Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/ipPZJkgmGihixIT1lF37FAC0Ia0.roa
File:                     ipPZJkgmGihixIT1lF37FAC0Ia0.roa (raw, json)
Hash identifier:          fNa0iY9uKShq31mCoSQgShvEvdejLByDwX8JWAKPKRc=
Subject key identifier:   8A:93:D9:26:48:26:1A:28:62:C4:84:F5:94:5D:FB:14:00:B4:21:AD
Certificate issuer:       /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial:       28F17F35
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/ipPZJkgmGihixIT1lF37FAC0Ia0.roa
Signing time:             Sat 01 Jan 2022 09:02:10 +0000
ROA not before:           Sat 01 Jan 2022 09:02:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43573
IP address blocks:        185.32.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 686915381 (0x28f17f35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
        Validity
            Not Before: Jan  1 09:02:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8a93d92648261a2862c484f5945dfb1400b421ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d8:89:eb:43:31:a4:44:41:a9:ad:6e:12:ae:
                    85:87:d4:b3:aa:45:73:b3:25:88:98:b8:5b:31:14:
                    2b:f2:da:b3:01:68:0b:00:70:69:0a:91:f0:8e:8c:
                    08:f5:1f:e1:25:c8:eb:3b:56:ed:70:d0:d9:75:c3:
                    b6:d9:be:64:c0:50:d0:47:05:80:1b:1a:3c:de:28:
                    02:e7:02:1c:9d:8f:9a:c1:a3:ae:6b:21:ed:4c:dc:
                    b3:8f:18:82:64:0a:2c:b9:41:9c:7f:22:61:27:82:
                    30:66:f0:41:93:29:52:10:c9:8b:e7:ef:5b:90:c7:
                    1a:03:76:0f:4a:9c:18:96:d1:50:8b:75:f1:1c:e9:
                    8d:58:62:6a:cd:1d:16:db:bb:15:24:5f:4b:c2:7a:
                    bc:d4:a6:ae:c6:e9:10:8a:cc:a0:38:72:6c:aa:19:
                    33:10:b3:e8:6c:7b:18:22:aa:01:bb:17:dc:18:b8:
                    93:45:47:ab:06:84:10:c2:57:2f:9f:05:73:6c:e4:
                    31:4b:eb:c5:8f:2c:f1:d4:57:01:cb:18:58:29:bd:
                    3b:d1:f6:cf:08:3e:5a:1f:91:98:1f:9d:af:86:9e:
                    e0:7f:3c:f3:b2:d0:d4:7d:cf:c8:3e:00:c3:fa:fd:
                    2a:fc:13:3e:53:13:d0:e6:5a:67:88:98:5b:7b:93:
                    1e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:93:D9:26:48:26:1A:28:62:C4:84:F5:94:5D:FB:14:00:B4:21:AD
            X509v3 Authority Key Identifier:
                keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/ipPZJkgmGihixIT1lF37FAC0Ia0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.32.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:0c:ed:65:81:06:57:33:64:23:07:93:9b:61:5e:ab:d3:c0:
         31:86:9b:dd:20:0f:db:42:66:c8:c0:27:da:bd:4a:c5:a7:e2:
         27:7d:c7:5f:06:c1:dd:bd:a2:e8:b8:60:aa:b6:b3:d7:63:23:
         ef:21:fa:15:01:98:56:3b:c5:1c:f2:18:f7:2e:34:71:8d:44:
         77:a4:c0:9c:93:dd:08:02:4c:51:23:07:09:42:dd:bb:7b:f9:
         ab:f8:4c:33:6f:71:f7:ee:3a:e5:00:41:69:b6:05:b5:84:86:
         dd:db:ad:09:95:3e:ff:8d:8b:b9:78:09:fc:a5:18:63:cf:8e:
         95:fc:2d:ad:3c:a6:c0:53:60:68:0d:24:9c:3b:ac:1c:e3:6a:
         b2:71:21:3a:14:eb:e6:61:d0:bf:a8:c4:b9:02:fd:0a:4b:e8:
         bd:d8:4b:10:37:45:69:55:17:7c:ba:20:96:26:9b:b9:ad:d4:
         14:89:3e:63:62:3c:d9:ae:be:2d:a1:76:35:3b:45:fd:94:be:
         cb:78:f7:e3:e7:4c:ad:39:8a:36:56:dd:3b:5f:77:49:b4:78:
         27:a4:97:c1:8b:92:54:fb:ca:ea:3c:ba:cc:42:0c:a7:aa:76:
         5c:9a:28:49:82:5e:6a:ea:77:2c:5f:bc:92:e8:f5:9f:54:2b:
         06:83:23:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKPF/NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWViMDc2ZDE2NzAyYzdkYmVhOTcyZTI5NzJlZjU3NmExZjJjODczMB4XDTIyMDEw
MTA5MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE5M2Q5MjY0ODI2
MWEyODYyYzQ4NGY1OTQ1ZGZiMTQwMGI0MjFhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHYietDMaREQamtbhKuhYfUs6pFc7MliJi4WzEUK/LaswFo
CwBwaQqR8I6MCPUf4SXI6ztW7XDQ2XXDttm+ZMBQ0EcFgBsaPN4oAucCHJ2PmsGj
rmsh7Uzcs48YgmQKLLlBnH8iYSeCMGbwQZMpUhDJi+fvW5DHGgN2D0qcGJbRUIt1
8RzpjVhias0dFtu7FSRfS8J6vNSmrsbpEIrMoDhybKoZMxCz6Gx7GCKqAbsX3Bi4
k0VHqwaEEMJXL58Fc2zkMUvrxY8s8dRXAcsYWCm9O9H2zwg+Wh+RmB+dr4ae4H88
87LQ1H3PyD4Aw/r9KvwTPlMT0OZaZ4iYW3uTHrkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKk9kmSCYaKGLEhPWUXfsUALQhrTAfBgNVHSMEGDAWgBTB6wdtFnAsfb6p
cuKXLvV2ofLIczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dlc0hiUlp3TEgyLXFYTGlseTcxZHFIeXlITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvYTQzYzZlLTM0OWMtNDkxNC04ZGEzLTZjMzJhNmFiMWVmMi8x
L2lwUFpKa2dtR2loaXhJVDFsRjM3RkFDMElhMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
YTQzYzZlLTM0OWMtNDkxNC04ZGEzLTZjMzJhNmFiMWVmMi8xL3dlc0hiUlp3TEgy
LXFYTGlseTcxZHFIeXlITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkgZzANBgkqhkiG9w0BAQsFAAOC
AQEAUwztZYEGVzNkIweTm2Feq9PAMYab3SAP20JmyMAn2r1KxafiJ33HXwbB3b2i
6Lhgqraz12Mj7yH6FQGYVjvFHPIY9y40cY1Ed6TAnJPdCAJMUSMHCULdu3v5q/hM
M29x9+465QBBabYFtYSG3dutCZU+/42LuXgJ/KUYY8+OlfwtrTymwFNgaA0knDus
HONqsnEhOhTr5mHQv6jEuQL9CkvovdhLEDdFaVUXfLogliabua3UFIk+Y2I82a6+
LaF2NTtF/ZS+y3j34+dMrTmKNlbdO193SbR4J6SXwYuSVPvK6jy6zEIMp6p2XJoo
SYJeaup3LF+8kuj1n1QrBoMjZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org