Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/5iG6i9tnhBt_DlFlZModxXAfvcI.roa
File:                     5iG6i9tnhBt_DlFlZModxXAfvcI.roa (raw, json)
Hash identifier:          UgPPJDSCQNlyMagR5EWlN0LbUXMvKxHfwQg6gvfwpNc=
Subject key identifier:   E6:21:BA:8B:DB:67:84:1B:7F:0E:51:65:64:CA:1D:C5:70:1F:BD:C2
Certificate issuer:       /CN=16f02e70a6553ff0c665139ee55671c860658081
Certificate serial:       05E37029
Authority key identifier: 16:F0:2E:70:A6:55:3F:F0:C6:65:13:9E:E5:56:71:C8:60:65:80:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FvAucKZVP_DGZROe5VZxyGBlgIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/5iG6i9tnhBt_DlFlZModxXAfvcI.roa
Signing time:             Sat 01 Jan 2022 07:57:56 +0000
ROA not before:           Sat 01 Jan 2022 07:57:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203895
IP address blocks:        185.120.138.0/24 maxlen: 24
                          185.120.137.0/24 maxlen: 24
                          185.120.136.0/24 maxlen: 24
                          185.120.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98791465 (0x5e37029)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16f02e70a6553ff0c665139ee55671c860658081
        Validity
            Not Before: Jan  1 07:57:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e621ba8bdb67841b7f0e516564ca1dc5701fbdc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:b7:07:90:96:48:47:ee:b3:e7:6a:7e:80:b3:
                    b4:1c:22:fb:7d:c9:c2:66:7e:7a:9a:94:ce:82:d9:
                    2e:de:fc:7c:d2:ab:37:c8:3c:dd:26:1e:91:41:d8:
                    dd:32:7e:3a:6b:eb:64:e9:e6:1b:78:b6:6f:7b:76:
                    9c:0d:98:e0:7a:3e:1c:03:0b:0e:9e:08:71:24:d6:
                    48:e8:e6:fb:5f:24:3b:71:19:da:a2:e6:f7:fc:ab:
                    61:41:57:7c:d9:85:eb:5c:4c:5a:59:07:82:39:cc:
                    34:74:28:1f:05:fb:04:46:3c:86:58:e2:60:5f:0e:
                    39:3c:88:a0:81:7c:1d:ee:6d:b6:8e:ba:18:3e:c8:
                    d0:43:ed:80:b8:c7:ed:c3:14:f6:6d:84:cb:55:2d:
                    ed:37:81:e6:0f:86:10:fd:3e:7a:cd:15:a5:63:7f:
                    ea:34:c6:b1:c7:9d:b3:4e:f2:ab:1e:48:e8:d8:07:
                    65:a6:6a:5c:47:87:be:f4:3e:ff:cd:f1:e9:54:38:
                    26:b7:77:01:9b:69:1a:55:dc:7b:f7:6c:25:4b:ce:
                    90:5b:98:6b:0f:60:19:0a:6f:19:e7:ae:30:38:57:
                    82:60:52:6a:f1:c2:05:9f:af:fa:ab:82:db:c4:8f:
                    75:34:62:9e:84:72:cc:4f:12:19:53:fe:00:70:0d:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:21:BA:8B:DB:67:84:1B:7F:0E:51:65:64:CA:1D:C5:70:1F:BD:C2
            X509v3 Authority Key Identifier:
