Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/xA_OHSn0aa3cG9zx85vt0V0Qd_8.roa
File:                     xA_OHSn0aa3cG9zx85vt0V0Qd_8.roa (raw, json)
Hash identifier:          xLEaVtASETGkaOd9AZFK8IlQB5uLDsXlc+vUugBrDr4=
Subject key identifier:   C4:0F:CE:1D:29:F4:69:AD:DC:1B:DC:F1:F3:9B:ED:D1:5D:10:77:FF
Certificate issuer:       /CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Certificate serial:       07A3EA41
Authority key identifier: 48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/xA_OHSn0aa3cG9zx85vt0V0Qd_8.roa
Signing time:             Sat 01 Jan 2022 09:02:14 +0000
ROA not before:           Sat 01 Jan 2022 09:02:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205796
IP address blocks:        185.206.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128182849 (0x7a3ea41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
        Validity
            Not Before: Jan  1 09:02:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c40fce1d29f469addc1bdcf1f39bedd15d1077ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:92:b7:17:08:fb:1d:1b:20:56:f1:5a:55:66:
                    9d:58:7a:02:9e:88:54:29:c3:5d:a0:52:38:71:1b:
                    c4:3a:58:5f:ee:ec:ac:81:bd:4a:00:f8:6a:cf:e6:
                    cb:4b:30:1d:49:ce:aa:4f:d1:60:57:28:d0:b4:eb:
                    e3:fc:1c:bb:d2:b6:e8:4a:ac:d5:c8:34:97:69:42:
                    e6:fd:e0:58:93:9c:70:7f:6d:a5:71:85:b2:fa:71:
                    b5:c4:e3:c9:00:26:22:21:48:c5:87:b9:a8:c0:4c:
                    e4:47:11:7f:55:64:d0:d9:cb:a7:87:91:8f:df:b6:
                    5f:c4:5a:c1:b7:09:e9:32:26:40:2b:ed:23:c4:ec:
                    c8:e1:2b:68:d8:4d:25:cb:3f:1e:09:a5:80:da:3d:
                    41:e1:aa:47:a4:ee:8e:67:e7:76:32:fc:d1:01:bd:
                    40:7c:4e:a9:a9:3b:92:e5:6b:27:f2:66:45:12:9f:
                    04:33:53:66:98:e8:c8:23:6f:13:9b:57:15:fe:69:
                    a2:04:f7:f7:26:f0:96:03:45:43:36:34:89:68:68:
                    df:29:9f:ed:bf:2f:95:e0:4a:72:3b:c6:8f:ab:51:
                    e9:20:54:56:36:fa:66:5d:56:df:68:66:5c:dd:27:
                    c1:90:d2:7f:31:e7:1c:67:d0:d8:21:db:25:fc:68:
                    d7:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:0F:CE:1D:29:F4:69:AD:DC:1B:DC:F1:F3:9B:ED:D1:5D:10:77:FF
            X509v3 Authority Key Identifier:
                keyid:48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/xA_OHSn0aa3cG9zx85vt0V0Qd_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/SAw7k_8qNPv6WuglVvZwNAy11ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:eb:37:cc:bf:4a:20:62:eb:68:35:a3:46:fd:ec:9b:5f:9d:
         e5:3d:d3:93:71:f0:66:69:d0:70:39:98:b5:2d:0d:6a:c5:5e:
         65:e9:cd:ce:ac:4f:09:91:2c:ec:c2:78:f5:2e:42:bd:7c:e0:
         7c:d1:3e:23:f1:fe:b9:8f:ac:5d:e1:70:f5:2d:12:47:ec:7e:
         10:b8:a5:99:7b:88:de:8e:09:de:d6:66:f4:03:5e:fb:b0:53:
         c8:e5:f7:8c:0e:04:e9:4f:0a:b4:65:d9:5e:88:11:1e:99:ce:
         56:3c:f2:07:73:33:58:1e:cb:8a:0f:dc:b5:d0:8a:d7:84:02:
         8c:94:e6:a1:96:ef:b2:93:d9:de:12:d6:d2:0e:c0:61:28:ab:
         70:4b:e9:09:5b:f2:fd:45:0d:f8:63:3e:3c:0a:13:df:dd:2b:
         c5:04:44:5e:e9:33:2e:ad:17:0c:a2:bd:98:d1:15:28:a3:32:
         4c:bd:04:6d:a6:2f:32:15:21:eb:e9:04:e6:c0:96:98:b9:b3:
         d2:60:72:41:48:42:5e:27:27:8d:c4:4b:27:05:c2:16:6d:db:
         3a:cd:28:d6:68:33:db:85:2c:62:b7:7c:d0:ef:e0:f5:1f:d5:
         c7:59:bf:c7:cc:20:b3:e5:5a:b5:a1:1f:83:93:27:80:c6:3a:
         a8:f4:6d:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6PqQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODBjM2I5M2ZmMmEzNGZiZmE1YWU4MjU1NmY2NzAzNDBjYjVkNWM5MB4XDTIyMDEw
MTA5MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQwZmNlMWQyOWY0
NjlhZGRjMWJkY2YxZjM5YmVkZDE1ZDEwNzdmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeStxcI+x0bIFbxWlVmnVh6Ap6IVCnDXaBSOHEbxDpYX+7s
rIG9SgD4as/my0swHUnOqk/RYFco0LTr4/wcu9K26Eqs1cg0l2lC5v3gWJOccH9t
pXGFsvpxtcTjyQAmIiFIxYe5qMBM5EcRf1Vk0NnLp4eRj9+2X8RawbcJ6TImQCvt
I8TsyOEraNhNJcs/HgmlgNo9QeGqR6TujmfndjL80QG9QHxOqak7kuVrJ/JmRRKf
BDNTZpjoyCNvE5tXFf5pogT39ybwlgNFQzY0iWho3ymf7b8vleBKcjvGj6tR6SBU
Vjb6Zl1W32hmXN0nwZDSfzHnHGfQ2CHbJfxo1/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTED84dKfRprdwb3PHzm+3RXRB3/zAfBgNVHSMEGDAWgBRIDDuT/yo0+/pa
6CVW9nA0DLXVyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBdzdrXzhxTlB2Nld1Z2xWdlp3TkF5MTFjay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMTgwMGE0LTUwZmMtNGZmOC05ZTM2LTQ5YzZmZGJiYWZiNy8x
L3hBX09IU24wYWEzY0c5eng4NXZ0MFYwUWRfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MTgwMGE0LTUwZmMtNGZmOC05ZTM2LTQ5YzZmZGJiYWZiNy8xL1NBdzdrXzhxTlB2
Nld1Z2xWdlp3TkF5MTFjay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnOPDANBgkqhkiG9w0BAQsFAAOC
AQEANes3zL9KIGLraDWjRv3sm1+d5T3Tk3HwZmnQcDmYtS0NasVeZenNzqxPCZEs
7MJ49S5CvXzgfNE+I/H+uY+sXeFw9S0SR+x+ELilmXuI3o4J3tZm9ANe+7BTyOX3
jA4E6U8KtGXZXogRHpnOVjzyB3MzWB7Lig/ctdCK14QCjJTmoZbvspPZ3hLW0g7A
YSircEvpCVvy/UUN+GM+PAoT390rxQREXukzLq0XDKK9mNEVKKMyTL0EbaYvMhUh
6+kE5sCWmLmz0mByQUhCXicnjcRLJwXCFm3bOs0o1mgz24UsYrd80O/g9R/Vx1m/
x8wgs+VataEfg5MngMY6qPRtag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org