Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/95A0CAvlpAVJD7Bee-zzB9NlxSI.roa
File:                     95A0CAvlpAVJD7Bee-zzB9NlxSI.roa (raw, json)
Hash identifier:          dC4T/3Y+I9e7JAmC8/JkPhEc0NNYeHTgG3SmkYtmCU4=
Subject key identifier:   F7:90:34:08:0B:E5:A4:05:49:0F:B0:5E:7B:EC:F3:07:D3:65:C5:22
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17C7DECE
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/95A0CAvlpAVJD7Bee-zzB9NlxSI.roa
Signing time:             Sat 01 Jan 2022 04:54:26 +0000
ROA not before:           Sat 01 Jan 2022 04:54:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62523
IP address blocks:        185.182.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 398974670 (0x17c7dece)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f79034080be5a405490fb05e7becf307d365c522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:2d:05:bb:1f:da:26:da:b3:2f:3d:26:83:
                    fb:54:94:2e:1e:93:f3:07:57:22:75:2f:37:6a:b8:
                    b6:20:ff:b4:d7:cc:16:ed:80:8a:62:82:20:a2:a0:
                    b1:0b:dc:5e:01:a0:0a:a6:35:6f:6d:bf:7d:3d:b3:
                    df:82:b3:f0:76:f2:6e:fe:05:1a:d6:c7:4f:28:09:
                    14:d4:47:aa:65:51:ae:2d:c1:2f:6f:c5:04:88:59:
                    cd:73:c7:da:bd:6b:cc:a1:2f:95:67:6b:77:c0:e9:
                    96:4b:f9:29:bf:60:f5:75:f9:8b:cf:00:fa:4b:1c:
                    04:bb:a2:10:2e:6e:b6:4f:a5:16:d0:79:e0:82:71:
                    b2:26:64:a4:7a:c5:fb:f1:e4:89:6f:80:11:35:9a:
                    e5:8b:58:13:2f:44:35:1b:b0:d4:e5:cb:d3:ec:4a:
                    fc:73:35:f6:ec:e8:ed:a4:72:ac:b5:ad:90:05:3c:
                    8a:0a:d4:15:1d:e2:88:78:32:67:12:e0:e3:11:c5:
                    06:0f:08:13:6d:9f:b8:98:02:7f:e2:2e:5d:49:9d:
                    8f:aa:24:2c:7a:58:65:62:f0:4e:be:1f:0b:58:7b:
                    4b:a9:46:95:e1:c3:2b:ad:e5:62:16:e0:f5:5f:2a:
                    da:cc:6d:2c:08:91:99:9c:64:6d:11:5b:83:b5:62:
                    91:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:90:34:08:0B:E5:A4:05:49:0F:B0:5E:7B:EC:F3:07:D3:65:C5:22
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/95A0CAvlpAVJD7Bee-zzB9NlxSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:74:20:ed:6b:80:9c:d1:85:98:6f:fe:97:f9:f3:55:ac:49:
         d3:9b:c7:49:80:8a:f0:13:eb:a5:c8:56:6f:a3:cf:d9:26:0c:
         58:dd:fa:9f:b2:37:87:37:39:6e:fb:6b:54:28:5c:13:25:d9:
         57:8a:b7:01:1c:ea:ee:4b:11:c0:10:f4:bf:5a:b5:62:75:b8:
         a3:55:22:f5:df:3e:97:9c:c9:58:06:0e:59:6f:23:d9:f3:fa:
         ed:02:66:5f:97:4a:16:89:bf:91:d1:d0:d5:bc:9a:0d:0f:d8:
         22:1e:bf:cd:9d:2a:c5:85:3f:da:9f:75:91:c7:e6:63:f4:51:
         ee:ed:69:ce:8b:91:21:99:09:f8:d8:53:0e:f6:1d:87:f3:81:
         0e:ca:c5:bb:a7:b9:f1:f7:f7:51:70:d9:d0:f8:f6:09:b0:e3:
         b2:74:2f:65:9e:6f:07:f1:f4:69:15:a8:68:66:7c:67:c8:aa:
         81:ac:3d:a9:ff:25:7b:04:47:b2:7b:c4:eb:e5:8d:33:e7:73:
         15:c8:b6:85:03:57:bd:ec:f0:cb:88:62:91:bd:5d:d1:3d:3b:
         73:d2:38:48:51:ac:00:0b:2a:68:1e:21:e1:ad:e5:52:fe:32:
         c3:5d:82:07:b6:04:7d:4e:85:65:f4:3b:d3:61:2f:97:f4:df:
         1c:77:66:10
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF8fezjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc5MDM0MDgwYmU1
YTQwNTQ5MGZiMDVlN2JlY2YzMDdkMzY1YzUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHrLQW7H9om2rMvPSaD+1SULh6T8wdXInUvN2q4tiD/tNfM
Fu2AimKCIKKgsQvcXgGgCqY1b22/fT2z34Kz8Hbybv4FGtbHTygJFNRHqmVRri3B
L2/FBIhZzXPH2r1rzKEvlWdrd8Dplkv5Kb9g9XX5i88A+kscBLuiEC5utk+lFtB5
4IJxsiZkpHrF+/HkiW+AETWa5YtYEy9ENRuw1OXL0+xK/HM19uzo7aRyrLWtkAU8
igrUFR3iiHgyZxLg4xHFBg8IE22fuJgCf+IuXUmdj6okLHpYZWLwTr4fC1h7S6lG
leHDK63lYhbg9V8q2sxtLAiRmZxkbRFbg7VikcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3kDQIC+WkBUkPsF577PMH02XFIjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
Lzk1QTBDQXZscEFWSkQ3QmVlLXp6QjlObHhTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm2MzANBgkqhkiG9w0BAQsFAAOC
AQEAu3Qg7WuAnNGFmG/+l/nzVaxJ05vHSYCK8BPrpchWb6PP2SYMWN36n7I3hzc5
bvtrVChcEyXZV4q3ARzq7ksRwBD0v1q1YnW4o1Ui9d8+l5zJWAYOWW8j2fP67QJm
X5dKFom/kdHQ1byaDQ/YIh6/zZ0qxYU/2p91kcfmY/RR7u1pzouRIZkJ+NhTDvYd
h/OBDsrFu6e58ff3UXDZ0Pj2CbDjsnQvZZ5vB/H0aRWoaGZ8Z8iqgaw9qf8lewRH
snvE6+WNM+dzFci2hQNXvezwy4hikb1d0T07c9I4SFGsAAsqaB4h4a3lUv4yw12C
B7YEfU6FZfQ702Evl/TfHHdmEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org