                keyid:16:F0:2E:70:A6:55:3F:F0:C6:65:13:9E:E5:56:71:C8:60:65:80:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FvAucKZVP_DGZROe5VZxyGBlgIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/5iG6i9tnhBt_DlFlZModxXAfvcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9383b5-7083-4cc3-9e69-97f6f2a39626/1/FvAucKZVP_DGZROe5VZxyGBlgIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.120.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:0b:73:f1:a2:3d:ec:cf:d7:e1:46:70:87:32:72:27:ab:2e:
         3e:10:6b:2d:88:d9:31:f7:ef:49:a6:1c:90:f9:36:a7:4a:83:
         6a:af:27:a1:63:fc:09:be:24:b4:4e:21:26:15:ad:81:fd:36:
         b0:09:5e:36:66:cc:c6:75:7d:ea:c2:17:38:76:d4:0f:6a:f4:
         11:b4:f0:9d:50:c3:f6:3d:8e:c8:5f:71:1f:6f:d7:f8:eb:98:
         d5:cf:6d:22:04:b5:91:58:82:ed:69:9c:0c:60:a0:b5:d0:92:
         47:05:cc:03:02:7a:0f:92:d4:29:b5:74:35:57:f0:ca:40:19:
         42:7e:83:aa:a9:80:01:36:17:93:57:b9:d6:ac:85:49:cf:98:
         c0:85:e8:a6:9f:29:07:26:61:8d:ea:91:b3:91:c0:3f:f2:74:
         da:53:02:e2:12:28:22:4f:e1:22:88:74:4d:b1:d6:b5:41:4c:
         dc:dc:20:73:d1:55:e5:a6:09:03:1f:a7:23:a9:ab:51:3b:8f:
         62:b6:c1:f1:56:11:c7:48:e5:ff:fc:8b:95:eb:9e:0e:72:9a:
         dd:b2:2b:91:c7:3e:6d:ab:47:af:cd:a1:8d:d8:05:96:c2:72:
         19:9d:4c:94:90:05:37:62:19:8e:6e:11:2e:fe:a6:a8:10:96:
         73:01:8b:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBeNwKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmYwMmU3MGE2NTUzZmYwYzY2NTEzOWVlNTU2NzFjODYwNjU4MDgxMB4XDTIyMDEw
MTA3NTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYyMWJhOGJkYjY3
ODQxYjdmMGU1MTY1NjRjYTFkYzU3MDFmYmRjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI63B5CWSEfus+dqfoCztBwi+33JwmZ+epqUzoLZLt78fNKr
N8g83SYekUHY3TJ+OmvrZOnmG3i2b3t2nA2Y4Ho+HAMLDp4IcSTWSOjm+18kO3EZ
2qLm9/yrYUFXfNmF61xMWlkHgjnMNHQoHwX7BEY8hljiYF8OOTyIoIF8He5tto66
GD7I0EPtgLjH7cMU9m2Ey1Ut7TeB5g+GEP0+es0VpWN/6jTGsceds07yqx5I6NgH
ZaZqXEeHvvQ+/83x6VQ4Jrd3AZtpGlXce/dsJUvOkFuYaw9gGQpvGeeuMDhXgmBS
avHCBZ+v+quC28SPdTRinoRyzE8SGVP+AHANiBECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTmIbqL22eEG38OUWVkyh3FcB+9wjAfBgNVHSMEGDAWgBQW8C5wplU/8MZl
E57lVnHIYGWAgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z2QXVjS1pWUF9ER1pST2U1Vlp4eUdCbGdJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvOTM4M2I1LTcwODMtNGNjMy05ZTY5LTk3ZjZmMmEzOTYyNi8x
LzVpRzZpOXRuaEJ0X0RsRmxaTW9keFhBZnZjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
OTM4M2I1LTcwODMtNGNjMy05ZTY5LTk3ZjZmMmEzOTYyNi8xL0Z2QXVjS1pWUF9E
R1pST2U1Vlp4eUdCbGdJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl4iDANBgkqhkiG9w0BAQsFAAOC
AQEASAtz8aI97M/X4UZwhzJyJ6suPhBrLYjZMffvSaYckPk2p0qDaq8noWP8Cb4k
tE4hJhWtgf02sAleNmbMxnV96sIXOHbUD2r0EbTwnVDD9j2OyF9xH2/X+OuY1c9t
IgS1kViC7WmcDGCgtdCSRwXMAwJ6D5LUKbV0NVfwykAZQn6DqqmAATYXk1e51qyF
Sc+YwIXopp8pByZhjeqRs5HAP/J02lMC4hIoIk/hIoh0TbHWtUFM3Nwgc9FV5aYJ
Ax+nI6mrUTuPYrbB8VYRx0jl//yLleueDnKa3bIrkcc+batHr82hjdgFlsJyGZ1M
lJAFN2IZjm4RLv6mqBCWcwGLPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org