NnaMHVJrnjpe3dZ/+EbSfGMBXMpQC1PU8H/Ej
FLyidy2MZehoc0MsYDwtzcGzwa/utJTTObJLMt9k421yDhArS5Ae3ooHsXQrsKAv
1oeHR5fqNxqUK0oRWMDMvx7FOWTyJZRi2xWix5wyvvrElZHjzii4nIQRjMz7PF6v
j9iNRi6aMvgghDX3T5By5g7KTzhjqvhK7muFesNh8HgLmHq4YFShDVL7Qn4S8x3r
xgdHDUrfYWEVG8T3cOnS0Qmn+oG6YLxBeBaJoDy2Q5tS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org