Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/I8aTE7GlV9JDAffPxuYd1LdAvaY.roa
File:                     I8aTE7GlV9JDAffPxuYd1LdAvaY.roa (raw, json)
Hash identifier:          oHDZANtW4xJ9fyOqAoyW/yjC1Vm0WcNdxNYRZDCBoe4=
Subject key identifier:   23:C6:93:13:B1:A5:57:D2:43:01:F7:CF:C6:E6:1D:D4:B7:40:BD:A6
Certificate issuer:       /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial:       102FD6E1
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/I8aTE7GlV9JDAffPxuYd1LdAvaY.roa
Signing time:             Thu 24 Mar 2022 21:40:18 +0000
ROA not before:           Thu 24 Mar 2022 21:40:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     133973
IP address blocks:        185.157.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 271570657 (0x102fd6e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
        Validity
            Not Before: Mar 24 21:40:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=23c69313b1a557d24301f7cfc6e61dd4b740bda6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:64:a3:8c:4b:40:ef:35:24:de:49:c4:7b:bb:
                    37:b2:22:ff:c9:4e:85:9b:3f:60:df:c1:09:8c:f6:
                    ca:c4:27:33:63:8d:a4:69:f6:e5:4b:cc:3d:e8:39:
                    72:7b:cf:ca:7f:29:6f:8c:9f:fe:8f:51:4c:35:07:
                    e9:06:ec:63:ab:f4:98:a1:d4:fe:6e:f8:9e:a9:83:
                    30:1d:4d:a2:cd:08:92:2e:02:cb:98:e0:26:8f:bd:
                    79:6e:e4:2f:ad:07:01:f5:83:6a:03:ec:ef:ab:f7:
                    d4:6f:ee:35:05:d3:14:0c:bc:11:39:78:ef:22:54:
                    0d:63:01:08:6f:16:84:ba:0f:3c:0c:2f:a9:36:d4:
                    7b:a1:ec:17:c8:a5:de:44:35:8e:91:1e:94:ae:23:
                    0c:14:4f:2c:04:7d:38:e5:9b:60:02:c4:41:3d:2a:
                    82:46:27:e0:a2:fd:a0:a5:11:fc:20:9e:66:29:6e:
                    10:4a:83:c3:56:56:53:7f:2f:6f:98:58:a4:ef:cf:
                    f6:16:99:6b:1c:ba:56:51:65:79:07:4c:e3:85:8b:
                    89:19:16:ed:d3:b9:ee:e0:e8:fd:ba:d5:36:c6:ce:
                    7c:ec:99:8a:36:86:44:65:4a:3b:02:21:1f:bb:a3:
                    be:d6:84:38:1f:c0:0c:d4:12:7f:49:6c:2e:aa:c0:
                    e6:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C6:93:13:B1:A5:57:D2:43:01:F7:CF:C6:E6:1D:D4:B7:40:BD:A6
            X509v3 Authority Key Identifier:
                keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/I8aTE7GlV9JDAffPxuYd1LdAvaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:37:df:49:62:54:a6:d5:4d:d5:8c:e9:03:60:11:6f:de:07:
         0e:53:a3:73:0e:fd:99:e1:2f:76:fe:33:d4:df:58:a3:6e:2e:
         17:e9:05:4a:cb:b3:d1:0c:1c:94:4d:80:57:d5:d1:57:a0:f5:
         71:d5:31:35:4b:54:71:0c:86:72:33:6f:5e:f0:8a:08:2c:72:
         fa:82:03:e0:5d:84:08:b2:35:37:52:de:a2:fe:95:38:1f:ab:
         9d:d0:a9:80:ac:97:6e:67:ef:7a:7b:0c:f3:63:54:68:f8:4e:
         24:f3:26:40:c8:a2:5d:f3:72:f9:b2:85:6f:10:1a:01:bc:68:
         80:89:01:7f:fc:4c:19:01:35:92:50:9b:a5:4e:fa:d8:c9:75:
         c3:3a:db:83:d0:59:6d:de:fe:ba:22:59:14:3a:61:fe:e9:67:
         1d:31:17:23:03:37:5a:07:f4:63:04:20:d4:52:89:26:09:15:
         33:e7:e5:f9:22:d9:c0:22:70:1b:39:8a:1e:97:9e:fb:1e:c0:
         e1:55:1c:d7:41:3f:43:ea:38:5e:8f:bd:c7:16:10:0e:66:23:
         5e:52:f1:13:ee:c7:01:c6:44:ca:2b:7f:15:cb:24:f9:84:22:
         81:d2:4e:05:5f:4b:6c:2b:b2:1f:84:c8:e4:98:26:7e:c2:04:
         c6:7c:c5:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEC/W4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzFhMmEyZGI0ZDc0MThlOWJmNGY5M2M4YzA0NmEwMTYxNjYzYzYyMB4XDTIyMDMy
NDIxNDAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNjNjkzMTNiMWE1
NTdkMjQzMDFmN2NmYzZlNjFkZDRiNzQwYmRhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBko4xLQO81JN5JxHu7N7Ii/8lOhZs/YN/BCYz2ysQnM2ON
pGn25UvMPeg5cnvPyn8pb4yf/o9RTDUH6QbsY6v0mKHU/m74nqmDMB1Nos0Iki4C
y5jgJo+9eW7kL60HAfWDagPs76v31G/uNQXTFAy8ETl47yJUDWMBCG8WhLoPPAwv
qTbUe6HsF8il3kQ1jpEelK4jDBRPLAR9OOWbYALEQT0qgkYn4KL9oKUR/CCeZilu
EEqDw1ZWU38vb5hYpO/P9haZaxy6VlFleQdM44WLiRkW7dO57uDo/brVNsbOfOyZ
ijaGRGVKOwIhH7ujvtaEOB/ADNQSf0lsLqrA5n8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQjxpMTsaVX0kMB98/G5h3Ut0C9pjAfBgNVHSMEGDAWgBSnGiottNdBjpv0
+TyMBGoBYWY8YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3B4b3FMYlRYUVk2YjlQazhqQVJxQVdGbVBHSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvYjdhYmRmLTNiZTEtNDY0Mi05ZjNlLWYxZjBiOTU5OGYzMi8x
L0k4YVRFN0dsVjlKREFmZlB4dVlkMUxkQXZhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
YjdhYmRmLTNiZTEtNDY0Mi05ZjNlLWYxZjBiOTU5OGYzMi8xL3B4b3FMYlRYUVk2
YjlQazhqQVJxQVdGbVBHSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmdMzANBgkqhkiG9w0BAQsFAAOC
AQEAQzffSWJUptVN1YzpA2ARb94HDlOjcw79meEvdv4z1N9Yo24uF+kFSsuz0Qwc
lE2AV9XRV6D1cdUxNUtUcQyGcjNvXvCKCCxy+oID4F2ECLI1N1Leov6VOB+rndCp
gKyXbmfvensM82NUaPhOJPMmQMiiXfNy+bKFbxAaAbxogIkBf/xMGQE1klCbpU76
2Ml1wzrbg9BZbd7+uiJZFDph/ulnHTEXIwM3Wgf0YwQg1FKJJgkVM+fl+SLZwCJw
GzmKHpee+x7A4VUc10E/Q+o4Xo+9xxYQDmYjXlLxE+7HAcZEyit/Fcsk+YQigdJO
BV9LbCuyH4TI5JgmfsIExnzFcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:16 2024 by rpki-client on console-ams.rpki-client.org