Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/eqY30lFrnxz3uc9p7c03i4ohG_g.roa
File:                     eqY30lFrnxz3uc9p7c03i4ohG_g.roa (raw, json)
Hash identifier:          OVXguYj5JSRfQwe8Uc/UYrMT8QZpEcED5w0Vr+9F2SA=
Subject key identifier:   7A:A6:37:D2:51:6B:9F:1C:F7:B9:CF:69:ED:CD:37:8B:8A:21:1B:F8
Certificate issuer:       /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial:       02E50ABC
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/eqY30lFrnxz3uc9p7c03i4ohG_g.roa
Signing time:             Sat 01 Jan 2022 15:59:46 +0000
ROA not before:           Sat 01 Jan 2022 15:59:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49505
IP address blocks:        185.193.88.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48564924 (0x2e50abc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
        Validity
            Not Before: Jan  1 15:59:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7aa637d2516b9f1cf7b9cf69edcd378b8a211bf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:26:15:94:7f:e3:09:e2:7b:1a:eb:d7:32:41:
                    13:6b:1d:74:27:f5:51:03:7d:88:e7:eb:67:d9:f9:
                    5b:67:45:3c:cf:4a:b8:02:be:82:50:c4:b3:23:32:
                    0b:72:55:33:e9:e3:d3:d9:91:69:d7:e7:0d:2d:12:
                    d2:cf:55:0f:d5:98:75:08:c6:13:64:5a:5f:00:d8:
                    ad:fa:4b:55:78:c2:20:e1:62:fe:c2:d7:25:7d:27:
                    a4:b1:8f:81:27:c1:2d:39:35:90:85:88:d2:4a:50:
                    b4:8d:c6:0d:c7:62:d6:4c:d9:c0:36:bb:b2:79:5a:
                    43:cb:46:37:ba:00:e7:8c:47:6f:d0:cd:be:62:c1:
                    23:87:00:a1:60:eb:03:71:c6:22:d4:b2:ec:6f:e0:
                    9d:2b:a7:f6:21:44:a9:0f:cb:88:1a:9e:33:78:50:
                    b8:02:bf:e9:47:0b:7e:5e:4a:00:58:da:ad:9d:ce:
                    5d:eb:45:09:ab:7e:45:16:77:c8:b3:8c:84:7d:bb:
                    a3:b8:56:c2:09:b5:44:df:bf:7f:ad:61:8e:4b:53:
                    e7:46:ff:04:a6:2a:bc:e0:eb:51:84:c6:58:76:f5:
                    bd:f7:71:75:25:b0:c8:0b:79:94:2e:57:20:e9:61:
                    dd:11:bc:62:9c:cd:32:b6:7f:2f:09:92:99:fe:9c:
                    c3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:A6:37:D2:51:6B:9F:1C:F7:B9:CF:69:ED:CD:37:8B:8A:21:1B:F8
            X509v3 Authority Key Identifier:
                keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/eqY30lFrnxz3uc9p7c03i4ohG_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:3e:4f:91:54:69:54:83:ce:28:b7:fe:19:ea:ce:e5:a4:bb:
         19:44:23:70:33:80:69:25:88:8d:1c:1f:33:74:a2:c2:af:6c:
         45:5b:8f:94:23:f9:a7:3b:af:f4:3f:e0:f5:c5:39:34:71:d3:
         74:d1:16:e8:98:e0:4a:42:43:2c:ed:75:be:3a:5a:12:38:41:
         ef:ff:21:5f:c4:15:c4:50:80:51:26:30:64:30:5e:c4:61:cd:
         9b:f4:98:4f:7e:e4:73:32:d5:28:6c:c4:ac:a6:39:bd:2a:f6:
         66:e3:f8:31:7c:ea:af:2a:67:be:f8:72:18:bc:3c:ad:0f:99:
         3e:d7:94:94:32:33:65:19:3f:13:71:1d:dc:6b:bb:b8:89:cd:
         b1:5c:e0:d8:42:c6:11:06:fa:36:9d:d7:f0:83:8f:cc:5a:96:
         cc:dd:62:93:0b:0d:3d:6a:f0:72:8f:25:3b:18:ef:ba:ef:b0:
         42:f7:12:79:ad:8f:19:e9:cb:1b:d9:b9:5d:03:8a:4b:69:06:
         12:fb:ea:4a:9e:71:db:b5:a7:01:be:7d:4d:d2:47:05:42:53:
         3e:3a:f3:df:3b:9d:96:3f:88:4c:26:42:04:91:0c:e1:6d:19:
         1a:f5:bf:02:9b:09:6c:66:34:28:a1:16:2a:45:de:a4:18:b7:
         59:9f:8f:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuUKvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWFmMTJmNWNhNzVjOTIyYTRhYTVkYWNiNDljMDRhOTMyMzdmNGVkMB4XDTIyMDEw
MTE1NTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FhNjM3ZDI1MTZi
OWYxY2Y3YjljZjY5ZWRjZDM3OGI4YTIxMWJmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIwmFZR/4wniexrr1zJBE2sddCf1UQN9iOfrZ9n5W2dFPM9K
uAK+glDEsyMyC3JVM+nj09mRadfnDS0S0s9VD9WYdQjGE2RaXwDYrfpLVXjCIOFi
/sLXJX0npLGPgSfBLTk1kIWI0kpQtI3GDcdi1kzZwDa7snlaQ8tGN7oA54xHb9DN
vmLBI4cAoWDrA3HGItSy7G/gnSun9iFEqQ/LiBqeM3hQuAK/6UcLfl5KAFjarZ3O
XetFCat+RRZ3yLOMhH27o7hWwgm1RN+/f61hjktT50b/BKYqvODrUYTGWHb1vfdx
dSWwyAt5lC5XIOlh3RG8YpzNMrZ/LwmSmf6cwzMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6pjfSUWufHPe5z2ntzTeLiiEb+DAfBgNVHSMEGDAWgBSxrxL1ynXJIqSq
Xay0nASpMjf07TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhOFM5Y3AxeVNLa3FsMnN0SndFcVRJMzlPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvY2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8x
L2VxWTMwbEZybnh6M3VjOXA3YzAzaTRvaEdfZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
Y2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8xL3NhOFM5Y3AxeVNL
a3FsMnN0SndFcVRJMzlPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnBWDANBgkqhkiG9w0BAQsFAAOC
AQEAST5PkVRpVIPOKLf+GerO5aS7GUQjcDOAaSWIjRwfM3Siwq9sRVuPlCP5pzuv
9D/g9cU5NHHTdNEW6JjgSkJDLO11vjpaEjhB7/8hX8QVxFCAUSYwZDBexGHNm/SY
T37kczLVKGzErKY5vSr2ZuP4MXzqrypnvvhyGLw8rQ+ZPteUlDIzZRk/E3Ed3Gu7
uInNsVzg2ELGEQb6Np3X8IOPzFqWzN1ikwsNPWrwco8lOxjvuu+wQvcSea2PGenL
G9m5XQOKS2kGEvvqSp5x27WnAb59TdJHBUJTPjrz3zudlj+ITCZCBJEM4W0ZGvW/
ApsJbGY0KKEWKkXepBi3WZ+P5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org