Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/eldsvty8EROjKUQtSrH_bSykspA.roa
File:                     eldsvty8EROjKUQtSrH_bSykspA.roa (raw, json)
Hash identifier:          3chO3VCmZyRlWl3zLDeDGPwYqGGfX0m+HcD7ytjxIvM=
Subject key identifier:   7A:57:6C:BE:DC:BC:11:13:A3:29:44:2D:4A:B1:FF:6D:2C:A4:B2:90
Certificate issuer:       /CN=7b8985faea08598c05cc30b82e282306af793316
Certificate serial:       0179C710
Authority key identifier: 7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/eldsvty8EROjKUQtSrH_bSykspA.roa
Signing time:             Mon 16 May 2022 07:58:21 +0000
ROA not before:           Mon 16 May 2022 07:58:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203352
IP address blocks:        185.131.80.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24758032 (0x179c710)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b8985faea08598c05cc30b82e282306af793316
        Validity
            Not Before: May 16 07:58:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a576cbedcbc1113a329442d4ab1ff6d2ca4b290
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9d:0b:a4:37:f1:85:2d:ad:e5:3e:c4:df:6d:
                    f1:1e:a4:38:11:ad:98:14:6f:57:a7:f5:ac:3e:6c:
                    74:c3:71:15:91:d2:30:0d:84:64:0f:af:b9:5c:80:
                    6d:d4:ee:98:01:47:87:11:27:1f:ed:11:e5:a0:52:
                    6d:0f:e9:9b:39:27:04:aa:14:15:ea:2b:f1:cc:6f:
                    61:11:03:ce:ee:50:97:42:cf:f6:10:dc:72:c0:12:
                    55:d5:32:92:d9:cc:dd:ab:5f:3a:d2:e2:20:5a:b6:
                    20:e0:67:cc:fb:f5:f1:e2:0d:f6:f3:42:a5:40:4d:
                    ac:1f:40:03:05:7e:18:b3:82:5e:12:16:47:58:70:
                    dd:da:8f:ea:5b:3a:56:7f:15:cc:3f:26:aa:cb:39:
                    03:4d:55:be:7d:78:11:b3:13:85:d0:92:a7:67:05:
                    9e:97:a8:59:af:07:b3:54:27:2d:bc:86:06:55:c6:
                    26:61:a6:1e:38:8a:93:61:ac:81:c0:da:39:6f:ec:
                    1f:e6:ec:b5:ca:df:e7:f6:29:fe:08:86:03:f7:f4:
                    1a:10:58:0c:57:73:e0:fc:1d:3b:7e:a7:27:bd:9a:
                    8c:9c:56:74:27:2f:14:76:9e:85:bd:a3:ff:3d:1a:
                    51:5c:5b:bb:5b:d7:5c:a1:b9:d5:83:9d:0b:e1:00:
                    0d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:57:6C:BE:DC:BC:11:13:A3:29:44:2D:4A:B1:FF:6D:2C:A4:B2:90
            X509v3 Authority Key Identifier:
                keyid:7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/eldsvty8EROjKUQtSrH_bSykspA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/e4mF-uoIWYwFzDC4LigjBq95MxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.131.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:78:d2:08:13:c2:e6:be:4c:e7:5b:f9:71:47:2d:69:62:c1:
         02:dc:3a:c1:e8:b1:9f:4c:f4:83:05:d1:3f:b9:c0:3a:d4:61:
         87:b6:66:70:16:87:36:96:1e:51:af:62:10:f8:ef:b7:18:1f:
         7d:9b:b8:83:e0:c1:64:3a:34:d2:29:8c:7f:0c:00:41:0b:94:
         f7:2e:16:63:f8:34:67:53:cd:65:6a:1f:aa:bf:0a:e1:62:48:
         61:14:72:bc:fa:db:88:3c:78:c4:b8:b0:78:e3:80:08:97:2a:
         61:07:af:26:4c:77:0b:09:c5:d0:7b:2f:fe:80:ca:96:4b:33:
         96:99:f3:7d:0d:56:f5:38:dd:e0:d4:70:a2:c3:7e:be:b5:a6:
         36:33:0a:1d:6a:b1:20:52:af:fa:6e:09:44:0d:13:74:df:26:
         09:e7:e1:63:9e:74:3f:76:93:ee:48:b6:b4:3f:59:53:ac:8d:
         49:dd:6f:f1:7e:53:3b:71:34:2a:0b:f1:98:4e:87:ad:fb:29:
         b0:80:4b:ca:45:86:49:cb:47:64:0f:e1:be:de:b9:b5:9e:f8:
         a3:9d:79:63:64:cb:47:e5:10:8b:eb:0a:8b:9f:65:a4:65:50:
         d7:42:c9:5f:02:81:35:23:62:84:63:2d:72:b3:0a:a1:7f:98:
         37:8e:db:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXnHEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Yjg5ODVmYWVhMDg1OThjMDVjYzMwYjgyZTI4MjMwNmFmNzkzMzE2MB4XDTIyMDUx
NjA3NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E1NzZjYmVkY2Jj
MTExM2EzMjk0NDJkNGFiMWZmNmQyY2E0YjI5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqdC6Q38YUtreU+xN9t8R6kOBGtmBRvV6f1rD5sdMNxFZHS
MA2EZA+vuVyAbdTumAFHhxEnH+0R5aBSbQ/pmzknBKoUFeor8cxvYREDzu5Ql0LP
9hDccsASVdUyktnM3atfOtLiIFq2IOBnzPv18eIN9vNCpUBNrB9AAwV+GLOCXhIW
R1hw3dqP6ls6Vn8VzD8mqss5A01Vvn14EbMThdCSp2cFnpeoWa8Hs1QnLbyGBlXG
JmGmHjiKk2GsgcDaOW/sH+bstcrf5/Yp/giGA/f0GhBYDFdz4PwdO36nJ72ajJxW
dCcvFHaehb2j/z0aUVxbu1vXXKG51YOdC+EADf8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6V2y+3LwRE6MpRC1Ksf9tLKSykDAfBgNVHSMEGDAWgBR7iYX66ghZjAXM
MLguKCMGr3kzFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U0bUYtdW9JV1l3RnpEQzRMaWdqQnE5NU14WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvZTU5YmExLTNkNWItNDI5OS1hODUyLTM3Yzg2ZTM1NTI2Ny8x
L2VsZHN2dHk4RVJPaktVUXRTckhfYlN5a3NwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ZTU5YmExLTNkNWItNDI5OS1hODUyLTM3Yzg2ZTM1NTI2Ny8xL2U0bUYtdW9JV1l3
RnpEQzRMaWdqQnE5NU14WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmDUDANBgkqhkiG9w0BAQsFAAOC
AQEANHjSCBPC5r5M51v5cUctaWLBAtw6weixn0z0gwXRP7nAOtRhh7ZmcBaHNpYe
Ua9iEPjvtxgffZu4g+DBZDo00imMfwwAQQuU9y4WY/g0Z1PNZWofqr8K4WJIYRRy
vPrbiDx4xLiweOOACJcqYQevJkx3CwnF0Hsv/oDKlkszlpnzfQ1W9Tjd4NRwosN+
vrWmNjMKHWqxIFKv+m4JRA0TdN8mCefhY550P3aT7ki2tD9ZU6yNSd1v8X5TO3E0
KgvxmE6HrfspsIBLykWGSctHZA/hvt65tZ74o515Y2TLR+UQi+sKi59lpGVQ10LJ
XwKBNSNihGMtcrMKoX+YN47bQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:01 2024 by rpki-client on console-fra.rpki-client.org