Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/xnn1XBtd76CO4b7uKJS4LUonKuM.roa
File:                     xnn1XBtd76CO4b7uKJS4LUonKuM.roa (raw, json)
Hash identifier:          EkEePAQhwN/1Gzm+6jggAOR9kw0mIEK/iB8LSJ+mU0c=
Subject key identifier:   C6:79:F5:5C:1B:5D:EF:A0:8E:E1:BE:EE:28:94:B8:2D:4A:27:2A:E3
Certificate issuer:       /CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Certificate serial:       035AC7CA
Authority key identifier: 53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/xnn1XBtd76CO4b7uKJS4LUonKuM.roa
Signing time:             Sat 01 Jan 2022 02:00:49 +0000
ROA not before:           Sat 01 Jan 2022 02:00:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60008
IP address blocks:        185.54.125.0/24 maxlen: 24
                          185.54.124.0/23 maxlen: 23
                          185.54.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56281034 (0x35ac7ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53787cd7946e10d88646ac79de57cc6ec59e4132
        Validity
            Not Before: Jan  1 02:00:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c679f55c1b5defa08ee1beee2894b82d4a272ae3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c7:89:a6:21:cb:f0:b1:50:71:ef:01:26:ae:
                    b4:f3:ba:0d:7d:13:6e:05:a6:89:b2:1f:7f:11:14:
                    70:69:03:a5:e3:de:de:94:d5:eb:3d:1d:6d:ce:9c:
                    e0:d2:e9:5f:36:75:bc:42:c8:59:22:b0:13:67:ba:
                    b9:11:f6:1d:b7:b8:cd:69:14:ff:e2:64:b0:52:a5:
                    1f:e3:d4:c0:f6:b6:25:f7:fe:e6:d5:74:30:a7:40:
                    af:8a:2a:5e:41:22:0f:e2:29:e9:63:7a:28:e2:4a:
                    5a:e9:ec:73:ab:87:bd:5e:96:68:48:50:a3:9b:2a:
                    aa:b9:94:29:d1:41:c4:dd:bc:5d:4c:76:4f:8c:f0:
                    16:50:fc:09:16:43:d3:dc:d6:a9:81:f6:ce:7f:5f:
                    5d:48:1c:ed:8a:8e:3a:e6:7e:4a:17:3c:fc:c5:9e:
                    9c:7f:b1:ab:78:8e:c4:c6:b3:18:ac:cd:db:bb:dd:
                    ef:95:9a:63:5e:f7:34:12:03:41:c8:41:45:8c:39:
                    2e:fa:5d:9c:37:70:69:50:96:e8:aa:97:35:60:28:
                    85:bb:6e:7c:de:3b:7d:c9:5f:4a:50:c2:d2:c6:17:
                    ea:27:70:0a:eb:54:44:68:74:76:1e:f2:78:96:95:
                    0b:4e:d5:48:c5:63:ea:70:ae:b0:73:e3:d6:13:5c:
                    02:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:79:F5:5C:1B:5D:EF:A0:8E:E1:BE:EE:28:94:B8:2D:4A:27:2A:E3
            X509v3 Authority Key Identifier:
                keyid:53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/xnn1XBtd76CO4b7uKJS4LUonKuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         32:90:6d:d3:63:ca:d4:42:96:be:3d:8d:68:15:1e:d5:f7:b6:
