Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/srf4VJGksLu5OXpQj3Iu2DWq3Ss.roa
File:                     srf4VJGksLu5OXpQj3Iu2DWq3Ss.roa (raw, json)
Hash identifier:          F/LeTMYqqiPI+pHtbtNYCG4aXIg3BCSbiwqrNc8t9UA=
Subject key identifier:   B2:B7:F8:54:91:A4:B0:BB:B9:39:7A:50:8F:72:2E:D8:35:AA:DD:2B
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01848A2CB39C19947E26E00C5C407FDE401D
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/srf4VJGksLu5OXpQj3Iu2DWq3Ss.roa
Signing time:             Fri 18 Nov 2022 09:58:16 +0000
ROA not before:           Fri 18 Nov 2022 09:58:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        185.255.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8a:2c:b3:9c:19:94:7e:26:e0:0c:5c:40:7f:de:40:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Nov 18 09:58:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2b7f85491a4b0bbb9397a508f722ed835aadd2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:74:74:e3:4a:83:a5:6d:33:46:aa:25:66:56:
                    2f:c8:74:46:4c:57:8e:b1:99:c5:ab:da:b3:c7:34:
                    01:46:7f:5f:68:6a:5f:3c:e0:37:88:64:bf:17:50:
                    5d:f8:68:9c:58:57:e7:94:7d:13:4d:f5:89:e8:5a:
                    b3:a5:51:4e:a5:32:4e:e2:b5:fe:77:8c:4c:44:ad:
                    77:3f:2d:f9:c9:b0:2a:d4:be:2d:0e:6c:7c:0a:48:
                    d6:4c:dd:30:0b:11:1a:cf:3c:6f:cd:72:c6:31:f5:
                    44:62:06:1d:0f:40:90:ae:78:8a:ca:97:46:4f:02:
                    68:3a:f7:8c:13:ed:37:2c:2d:89:ce:65:ba:43:f2:
                    8c:e3:f4:5b:b1:eb:49:c7:c0:65:48:68:9b:f5:71:
                    91:32:db:c3:e3:fe:f8:bc:24:e2:e0:48:07:54:91:
                    03:90:c5:8a:cf:53:d0:01:47:d9:c1:01:cb:1a:20:
                    5d:87:21:da:7c:3b:b3:55:71:7a:b3:47:82:19:ee:
                    53:04:d3:cf:f1:b4:fe:d2:af:0f:a0:a4:1f:94:14:
                    3a:2f:5a:30:83:24:95:03:70:0a:11:b5:ac:9c:56:
                    52:9c:e7:4d:aa:76:7e:48:a5:ac:b9:68:52:72:07:
                    28:df:df:9e:9f:13:7b:c5:ff:13:7b:44:e8:10:71:
                    d8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B7:F8:54:91:A4:B0:BB:B9:39:7A:50:8F:72:2E:D8:35:AA:DD:2B
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/srf4VJGksLu5OXpQj3Iu2DWq3Ss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:61:9c:76:1c:68:64:f0:91:d3:32:4d:94:54:e2:a8:a8:08:
         6a:76:6a:13:9f:6d:a5:8d:6b:97:2f:ea:24:33:81:97:57:1e:
         bd:65:c3:af:0e:68:f1:b0:f8:31:d5:a1:88:3c:13:75:07:fd:
         b1:ad:06:62:8b:ed:b4:fb:5e:ad:3a:bb:50:87:ac:14:07:ed:
         06:ff:80:40:35:33:c1:3e:e4:87:5a:c8:c2:6c:fd:4b:ce:5e:
         cf:95:ee:10:1a:a6:92:22:b0:1e:88:ab:f1:9c:e3:0f:03:85:
         6a:1c:af:f5:cc:c0:3e:21:e0:d1:ab:46:74:63:e3:e6:a1:d5:
         c0:95:63:9b:49:27:4c:d8:c1:43:58:c2:89:94:ad:a3:68:97:
         78:0d:f2:3a:b2:c2:fd:a0:2e:db:f7:b1:f2:18:f3:a8:52:c4:
         bc:47:bd:5e:c2:f6:6d:5f:f1:0f:a4:38:f7:71:e3:b3:96:ae:
         42:ec:f5:df:b1:1d:88:8c:2b:c3:f8:43:61:e9:61:dd:27:eb:
         ab:99:6a:62:eb:57:63:38:a7:75:62:85:7c:cf:44:cd:82:54:
         11:8d:b4:69:23:14:91:3e:b1:c6:65:bc:c3:0e:08:ce:55:40:
         12:e1:18:85:eb:71:fd:a9:af:d0:7f:7a:f4:c5:b9:53:40:63:
         1c:eb:a5:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSKLLOcGZR+JuAMXEB/3kAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjIxMTE4MDk1ODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI3Zjg1NDkxYTRiMGJiYjkzOTdhNTA4ZjcyMmVkODM1YWFkZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3R040qDpW0zRqolZlYvyHRGTFeO
sZnFq9qzxzQBRn9faGpfPOA3iGS/F1Bd+GicWFfnlH0TTfWJ6FqzpVFOpTJO4rX+
d4xMRK13Py35ybAq1L4tDmx8CkjWTN0wCxEazzxvzXLGMfVEYgYdD0CQrniKypdG
TwJoOveME+03LC2JzmW6Q/KM4/RbsetJx8BlSGib9XGRMtvD4/74vCTi4EgHVJED
kMWKz1PQAUfZwQHLGiBdhyHafDuzVXF6s0eCGe5TBNPP8bT+0q8PoKQflBQ6L1ow
gySVA3AKEbWsnFZSnOdNqnZ+SKWsuWhScgco39+enxN7xf8Te0ToEHHYewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLK3+FSRpLC7uTl6UI9yLtg1qt0rMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvc3JmNFZKR2tzTHU1T1hwUWozSXUyRFdxM1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf/EMA0G
CSqGSIb3DQEBCwUAA4IBAQCtYZx2HGhk8JHTMk2UVOKoqAhqdmoTn22ljWuXL+ok
M4GXVx69ZcOvDmjxsPgx1aGIPBN1B/2xrQZii+20+16tOrtQh6wUB+0G/4BANTPB
PuSHWsjCbP1Lzl7Ple4QGqaSIrAeiKvxnOMPA4VqHK/1zMA+IeDRq0Z0Y+PmodXA
lWObSSdM2MFDWMKJlK2jaJd4DfI6ssL9oC7b97HyGPOoUsS8R71ewvZtX/EPpDj3
ceOzlq5C7PXfsR2IjCvD+ENh6WHdJ+urmWpi61djOKd1YoV8z0TNglQRjbRpIxSR
PrHGZbzDDgjOVUAS4RiF63H9qa/Qf3r0xblTQGMc66U8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org