Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/o0D1woHGuWNfF-xbUlY4B5tEglM.roa
File:                     o0D1woHGuWNfF-xbUlY4B5tEglM.roa (raw, json)
Hash identifier:          nbSLbWAFx1qKZgarOjQajXAyPhrITqaIY8CB6TCMX9s=
Subject key identifier:   A3:40:F5:C2:81:C6:B9:63:5F:17:EC:5B:52:56:38:07:9B:44:82:53
Certificate issuer:       /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial:       0185B1
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/o0D1woHGuWNfF-xbUlY4B5tEglM.roa
Signing time:             Thu 28 Apr 2022 12:39:40 +0000
ROA not before:           Thu 28 Apr 2022 12:39:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39888
IP address blocks:        185.75.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99761 (0x185b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
        Validity
            Not Before: Apr 28 12:39:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a340f5c281c6b9635f17ec5b525638079b448253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:da:8c:41:8b:7c:89:20:77:e7:e1:3a:05:15:
                    94:30:5c:05:ff:b8:f6:af:4d:f0:22:98:29:8b:52:
                    fd:74:ed:f4:5c:10:81:df:c3:25:e9:cb:20:7d:3f:
                    9a:70:70:6c:cc:25:80:1e:27:92:6e:fd:6a:64:fb:
                    8d:02:14:c2:be:cb:bc:52:dc:ce:e6:2b:d3:81:8f:
                    3e:4d:cf:9c:29:c7:73:69:00:f7:af:8b:e2:b0:df:
                    a7:53:5f:51:99:2b:28:81:e5:ee:f7:2a:01:77:a7:
                    12:0d:50:a4:a9:fd:e5:81:cf:1a:b6:3f:49:b0:b7:
                    64:b6:37:17:60:5a:b9:36:71:c0:f9:b0:c7:e2:bb:
                    21:53:e6:47:3f:b7:ca:38:21:98:e3:f4:3c:60:a2:
                    b2:b0:fc:ec:8c:71:cf:c8:2a:5d:d6:c5:70:fb:16:
                    ff:e0:db:0d:ad:ed:68:30:ca:49:ba:72:c8:dd:f5:
                    d3:f4:6a:41:62:4f:37:16:f6:03:00:75:ce:da:ef:
                    17:2f:2c:69:0e:72:3b:b7:96:39:5e:58:d3:e2:31:
                    b3:e7:d4:ed:44:d6:d3:4d:a9:9c:2d:ed:15:d8:97:
                    83:02:93:65:cf:c4:e0:a2:cf:91:b4:8f:b7:f7:20:
                    fa:5a:05:a6:7f:99:0b:3d:fe:c0:3b:32:97:1e:dc:
                    bc:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:40:F5:C2:81:C6:B9:63:5F:17:EC:5B:52:56:38:07:9B:44:82:53
            X509v3 Authority Key Identifier:
                keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/o0D1woHGuWNfF-xbUlY4B5tEglM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:7c:fd:f5:f9:75:41:93:7e:bb:ce:63:7b:93:fe:2a:88:1f:
         fa:de:1b:ba:d0:6a:6e:01:c8:87:5e:9b:d3:77:d0:4e:b6:fd:
         76:20:72:35:e2:9e:77:fe:eb:ab:6c:06:13:1b:76:69:b5:0f:
         95:22:79:49:55:bf:8a:13:d3:94:f9:8e:12:8c:84:ad:98:a2:
         67:fb:ad:57:02:b6:a7:f9:4b:0b:bc:11:ea:3e:95:1e:92:97:
         0a:4d:6d:78:95:94:fd:65:1f:e0:5d:23:53:4e:b3:52:d4:1a:
         68:c4:3b:df:da:79:52:92:82:bd:47:8b:c1:44:a4:ca:21:4a:
         f2:b1:0b:10:3a:04:2a:0f:b6:4f:e9:84:54:12:c2:4f:e3:34:
         f4:97:d9:66:37:37:dc:d5:80:57:e3:46:ce:98:ea:a2:46:48:
         a8:47:5e:85:60:b3:a4:e1:49:b6:2d:1c:a5:5b:4f:c3:04:41:
         6b:b9:d4:2b:8c:e6:f3:fc:d1:82:05:74:cf:48:4c:cf:84:c5:
         20:f1:5a:6f:e1:16:32:a0:40:59:b6:5f:32:68:b5:a5:b8:47:
         ea:71:08:8b:65:1c:66:e5:bb:a9:4e:5f:cf:bb:e0:f0:b6:ba:
         46:5f:96:49:7e:aa:f0:b7:70:19:fc:f3:a0:3f:9e:df:ac:79:
         9e:56:97:c8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAYWxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEy
Njk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3MjhlM2IwHhcNMjIwNDI4
MTIzOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMzQwZjVjMjgxYzZi
OTYzNWYxN2VjNWI1MjU2MzgwNzliNDQ4MjUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3NqMQYt8iSB35+E6BRWUMFwF/7j2r03wIpgpi1L9dO30XBCB
38Ml6csgfT+acHBszCWAHieSbv1qZPuNAhTCvsu8UtzO5ivTgY8+Tc+cKcdzaQD3
r4visN+nU19RmSsogeXu9yoBd6cSDVCkqf3lgc8atj9JsLdktjcXYFq5NnHA+bDH
4rshU+ZHP7fKOCGY4/Q8YKKysPzsjHHPyCpd1sVw+xb/4NsNre1oMMpJunLI3fXT
9GpBYk83FvYDAHXO2u8XLyxpDnI7t5Y5XljT4jGz59TtRNbTTamcLe0V2JeDApNl
z8Tgos+RtI+39yD6WgWmf5kLPf7AOzKXHty8TwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKNA9cKBxrljXxfsW1JWOAebRIJTMB8GA1UdIwQYMBaAFBJpT2lFoh0I0wGS
z8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5LzEv
bzBEMXdvSEd1V05mRi14YlVsWTRCNXRFZ2xNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9k
NzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5LzEvRW1sUGFVV2lIUWpU
QVpMUHdhYTNnTjV5ampzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUs1MA0GCSqGSIb3DQEBCwUAA4IB
AQCEfP31+XVBk367zmN7k/4qiB/63hu60GpuAciHXpvTd9BOtv12IHI14p53/uur
bAYTG3ZptQ+VInlJVb+KE9OU+Y4SjIStmKJn+61XAran+UsLvBHqPpUekpcKTW14
lZT9ZR/gXSNTTrNS1BpoxDvf2nlSkoK9R4vBRKTKIUrysQsQOgQqD7ZP6YRUEsJP
4zT0l9lmNzfc1YBX40bOmOqiRkioR16FYLOk4Um2LRylW0/DBEFrudQrjObz/NGC
BXTPSEzPhMUg8Vpv4RYyoEBZtl8yaLWluEfqcQiLZRxm5bupTl/Pu+DwtrpGX5ZJ
fqrwt3AZ/POgP57frHmeVpfI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org