Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t6Lf7P_GDT1WLnP0xkJkEHvP2z8.roa
File:                     t6Lf7P_GDT1WLnP0xkJkEHvP2z8.roa (raw, json)
Hash identifier:          D7pDuH2ca03kq/nzliQCBYl2ZW3ipOWNVKSr/zx6fU4=
Subject key identifier:   B7:A2:DF:EC:FF:C6:0D:3D:56:2E:73:F4:C6:42:64:10:7B:CF:DB:3F
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17C93E0E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t6Lf7P_GDT1WLnP0xkJkEHvP2z8.roa
Signing time:             Sat 01 Jan 2022 04:54:27 +0000
ROA not before:           Sat 01 Jan 2022 04:54:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     131477
IP address blocks:        185.188.5.0/24 maxlen: 24
                          185.255.152.0/23 maxlen: 32
                          185.255.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 399064590 (0x17c93e0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7a2dfecffc60d3d562e73f4c64264107bcfdb3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:bf:0a:6e:2a:94:ab:01:db:a6:d1:bf:26:e7:
                    3c:38:a8:64:b2:e6:d8:6b:9d:c6:19:b2:ba:93:86:
                    76:9c:a2:02:49:fc:61:d1:85:ef:4b:82:21:8b:c5:
                    fc:91:f5:fb:eb:23:65:f5:c2:00:c0:d5:52:56:6d:
                    47:6d:2b:b3:32:86:ba:d8:db:3f:de:81:98:52:2d:
                    32:a9:e0:5f:e1:51:96:88:b3:fa:75:a9:b8:39:66:
                    dc:0d:50:7f:cf:0c:cb:cc:39:29:b9:9f:69:90:f9:
                    ae:16:5e:f9:34:46:47:f1:63:fa:ea:d5:bc:58:e5:
                    3f:14:14:d3:97:5b:11:38:02:78:66:a4:5a:88:b8:
                    6d:49:aa:d4:10:1b:7b:ef:9c:9a:05:c4:18:ab:88:
                    84:38:3a:2d:88:91:74:29:55:1d:8c:05:0b:59:3c:
                    ab:4b:c4:ec:d6:14:f7:3f:ef:68:0a:83:08:e4:14:
                    b3:8f:1b:fd:3a:04:1a:f7:3d:d1:9c:4d:e2:04:47:
                    61:de:b7:0f:a5:d6:8b:63:3e:52:d3:ca:02:2c:64:
                    24:2b:d1:76:af:a8:95:ff:14:0b:d6:8d:21:3c:a0:
                    db:21:b1:86:ea:a3:f1:f2:7e:78:8d:ce:20:6f:18:
                    93:7a:af:d4:c0:7e:92:35:7a:83:44:d9:41:63:b5:
                    a0:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:A2:DF:EC:FF:C6:0D:3D:56:2E:73:F4:C6:42:64:10:7B:CF:DB:3F
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t6Lf7P_GDT1WLnP0xkJkEHvP2z8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.188.5.0/24
                  185.255.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         67:ca:35:91:50:53:ef:f8:19:0b:4d:e5:da:65:15:4e:0d:b8:
         e6:21:b1:ac:a9:da:65:5a:32:04:15:cc:85:d2:54:62:84:c6:
         1a:6a:47:db:c4:0e:38:62:af:14:e0:2d:b9:e8:53:18:02:eb:
         c5:27:40:3c:4c:03:22:23:4e:8b:11:00:a7:35:9c:cf:d9:48:
         d5:a3:f2:62:21:c6:1f:2b:45:60:66:3f:89:22:c9:d8:dc:9f:
         1f:da:72:b4:c5:c7:9e:4c:60:75:7a:6c:0e:99:f9:7a:4b:a5:
         21:d4:7f:05:43:5a:10:b5:be:44:2e:0e:0c:e7:45:e2:f1:bf:
         9f:53:67:8c:f3:24:61:4e:c9:4a:85:8b:bb:21:0d:10:ae:99:
         3c:f5:43:35:48:eb:90:0d:f2:38:32:54:25:13:51:94:7b:22:
         1d:0b:1b:61:3b:54:a0:d2:bf:32:ba:51:51:c0:66:de:93:be:
         b8:99:61:21:ef:04:e7:57:84:4d:25:1f:5e:f5:ea:76:d7:20:
         6c:2e:67:13:57:e7:40:97:a2:7c:47:7e:a5:8e:85:32:a1:18:
         5c:6f:51:68:a7:89:cf:cd:77:87:6a:06:c4:69:99:50:d1:2f:
         38:5d:09:c7:d6:0f:1e:eb:6b:69:ee:a5:66:5c:bc:d7:0b:64:
         f0:92:32:79
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF8k+DjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdhMmRmZWNmZmM2
MGQzZDU2MmU3M2Y0YzY0MjY0MTA3YmNmZGIzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe/Cm4qlKsB26bRvybnPDioZLLm2GudxhmyupOGdpyiAkn8
YdGF70uCIYvF/JH1++sjZfXCAMDVUlZtR20rszKGutjbP96BmFItMqngX+FRloiz
+nWpuDlm3A1Qf88My8w5KbmfaZD5rhZe+TRGR/Fj+urVvFjlPxQU05dbETgCeGak
Woi4bUmq1BAbe++cmgXEGKuIhDg6LYiRdClVHYwFC1k8q0vE7NYU9z/vaAqDCOQU
s48b/ToEGvc90ZxN4gRHYd63D6XWi2M+UtPKAixkJCvRdq+olf8UC9aNITyg2yGx
huqj8fJ+eI3OIG8Yk3qv1MB+kjV6g0TZQWO1oHECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS3ot/s/8YNPVYuc/TGQmQQe8/bPzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3Q2TGY3UF9HRFQxV0xuUDB4a0prRUh2UDJ6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALm8BQMEAbn/mDANBgkqhkiG9w0B
AQsFAAOCAQEAZ8o1kVBT7/gZC03l2mUVTg245iGxrKnaZVoyBBXMhdJUYoTGGmpH
28QOOGKvFOAtuehTGALrxSdAPEwDIiNOixEApzWcz9lI1aPyYiHGHytFYGY/iSLJ
2NyfH9pytMXHnkxgdXpsDpn5ekulIdR/BUNaELW+RC4ODOdF4vG/n1NnjPMkYU7J
SoWLuyENEK6ZPPVDNUjrkA3yODJUJRNRlHsiHQsbYTtUoNK/MrpRUcBm3pO+uJlh
Ie8E51eETSUfXvXqdtcgbC5nE1fnQJeifEd+pY6FMqEYXG9RaKeJz813h2oGxGmZ
UNEvOF0Jx9YPHutrae6lZly81wtk8JIyeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org