Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/sSHRqLM1Hrg9mx_bLZC31HIy1tc.roa
File:                     sSHRqLM1Hrg9mx_bLZC31HIy1tc.roa (raw, json)
Hash identifier:          OKapw2rjJ2QbvuqEf05JkzzzEgewoKcoLcymtZcsL0E=
Subject key identifier:   B1:21:D1:A8:B3:35:1E:B8:3D:9B:1F:DB:2D:90:B7:D4:72:32:D6:D7
Certificate issuer:       /CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Certificate serial:       F064BB
Authority key identifier: 52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/sSHRqLM1Hrg9mx_bLZC31HIy1tc.roa
Signing time:             Sat 01 Jan 2022 08:03:17 +0000
ROA not before:           Sat 01 Jan 2022 08:03:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211632
IP address blocks:        185.190.24.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15754427 (0xf064bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
        Validity
            Not Before: Jan  1 08:03:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b121d1a8b3351eb83d9b1fdb2d90b7d47232d6d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a2:45:3d:b7:6f:13:49:cd:01:e6:40:20:12:
                    ac:f2:09:d6:bf:1a:4c:75:bc:63:a5:a3:54:53:b0:
                    0a:35:a9:62:26:77:65:ae:4b:3d:9e:97:15:67:0a:
                    05:d9:b9:98:0b:bc:5b:ab:cb:7d:46:fb:7d:7f:7f:
                    9f:18:a9:35:e3:fb:ac:29:99:76:69:1a:11:cb:c7:
                    b0:3a:0f:27:a1:b8:1a:95:40:b0:f3:3b:f0:c7:e7:
                    3c:7f:b8:12:e2:4d:6c:e1:3f:e0:d5:2f:ac:29:2d:
                    2a:7b:fe:85:99:5d:bc:c5:8c:38:b0:c2:d2:94:16:
                    9f:da:be:cf:61:8e:c1:7d:01:82:e9:45:f5:2a:18:
                    cf:a0:88:79:ce:1e:bd:e3:ca:41:99:b6:0d:8b:c4:
                    ba:d0:74:09:a7:07:3d:78:f2:89:d3:02:da:d6:c4:
                    5e:92:7e:6b:95:65:34:3b:b3:06:ed:88:e2:08:e3:
                    3c:73:bb:ad:ff:c0:21:64:22:f4:c6:ab:04:b0:9b:
                    88:a4:1c:97:63:10:08:c6:99:8f:77:18:17:dc:30:
                    b6:85:6e:dd:d0:17:62:19:16:2b:c0:1b:04:8c:ac:
                    75:51:b2:1e:b6:78:31:03:c9:49:23:19:e1:d5:4d:
                    8e:76:25:60:84:89:c1:44:ee:10:c5:e3:98:a3:12:
                    44:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:21:D1:A8:B3:35:1E:B8:3D:9B:1F:DB:2D:90:B7:D4:72:32:D6:D7
            X509v3 Authority Key Identifier:
                keyid:52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/sSHRqLM1Hrg9mx_bLZC31HIy1tc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.190.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:e1:bc:e2:85:ff:59:38:e7:8f:2f:5e:b3:75:75:a7:c1:be:
         3f:36:9a:a7:60:ec:c1:3c:84:cc:e9:9b:1c:74:11:0b:d9:38:
         15:46:b2:6b:97:b9:65:ac:67:db:81:46:21:70:84:c9:7d:d7:
         a9:2e:19:2c:52:fa:b9:20:5e:39:db:18:2a:89:b1:76:3f:0e:
         c2:e8:c7:a8:10:9b:34:35:ed:2d:3a:2b:ae:2a:f2:ad:a0:4e:
         d7:29:b5:f2:91:17:d5:e9:c8:f0:ec:8b:99:d9:71:8c:2d:35:
         ed:6c:24:73:df:97:7f:26:3a:60:b7:12:51:b2:8e:24:3d:02:
         b7:50:fe:09:fe:45:cc:b7:98:3a:29:de:b3:f0:32:53:cd:87:
         ba:a0:e4:f7:ba:cd:ca:ed:4f:0f:fa:27:31:75:3b:2d:ee:dc:
         53:e7:32:a5:6d:53:e3:bf:6c:24:2e:dc:5a:d5:7d:b6:5c:ad:
         4a:b9:a3:14:77:02:ff:1e:f5:5f:2b:06:d9:25:e2:e6:6d:08:
         f8:95:96:0b:0f:c6:38:7c:f8:33:d4:eb:70:69:10:00:d1:5b:
         79:ec:50:1d:6b:fe:1e:72:b1:9d:7d:c1:be:ba:dc:73:13:4a:
         4b:60:07:eb:d4:33:26:a3:5d:bb:03:39:4e:6e:4b:05:ea:33:
         f5:c3:74:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPBkuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmExNjVkYzNhYWZiZTJjNjJlMjY1ZmYxMDQzMjdhM2U2NzVmODlmMB4XDTIyMDEw
MTA4MDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEyMWQxYThiMzM1
MWViODNkOWIxZmRiMmQ5MGI3ZDQ3MjMyZDZkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOiRT23bxNJzQHmQCASrPIJ1r8aTHW8Y6WjVFOwCjWpYiZ3
Za5LPZ6XFWcKBdm5mAu8W6vLfUb7fX9/nxipNeP7rCmZdmkaEcvHsDoPJ6G4GpVA
sPM78MfnPH+4EuJNbOE/4NUvrCktKnv+hZldvMWMOLDC0pQWn9q+z2GOwX0BgulF
9SoYz6CIec4evePKQZm2DYvEutB0CacHPXjyidMC2tbEXpJ+a5VlNDuzBu2I4gjj
PHO7rf/AIWQi9MarBLCbiKQcl2MQCMaZj3cYF9wwtoVu3dAXYhkWK8AbBIysdVGy
HrZ4MQPJSSMZ4dVNjnYlYISJwUTuEMXjmKMSRNECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxIdGoszUeuD2bH9stkLfUcjLW1zAfBgNVHSMEGDAWgBRSoWXcOq++LGLi
Zf8QQyej5nX4nzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VxRmwzRHF2dml4aTRtWF9FRU1uby1aMS1KOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvODBhY2ViLTUwZTItNDBjMC1hODUyLWUyOThiNDFiNmM4MS8x
L3NTSFJxTE0xSHJnOW14X2JMWkMzMUhJeTF0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ODBhY2ViLTUwZTItNDBjMC1hODUyLWUyOThiNDFiNmM4MS8xL1VxRmwzRHF2dml4
aTRtWF9FRU1uby1aMS1KOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm+GDANBgkqhkiG9w0BAQsFAAOC
AQEAc+G84oX/WTjnjy9es3V1p8G+Pzaap2DswTyEzOmbHHQRC9k4FUaya5e5Zaxn
24FGIXCEyX3XqS4ZLFL6uSBeOdsYKomxdj8OwujHqBCbNDXtLTorriryraBO1ym1
8pEX1enI8OyLmdlxjC017Wwkc9+XfyY6YLcSUbKOJD0Ct1D+Cf5FzLeYOines/Ay
U82HuqDk97rNyu1PD/onMXU7Le7cU+cypW1T479sJC7cWtV9tlytSrmjFHcC/x71
XysG2SXi5m0I+JWWCw/GOHz4M9TrcGkQANFbeexQHWv+HnKxnX3BvrrccxNKS2AH
69QzJqNduwM5Tm5LBeoz9cN0GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:31 2024 by rpki-client on console-ams.rpki-client.org