Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3dc879-11b9-4fa6-841d-906a91ee9fe4/1/gs8VxQtnjXchgLI4VqMUZLsry0c.roa
File:                     gs8VxQtnjXchgLI4VqMUZLsry0c.roa (raw, json)
Hash identifier:          uaMuJvRvgms1C14vr3R8LLHvwBgjRNKm5a9tU5sTZD0=
Subject key identifier:   82:CF:15:C5:0B:67:8D:77:21:80:B2:38:56:A3:14:64:BB:2B:CB:47
Certificate issuer:       /CN=e20449fe7f4b2cf1f7fd670e582ebcc97e45f7ff
Certificate serial:       0946542E
Authority key identifier: E2:04:49:FE:7F:4B:2C:F1:F7:FD:67:0E:58:2E:BC:C9:7E:45:F7:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4gRJ_n9LLPH3_WcOWC68yX5F9_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3dc879-11b9-4fa6-841d-906a91ee9fe4/1/gs8VxQtnjXchgLI4VqMUZLsry0c.roa
Signing time:             Sat 01 Jan 2022 16:11:36 +0000
ROA not before:           Sat 01 Jan 2022 16:11:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51580
IP address blocks:        185.29.75.0/24 maxlen: 24
                          185.29.73.0/24 maxlen: 24
                          185.29.74.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155604014 (0x946542e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e20449fe7f4b2cf1f7fd670e582ebcc97e45f7ff
        Validity
            Not Before: Jan  1 16:11:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=82cf15c50b678d772180b23856a31464bb2bcb47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:7a:8e:63:5c:63:22:d5:be:15:ab:3b:8e:9a:
                    f9:30:0e:21:d6:0e:79:c9:9c:00:85:e5:26:cf:e5:
                    91:fd:07:af:61:19:d6:35:15:3f:fc:6b:44:61:b8:
                    9e:cb:f8:d4:ce:2d:22:7f:6a:29:80:b8:b1:aa:f6:
                    0f:5f:ac:75:ba:77:a1:05:31:e5:8f:8b:27:b5:41:
                    d8:4e:73:ed:af:c3:e0:1c:d7:c3:a5:62:0d:c1:15:
                    19:57:66:7d:2d:5e:70:d1:29:3b:fe:72:5e:ec:dd:
                    45:ac:26:cf:47:d9:85:12:30:83:83:1d:e7:3a:03:
                    68:1b:3c:87:43:86:84:4a:1f:6a:98:04:42:e6:e6:
                    18:4f:3b:04:1e:5b:85:9f:eb:c0:23:1d:72:b8:43:
                    3e:0d:43:3f:d8:bb:3a:46:a5:46:27:a1:73:31:eb:
                    09:30:2a:ef:70:64:32:31:05:ff:fd:59:d3:b6:4e:
                    59:88:b4:21:ba:04:9e:5d:f3:de:f5:60:94:0c:b3:
                    94:e2:6f:d5:cc:52:b4:73:78:1b:a5:2d:59:8e:f4:
                    78:0a:b8:33:eb:9d:65:59:6c:17:67:40:61:a5:5a:
                    5c:6f:f0:df:b7:6a:cd:eb:59:f6:c9:58:45:a0:0f:
                    cb:ad:8f:8a:63:34:fd:68:71:ad:55:ef:ef:27:c4:
                    96:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:CF:15:C5:0B:67:8D:77:21:80:B2:38:56:A3:14:64:BB:2B:CB:47
            X509v3 Authority Key Identifier:
                keyid:E2:04:49:FE:7F:4B:2C:F1:F7:FD:67:0E:58:2E:BC:C9:7E:45:F7:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gRJ_n9LLPH3_WcOWC68yX5F9_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3dc879-11b9-4fa6-841d-906a91ee9fe4/1/gs8VxQtnjXchgLI4VqMUZLsry0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3dc879-11b9-4fa6-841d-906a91ee9fe4/1/4gRJ_n9LLPH3_WcOWC68yX5F9_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.29.73.0-185.29.75.255

