Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/G-osnnc21wpFpllUTT8ydAe4Qdg.roa
File:                     G-osnnc21wpFpllUTT8ydAe4Qdg.roa (raw, json)
Hash identifier:          h8vqLqRY9ebEQtQNzgW/TOmYEHhX8LNhvY01GVT6OYA=
Subject key identifier:   1B:EA:2C:9E:77:36:D7:0A:45:A6:59:54:4D:3F:32:74:07:B8:41:D8
Certificate issuer:       /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial:       01835FF818E06ED0257F3E3F0C9D6D6037DA
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/G-osnnc21wpFpllUTT8ydAe4Qdg.roa
Signing time:             Wed 21 Sep 2022 12:13:58 +0000
ROA not before:           Wed 21 Sep 2022 12:13:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203435
IP address blocks:        185.135.2.0/24 maxlen: 24
                          205.201.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5f:f8:18:e0:6e:d0:25:7f:3e:3f:0c:9d:6d:60:37:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
        Validity
            Not Before: Sep 21 12:13:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bea2c9e7736d70a45a659544d3f327407b841d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ad:87:c2:f4:b8:ca:81:f8:5a:a5:6c:52:a9:
                    38:85:34:8d:95:c9:d9:c3:14:77:c5:9b:da:15:a0:
                    17:a1:c4:d7:cd:fa:49:f2:3c:6a:e3:7b:5e:8b:52:
                    c8:6a:ec:f0:fc:1d:89:4b:2e:fd:70:5a:6f:72:29:
                    8c:23:ef:18:12:43:bb:f9:42:c6:0f:33:d5:f8:b0:
                    b0:31:29:7f:f0:96:6b:0c:ce:29:6a:e8:64:28:6e:
                    7c:ab:05:75:12:8c:4e:30:d6:4b:3b:20:65:3f:7d:
                    e9:05:79:19:49:65:2c:d4:8b:fb:c3:76:45:ba:16:
                    6a:a2:89:87:f6:a6:38:56:bd:db:fd:1f:94:0e:1c:
                    99:ce:9c:82:6d:4e:cf:93:46:a9:28:64:03:48:78:
                    2b:d2:3f:aa:ef:30:82:a8:fb:e3:d9:a3:ff:62:03:
                    74:98:2f:33:dc:d9:c1:0d:b0:8f:fa:33:d8:d7:68:
                    3b:67:ae:ac:85:c4:9d:29:06:25:af:1e:ec:7a:aa:
                    e4:76:15:99:1e:0a:7d:fe:0f:25:c6:76:2b:1a:ec:
                    ae:33:a7:fd:b8:37:a5:71:fa:b3:5b:4c:73:08:f0:
                    1d:ef:36:72:45:9f:aa:a6:0d:2a:41:00:12:4a:08:
                    65:30:ed:11:95:cf:b2:ba:9f:c9:e7:71:62:d4:6d:
                    7b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:EA:2C:9E:77:36:D7:0A:45:A6:59:54:4D:3F:32:74:07:B8:41:D8
            X509v3 Authority Key Identifier:
                keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/G-osnnc21wpFpllUTT8ydAe4Qdg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.135.2.0/24
                  205.201.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:0b:d5:c2:af:ee:ce:8f:fa:4f:09:f5:28:42:79:fe:c4:7d:
         08:5d:ab:f1:52:23:ea:70:ac:0b:35:bd:1c:73:8f:15:cc:1b:
         2a:7b:e9:3f:52:8e:bd:24:36:40:3d:95:e5:ca:69:b1:fe:32:
         c6:90:b7:84:ab:41:6b:22:d6:1e:d2:ad:2d:1e:a9:97:5c:52:
         8b:bc:b3:17:5d:e4:55:71:05:0f:4e:7d:26:9c:1f:ff:28:6e:
         8d:67:20:a1:96:1d:87:86:82:1d:7e:e0:5b:e0:8a:74:6e:f8:
         de:6f:68:49:a2:1a:6b:a6:fd:bf:39:6f:f2:d5:54:77:ff:6a:
         ff:eb:46:a1:98:b7:fc:c5:ee:75:0c:01:92:9e:80:fa:df:8c:
         6d:0d:29:72:41:c7:21:8d:f6:52:85:60:a4:28:c1:16:0f:96:
         ce:27:58:a3:92:9d:f6:24:bd:86:b5:1f:a0:da:39:87:49:b0:
         be:28:15:de:b8:fe:ff:9f:09:35:67:ac:b1:3d:48:12:ad:dc:
         59:db:28:09:02:d4:6c:76:0c:18:66:a2:f0:31:45:94:18:ca:
         c2:d6:8c:8d:5f:38:60:8b:29:54:80:6e:57:19:dc:32:54:cc:
         0d:b5:07:9a:32:85:d3:9a:ce:f2:f6:54:94:1b:36:be:3c:82:
         78:f3:3f:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNf+BjgbtAlfz4/DJ1tYDfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjIwOTIxMTIxMzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmVhMmM5ZTc3MzZkNzBhNDVhNjU5NTQ0ZDNmMzI3NDA3Yjg0MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt62HwvS4yoH4WqVsUqk4hTSNlcnZ
wxR3xZvaFaAXocTXzfpJ8jxq43tei1LIauzw/B2JSy79cFpvcimMI+8YEkO7+ULG
DzPV+LCwMSl/8JZrDM4pauhkKG58qwV1EoxOMNZLOyBlP33pBXkZSWUs1Iv7w3ZF
uhZqoomH9qY4Vr3b/R+UDhyZzpyCbU7Pk0apKGQDSHgr0j+q7zCCqPvj2aP/YgN0
mC8z3NnBDbCP+jPY12g7Z66shcSdKQYlrx7seqrkdhWZHgp9/g8lxnYrGuyuM6f9
uDelcfqzW0xzCPAd7zZyRZ+qpg0qQQASSghlMO0Rlc+yup/J53Fi1G176QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvqLJ53NtcKRaZZVE0/MnQHuEHYMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvRy1vc25uYzIxd3BGcGxsVVRUOHlkQWU0UWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYcCAwQA
zck3MA0GCSqGSIb3DQEBCwUAA4IBAQASC9XCr+7Oj/pPCfUoQnn+xH0IXavxUiPq
cKwLNb0cc48VzBsqe+k/Uo69JDZAPZXlymmx/jLGkLeEq0FrItYe0q0tHqmXXFKL
vLMXXeRVcQUPTn0mnB//KG6NZyChlh2HhoIdfuBb4Ip0bvjeb2hJohprpv2/OW/y
1VR3/2r/60ahmLf8xe51DAGSnoD634xtDSlyQcchjfZShWCkKMEWD5bOJ1ijkp32
JL2GtR+g2jmHSbC+KBXeuP7/nwk1Z6yxPUgSrdxZ2ygJAtRsdgwYZqLwMUWUGMrC
1oyNXzhgiylUgG5XGdwyVMwNtQeaMoXTms7y9lSUGza+PIJ48z/5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:03 2024 by rpki-client on console-ams.rpki-client.org