Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KrN2NcSJs8vhpQumvUr6JnnyY6o.roa
File:                     KrN2NcSJs8vhpQumvUr6JnnyY6o.roa (raw, json)
Hash identifier:          tVa0ybRByWocnHdADFT/n5aWcwf/0fjWd+EihqnkVfM=
Subject key identifier:   2A:B3:76:35:C4:89:B3:CB:E1:A5:0B:A6:BD:4A:FA:26:79:F2:63:AA
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       18DA92ED
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KrN2NcSJs8vhpQumvUr6JnnyY6o.roa
Signing time:             Tue 22 Feb 2022 15:27:39 +0000
ROA not before:           Tue 22 Feb 2022 15:27:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25926
IP address blocks:        185.120.7.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 416977645 (0x18da92ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Feb 22 15:27:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ab37635c489b3cbe1a50ba6bd4afa2679f263aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a2:bb:2e:c9:ee:96:94:48:8a:c0:a0:92:14:
                    33:34:04:71:4d:f4:27:c2:9f:fe:ef:42:63:07:03:
                    5e:65:35:b5:52:3a:aa:d4:a4:d6:ca:b0:91:49:21:
                    9f:cd:3d:9b:ab:32:df:69:6c:7d:7e:7d:d0:e9:45:
                    fc:b2:f0:28:fc:ca:14:63:28:03:1a:dc:cf:cb:a5:
                    a4:61:0f:29:d2:14:ad:52:df:87:5b:7e:5f:b9:f1:
                    24:b2:ab:16:d4:bd:27:70:21:8c:69:7c:3f:d4:3e:
                    b2:c0:7a:15:bc:79:2a:30:f8:fd:c2:c3:14:1b:ac:
                    fc:65:4e:c3:93:f3:d9:c1:45:e0:76:24:4c:3f:f7:
                    13:ca:e7:45:51:40:7e:b4:e4:32:42:c7:4e:ae:a9:
                    e8:87:1a:6a:8d:b2:cf:b7:0f:e2:a2:c4:a8:0f:17:
                    3f:14:3f:fd:c0:45:f0:39:1e:8c:8c:31:36:f8:b4:
                    63:a7:49:95:cd:c9:96:d4:7d:8c:7d:81:aa:75:da:
                    9e:f3:e5:d8:e5:3a:7b:bc:e2:eb:9f:38:c3:9e:80:
                    75:0e:73:b0:94:50:da:f1:b0:da:8d:e5:a2:e4:61:
                    ef:10:ad:e4:d3:c0:70:0c:ea:5c:16:8a:68:10:ef:
                    88:c6:be:8b:de:e0:4d:ac:98:09:c2:22:14:b0:8e:
                    90:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B3:76:35:C4:89:B3:CB:E1:A5:0B:A6:BD:4A:FA:26:79:F2:63:AA
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KrN2NcSJs8vhpQumvUr6JnnyY6o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.120.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:3f:4c:02:02:32:1d:76:fc:6c:4a:2f:a4:05:ff:37:2e:fc:
         e8:05:67:6c:43:52:c9:54:e5:73:10:34:2d:96:9a:10:6b:28:
         6e:4a:95:b8:47:bf:26:7a:2c:10:3f:10:7a:32:d3:1e:e8:d8:
         10:a8:66:43:cc:a3:66:82:bc:79:b9:cb:39:b5:f3:bc:7e:c4:
         5a:ad:4a:b9:c5:81:03:de:b6:cf:2f:4d:14:48:83:28:a4:9e:
         49:ff:2f:68:3d:82:7f:a0:cf:c1:d1:75:7c:d3:f0:95:69:54:
         2b:1a:af:75:ef:ce:74:1c:4a:2f:45:aa:49:c0:8b:ca:8f:3b:
         cc:72:1f:ac:4a:43:75:61:2b:48:c9:11:8c:f4:65:70:ca:b6:
         73:fd:bb:c2:c9:b9:15:c5:41:30:88:88:5e:82:30:ef:35:5d:
         2f:c0:f7:7a:f2:3e:e5:55:e3:42:f7:9f:f3:02:55:42:e3:a4:
         0f:8e:eb:6f:e5:8c:a2:0a:b9:6d:9e:20:05:4d:d5:5d:57:10:
         22:23:e3:9b:ab:3f:2e:fb:a3:88:6d:55:a8:aa:45:0a:0b:eb:
         fc:b4:66:c0:b0:6f:e7:0b:9e:8d:86:f1:96:15:de:51:ea:ee:
         7c:37:a0:1b:ed:6e:8b:64:4d:6b:e3:a4:54:64:4d:5c:60:01:
         47:0d:48:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGNqS7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIy
MjE1MjczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiMzc2MzVjNDg5
YjNjYmUxYTUwYmE2YmQ0YWZhMjY3OWYyNjNhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIaiuy7J7paUSIrAoJIUMzQEcU30J8Kf/u9CYwcDXmU1tVI6
qtSk1sqwkUkhn809m6sy32lsfX590OlF/LLwKPzKFGMoAxrcz8ulpGEPKdIUrVLf
h1t+X7nxJLKrFtS9J3AhjGl8P9Q+ssB6Fbx5KjD4/cLDFBus/GVOw5Pz2cFF4HYk
TD/3E8rnRVFAfrTkMkLHTq6p6Icaao2yz7cP4qLEqA8XPxQ//cBF8DkejIwxNvi0
Y6dJlc3JltR9jH2BqnXanvPl2OU6e7zi6584w56AdQ5zsJRQ2vGw2o3louRh7xCt
5NPAcAzqXBaKaBDviMa+i97gTayYCcIiFLCOkN8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqs3Y1xImzy+GlC6a9SvomefJjqjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0tyTjJOY1NKczh2aHBRdW12VXI2Sm5ueVk2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALl4BzANBgkqhkiG9w0BAQsFAAOC
AQEAbj9MAgIyHXb8bEovpAX/Ny786AVnbENSyVTlcxA0LZaaEGsobkqVuEe/Jnos
ED8QejLTHujYEKhmQ8yjZoK8ebnLObXzvH7EWq1KucWBA962zy9NFEiDKKSeSf8v
aD2Cf6DPwdF1fNPwlWlUKxqvde/OdBxKL0WqScCLyo87zHIfrEpDdWErSMkRjPRl
cMq2c/27wsm5FcVBMIiIXoIw7zVdL8D3evI+5VXjQvef8wJVQuOkD47rb+WMogq5
bZ4gBU3VXVcQIiPjm6s/LvujiG1VqKpFCgvr/LRmwLBv5wuejYbxlhXeUerufDeg
G+1ui2RNa+OkVGRNXGABRw1I+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org