Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o3e-uaoZgqFhh7pBEERdvb02U_E.roa
File:                     o3e-uaoZgqFhh7pBEERdvb02U_E.roa (raw, json)
Hash identifier:          wcy/B/j+GDaDeNpTYzBVmqmgo0kc+qvcHkPQZTn/VGo=
Subject key identifier:   A3:77:BE:B9:AA:19:82:A1:61:87:BA:41:10:44:5D:BD:BD:36:53:F1
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17DE1C21
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o3e-uaoZgqFhh7pBEERdvb02U_E.roa
Signing time:             Sat 01 Jan 2022 04:54:38 +0000
ROA not before:           Sat 01 Jan 2022 04:54:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204099
IP address blocks:        185.115.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 400432161 (0x17de1c21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a377beb9aa1982a16187ba4110445dbdbd3653f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:19:6a:26:de:6f:8e:7c:b3:d9:0e:d1:5e:62:
                    7d:cc:17:5b:4a:d5:8f:e7:56:bd:af:6f:d9:81:a6:
                    25:4e:18:d8:f4:cb:06:e3:c7:83:cc:4e:2a:fa:d8:
                    71:7d:76:6e:27:e6:b8:26:d6:4b:30:ac:7c:e3:fe:
                    b6:0a:de:71:c0:81:01:23:a0:eb:a2:1e:6b:a2:45:
                    cb:d4:5e:4b:c4:0e:a4:68:13:2f:c5:3c:d9:c8:4a:
                    8b:6e:e1:d4:ea:70:39:44:c2:2d:66:29:05:cf:b9:
                    ca:c9:bc:8d:38:df:5b:a0:a5:d7:51:f5:fb:a2:64:
                    cd:85:ce:2e:62:79:26:c5:97:7f:41:f9:7c:83:e8:
                    95:02:e8:6a:3c:bc:9d:88:42:61:12:67:30:16:03:
                    5a:24:c6:6f:d6:c0:20:26:59:18:30:77:a3:c9:cf:
                    5b:0b:8f:30:90:62:04:d6:04:54:1d:cf:35:94:c7:
                    8f:be:84:8c:6e:8c:4d:3c:ee:a4:c6:9b:8b:3b:e2:
                    f5:26:44:5e:86:4c:cc:7e:a9:26:e4:19:40:ae:ad:
                    39:80:6a:1e:74:1a:44:8d:ca:59:fd:c9:54:ac:7a:
                    ae:62:ad:bc:95:6b:92:fc:5c:7a:60:81:3a:6e:97:
                    82:dc:41:f9:eb:7a:af:16:e2:69:2e:ef:e4:ed:62:
                    77:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:77:BE:B9:AA:19:82:A1:61:87:BA:41:10:44:5D:BD:BD:36:53:F1
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/o3e-uaoZgqFhh7pBEERdvb02U_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:ba:0b:86:f8:f3:0c:1e:62:5f:b8:39:c5:1e:d3:7d:59:41:
         c7:55:bf:2a:2c:86:5a:14:3c:81:cf:c2:41:f9:f7:c1:39:0a:
         4f:22:c5:6c:fc:fb:f3:bd:eb:c6:d5:c5:78:c0:72:59:8e:9d:
         5f:aa:a1:87:c8:ee:01:3e:75:52:04:d9:a5:0a:a0:d5:40:75:
         e0:d6:9c:d4:33:54:a9:b9:1e:ca:a0:98:b4:83:53:5f:9b:bf:
         27:d5:1f:61:ac:0a:80:cf:7a:b3:80:d5:e0:f8:bd:a5:d1:59:
         84:14:1e:33:a4:c1:48:c3:c9:24:1f:c0:f0:5f:20:60:0d:d4:
         b3:cf:08:c7:eb:e1:bb:3e:6e:73:95:be:78:27:80:e7:da:b8:
         b4:e6:37:24:b9:a9:c6:13:30:2a:1a:a1:8a:3d:64:ec:f8:e6:
         76:6f:f1:56:6f:0a:df:47:e5:45:f1:07:1c:cb:49:23:8f:4a:
         90:4f:3b:0a:0d:bb:0a:9a:7b:93:4d:e4:80:73:98:3b:6a:d0:
         be:be:7c:5c:42:6c:f6:02:04:7d:21:31:2f:88:d6:6a:fc:fb:
         b3:1b:53:39:35:3c:da:39:ff:38:ce:81:5b:d8:5a:c5:7d:ec:
         02:cc:8f:c4:ba:c9:bf:4a:6b:13:1d:5b:dc:12:83:54:40:07:
         64:c5:fb:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF94cITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM3N2JlYjlhYTE5
ODJhMTYxODdiYTQxMTA0NDVkYmRiZDM2NTNmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYZaibeb458s9kO0V5ifcwXW0rVj+dWva9v2YGmJU4Y2PTL
BuPHg8xOKvrYcX12bifmuCbWSzCsfOP+tgreccCBASOg66Iea6JFy9ReS8QOpGgT
L8U82chKi27h1OpwOUTCLWYpBc+5ysm8jTjfW6Cl11H1+6JkzYXOLmJ5JsWXf0H5
fIPolQLoajy8nYhCYRJnMBYDWiTGb9bAICZZGDB3o8nPWwuPMJBiBNYEVB3PNZTH
j76EjG6MTTzupMabizvi9SZEXoZMzH6pJuQZQK6tOYBqHnQaRI3KWf3JVKx6rmKt
vJVrkvxcemCBOm6XgtxB+et6rxbiaS7v5O1id80CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjd765qhmCoWGHukEQRF29vTZT8TAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L28zZS11YW9aZ3FGaGg3cEJFRVJkdmIwMlVfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlzfDANBgkqhkiG9w0BAQsFAAOC
AQEAo7oLhvjzDB5iX7g5xR7TfVlBx1W/KiyGWhQ8gc/CQfn3wTkKTyLFbPz7873r
xtXFeMByWY6dX6qhh8juAT51UgTZpQqg1UB14Nac1DNUqbkeyqCYtINTX5u/J9Uf
YawKgM96s4DV4Pi9pdFZhBQeM6TBSMPJJB/A8F8gYA3Us88Ix+vhuz5uc5W+eCeA
59q4tOY3JLmpxhMwKhqhij1k7Pjmdm/xVm8K30flRfEHHMtJI49KkE87Cg27Cpp7
k03kgHOYO2rQvr58XEJs9gIEfSExL4jWavz7sxtTOTU82jn/OM6BW9haxX3sAsyP
xLrJv0prEx1b3BKDVEAHZMX7tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org