         38:aa:4a:37:b3:52:fc:f5:ab:d8:eb:51:18:64:f3:09:76:f9:
         94:18:bf:04:9e:cc:ce:da:ee:2d:4c:40:48:ef:b4:73:63:d1:
         b4:cd:2e:95:4c:da:94:a3:98:fe:83:67:7d:d0:10:ed:0a:85:
         b8:91:09:aa:84:d7:d6:21:a2:45:2b:56:ce:e4:32:8c:17:d3:
         b7:f9:6b:8b:a6:de:0a:60:f3:1d:80:43:f1:5b:ce:5e:31:7f:
         20:ed:f5:82:a7:73:fb:9a:2c:bc:e1:9f:8e:6f:8b:d2:53:a0:
         12:88:46:c7:46:54:76:1a:2b:97:ae:48:31:ba:48:fd:7a:32:
         ec:7c:3f:46:f5:87:7f:7c:76:3a:8e:ae:f5:d8:c9:d7:85:22:
         91:cb:05:c8:df:aa:ee:0e:55:09:25:6f:d2:f0:94:4b:d4:19:
         ed:11:49:d6:8e:52:e8:a4:be:6e:85:32:d7:da:14:b3:4e:89:
         92:45:91:70:68:f8:71:dc:a6:c1:24:51:97:9c:06:d3:48:8d:
         b4:88:c3:77:a5:16:e2:07:ca:a1:f1:c5:2e:35:e7:93:b6:12:
         d8:b5:34:6e:22:20:fa:de:95:6a:08:08:88:b9:2d:96:92:56:
         9f:20:54:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1rHyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Mzc4N2NkNzk0NmUxMGQ4ODY0NmFjNzlkZTU3Y2M2ZWM1OWU0MTMyMB4XDTIyMDEw
MTAyMDA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3OWY1NWMxYjVk
ZWZhMDhlZTFiZWVlMjg5NGI4MmQ0YTI3MmFlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/HiaYhy/CxUHHvASautPO6DX0TbgWmibIffxEUcGkDpePe
3pTV6z0dbc6c4NLpXzZ1vELIWSKwE2e6uRH2Hbe4zWkU/+JksFKlH+PUwPa2Jff+
5tV0MKdAr4oqXkEiD+Ip6WN6KOJKWunsc6uHvV6WaEhQo5sqqrmUKdFBxN28XUx2
T4zwFlD8CRZD09zWqYH2zn9fXUgc7YqOOuZ+Shc8/MWenH+xq3iOxMazGKzN27vd
75WaY173NBIDQchBRYw5LvpdnDdwaVCW6KqXNWAohbtufN47fclfSlDC0sYX6idw
CutURGh0dh7yeJaVC07VSMVj6nCusHPj1hNcAk8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGefVcG13voI7hvu4olLgtSicq4zAfBgNVHSMEGDAWgBRTeHzXlG4Q2IZG
rHneV8xuxZ5BMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UzaDgxNVJ1RU5pR1JxeDUzbGZNYnNXZVFUSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYzc3ODI1LTY4YTMtNGIzZS1iYzkwLTUyM2ZkODZhMDdjNy8x
L3hubjFYQnRkNzZDTzRiN3VLSlM0TFVvbkt1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
Yzc3ODI1LTY4YTMtNGIzZS1iYzkwLTUyM2ZkODZhMDdjNy8xL1UzaDgxNVJ1RU5p
R1JxeDUzbGZNYnNXZVFUSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbk2fDANBgkqhkiG9w0BAQsFAAOC
AQEAMpBt02PK1EKWvj2NaBUe1fe2OKpKN7NS/PWr2OtRGGTzCXb5lBi/BJ7Mztru
LUxASO+0c2PRtM0ulUzalKOY/oNnfdAQ7QqFuJEJqoTX1iGiRStWzuQyjBfTt/lr
i6beCmDzHYBD8VvOXjF/IO31gqdz+5osvOGfjm+L0lOgEohGx0ZUdhorl65IMbpI
/Xoy7Hw/RvWHf3x2Oo6u9djJ14UikcsFyN+q7g5VCSVv0vCUS9QZ7RFJ1o5S6KS+
boUy19oUs06JkkWRcGj4cdymwSRRl5wG00iNtIjDd6UW4gfKofHFLjXnk7YS2LU0
biIg+t6VaggIiLktlpJWnyBUVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:28 2024 by rpki-client on console-ams.rpki-client.org