Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/lEAIfoz6tOWJFvP9zGUGTkyCTvM.roa
File:                     lEAIfoz6tOWJFvP9zGUGTkyCTvM.roa (raw, json)
Hash identifier:          bnJPuOOavhbFAENB2G2aeApWQ0qi0x7pN2SX6CKq8N4=
Subject key identifier:   94:40:08:7E:8C:FA:B4:E5:89:16:F3:FD:CC:65:06:4E:4C:82:4E:F3
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       01FDF62D
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/lEAIfoz6tOWJFvP9zGUGTkyCTvM.roa
Signing time:             Sat 01 Jan 2022 06:03:00 +0000
ROA not before:           Sat 01 Jan 2022 06:03:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     139660
IP address blocks:        185.228.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33420845 (0x1fdf62d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Jan  1 06:03:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9440087e8cfab4e58916f3fdcc65064e4c824ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:28:3e:52:9f:f9:94:1b:9e:4f:a6:c4:1f:9c:
                    e8:09:09:18:ab:fb:67:0d:49:91:fb:11:76:4b:e5:
                    1e:89:a8:e4:92:91:50:38:67:6d:26:a9:43:1a:ce:
                    bb:66:7c:6f:e1:e3:60:3d:f1:cd:c3:5f:ba:fb:bc:
                    ec:2b:eb:78:f1:9b:0b:14:f2:19:67:14:9f:eb:4a:
                    46:bc:b5:bd:d2:a6:36:24:e3:e4:c5:5f:1c:a9:88:
                    99:7b:8e:6a:f0:73:b3:b7:e4:51:4d:b4:b1:c7:e2:
                    e4:c3:f0:73:c2:5c:61:f1:92:8d:d5:7d:42:39:8d:
                    78:d0:0d:3e:74:d2:a2:bd:5d:08:ff:26:97:5f:f7:
                    6a:97:98:8f:04:c3:53:1c:61:cb:01:02:29:6d:d1:
                    8e:55:1d:12:f5:ea:99:81:d7:ee:a8:68:76:fd:a5:
                    85:f8:92:a3:ca:70:54:ad:33:8e:c2:23:85:31:65:
                    21:e4:44:2f:d9:74:92:a1:94:1e:b6:5b:43:15:f3:
                    b5:84:ac:5d:c1:a1:6d:fe:08:b2:de:09:fc:9f:7a:
                    40:18:aa:af:1d:80:40:5c:b1:4e:03:84:a2:20:5a:
                    e5:4f:0a:c6:0b:25:bb:e6:93:3e:6f:69:3c:4a:4d:
                    08:f4:86:48:30:13:9a:29:59:5c:66:b0:8e:0c:25:
                    12:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:40:08:7E:8C:FA:B4:E5:89:16:F3:FD:CC:65:06:4E:4C:82:4E:F3
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/lEAIfoz6tOWJFvP9zGUGTkyCTvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:13:0b:26:d4:b2:d8:90:50:e0:ac:7e:19:ee:fd:9f:9e:2f:
         3f:41:3e:61:3e:0f:0c:8f:90:73:eb:b8:fa:fb:14:d3:4d:43:
         42:ff:91:aa:f9:d3:3f:ec:8d:5a:35:4b:ae:a7:91:3f:f5:2a:
         28:00:8f:aa:37:59:8e:47:c5:88:39:bb:5f:ee:2b:7a:13:f0:
         8b:f2:03:b0:32:d9:e4:76:9f:b1:9e:2c:30:99:cd:ee:69:26:
         db:4d:51:01:82:b2:ed:f0:f2:dd:fb:e9:d4:76:ac:a5:ab:d9:
         e9:e6:06:0d:0f:97:a8:cc:f1:2d:2b:75:8e:86:3b:0d:84:f3:
         3b:71:67:74:a3:c5:db:89:dd:99:c8:35:0e:dc:00:54:33:6e:
         68:6c:22:b6:0a:24:e8:32:2c:dc:e5:23:14:25:cf:dd:1a:16:
         87:7a:b4:c1:b0:26:05:53:0f:19:b2:99:d7:14:57:89:d6:8e:
         05:b6:bd:74:5e:a5:53:39:b8:cd:78:73:9e:7a:9d:57:23:0c:
         88:0b:a4:00:6b:a3:2a:45:9d:01:fe:5c:17:f7:7d:3f:6a:95:
         62:87:fc:07:92:04:24:b9:4f:d0:26:ab:f9:ec:7c:14:c0:ea:
         1e:9c:b3:7c:df:aa:68:74:d6:3e:d7:c2:63:ea:c6:f0:2e:70:
         c1:95:89:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAf32LTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWM2MzczZWFiMTljZjQzZGQyZjQzMTExMzk4MzgzZWUyYmFkMDMwMB4XDTIyMDEw
MTA2MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ0MDA4N2U4Y2Zh
YjRlNTg5MTZmM2ZkY2M2NTA2NGU0YzgyNGVmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkoPlKf+ZQbnk+mxB+c6AkJGKv7Zw1JkfsRdkvlHomo5JKR
UDhnbSapQxrOu2Z8b+HjYD3xzcNfuvu87CvrePGbCxTyGWcUn+tKRry1vdKmNiTj
5MVfHKmImXuOavBzs7fkUU20scfi5MPwc8JcYfGSjdV9QjmNeNANPnTSor1dCP8m
l1/3apeYjwTDUxxhywECKW3RjlUdEvXqmYHX7qhodv2lhfiSo8pwVK0zjsIjhTFl
IeREL9l0kqGUHrZbQxXztYSsXcGhbf4Ist4J/J96QBiqrx2AQFyxTgOEoiBa5U8K
xgslu+aTPm9pPEpNCPSGSDATmilZXGawjgwlEr8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUQAh+jPq05YkW8/3MZQZOTIJO8zAfBgNVHSMEGDAWgBSlxjc+qxnPQ90v
QxETmDg+4rrQMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BjWTNQcXNaejBQZEwwTVJFNWc0UHVLNjBEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8x
L2xFQUlmb3o2dE9XSkZ2UDl6R1VHVGt5Q1R2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
ZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8xL3BjWTNQcXNaejBQ
ZEwwTVJFNWc0UHVLNjBEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnkATANBgkqhkiG9w0BAQsFAAOC
AQEASRMLJtSy2JBQ4Kx+Ge79n54vP0E+YT4PDI+Qc+u4+vsU001DQv+RqvnTP+yN
WjVLrqeRP/UqKACPqjdZjkfFiDm7X+4rehPwi/IDsDLZ5HafsZ4sMJnN7mkm201R
AYKy7fDy3fvp1HaspavZ6eYGDQ+XqMzxLSt1joY7DYTzO3FndKPF24ndmcg1DtwA
VDNuaGwitgok6DIs3OUjFCXP3RoWh3q0wbAmBVMPGbKZ1xRXidaOBba9dF6lUzm4
zXhznnqdVyMMiAukAGujKkWdAf5cF/d9P2qVYof8B5IEJLlP0Car+ex8FMDqHpyz
fN+qaHTWPtfCY+rG8C5wwZWJSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:14 2024 by rpki-client on console-fra.rpki-client.org