Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/6cVU0ZUshC4KjNWVBAsgvKglrEA.roa
File:                     6cVU0ZUshC4KjNWVBAsgvKglrEA.roa (raw, json)
Hash identifier:          f+bgN3icM6FUAg6Qm6dxxovXkvz89enbsiSn6oq1zfI=
Subject key identifier:   E9:C5:54:D1:95:2C:84:2E:0A:8C:D5:95:04:0B:20:BC:A8:25:AC:40
Certificate issuer:       /CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Certificate serial:       0B14D4A8
Authority key identifier: 87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/6cVU0ZUshC4KjNWVBAsgvKglrEA.roa
Signing time:             Sat 01 Jan 2022 06:00:43 +0000
ROA not before:           Sat 01 Jan 2022 06:00:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200286
IP address blocks:        185.59.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 185914536 (0xb14d4a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
        Validity
            Not Before: Jan  1 06:00:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9c554d1952c842e0a8cd595040b20bca825ac40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ef:87:80:00:f6:cd:8d:c3:d8:ac:3f:df:6c:
                    cd:bf:4d:65:c0:4b:dd:40:71:6e:b5:34:1d:44:30:
                    85:64:94:40:fc:57:92:b1:6d:75:62:ba:9b:7f:ad:
                    8d:65:8f:bc:d9:62:1a:4f:3e:26:13:73:bd:65:10:
                    fb:fe:39:3b:1a:cd:e3:85:3f:05:b3:56:f1:01:63:
                    b5:4b:5a:95:60:96:b5:95:d7:c3:b3:4a:5a:a2:4f:
                    5b:47:80:e0:a6:e4:bd:2d:93:f0:ee:25:af:16:24:
                    29:7e:ac:6c:c0:54:5b:40:18:2b:60:cf:bf:36:55:
                    d1:0b:74:0d:2b:55:57:40:6e:ea:5a:62:b9:12:e2:
                    74:62:3c:9e:0f:c6:70:80:b5:4b:be:05:15:de:73:
                    7b:90:80:6b:77:77:e4:f4:d5:68:e4:ab:72:c3:77:
                    01:7f:55:10:b2:fd:ca:9a:4f:b7:74:f9:64:d2:a1:
                    7e:3d:43:7e:a2:45:41:cb:f5:a7:9d:32:ec:a4:f3:
                    13:7f:72:a3:ae:80:da:56:4a:f1:59:05:0d:14:da:
                    e5:74:ea:8a:07:1a:2a:b6:af:fa:25:e2:43:b4:cb:
                    ce:a3:d7:1b:ed:61:99:b0:ac:59:ea:cc:5f:55:5e:
                    95:f3:16:88:76:36:fa:be:be:29:47:71:0e:db:14:
                    97:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C5:54:D1:95:2C:84:2E:0A:8C:D5:95:04:0B:20:BC:A8:25:AC:40
            X509v3 Authority Key Identifier:
                keyid:87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/6cVU0ZUshC4KjNWVBAsgvKglrEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/h8N9A12V_vuh1H-Yuf9Jc_F99s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.59.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:fa:d1:64:71:5d:11:e7:65:39:9f:20:60:5d:79:d1:84:2e:
         d2:fe:ad:7e:7a:44:5d:b7:53:67:d8:22:41:31:0d:77:8b:19:
         c5:88:22:88:60:8f:dc:38:82:64:ea:f0:1f:6f:4a:49:d3:d7:
         49:18:2f:c9:64:e0:4f:c1:76:01:55:d8:d9:f8:7b:6f:70:df:
         f8:db:5b:a7:fb:a2:a0:18:91:a6:32:8e:1f:49:23:09:85:f8:
         6a:d0:31:30:82:61:f2:f8:18:32:c2:a6:f1:4c:6f:7f:b8:a1:
         3c:39:dd:a8:49:6a:96:d8:76:84:88:f3:ec:77:6b:5b:52:8f:
         c1:fa:0e:4c:b7:6e:a1:26:06:50:80:83:47:91:5b:6e:51:74:
         53:b0:f6:6d:44:46:31:2c:fc:41:e8:b5:ea:be:31:70:59:d9:
         6c:cb:56:73:6a:d9:e0:6b:a8:88:c5:73:b9:e2:42:cf:29:94:
         ed:94:33:cf:8a:fd:12:e8:c6:86:31:c9:3b:a1:53:0d:ff:b2:
         b0:70:3d:b4:ab:a8:78:54:2c:87:3b:60:df:29:9a:7d:52:c0:
         90:6f:88:eb:2c:4d:aa:b9:99:3a:08:6c:ff:5d:64:01:3a:51:
         58:47:d0:3d:bd:39:ca:d5:62:b8:1f:df:09:1a:47:95:86:8e:
         82:a9:7f:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECxTUqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2MzN2QwMzVkOTVmZWZiYTFkNDdmOThiOWZmNDk3M2YxN2RmNmNkMB4XDTIyMDEw
MTA2MDA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTljNTU0ZDE5NTJj
ODQyZTBhOGNkNTk1MDQwYjIwYmNhODI1YWM0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjvh4AA9s2Nw9isP99szb9NZcBL3UBxbrU0HUQwhWSUQPxX
krFtdWK6m3+tjWWPvNliGk8+JhNzvWUQ+/45OxrN44U/BbNW8QFjtUtalWCWtZXX
w7NKWqJPW0eA4KbkvS2T8O4lrxYkKX6sbMBUW0AYK2DPvzZV0Qt0DStVV0Bu6lpi
uRLidGI8ng/GcIC1S74FFd5ze5CAa3d35PTVaOSrcsN3AX9VELL9yppPt3T5ZNKh
fj1DfqJFQcv1p50y7KTzE39yo66A2lZK8VkFDRTa5XTqigcaKrav+iXiQ7TLzqPX
G+1hmbCsWerMX1VelfMWiHY2+r6+KUdxDtsUl2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTpxVTRlSyELgqM1ZUECyC8qCWsQDAfBgNVHSMEGDAWgBSHw30DXZX++6HU
f5i5/0lz8X32zTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g4TjlBMTJWX3Z1aDFILVl1ZjlKY19GOTlzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvNWVmMDYwLWY0NzMtNDA0My1iOGEyLWUxYjdjNzY0OWZhMy8x
LzZjVlUwWlVzaEM0S2pOV1ZCQXNndktnbHJFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
NWVmMDYwLWY0NzMtNDA0My1iOGEyLWUxYjdjNzY0OWZhMy8xL2g4TjlBMTJWX3Z1
aDFILVl1ZjlKY19GOTlzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk7NDANBgkqhkiG9w0BAQsFAAOC
AQEAMfrRZHFdEedlOZ8gYF150YQu0v6tfnpEXbdTZ9giQTENd4sZxYgiiGCP3DiC
ZOrwH29KSdPXSRgvyWTgT8F2AVXY2fh7b3Df+Ntbp/uioBiRpjKOH0kjCYX4atAx
MIJh8vgYMsKm8Uxvf7ihPDndqElqlth2hIjz7HdrW1KPwfoOTLduoSYGUICDR5Fb
blF0U7D2bURGMSz8Qei16r4xcFnZbMtWc2rZ4GuoiMVzueJCzymU7ZQzz4r9EujG
hjHJO6FTDf+ysHA9tKuoeFQshztg3ymafVLAkG+I6yxNqrmZOghs/11kATpRWEfQ
Pb05ytViuB/fCRpHlYaOgql/lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:44 2024 by rpki-client on console-ams.rpki-client.org