Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/A3bSNF8DYLUaDFzW9eWJP3HJfjo.roa
File:                     A3bSNF8DYLUaDFzW9eWJP3HJfjo.roa (raw, json)
Hash identifier:          y3qQdI3etj17bqS0QK1tCpLCeikw0rnEd0upY62M7Bk=
Subject key identifier:   03:76:D2:34:5F:03:60:B5:1A:0C:5C:D6:F5:E5:89:3F:71:C9:7E:3A
Certificate issuer:       /CN=04268ae40737536a464c28493eaf503db9a18f20
Certificate serial:       056591E6
Authority key identifier: 04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/A3bSNF8DYLUaDFzW9eWJP3HJfjo.roa
Signing time:             Sat 01 Jan 2022 15:05:31 +0000
ROA not before:           Sat 01 Jan 2022 15:05:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50754
IP address blocks:        185.134.78.0/24 maxlen: 24
                          185.134.76.0/24 maxlen: 24
                          185.134.76.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90542566 (0x56591e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04268ae40737536a464c28493eaf503db9a18f20
        Validity
            Not Before: Jan  1 15:05:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0376d2345f0360b51a0c5cd6f5e5893f71c97e3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1b:eb:4b:20:28:d5:fd:24:9d:f6:88:38:ca:
                    52:58:13:3b:0d:08:bf:a4:fa:ed:d7:a7:e7:82:c0:
                    d7:af:e0:03:d0:5c:9b:bf:57:f7:42:72:8c:b2:c7:
                    0d:81:0b:56:8a:54:b1:5b:58:ff:14:87:8e:78:de:
                    24:3a:cd:97:77:4e:ae:d9:38:9d:02:77:70:a8:d5:
                    58:c4:09:a6:15:b8:d3:92:ee:aa:9f:f6:4b:e6:2d:
                    d9:bb:1c:c3:83:e3:e4:b1:74:78:40:53:5d:3a:18:
                    13:9c:8e:cc:79:6b:8e:05:9c:8e:38:a9:c7:de:d0:
                    fc:be:56:34:9f:0d:68:71:a2:ce:eb:3d:7f:a2:07:
                    ff:75:fb:3a:ea:4c:8b:85:94:59:2f:60:59:52:86:
                    b5:6a:fd:e1:64:90:47:6d:c8:57:b7:46:fa:90:61:
                    11:37:de:9c:5f:3d:a7:be:5c:4c:18:57:8f:78:43:
                    e1:82:32:05:8b:02:9d:2a:ea:38:63:87:05:d5:5e:
                    4c:73:c7:4a:8d:15:e9:d1:d6:fd:b2:e1:56:cc:c8:
                    40:07:d8:8e:f3:bd:d5:25:cd:23:75:5b:c9:33:1b:
                    2d:de:c5:81:ce:1d:89:d9:7a:e8:83:ba:5d:9c:4b:
                    de:41:68:62:a1:90:af:03:28:62:60:b8:e6:c1:1c:
                    ee:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:76:D2:34:5F:03:60:B5:1A:0C:5C:D6:F5:E5:89:3F:71:C9:7E:3A
            X509v3 Authority Key Identifier:
                keyid:04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/A3bSNF8DYLUaDFzW9eWJP3HJfjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/BCaK5Ac3U2pGTChJPq9QPbmhjyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.76.0-185.134.78.255

