Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/H252oy8JsH_fnzQu3VpK0rwgELU.roa
File:                     H252oy8JsH_fnzQu3VpK0rwgELU.roa (raw, json)
Hash identifier:          1wQw0/cYRqxxvQjbTaplitzVDCvKd/x8k0Cs/aS1oiU=
Subject key identifier:   1F:6E:76:A3:2F:09:B0:7F:DF:9F:34:2E:DD:5A:4A:D2:BC:20:10:B5
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1A024F10
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/H252oy8JsH_fnzQu3VpK0rwgELU.roa
Signing time:             Wed 04 May 2022 22:48:22 +0000
ROA not before:           Wed 04 May 2022 22:48:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        2.59.174.0/24 maxlen: 32
                          213.232.104.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 436358928 (0x1a024f10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: May  4 22:48:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f6e76a32f09b07fdf9f342edd5a4ad2bc2010b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fb:c9:ab:f8:28:32:2a:77:40:8a:95:c8:63:
                    20:d4:03:07:5d:5c:39:1d:bf:42:d6:f3:9b:6d:df:
                    7f:e9:8e:13:f6:8e:ab:d0:50:c4:05:cc:05:8f:96:
                    89:e1:5f:0b:68:b2:3a:77:76:a5:0c:fe:31:49:f9:
                    47:50:dd:8e:f4:81:de:77:56:10:5d:5d:ac:38:88:
                    62:ca:64:65:db:90:29:87:60:4b:23:4a:47:8f:ba:
                    d2:72:2c:09:34:38:2b:d5:b3:c9:a7:32:14:61:94:
                    38:e1:cf:98:b3:d0:76:22:56:61:c6:8a:b1:60:2f:
                    ab:e9:34:d5:ee:0e:ae:b7:e5:6c:f0:9c:1d:26:db:
                    b9:aa:80:8a:46:6e:a8:39:4c:36:ea:50:34:ff:8b:
                    6b:a1:d4:2d:c7:0b:a2:a1:ba:2b:65:15:78:c7:11:
                    e3:7e:6a:2d:fd:1a:9b:f8:d9:a1:4f:c6:b2:c9:f7:
                    5e:0b:c0:1c:6b:2d:cd:c5:63:49:74:12:e7:54:42:
                    4f:0e:7a:8a:c6:ce:da:14:96:35:45:2a:56:1b:a4:
                    0b:9a:30:a7:f5:8d:f0:52:9f:0d:30:20:7a:7b:bd:
                    09:59:31:8c:be:2f:f7:cd:12:e8:1c:0b:ae:dd:65:
                    45:06:6d:d9:b0:fa:e9:34:59:82:4a:a9:f6:c1:df:
                    36:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:6E:76:A3:2F:09:B0:7F:DF:9F:34:2E:DD:5A:4A:D2:BC:20:10:B5
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/H252oy8JsH_fnzQu3VpK0rwgELU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.174.0/24
                  213.232.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:69:16:b0:0f:b4:d5:c0:27:e4:7d:46:ec:97:a4:c9:04:e5:
         12:25:87:9e:01:9b:be:54:81:b7:dc:62:d2:47:95:c9:bc:de:
         ea:f0:70:6d:24:fe:88:fa:9b:00:a5:af:73:25:3e:48:ef:17:
         5f:77:1a:84:51:cb:86:36:dd:ca:4c:2b:d6:5d:7e:19:e9:52:
         c9:92:64:3b:45:4a:78:ce:97:16:f8:b6:d8:e8:7f:32:e7:0a:
         9a:64:81:5a:ac:c0:e6:84:81:cf:d9:9f:5f:fc:e9:bc:c4:ff:
         c8:c4:66:d0:f1:2c:cf:76:b4:86:c9:bc:3d:ca:e9:65:17:74:
         2d:17:5c:f3:e4:71:80:e4:4e:4d:e2:6c:34:9c:21:e1:8d:d1:
         68:1a:0a:aa:8b:e0:5c:e1:4c:4c:6c:8e:23:fa:8a:9f:71:68:
         9a:ec:9a:e3:92:7a:06:46:8d:8c:3a:27:af:00:d2:d8:ae:f8:
         df:ab:20:6a:9a:b7:56:8f:a1:f7:43:51:2d:e7:88:5d:bd:f6:
         64:da:ea:04:f0:af:f2:da:f0:e3:08:f5:d7:c8:d6:6e:fc:9c:
         e0:c1:dd:93:db:bd:0f:cc:52:ee:65:b1:99:af:78:29:5c:0b:
         b4:aa:dc:ff:7c:53:1b:c6:f1:f5:08:eb:23:93:36:b9:4c:6e:
         89:77:f9:66
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGgJPEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDUw
NDIyNDgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY2ZTc2YTMyZjA5
YjA3ZmRmOWYzNDJlZGQ1YTRhZDJiYzIwMTBiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAND7yav4KDIqd0CKlchjINQDB11cOR2/Qtbzm23ff+mOE/aO
q9BQxAXMBY+WieFfC2iyOnd2pQz+MUn5R1DdjvSB3ndWEF1drDiIYspkZduQKYdg
SyNKR4+60nIsCTQ4K9WzyacyFGGUOOHPmLPQdiJWYcaKsWAvq+k01e4OrrflbPCc
HSbbuaqAikZuqDlMNupQNP+La6HULccLoqG6K2UVeMcR435qLf0am/jZoU/Gssn3
XgvAHGstzcVjSXQS51RCTw56isbO2hSWNUUqVhukC5owp/WN8FKfDTAgenu9CVkx
jL4v980S6BwLrt1lRQZt2bD66TRZgkqp9sHfNmECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQfbnajLwmwf9+fNC7dWkrSvCAQtTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0gyNTJveThKc0hfZm56UXUzVnBLMHJ3Z0VMVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAI7rgMEANXoaDANBgkqhkiG9w0B
AQsFAAOCAQEAEGkWsA+01cAn5H1G7JekyQTlEiWHngGbvlSBt9xi0keVybze6vBw
bST+iPqbAKWvcyU+SO8XX3cahFHLhjbdykwr1l1+GelSyZJkO0VKeM6XFvi22Oh/
MucKmmSBWqzA5oSBz9mfX/zpvMT/yMRm0PEsz3a0hsm8PcrpZRd0LRdc8+RxgORO
TeJsNJwh4Y3RaBoKqovgXOFMTGyOI/qKn3Fomuya45J6BkaNjDonrwDS2K7436sg
apq3Vo+h90NRLeeIXb32ZNrqBPCv8trw4wj118jWbvyc4MHdk9u9D8xS7mWxma94
KVwLtKrc/3xTG8bx9QjrI5M2uUxuiXf5Zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org