    Signature Algorithm: sha256WithRSAEncryption
         41:2d:46:0d:8b:3b:3e:f1:3b:7a:5f:5d:b0:f5:61:59:d0:59:
         6f:59:a6:88:90:21:ac:8c:e8:c3:ed:87:cc:5e:e5:b3:2d:10:
         b1:41:17:c0:3c:60:6d:2c:92:21:b5:3f:91:ed:1d:cd:17:6b:
         48:08:bf:43:1e:42:9f:cd:7d:29:4a:20:0f:c1:f1:1b:13:36:
         3e:af:0d:b8:47:b9:1f:7e:8b:f0:b9:ab:0b:be:23:24:e8:77:
         94:1d:27:52:35:c8:0d:13:7d:0e:86:2b:05:17:bc:9a:2e:64:
         78:4f:db:1e:37:03:30:d9:7b:0a:de:d6:1c:bd:f7:0a:b2:a9:
         81:c1:b8:06:cb:01:b4:82:8d:2f:e7:88:a1:29:fc:8a:78:b8:
         2b:9e:f8:70:ae:90:10:36:67:ea:a4:91:e1:6a:e9:ca:64:e6:
         73:06:9c:8c:51:47:da:7b:c2:0c:71:4c:72:94:ae:40:e7:a3:
         05:0c:20:37:c3:d9:01:64:00:37:a2:74:54:37:8b:05:ad:63:
         f9:6f:f8:cd:a5:dd:f2:79:43:e1:a8:b3:af:68:55:dc:fd:df:
         33:8d:8a:94:2c:5a:99:f6:b6:36:7f:04:37:95:30:5b:be:46:
         e2:4f:0d:3a:d1:7d:61:6b:2c:69:b3:95:29:f0:63:c8:94:8e:
         1b:1b:79:12
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECUZULjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjA0NDlmZTdmNGIyY2YxZjdmZDY3MGU1ODJlYmNjOTdlNDVmN2ZmMB4XDTIyMDEw
MTE2MTEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJjZjE1YzUwYjY3
OGQ3NzIxODBiMjM4NTZhMzE0NjRiYjJiY2I0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp6jmNcYyLVvhWrO46a+TAOIdYOecmcAIXlJs/lkf0Hr2EZ
1jUVP/xrRGG4nsv41M4tIn9qKYC4sar2D1+sdbp3oQUx5Y+LJ7VB2E5z7a/D4BzX
w6ViDcEVGVdmfS1ecNEpO/5yXuzdRawmz0fZhRIwg4Md5zoDaBs8h0OGhEofapgE
QubmGE87BB5bhZ/rwCMdcrhDPg1DP9i7OkalRiehczHrCTAq73BkMjEF//1Z07ZO
WYi0IboEnl3z3vVglAyzlOJv1cxStHN4G6UtWY70eAq4M+udZVlsF2dAYaVaXG/w
37dqzetZ9slYRaAPy62PimM0/WhxrVXv7yfEll0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSCzxXFC2eNdyGAsjhWoxRkuyvLRzAfBgNVHSMEGDAWgBTiBEn+f0ss8ff9
Zw5YLrzJfkX3/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRnUkpfbjlMTFBIM19XY09XQzY4eVg1RjlfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvM2RjODc5LTExYjktNGZhNi04NDFkLTkwNmE5MWVlOWZlNC8x
L2dzOFZ4UXRualhjaGdMSTRWcU1VWkxzcnkwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
M2RjODc5LTExYjktNGZhNi04NDFkLTkwNmE5MWVlOWZlNC8xLzRnUkpfbjlMTFBI
M19XY09XQzY4eVg1RjlfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAuR1JAwQCuR1IMA0GCSqGSIb3
DQEBCwUAA4IBAQBBLUYNizs+8Tt6X12w9WFZ0FlvWaaIkCGsjOjD7YfMXuWzLRCx
QRfAPGBtLJIhtT+R7R3NF2tICL9DHkKfzX0pSiAPwfEbEzY+rw24R7kffovwuasL
viMk6HeUHSdSNcgNE30OhisFF7yaLmR4T9seNwMw2XsK3tYcvfcKsqmBwbgGywG0
go0v54ihKfyKeLgrnvhwrpAQNmfqpJHhaunKZOZzBpyMUUfae8IMcUxylK5A56MF
DCA3w9kBZAA3onRUN4sFrWP5b/jNpd3yeUPhqLOvaFXc/d8zjYqULFqZ9rY2fwQ3
lTBbvkbiTw060X1hayxps5Up8GPIlI4bG3kS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:41 2024 by rpki-client on console-ams.rpki-client.org