Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0E3gQkLoiW0voFtDjzeDqeJaX3U.roa
File:                     0E3gQkLoiW0voFtDjzeDqeJaX3U.roa (raw, json)
Hash identifier:          XULAP6rjqQSER2iMGGBUBAW9R+TE+K59peq9pbT5u2Y=
Subject key identifier:   D0:4D:E0:42:42:E8:89:6D:2F:A0:5B:43:8F:37:83:A9:E2:5A:5F:75
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       18C91EC9
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0E3gQkLoiW0voFtDjzeDqeJaX3U.roa
Signing time:             Fri 18 Feb 2022 16:19:02 +0000
ROA not before:           Fri 18 Feb 2022 16:19:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23470
IP address blocks:        185.211.51.0/24 maxlen: 32
                          185.185.251.0/24 maxlen: 24
                          45.85.87.0/24 maxlen: 32
                          185.119.252.0/24 maxlen: 24
                          185.122.36.0/24 maxlen: 24
                          79.143.58.0/24 maxlen: 32
                          79.143.56.0/24 maxlen: 24
                          185.249.218.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415833801 (0x18c91ec9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Feb 18 16:19:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d04de04242e8896d2fa05b438f3783a9e25a5f75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:84:71:ec:83:8c:73:47:8d:a6:b2:c2:e2:bf:
                    9c:57:2d:ac:7a:d2:47:79:24:c2:ca:52:e6:b9:b0:
                    f3:a5:0d:c1:b0:31:a1:51:d2:24:70:a9:56:20:4c:
                    5c:08:42:5d:4b:f9:5f:9f:eb:a8:5f:13:6a:cf:c1:
                    0d:49:0e:b0:ac:9f:7d:de:07:eb:c2:e5:a5:94:3a:
                    64:5f:53:44:2d:01:cf:c8:a4:06:01:85:0a:8c:f5:
                    59:f5:6f:8b:6e:34:2f:f0:53:00:31:59:6e:3c:4d:
                    28:91:68:58:70:8a:99:f5:53:10:d8:e2:f7:3a:dd:
                    0d:5c:0e:c7:42:5d:81:86:70:14:e4:e2:49:be:21:
                    bc:88:87:81:31:c1:a5:f7:41:62:21:55:0f:4a:61:
                    80:69:8f:18:f8:fe:26:a7:9b:2d:ac:b5:d0:76:80:
                    c7:26:6f:f7:58:bf:65:9b:36:36:4c:ff:60:96:37:
                    7a:1f:17:99:31:4c:10:61:35:4a:8f:8b:24:8a:d0:
                    db:c6:be:56:ca:1b:73:90:b4:ed:9f:7f:44:64:37:
                    a1:ce:d2:8c:c2:4d:4f:1c:05:be:a2:29:0e:8c:33:
                    bc:0b:8b:01:1b:e1:00:e1:b5:b1:82:c2:4b:3a:1a:
                    3d:77:fc:ad:67:02:ca:27:b5:56:63:79:8b:91:42:
                    50:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:4D:E0:42:42:E8:89:6D:2F:A0:5B:43:8F:37:83:A9:E2:5A:5F:75
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0E3gQkLoiW0voFtDjzeDqeJaX3U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.87.0/24
                  79.143.56.0/24
                  79.143.58.0/24
                  185.119.252.0/24
                  185.122.36.0/24
                  185.185.251.0/24
                  185.211.51.0/24
                  185.249.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:8f:12:0a:c6:88:00:00:3e:fb:83:8a:82:9e:6b:64:a7:be:
         f0:68:7a:f4:4d:d7:22:56:1b:41:83:26:1e:8d:f9:76:c1:4d:
         41:8f:30:9d:40:d8:35:4f:bc:05:af:1d:b9:eb:03:f3:53:73:
         5d:6f:c2:38:5f:27:a4:9c:5a:2b:be:d2:12:67:61:74:1d:95:
         6f:36:bd:fb:c6:35:c5:d6:28:a7:ba:18:06:84:de:57:aa:d6:
         ec:e4:cb:df:1a:e5:87:89:97:7e:b1:71:fa:e8:e5:eb:98:30:
         12:73:34:11:5f:e9:d4:db:d2:af:83:bd:b0:95:26:8e:94:f1:
         eb:2f:70:a9:44:10:48:71:43:67:1e:55:dc:75:e2:60:bf:48:
         aa:19:00:4e:38:42:60:19:fe:2e:7c:6f:d9:fb:f7:d4:17:d3:
         8c:9a:05:19:e8:04:4c:51:26:0f:72:95:7e:8f:4c:da:b4:f3:
         e2:c9:ac:53:1b:be:ff:fe:d0:08:b7:db:67:ea:cf:98:04:59:
         e8:13:7f:30:a6:ff:58:2c:bb:ec:56:85:a8:be:36:8d:41:26:
         0d:43:9b:1f:cf:0f:ef:24:82:28:19:d6:47:b6:20:6a:3c:8f:
         ff:fd:11:96:5d:9a:81:6b:25:c3:cb:eb:1c:f9:eb:74:0d:78:
         85:8e:1f:61
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGMkeyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIx
ODE2MTkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA0ZGUwNDI0MmU4
ODk2ZDJmYTA1YjQzOGYzNzgzYTllMjVhNWY3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiEceyDjHNHjaaywuK/nFctrHrSR3kkwspS5rmw86UNwbAx
oVHSJHCpViBMXAhCXUv5X5/rqF8Tas/BDUkOsKyffd4H68LlpZQ6ZF9TRC0Bz8ik
BgGFCoz1WfVvi240L/BTADFZbjxNKJFoWHCKmfVTENji9zrdDVwOx0JdgYZwFOTi
Sb4hvIiHgTHBpfdBYiFVD0phgGmPGPj+JqebLay10HaAxyZv91i/ZZs2Nkz/YJY3
eh8XmTFMEGE1So+LJIrQ28a+Vsobc5C07Z9/RGQ3oc7SjMJNTxwFvqIpDowzvAuL
ARvhAOG1sYLCSzoaPXf8rWcCyie1VmN5i5FCUP8CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTQTeBCQuiJbS+gW0OPN4Op4lpfdTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzBFM2dRa0xvaVcwdm9GdERqemVEcWVKYVgzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAC1VVwMEAE+POAMEAE+POgMEALl3
/AMEALl6JAMEALm5+wMEALnTMwMEALn52jANBgkqhkiG9w0BAQsFAAOCAQEAt48S
CsaIAAA++4OKgp5rZKe+8Gh69E3XIlYbQYMmHo35dsFNQY8wnUDYNU+8Ba8duesD
81NzXW/COF8npJxaK77SEmdhdB2Vbza9+8Y1xdYop7oYBoTeV6rW7OTL3xrlh4mX
frFx+ujl65gwEnM0EV/p1NvSr4O9sJUmjpTx6y9wqUQQSHFDZx5V3HXiYL9IqhkA
TjhCYBn+Lnxv2fv31BfTjJoFGegETFEmD3KVfo9M2rTz4smsUxu+//7QCLfbZ+rP
mARZ6BN/MKb/WCy77FaFqL42jUEmDUObH88P7ySCKBnWR7YgajyP//0Rll2agWsl
w8vrHPnrdA14hY4fYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org