Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/N5Ye98btdCpAqClgTIEL9FXPCkc.roa
File:                     N5Ye98btdCpAqClgTIEL9FXPCkc.roa (raw, json)
Hash identifier:          0rINA3QTObPbSeWChx36O72bVWcX1f60GvfX4+LiIs4=
Subject key identifier:   37:96:1E:F7:C6:ED:74:2A:40:A8:29:60:4C:81:0B:F4:55:CF:0A:47
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       03BFF9B8
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/N5Ye98btdCpAqClgTIEL9FXPCkc.roa
Signing time:             Sat 01 Jan 2022 05:55:53 +0000
ROA not before:           Sat 01 Jan 2022 05:55:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212896
IP address blocks:        185.255.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62912952 (0x3bff9b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jan  1 05:55:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37961ef7c6ed742a40a829604c810bf455cf0a47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:4c:01:d3:79:09:ed:ab:e7:3d:fc:90:0c:e9:
                    98:62:5c:74:d8:22:31:19:04:17:86:34:b8:30:d2:
                    ea:a2:0a:47:3c:fe:ec:dc:e1:2a:0b:d6:4d:bf:5b:
                    84:e7:5a:e1:f0:03:cf:d4:41:32:69:e0:42:a4:1d:
                    1f:da:b7:9c:ea:20:b1:ba:0f:ee:d2:93:d9:92:e0:
                    0f:72:8d:19:c3:1b:d8:7a:25:9a:9a:dd:c7:92:42:
                    a0:83:1c:78:c9:5a:d2:af:e1:fa:58:42:73:e6:91:
                    86:a2:dc:68:51:bd:d2:87:32:fc:67:7a:f7:17:73:
                    12:ea:d6:63:16:5d:39:de:01:2a:34:fb:0e:16:19:
                    4f:e5:84:60:d4:0f:87:7d:15:30:ba:7e:84:32:8f:
                    90:d8:e0:00:f9:02:75:00:5f:04:30:4c:ab:01:21:
                    41:da:14:4f:b6:99:db:ee:80:eb:ba:ab:17:3f:25:
                    12:af:49:ea:a5:d4:d4:96:65:6a:78:28:db:52:fd:
                    9b:98:fa:d7:7e:4c:28:58:f4:1d:90:45:a3:d4:55:
                    a3:3a:99:23:14:8f:a3:ca:b7:2d:cd:7d:5f:69:0d:
                    85:6f:d2:98:d9:8e:58:fd:1d:cc:e1:e1:3d:58:d1:
                    c3:be:21:5f:53:7e:02:30:98:78:aa:65:cf:23:6f:
                    3c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:96:1E:F7:C6:ED:74:2A:40:A8:29:60:4C:81:0B:F4:55:CF:0A:47
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/N5Ye98btdCpAqClgTIEL9FXPCkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:f8:ed:b9:e5:39:2c:fc:ee:58:ed:42:ea:96:ee:15:53:80:
         d6:17:ba:7a:30:f3:db:2b:6c:b8:f6:fc:13:dd:b6:3d:6b:e1:
         e1:7a:76:a5:b9:3a:84:b0:73:26:a7:68:23:d7:7e:28:0f:3b:
         d3:3d:4c:ae:f4:cd:51:d4:4c:12:21:fb:d5:90:f0:6f:00:05:
         b0:75:9d:87:68:fa:f7:d1:35:8d:e0:e5:52:13:35:d3:7a:01:
         b9:fd:82:7e:1e:53:e4:b5:16:78:24:1c:61:90:cb:f2:ae:4b:
         64:79:3e:62:32:5d:c6:e7:55:51:a9:51:0f:2c:f0:97:4e:6e:
         80:a7:83:70:b3:56:eb:1f:96:98:47:0e:0a:7c:3f:81:65:8c:
         88:29:fe:1a:81:99:45:58:42:e9:04:40:80:41:1b:b4:61:2e:
         f0:5d:c2:60:8b:7b:c8:75:60:61:0f:99:b2:11:3b:73:88:41:
         09:7b:44:1d:93:55:23:bc:63:2d:63:ef:db:66:d7:d5:2a:7a:
         a6:03:5d:1a:09:d5:60:62:f4:57:32:e6:9e:33:38:d6:1a:78:
         2f:dd:5e:b4:40:6d:3c:bc:2b:e6:0f:0c:df:ee:34:e9:4a:9b:
         90:8c:74:e1:e2:bd:18:e2:0f:af:35:e5:00:76:07:fd:65:94:
         34:3c:44:ec
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7/5uDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMB4XDTIyMDEw
MTA1NTU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc5NjFlZjdjNmVk
NzQyYTQwYTgyOTYwNGM4MTBiZjQ1NWNmMGE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhMAdN5Ce2r5z38kAzpmGJcdNgiMRkEF4Y0uDDS6qIKRzz+
7NzhKgvWTb9bhOda4fADz9RBMmngQqQdH9q3nOogsboP7tKT2ZLgD3KNGcMb2Hol
mprdx5JCoIMceMla0q/h+lhCc+aRhqLcaFG90ocy/Gd69xdzEurWYxZdOd4BKjT7
DhYZT+WEYNQPh30VMLp+hDKPkNjgAPkCdQBfBDBMqwEhQdoUT7aZ2+6A67qrFz8l
Eq9J6qXU1JZlango21L9m5j6135MKFj0HZBFo9RVozqZIxSPo8q3Lc19X2kNhW/S
mNmOWP0dzOHhPVjRw74hX1N+AjCYeKplzyNvPH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3lh73xu10KkCoKWBMgQv0Vc8KRzAfBgNVHSMEGDAWgBRYBtpaWSUSdc6x
hpThdBU1Ku3WqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBYmFXbGtsRW5YT3NZYVU0WFFWTlNydDFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8x
L041WWU5OGJ0ZENwQXFDbGdUSUVMOUZYUENrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5Y
T3NZYVU0WFFWTlNydDFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn/xzANBgkqhkiG9w0BAQsFAAOC
AQEAsvjtueU5LPzuWO1C6pbuFVOA1he6ejDz2ytsuPb8E922PWvh4Xp2pbk6hLBz
JqdoI9d+KA870z1MrvTNUdRMEiH71ZDwbwAFsHWdh2j699E1jeDlUhM103oBuf2C
fh5T5LUWeCQcYZDL8q5LZHk+YjJdxudVUalRDyzwl05ugKeDcLNW6x+WmEcOCnw/
gWWMiCn+GoGZRVhC6QRAgEEbtGEu8F3CYIt7yHVgYQ+ZshE7c4hBCXtEHZNVI7xj
LWPv22bX1Sp6pgNdGgnVYGL0VzLmnjM41hp4L91etEBtPLwr5g8M3+406UqbkIx0
4eK9GOIPrzXlAHYH/WWUNDxE7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org