Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0Exge9PgxN3N75qRhFMwI1byQ4Y.roa
File:                     0Exge9PgxN3N75qRhFMwI1byQ4Y.roa (raw, json)
Hash identifier:          9oanapZie8bslUjlrKPHjB01ZiO5aeSSzKtna0j5Otw=
Subject key identifier:   D0:4C:60:7B:D3:E0:C4:DD:CD:EF:9A:91:84:53:30:23:56:F2:43:86
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01826F59147170F57FC5B2B39724A0DCA29B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0Exge9PgxN3N75qRhFMwI1byQ4Y.roa
Signing time:             Fri 05 Aug 2022 18:51:25 +0000
ROA not before:           Fri 05 Aug 2022 18:51:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204902
IP address blocks:        185.241.210.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6f:59:14:71:70:f5:7f:c5:b2:b3:97:24:a0:dc:a2:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Aug  5 18:51:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d04c607bd3e0c4ddcdef9a918453302356f24386
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:61:13:29:0a:8c:ea:a5:85:02:52:66:f5:64:
                    3d:e7:82:75:75:9e:72:f3:41:0f:76:b3:00:34:93:
                    a7:47:e2:f4:f3:8a:b9:4f:75:4a:6e:db:6d:52:f0:
                    3c:b8:a2:aa:99:87:94:5a:14:64:f6:d6:02:e1:1a:
                    e6:84:5e:00:70:5d:96:43:49:14:12:39:54:a0:87:
                    18:67:73:21:a8:df:0b:46:b5:20:ff:6e:0d:86:c0:
                    66:ec:6e:9b:56:0e:29:30:5f:9d:7a:33:03:12:b5:
                    21:11:43:4b:4b:59:b2:9f:da:12:44:84:53:b5:08:
                    eb:f8:40:f5:88:cc:98:65:b4:0d:3b:11:20:f2:0b:
                    bd:ad:1d:cc:bd:c2:69:a1:f0:7a:61:dc:74:7f:5b:
                    c8:1c:94:7f:e3:02:ce:89:ca:69:1d:49:d8:a4:88:
                    28:4e:f7:5e:f2:0b:0c:17:ff:5e:f2:48:52:d8:21:
                    03:21:8b:f0:58:11:6c:e8:c1:05:bd:1b:43:3f:c6:
                    c1:9f:6f:1a:e2:a9:46:23:04:b7:d5:d2:d5:32:c3:
                    7e:87:b3:d7:07:13:f3:80:27:ca:8b:13:8a:fd:86:
                    61:14:c8:b8:c5:a5:24:78:18:f3:a4:cb:b2:0c:70:
                    ba:c3:3b:6c:d4:fe:2b:96:cf:30:7a:d5:75:34:6b:
                    7a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:4C:60:7B:D3:E0:C4:DD:CD:EF:9A:91:84:53:30:23:56:F2:43:86
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0Exge9PgxN3N75qRhFMwI1byQ4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:83:92:a7:4a:29:a5:d7:99:a0:ef:63:01:51:67:67:6a:1d:
         dc:63:ee:64:6a:dd:46:68:0b:81:d9:53:a9:7f:32:f1:6d:6b:
         95:d3:8f:23:43:4f:ab:ec:22:ee:76:e1:87:5d:f6:83:81:39:
         49:45:16:c4:8e:4f:0a:ce:aa:d2:17:48:64:2e:00:5f:d8:d4:
         8d:8a:68:eb:78:82:cc:4a:ef:14:1d:e8:d2:93:0c:c8:38:f4:
         b5:84:10:4a:a9:51:a1:0f:77:93:26:3e:17:cc:8a:72:bc:14:
         b0:d7:db:cd:08:ee:4c:7a:b9:62:31:53:a5:67:71:e2:6a:74:
         02:a5:05:c7:e3:bc:1b:d2:98:25:c3:21:a9:0e:ba:89:12:e3:
         03:b9:7b:98:cb:00:d8:2e:f0:cd:09:51:76:37:1c:2b:63:13:
         8f:f1:29:fd:18:eb:ca:7d:52:a7:63:09:02:bf:bc:54:8b:c5:
         1c:e3:15:f6:d8:1d:6b:d1:b2:af:5c:46:d8:50:5c:78:a1:e7:
         09:43:bb:9a:0e:6b:05:38:71:a5:c9:00:10:51:ca:77:61:b3:
         9c:ce:58:96:52:3b:5e:73:87:59:e0:35:34:f3:a0:fd:75:89:
         f9:b6:ad:db:0a:93:52:ac:bd:df:c1:65:2d:d8:06:e9:fd:dc:
         53:5c:36:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJvWRRxcPV/xbKzlySg3KKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODA1MTg1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDRjNjA3YmQzZTBjNGRkY2RlZjlhOTE4NDUzMzAyMzU2ZjI0Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmETKQqM6qWFAlJm9WQ954J1dZ5y
80EPdrMANJOnR+L084q5T3VKbtttUvA8uKKqmYeUWhRk9tYC4RrmhF4AcF2WQ0kU
EjlUoIcYZ3MhqN8LRrUg/24NhsBm7G6bVg4pMF+dejMDErUhEUNLS1myn9oSRIRT
tQjr+ED1iMyYZbQNOxEg8gu9rR3MvcJpofB6Ydx0f1vIHJR/4wLOicppHUnYpIgo
Tvde8gsMF/9e8khS2CEDIYvwWBFs6MEFvRtDP8bBn28a4qlGIwS31dLVMsN+h7PX
BxPzgCfKixOK/YZhFMi4xaUkeBjzpMuyDHC6wzts1P4rls8wetV1NGt6BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBMYHvT4MTdze+akYRTMCNW8kOGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMEV4Z2U5UGd4TjNONzVxUmhGTXdJMWJ5UTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufHSMA0G
CSqGSIb3DQEBCwUAA4IBAQBRg5KnSiml15mg72MBUWdnah3cY+5kat1GaAuB2VOp
fzLxbWuV048jQ0+r7CLuduGHXfaDgTlJRRbEjk8KzqrSF0hkLgBf2NSNimjreILM
Su8UHejSkwzIOPS1hBBKqVGhD3eTJj4XzIpyvBSw19vNCO5MerliMVOlZ3HianQC
pQXH47wb0pglwyGpDrqJEuMDuXuYywDYLvDNCVF2NxwrYxOP8Sn9GOvKfVKnYwkC
v7xUi8Uc4xX22B1r0bKvXEbYUFx4oecJQ7uaDmsFOHGlyQAQUcp3YbOczliWUjte
c4dZ4DU086D9dYn5tq3bCpNSrL3fwWUt2Abp/dxTXDa+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org