Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Sru4NgLuGKKLQYiodUyXPl9I_kY.roa
File:                     Sru4NgLuGKKLQYiodUyXPl9I_kY.roa (raw, json)
Hash identifier:          NN49PgA2lSbpZbnOrE1Ck4cqVm8L1pNQtoyZ+YGtjMo=
Subject key identifier:   4A:BB:B8:36:02:EE:18:A2:8B:41:88:A8:75:4C:97:3E:5F:48:FE:46
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17E44663
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Sru4NgLuGKKLQYiodUyXPl9I_kY.roa
Signing time:             Sat 01 Jan 2022 04:54:42 +0000
ROA not before:           Sat 01 Jan 2022 04:54:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207983
IP address blocks:        185.255.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 400836195 (0x17e44663)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4abbb83602ee18a28b4188a8754c973e5f48fe46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:8e:91:85:40:52:27:17:df:2f:d9:08:7e:c0:
                    6c:4f:8b:bf:ab:19:ef:49:c8:a5:bf:fb:d1:42:a9:
                    5e:c9:95:6c:91:63:72:9a:53:16:53:79:72:9d:93:
                    4d:05:4a:8f:43:a0:72:1a:d6:10:96:fb:04:6e:21:
                    3a:81:f3:31:ef:17:f8:c0:27:08:9b:96:29:25:90:
                    43:51:d6:06:92:51:d6:82:85:ca:e1:46:41:a8:6a:
                    6e:65:9b:15:58:7f:27:5f:66:1c:ad:94:c4:3b:f9:
                    f5:9e:53:27:60:ca:62:27:33:ed:6d:21:4b:4c:c1:
                    5a:c2:1d:65:3b:13:49:13:c8:e0:b0:0c:2b:72:98:
                    b9:23:87:ef:75:65:c7:34:90:ee:bf:2d:e3:ec:cd:
                    a6:12:08:08:df:72:b6:2a:4a:b2:45:71:38:69:8c:
                    e6:89:62:f7:b5:04:89:1d:8f:6d:bf:95:cb:ca:87:
                    59:65:9c:34:f2:ba:62:ad:97:2e:3a:89:62:2e:0a:
                    fa:cf:8a:51:9a:02:50:5c:ab:0a:80:ad:f9:4b:b2:
                    d7:c9:7e:42:73:f6:45:d4:ba:3d:6d:99:7e:54:f8:
                    48:84:3c:1f:5e:92:1e:0a:e7:f4:fe:1d:31:44:2f:
                    3e:e9:2b:85:dd:c2:7d:cf:e2:ff:aa:01:02:4c:d5:
                    11:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:BB:B8:36:02:EE:18:A2:8B:41:88:A8:75:4C:97:3E:5F:48:FE:46
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Sru4NgLuGKKLQYiodUyXPl9I_kY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:b6:07:c9:7c:e6:2f:5c:07:1f:04:52:5d:39:e0:71:b5:d7:
         c9:08:ab:83:f1:05:d8:de:85:8a:c0:46:96:e0:a2:8c:de:ea:
         f3:a3:05:6e:b8:2e:58:49:3e:f2:d9:f6:59:1b:3d:b9:c7:37:
         86:25:85:e1:fb:ca:2c:13:31:37:47:81:f4:dc:7c:7c:af:73:
         57:6b:5c:cc:0a:84:c4:1b:91:d5:ff:b6:99:6c:bf:9f:b9:3f:
         bd:4d:42:4a:d7:1f:4f:1e:dd:ad:16:df:4a:65:8c:5f:ef:29:
         b6:55:06:58:c2:68:ba:3d:e3:9f:07:80:b9:39:70:0f:cd:f2:
         05:76:a0:12:96:4e:80:a5:05:01:7c:ee:58:d7:99:7e:5d:a0:
         6c:29:d7:d8:6d:7f:de:4b:da:d5:65:1b:74:8a:b4:53:90:f6:
         88:00:57:be:40:3a:48:9b:7a:c9:85:7a:2c:bc:a6:89:33:51:
         db:b1:8a:50:33:9c:fe:86:1f:b9:89:c3:89:41:d9:81:68:46:
         ba:06:4d:9e:79:85:40:1b:81:99:f5:d3:67:28:d2:6c:72:35:
         28:b6:7c:0d:d8:b4:ed:49:04:bc:f3:a9:8e:7d:89:ff:ad:7d:
         f2:29:68:1a:e2:81:a5:7b:5b:3d:fb:9d:36:bd:68:06:d1:2d:
         d2:5b:16:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+RGYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFiYmI4MzYwMmVl
MThhMjhiNDE4OGE4NzU0Yzk3M2U1ZjQ4ZmU0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+OkYVAUicX3y/ZCH7AbE+Lv6sZ70nIpb/70UKpXsmVbJFj
cppTFlN5cp2TTQVKj0OgchrWEJb7BG4hOoHzMe8X+MAnCJuWKSWQQ1HWBpJR1oKF
yuFGQahqbmWbFVh/J19mHK2UxDv59Z5TJ2DKYicz7W0hS0zBWsIdZTsTSRPI4LAM
K3KYuSOH73VlxzSQ7r8t4+zNphIICN9ytipKskVxOGmM5oli97UEiR2Pbb+Vy8qH
WWWcNPK6Yq2XLjqJYi4K+s+KUZoCUFyrCoCt+Uuy18l+QnP2RdS6PW2ZflT4SIQ8
H16SHgrn9P4dMUQvPukrhd3Cfc/i/6oBAkzVEVUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKu7g2Au4YootBiKh1TJc+X0j+RjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1NydTROZ0x1R0tLTFFZaW9kVXlYUGw5SV9rWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn/mjANBgkqhkiG9w0BAQsFAAOC
AQEAlbYHyXzmL1wHHwRSXTngcbXXyQirg/EF2N6FisBGluCijN7q86MFbrguWEk+
8tn2WRs9ucc3hiWF4fvKLBMxN0eB9Nx8fK9zV2tczAqExBuR1f+2mWy/n7k/vU1C
StcfTx7drRbfSmWMX+8ptlUGWMJouj3jnweAuTlwD83yBXagEpZOgKUFAXzuWNeZ
fl2gbCnX2G1/3kva1WUbdIq0U5D2iABXvkA6SJt6yYV6LLymiTNR27GKUDOc/oYf
uYnDiUHZgWhGugZNnnmFQBuBmfXTZyjSbHI1KLZ8Ddi07UkEvPOpjn2J/6198ilo
GuKBpXtbPfudNr1oBtEt0lsWIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org