Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_ub7_fhJV_GlbZu7Bnr3dDCtnLc.roa
File:                     _ub7_fhJV_GlbZu7Bnr3dDCtnLc.roa (raw, json)
Hash identifier:          kajRW/L0OPWSms7YP+sOeIMU8aq8MiHfzdhPN+ayTMQ=
Subject key identifier:   FE:E6:FB:FD:F8:49:57:F1:A5:6D:9B:BB:06:7A:F7:74:30:AD:9C:B7
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17BBA77E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_ub7_fhJV_GlbZu7Bnr3dDCtnLc.roa
Signing time:             Sat 01 Jan 2022 04:54:17 +0000
ROA not before:           Sat 01 Jan 2022 04:54:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51167
IP address blocks:        185.115.243.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 398174078 (0x17bba77e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fee6fbfdf84957f1a56d9bbb067af77430ad9cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:82:bd:25:61:60:4f:d9:e5:8c:d7:10:af:61:
                    ea:54:29:0e:3b:47:c5:a8:b1:c8:21:d9:7e:4a:e9:
                    1e:e0:fc:f3:08:af:21:a3:f8:31:c9:e4:4d:ae:f6:
                    09:b5:c3:11:ac:fa:5b:49:1c:39:f5:c5:1a:20:0d:
                    5a:48:85:16:08:82:cd:45:8b:e3:ff:75:0e:79:c8:
                    2a:7e:a7:5e:fb:3e:eb:e9:8b:a2:48:16:d1:01:e5:
                    f8:ab:c5:62:ad:a3:65:be:99:84:1d:c1:42:6c:69:
                    f3:69:32:0e:c6:10:1c:ad:a7:a9:62:cd:5e:9c:07:
                    4b:0f:27:ac:41:cd:de:75:09:39:8d:ef:26:19:8a:
                    49:64:b9:8e:63:ba:04:84:37:d5:29:a6:ea:95:d6:
                    09:9e:29:ba:16:45:10:0d:78:84:b0:18:68:83:03:
                    46:69:6d:57:9b:a8:d2:22:0d:1f:f2:ae:fa:7c:fe:
                    6d:81:3d:9e:dc:de:0d:b8:fc:9d:92:a7:8b:df:fb:
                    b6:10:b8:da:85:a1:f3:00:b3:8b:96:80:9f:3f:bc:
                    7a:d2:43:7c:5d:19:4f:3f:27:d7:1c:0a:90:8a:f9:
                    f5:56:2f:8b:22:0b:93:96:d0:a0:39:b4:ee:dd:f4:
                    53:de:aa:86:15:d4:61:56:31:e9:8d:3b:3b:89:15:
                    b0:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:E6:FB:FD:F8:49:57:F1:A5:6D:9B:BB:06:7A:F7:74:30:AD:9C:B7
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_ub7_fhJV_GlbZu7Bnr3dDCtnLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:83:51:90:df:71:ee:6e:89:6e:97:d6:b1:c4:1d:a3:ee:9f:
         5c:ae:bc:5f:56:e9:00:8d:d0:81:49:e6:a1:c1:2c:27:99:72:
         48:65:6d:0a:49:3e:8c:d4:44:bf:5d:9d:fe:72:fe:b1:ba:1c:
         79:a4:f9:70:dc:6e:1c:fc:78:8a:d0:b4:6d:12:9f:aa:db:9f:
         1c:cc:11:cd:0f:d6:fd:ea:c3:83:e1:b8:49:0f:dc:c0:8c:61:
         73:98:f8:4d:01:8f:31:39:b3:9a:23:c4:ef:b3:eb:cd:ea:93:
         8d:d2:50:5f:6e:37:05:e4:44:ff:5d:35:e0:5d:8b:b6:d7:39:
         8a:af:1f:e1:cf:7a:c9:3b:5a:ef:d5:9b:a1:e4:a4:a6:65:26:
         c0:fa:11:9a:81:77:7c:f7:e9:e3:b3:07:1b:45:2e:80:62:65:
         5c:d7:46:dd:ab:42:41:4d:fb:17:bd:dd:38:be:b8:3c:da:74:
         07:13:00:f1:24:a9:53:37:30:07:5d:0e:b7:52:8c:bb:64:fb:
         5f:91:00:5c:b0:f5:96:ab:32:2f:ec:65:9d:5e:ab:e6:cc:41:
         35:c0:6e:c4:6f:a1:16:51:f4:95:ca:7c:74:af:56:b3:1f:5f:
         c9:1d:7e:33:81:ce:db:f0:af:87:f0:a0:17:80:af:28:ac:90:
         65:d5:43:ac
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF7unfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmVlNmZiZmRmODQ5
NTdmMWE1NmQ5YmJiMDY3YWY3NzQzMGFkOWNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKCvSVhYE/Z5YzXEK9h6lQpDjtHxaixyCHZfkrpHuD88wiv
IaP4McnkTa72CbXDEaz6W0kcOfXFGiANWkiFFgiCzUWL4/91DnnIKn6nXvs+6+mL
okgW0QHl+KvFYq2jZb6ZhB3BQmxp82kyDsYQHK2nqWLNXpwHSw8nrEHN3nUJOY3v
JhmKSWS5jmO6BIQ31Smm6pXWCZ4puhZFEA14hLAYaIMDRmltV5uo0iINH/Ku+nz+
bYE9ntzeDbj8nZKni9/7thC42oWh8wCzi5aAnz+8etJDfF0ZTz8n1xwKkIr59VYv
iyILk5bQoDm07t30U96qhhXUYVYx6Y07O4kVsLkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+5vv9+ElX8aVtm7sGevd0MK2ctzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L191YjdfZmhKVl9HbGJadTdCbnIzZERDdG5MYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlz8zANBgkqhkiG9w0BAQsFAAOC
AQEAyYNRkN9x7m6JbpfWscQdo+6fXK68X1bpAI3QgUnmocEsJ5lySGVtCkk+jNRE
v12d/nL+sboceaT5cNxuHPx4itC0bRKfqtufHMwRzQ/W/erDg+G4SQ/cwIxhc5j4
TQGPMTmzmiPE77PrzeqTjdJQX243BeRE/1014F2Lttc5iq8f4c96yTta79WboeSk
pmUmwPoRmoF3fPfp47MHG0UugGJlXNdG3atCQU37F73dOL64PNp0BxMA8SSpUzcw
B10Ot1KMu2T7X5EAXLD1lqsyL+xlnV6r5sxBNcBuxG+hFlH0lcp8dK9Wsx9fyR1+
M4HO2/Cvh/CgF4CvKKyQZdVDrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org