    Signature Algorithm: sha256WithRSAEncryption
         18:48:66:f7:55:1c:51:cc:7b:9d:b3:15:fe:76:1f:e0:3a:d6:
         db:59:02:ce:58:e6:c3:26:64:46:11:ec:13:89:62:79:65:16:
         69:6d:ac:be:29:c8:5b:50:a5:5e:2c:65:bd:e5:d8:f4:6f:08:
         9f:56:1d:85:c2:03:7e:fd:fa:b6:48:e1:a9:aa:f3:2e:72:98:
         09:fb:ba:2a:94:ba:26:91:59:31:94:35:38:f0:86:d2:04:3c:
         a4:1c:59:6b:f5:d1:d3:62:ec:fb:7c:19:02:79:dd:b2:4f:1c:
         90:c5:da:02:16:56:13:b1:6c:ef:84:68:c4:76:75:75:f7:e7:
         7f:ad:71:c8:fb:5a:17:8a:a0:88:56:9c:ce:86:24:36:be:89:
         92:01:6c:d6:45:10:e9:3f:dd:79:d3:95:62:d0:35:d7:8f:a1:
         bb:9c:ff:26:35:5c:fd:26:7e:df:0e:0c:12:2b:97:7d:74:4e:
         2a:b7:fe:66:1a:01:33:70:11:85:b5:ba:99:56:36:99:6c:f3:
         56:e2:06:aa:15:21:e1:e4:ca:4d:f5:a8:a7:5f:34:cd:f2:56:
         82:d0:f1:a5:77:91:1e:3a:09:ba:78:25:4f:a0:26:0d:04:f3:
         a5:1f:b3:d2:f5:e0:f2:4d:73:c7:da:c4:db:34:f9:94:36:d0:
         07:d0:30:b2
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBWWR5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDI2OGFlNDA3Mzc1MzZhNDY0YzI4NDkzZWFmNTAzZGI5YTE4ZjIwMB4XDTIyMDEw
MTE1MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM3NmQyMzQ1ZjAz
NjBiNTFhMGM1Y2Q2ZjVlNTg5M2Y3MWM5N2UzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8b60sgKNX9JJ32iDjKUlgTOw0Iv6T67den54LA16/gA9Bc
m79X90JyjLLHDYELVopUsVtY/xSHjnjeJDrNl3dOrtk4nQJ3cKjVWMQJphW405Lu
qp/2S+Yt2bscw4Pj5LF0eEBTXToYE5yOzHlrjgWcjjipx97Q/L5WNJ8NaHGizus9
f6IH/3X7OupMi4WUWS9gWVKGtWr94WSQR23IV7dG+pBhETfenF89p75cTBhXj3hD
4YIyBYsCnSrqOGOHBdVeTHPHSo0V6dHW/bLhVszIQAfYjvO91SXNI3VbyTMbLd7F
gc4didl66IO6XZxL3kFoYqGQrwMoYmC45sEc7nUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQDdtI0XwNgtRoMXNb15Yk/ccl+OjAfBgNVHSMEGDAWgBQEJorkBzdTakZM
KEk+r1A9uaGPIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JDYUs1QWMzVTJwR1RDaEpQcTlRUGJtaGp5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNzk2ODIzLTZkODEtNGQ5MS1iNjY0LWUwYWJkNGQ4NDU3MS8x
L0EzYlNORjhEWUxVYURGelc5ZVdKUDNISmZqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
Nzk2ODIzLTZkODEtNGQ5MS1iNjY0LWUwYWJkNGQ4NDU3MS8xL0JDYUs1QWMzVTJw
R1RDaEpQcTlRUGJtaGp5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuYZMAwQAuYZOMA0GCSqGSIb3
DQEBCwUAA4IBAQAYSGb3VRxRzHudsxX+dh/gOtbbWQLOWObDJmRGEewTiWJ5ZRZp
bay+KchbUKVeLGW95dj0bwifVh2FwgN+/fq2SOGpqvMucpgJ+7oqlLomkVkxlDU4
8IbSBDykHFlr9dHTYuz7fBkCed2yTxyQxdoCFlYTsWzvhGjEdnV19+d/rXHI+1oX
iqCIVpzOhiQ2vomSAWzWRRDpP91505Vi0DXXj6G7nP8mNVz9Jn7fDgwSK5d9dE4q
t/5mGgEzcBGFtbqZVjaZbPNW4gaqFSHh5MpN9ainXzTN8laC0PGld5EeOgm6eCVP
oCYNBPOlH7PS9eDyTXPH2sTbNPmUNtAH0DCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:31 2024 by rpki-client on console-ams.rpki-client.org