Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/IlwNXlB9nK_19YgPqv1xLIwh1_w.roa
File:                     IlwNXlB9nK_19YgPqv1xLIwh1_w.roa (raw, json)
Hash identifier:          zXpT1xvBALxy2O5k3JCc5CmCLPqhtIMWocHGiw30998=
Subject key identifier:   22:5C:0D:5E:50:7D:9C:AF:F5:F5:88:0F:AA:FD:71:2C:8C:21:D7:FC
Certificate issuer:       /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial:       01826DA7191FD02D0B0FDA1E51FCD05B7E55
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/IlwNXlB9nK_19YgPqv1xLIwh1_w.roa
Signing time:             Fri 05 Aug 2022 10:57:23 +0000
ROA not before:           Fri 05 Aug 2022 10:57:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     262182
IP address blocks:        89.32.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6d:a7:19:1f:d0:2d:0b:0f:da:1e:51:fc:d0:5b:7e:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
        Validity
            Not Before: Aug  5 10:57:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=225c0d5e507d9caff5f5880faafd712c8c21d7fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5a:41:ff:4f:01:c9:ed:34:93:c0:ca:e2:73:
                    30:da:02:c5:b0:09:a2:17:dc:02:5a:8b:bf:3f:bb:
                    a8:0c:5a:43:e4:ab:89:0a:26:fd:4c:60:6d:df:78:
                    dc:45:b7:f2:f6:57:92:d9:7d:e5:94:e2:f6:94:90:
                    b9:95:6d:40:ca:5d:4d:d3:7e:1e:cb:e5:88:ef:51:
                    58:bf:bd:32:8d:3e:a0:a9:69:5d:6d:b4:2e:b1:19:
                    40:d8:0f:aa:db:7d:ec:e4:3a:6d:82:be:c2:f9:32:
                    e9:f7:3f:3e:82:c4:13:09:01:61:92:2c:d4:81:18:
                    32:b5:2d:2d:19:58:5a:78:d6:84:ad:ea:69:4b:22:
                    40:e7:c5:37:76:84:65:26:3c:3c:98:64:2f:46:3a:
                    71:30:18:25:26:7e:29:c7:43:56:bb:15:1e:84:ce:
                    8b:4a:90:a9:6a:5e:c0:b6:10:83:8a:bd:10:67:1c:
                    bf:86:5d:b6:c7:54:db:4b:07:29:3e:b6:cf:9a:a9:
                    0a:f8:9f:7f:53:b6:82:08:3c:66:77:a7:43:ed:68:
                    0d:7d:92:59:a3:7b:14:8c:f9:5d:19:c0:74:63:55:
                    2b:05:2a:7c:49:c7:f6:bf:a8:a3:73:dd:15:84:fc:
                    f9:52:92:5e:e5:4b:0a:68:ee:38:04:4b:a1:65:82:
                    ad:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:5C:0D:5E:50:7D:9C:AF:F5:F5:88:0F:AA:FD:71:2C:8C:21:D7:FC
            X509v3 Authority Key Identifier:
                keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/IlwNXlB9nK_19YgPqv1xLIwh1_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.32.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:2a:ff:a8:6c:a5:16:6c:f6:64:fb:4a:4b:59:70:9d:2c:7f:
         a1:ae:f9:89:f2:ef:0d:a6:ab:b8:13:49:f0:d0:0f:3a:8e:8b:
         5a:27:60:89:da:5c:a3:7c:ae:89:02:f9:8e:0f:37:ef:d9:6d:
         c9:2c:11:f2:12:86:41:9c:f5:70:d2:66:db:b3:dc:ff:48:1e:
         eb:7a:d9:be:f3:b0:83:9f:7c:ca:3d:95:67:5f:ca:f1:ca:d8:
         1b:bf:07:64:db:61:54:ac:e3:77:52:f8:41:9a:6c:53:60:d7:
         86:6b:f4:3d:6f:20:5d:9b:fb:0f:a5:78:3d:0e:93:2c:f5:f2:
         f9:bb:89:a6:0e:d5:a1:77:6b:e8:de:07:d7:a5:d8:2b:c0:db:
         11:98:6b:bc:ed:64:ea:b4:49:64:76:e4:bf:fe:d7:b2:ce:a7:
         17:55:69:a3:14:96:d3:56:1a:54:e0:d5:d0:16:dd:ab:ba:70:
         00:b3:1f:bf:02:65:31:b8:57:e5:bf:52:13:c4:e8:04:2c:f7:
         9b:5b:81:61:ad:23:a7:ca:2b:5d:2f:c5:20:3b:c1:11:90:4b:
         ac:66:e9:6d:6f:a2:e0:8c:3d:a3:c2:0c:5e:78:c5:d9:8b:84:
         e5:51:05:d6:f2:83:87:2a:35:1e:16:ab:0b:68:c8:00:36:84:
         d6:c7:e8:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJtpxkf0C0LD9oeUfzQW35VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTA1YmMyMWIyYTZmMTAzMzcxMWZmY2E2NDkxYzZjMzBj
ZTVhNGEwHhcNMjIwODA1MTA1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVjMGQ1ZTUwN2Q5Y2FmZjVmNTg4MGZhYWZkNzEyYzhjMjFkN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFpB/08Bye00k8DK4nMw2gLFsAmi
F9wCWou/P7uoDFpD5KuJCib9TGBt33jcRbfy9leS2X3llOL2lJC5lW1Ayl1N034e
y+WI71FYv70yjT6gqWldbbQusRlA2A+q233s5Dptgr7C+TLp9z8+gsQTCQFhkizU
gRgytS0tGVhaeNaEreppSyJA58U3doRlJjw8mGQvRjpxMBglJn4px0NWuxUehM6L
SpCpal7AthCDir0QZxy/hl22x1TbSwcpPrbPmqkK+J9/U7aCCDxmd6dD7WgNfZJZ
o3sUjPldGcB0Y1UrBSp8Scf2v6ijc90VhPz5UpJe5UsKaO44BEuhZYKttwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJcDV5QfZyv9fWID6r9cSyMIdf8MB8GA1UdIwQY
MBaAFHXgW8IbKm8QM3Ef/KZJHGwwzlpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDct
ZDQ1YWI3ZGYyZGUxLzEvSWx3TlhsQjluS18xOVlnUHF2MXhMSXdoMV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDctZDQ1YWI3ZGYyZGUx
LzEvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSCyMA0G
CSqGSIb3DQEBCwUAA4IBAQCRKv+obKUWbPZk+0pLWXCdLH+hrvmJ8u8Npqu4E0nw
0A86jotaJ2CJ2lyjfK6JAvmODzfv2W3JLBHyEoZBnPVw0mbbs9z/SB7retm+87CD
n3zKPZVnX8rxytgbvwdk22FUrON3UvhBmmxTYNeGa/Q9byBdm/sPpXg9DpMs9fL5
u4mmDtWhd2vo3gfXpdgrwNsRmGu87WTqtElkduS//teyzqcXVWmjFJbTVhpU4NXQ
Ft2runAAsx+/AmUxuFflv1ITxOgELPebW4FhrSOnyitdL8UgO8ERkEusZultb6Lg
jD2jwgxeeMXZi4TlUQXW8oOHKjUeFqsLaMgANoTWx+hs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:05 2024 by rpki-client on console-fra.rpki-client.org