Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5yhFEKXKsCvB7SglRZx5wDTwsfw.roa
File:                     5yhFEKXKsCvB7SglRZx5wDTwsfw.roa (raw, json)
Hash identifier:          XXP7Yfd64ECylJLxQikM2agYewUL5GWbO+450fVymAI=
Subject key identifier:   E7:28:45:10:A5:CA:B0:2B:C1:ED:28:25:45:9C:79:C0:34:F0:B1:FC
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17CC3CBD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5yhFEKXKsCvB7SglRZx5wDTwsfw.roa
Signing time:             Sat 01 Jan 2022 04:54:29 +0000
ROA not before:           Sat 01 Jan 2022 04:54:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     134098
IP address blocks:        185.207.176.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 399260861 (0x17cc3cbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e7284510a5cab02bc1ed2825459c79c034f0b1fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:f9:2e:b5:e6:0a:7c:e2:01:b3:dc:76:bf:27:
                    0e:85:f1:f9:54:0c:06:54:37:ce:79:11:e0:ef:05:
                    d5:11:17:cc:94:10:e9:1a:9d:cd:38:15:cb:53:20:
                    18:09:10:67:0a:4a:76:f2:11:1a:27:8e:d3:23:79:
                    b2:c8:e6:3a:fd:30:47:89:90:99:6a:89:45:04:05:
                    2e:27:5e:85:e9:73:54:8e:9a:48:c6:02:54:23:ed:
                    1d:c9:64:a4:4a:51:56:bf:7d:68:73:1c:e4:97:7c:
                    c5:cf:46:bc:ee:55:3a:d5:cf:10:f1:c2:44:d5:23:
                    4d:c4:69:e7:07:e2:68:eb:1f:f8:90:b0:16:7b:75:
                    ae:ae:0d:41:ca:04:f4:8d:db:9d:2f:f2:46:b1:18:
                    de:2b:33:43:48:67:11:c7:24:79:42:e2:a9:59:6d:
                    df:52:71:85:f6:b7:cc:ff:43:ed:a6:c7:19:98:e7:
                    7d:ac:3c:7b:95:72:5f:95:37:d2:f8:00:50:1f:f7:
                    cf:c0:fe:c1:05:72:08:61:f0:59:20:66:c1:54:26:
                    3c:b7:f8:a5:88:82:c8:07:69:64:0a:8c:d9:65:06:
                    ae:53:43:90:64:0b:d5:a1:d6:ad:74:2b:b6:18:81:
                    45:67:8f:c1:44:27:ef:79:df:39:19:99:79:d0:44:
                    a2:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:28:45:10:A5:CA:B0:2B:C1:ED:28:25:45:9C:79:C0:34:F0:B1:FC
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5yhFEKXKsCvB7SglRZx5wDTwsfw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:7c:a6:a7:90:a4:4d:ff:da:81:b5:db:67:e6:86:ef:d5:f5:
         f6:c2:36:60:e4:47:a9:6b:67:9a:ed:8e:00:43:b3:00:17:81:
         de:3e:fe:f8:d4:aa:8b:c6:42:88:b9:49:cf:48:b7:51:78:e4:
         e7:54:43:28:e9:0b:fc:d0:ff:1c:a1:10:7f:2f:4a:7f:04:a1:
         5a:a6:1e:6e:47:83:0d:ab:0a:c1:cd:f5:a5:6b:e9:99:65:a5:
         18:84:69:94:66:c7:67:e7:e9:82:ee:f0:99:c6:49:35:b8:2f:
         f9:98:a7:b2:13:cf:4f:9d:28:98:fb:cd:1a:2a:46:c8:c6:1a:
         bb:d1:61:ce:ad:57:77:e3:8b:76:03:75:a5:90:d7:5e:f4:fe:
         4d:ff:fc:a8:83:3a:aa:fc:68:fd:1e:a9:55:0f:f0:6f:be:66:
         89:7a:cd:bf:56:f2:ea:a5:6e:b2:bb:52:97:96:ba:a6:bf:6e:
         b4:4b:94:f3:7c:65:ee:4e:38:5a:f6:15:6c:e8:b1:5b:bd:cf:
         fe:f5:9d:6b:f5:5e:50:10:7a:66:2b:ac:eb:5d:d9:3c:8e:19:
         e5:47:f1:a9:50:0d:b2:28:13:56:54:b8:51:e5:7e:f9:65:09:
         47:03:ff:0b:6d:e7:37:2c:9f:aa:cd:f9:76:8c:cc:78:f6:9f:
         bf:1b:fb:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF8w8vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTcyODQ1MTBhNWNh
YjAyYmMxZWQyODI1NDU5Yzc5YzAzNGYwYjFmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANH5LrXmCnziAbPcdr8nDoXx+VQMBlQ3znkR4O8F1REXzJQQ
6RqdzTgVy1MgGAkQZwpKdvIRGieO0yN5ssjmOv0wR4mQmWqJRQQFLidehelzVI6a
SMYCVCPtHclkpEpRVr99aHMc5Jd8xc9GvO5VOtXPEPHCRNUjTcRp5wfiaOsf+JCw
Fnt1rq4NQcoE9I3bnS/yRrEY3iszQ0hnEcckeULiqVlt31Jxhfa3zP9D7abHGZjn
faw8e5VyX5U30vgAUB/3z8D+wQVyCGHwWSBmwVQmPLf4pYiCyAdpZAqM2WUGrlND
kGQL1aHWrXQrthiBRWePwUQn73nfORmZedBEolMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTnKEUQpcqwK8HtKCVFnHnANPCx/DAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzV5aEZFS1hLc0N2QjdTZ2xSWng1d0RUd3Nmdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnPsDANBgkqhkiG9w0BAQsFAAOC
AQEAAnymp5CkTf/agbXbZ+aG79X19sI2YORHqWtnmu2OAEOzABeB3j7++NSqi8ZC
iLlJz0i3UXjk51RDKOkL/ND/HKEQfy9KfwShWqYebkeDDasKwc31pWvpmWWlGIRp
lGbHZ+fpgu7wmcZJNbgv+ZinshPPT50omPvNGipGyMYau9Fhzq1Xd+OLdgN1pZDX
XvT+Tf/8qIM6qvxo/R6pVQ/wb75miXrNv1by6qVusrtSl5a6pr9utEuU83xl7k44
WvYVbOixW73P/vWda/VeUBB6Zius613ZPI4Z5UfxqVANsigTVlS4UeV++WUJRwP/
C23nNyyfqs35dozMePafvxv7og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org