Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G5xZG_uKL-3MBmC6ulLiCdUHShQ.roa
File:                     G5xZG_uKL-3MBmC6ulLiCdUHShQ.roa (raw, json)
Hash identifier:          ENSQS1je6LXKWWPEOCkNTRiPQ3wmqZv7LGgDeydT7s0=
Subject key identifier:   1B:9C:59:1B:FB:8A:2F:ED:CC:06:60:BA:BA:52:E2:09:D5:07:4A:14
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17EBAE3A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G5xZG_uKL-3MBmC6ulLiCdUHShQ.roa
Signing time:             Sat 01 Jan 2022 04:54:46 +0000
ROA not before:           Sat 01 Jan 2022 04:54:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209669
IP address blocks:        185.251.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401321530 (0x17ebae3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b9c591bfb8a2fedcc0660baba52e209d5074a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3a:1a:21:fa:4c:18:a6:0e:8d:05:ec:f3:38:
                    3f:c2:10:3c:13:73:30:52:07:d2:9f:7a:47:40:33:
                    00:4d:2b:b1:1a:2a:d3:e2:66:60:2f:8f:13:07:6e:
                    a2:9f:8a:0f:ab:75:86:fa:68:ff:99:14:ae:c1:2b:
                    72:aa:bf:bc:e7:f0:c4:8c:a4:6f:a0:8d:87:a0:d0:
                    9d:3f:66:12:55:bb:4a:c5:fa:8f:f4:80:11:b0:66:
                    2c:c7:97:78:f7:3e:96:85:b7:49:d7:20:1c:b3:09:
                    84:40:25:f4:25:46:53:a4:1f:d3:2c:e1:ca:f8:14:
                    92:97:47:1b:d7:70:c5:e6:43:95:a4:2a:58:93:14:
                    2e:1e:a3:b2:a7:d5:8f:9f:83:35:8f:46:b9:18:d3:
                    ec:55:1c:bc:ab:8c:ca:71:57:74:80:20:e0:a0:1e:
                    6a:49:7c:b1:0c:1b:99:6a:a3:4f:e0:b9:33:2e:b3:
                    ce:b3:6c:f4:c0:30:bc:f6:83:2a:2c:70:9f:5c:21:
                    d1:14:1e:ac:43:c9:06:cf:87:e2:07:c9:b0:0b:d3:
                    6f:c2:60:11:08:23:9d:26:3c:bf:ac:55:d4:e3:09:
                    ea:b0:42:78:ac:c4:cb:fe:a9:fa:ed:b5:09:c1:cd:
                    b5:05:d8:bc:01:5c:60:25:8e:4b:85:5d:18:37:c4:
                    94:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:9C:59:1B:FB:8A:2F:ED:CC:06:60:BA:BA:52:E2:09:D5:07:4A:14
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G5xZG_uKL-3MBmC6ulLiCdUHShQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.251.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:f6:b9:2d:63:f1:ba:46:a6:4d:f2:42:7c:d5:fd:b2:2a:81:
         c6:fd:00:da:17:61:0f:b9:77:b6:50:6e:03:32:b7:15:19:40:
         bd:a7:28:b9:ba:7c:9d:3f:99:eb:c6:39:05:a7:fb:88:a8:02:
         f0:70:46:bc:d6:70:99:6e:6b:6b:3a:94:fc:1e:d1:c2:08:e0:
         3d:89:c5:a4:86:de:61:0c:1a:da:1a:2d:8a:65:0c:0c:4e:21:
         40:af:76:8c:fe:6c:1e:bd:eb:4f:88:57:df:a5:0b:75:6c:07:
         a8:ba:b2:a5:76:fc:f6:82:b8:86:7e:e3:a5:20:c7:65:a3:11:
         80:11:f8:65:13:4a:b7:35:65:16:30:ee:86:95:fb:b5:ff:90:
         fb:78:67:bb:bf:7d:66:7d:e7:21:95:40:bb:c2:46:69:0c:9b:
         02:91:f0:c2:58:d7:fe:c9:44:bc:3b:a6:d0:3d:a2:60:73:48:
         e7:b8:6c:4f:e4:e1:90:4b:41:80:f8:8d:80:81:73:b6:73:3e:
         33:eb:bc:37:e0:86:8a:0b:17:73:3f:08:1b:bc:90:eb:4c:e1:
         59:7a:20:29:e9:6f:c0:6a:26:bb:fa:67:86:47:3f:08:ff:90:
         8b:4c:1e:20:3b:43:10:11:d0:62:18:14:44:f1:c3:b5:82:c5:
         a3:8e:73:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+uuOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI5YzU5MWJmYjhh
MmZlZGNjMDY2MGJhYmE1MmUyMDlkNTA3NGExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALg6GiH6TBimDo0F7PM4P8IQPBNzMFIH0p96R0AzAE0rsRoq
0+JmYC+PEwduop+KD6t1hvpo/5kUrsErcqq/vOfwxIykb6CNh6DQnT9mElW7SsX6
j/SAEbBmLMeXePc+loW3SdcgHLMJhEAl9CVGU6Qf0yzhyvgUkpdHG9dwxeZDlaQq
WJMULh6jsqfVj5+DNY9GuRjT7FUcvKuMynFXdIAg4KAeakl8sQwbmWqjT+C5My6z
zrNs9MAwvPaDKixwn1wh0RQerEPJBs+H4gfJsAvTb8JgEQgjnSY8v6xV1OMJ6rBC
eKzEy/6p+u21CcHNtQXYvAFcYCWOS4VdGDfElDkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbnFkb+4ov7cwGYLq6UuIJ1QdKFDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0c1eFpHX3VLTC0zTUJtQzZ1bExpQ2RVSFNoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn76DANBgkqhkiG9w0BAQsFAAOC
AQEAn/a5LWPxukamTfJCfNX9siqBxv0A2hdhD7l3tlBuAzK3FRlAvacoubp8nT+Z
68Y5Baf7iKgC8HBGvNZwmW5razqU/B7RwgjgPYnFpIbeYQwa2hotimUMDE4hQK92
jP5sHr3rT4hX36ULdWwHqLqypXb89oK4hn7jpSDHZaMRgBH4ZRNKtzVlFjDuhpX7
tf+Q+3hnu799Zn3nIZVAu8JGaQybApHwwljX/slEvDum0D2iYHNI57hsT+ThkEtB
gPiNgIFztnM+M+u8N+CGigsXcz8IG7yQ60zhWXogKelvwGomu/pnhkc/CP+Qi0we
IDtDEBHQYhgURPHDtYLFo45zaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org