Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/t2MnvgG7rUDEY4wJF5LT26awUf8.roa
File:                     t2MnvgG7rUDEY4wJF5LT26awUf8.roa (raw, json)
Hash identifier:          czXciPh/uQYp2GsmEUrq2PBJxSoKAJd5gp4C/LpUmrw=
Subject key identifier:   B7:63:27:BE:01:BB:AD:40:C4:63:8C:09:17:92:D3:DB:A6:B0:51:FF
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       01FBA753
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/t2MnvgG7rUDEY4wJF5LT26awUf8.roa
Signing time:             Sat 01 Jan 2022 06:02:58 +0000
ROA not before:           Sat 01 Jan 2022 06:02:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        185.228.1.0/24 maxlen: 24
                          185.228.2.0/24 maxlen: 24
                          185.228.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33269587 (0x1fba753)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Jan  1 06:02:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b76327be01bbad40c4638c091792d3dba6b051ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f5:0f:01:36:dc:e9:5d:08:bd:34:dc:45:28:
                    59:9f:67:74:a7:eb:17:81:47:16:9c:bc:9d:e5:9f:
                    45:9a:53:30:ee:d8:1f:f5:e5:d4:0f:60:87:14:28:
                    c7:c0:83:77:a9:f4:20:3f:24:26:ba:76:ce:96:a3:
                    5a:b7:e0:44:50:ad:9b:d8:10:56:05:c1:9b:04:62:
                    fe:32:dd:dc:7d:12:76:85:e0:a3:ce:80:c7:ba:6f:
                    65:f1:3f:f8:46:f6:9b:c1:8b:98:25:de:7c:3b:5c:
                    31:70:d9:53:54:0a:74:31:a9:84:82:39:16:ea:52:
                    d7:1a:33:65:e2:2a:37:97:38:6e:b7:e4:c9:6e:61:
                    e3:c5:3d:dc:a4:1d:5a:44:f7:86:7d:fb:70:2f:72:
                    10:86:ce:6a:33:7f:27:ad:eb:94:06:ee:c8:fd:72:
                    63:e6:46:3e:a4:70:42:7d:fd:5b:f5:5e:bc:12:59:
                    0e:4d:44:91:c4:af:75:90:54:5c:d9:e7:8b:5c:c5:
                    67:37:5a:8a:88:c3:bf:2e:20:e1:22:20:86:1f:44:
                    4f:3d:ab:d6:be:10:0c:55:49:78:c8:26:1e:ba:a6:
                    cc:fa:0d:91:93:c4:bc:07:65:4d:d3:50:e7:d9:a7:
                    b8:51:05:c9:b7:b1:df:b2:04:2c:72:bf:2e:03:ec:
                    c1:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:63:27:BE:01:BB:AD:40:C4:63:8C:09:17:92:D3:DB:A6:B0:51:FF
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/t2MnvgG7rUDEY4wJF5LT26awUf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.1.0-185.228.3.255

    Signature Algorithm: sha256WithRSAEncryption
         1b:dd:fb:69:aa:e8:bd:b7:b7:16:2b:39:87:ec:3d:eb:1f:e3:
         0c:cb:cc:8a:c6:e8:e2:98:55:5e:00:59:11:fb:af:d3:80:fc:
         67:32:e2:df:b3:eb:e8:aa:a8:8e:e3:2f:13:f6:47:f1:11:bb:
         b3:f5:37:4b:77:d4:0b:ad:d4:b9:63:6f:43:5c:69:f8:6b:4e:
         7a:fa:ec:24:99:82:52:73:eb:0b:7d:e2:c2:46:e0:b3:66:74:
         db:8c:13:09:6a:7f:2e:a6:dd:ad:46:51:0d:15:8b:dd:e3:f7:
         74:85:a6:ce:07:cc:ab:6d:c8:2e:32:e6:af:ff:4b:fe:34:f4:
         64:0a:44:23:97:71:81:b1:d7:90:cf:e7:fa:7f:5d:2f:3c:c9:
         52:25:2d:47:73:71:3f:d0:e7:68:f1:3d:24:43:82:14:c8:d3:
         59:7f:0f:aa:3f:3d:65:3e:a9:90:45:a5:55:63:f9:fe:c3:d4:
         0e:8b:30:28:53:33:b7:18:1f:d8:42:9f:30:b2:14:45:18:98:
         01:8a:c6:44:7c:97:21:d8:47:f1:58:de:a8:ac:f2:ed:d5:2c:
         db:84:3b:cc:bb:a3:0a:ea:c4:18:49:39:3b:5f:cb:d7:8a:11:
         c6:26:46:18:e7:7b:06:8c:08:ec:03:6c:21:b2:cc:e4:27:17:
         64:44:85:a0
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAfunUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWM2MzczZWFiMTljZjQzZGQyZjQzMTExMzk4MzgzZWUyYmFkMDMwMB4XDTIyMDEw
MTA2MDI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc2MzI3YmUwMWJi
YWQ0MGM0NjM4YzA5MTc5MmQzZGJhNmIwNTFmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALn1DwE23OldCL003EUoWZ9ndKfrF4FHFpy8neWfRZpTMO7Y
H/Xl1A9ghxQox8CDd6n0ID8kJrp2zpajWrfgRFCtm9gQVgXBmwRi/jLd3H0SdoXg
o86Ax7pvZfE/+Eb2m8GLmCXefDtcMXDZU1QKdDGphII5FupS1xozZeIqN5c4brfk
yW5h48U93KQdWkT3hn37cC9yEIbOajN/J63rlAbuyP1yY+ZGPqRwQn39W/VevBJZ
Dk1EkcSvdZBUXNnni1zFZzdaiojDvy4g4SIghh9ETz2r1r4QDFVJeMgmHrqmzPoN
kZPEvAdlTdNQ59mnuFEFybex37IELHK/LgPswYECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS3Yye+AbutQMRjjAkXktPbprBR/zAfBgNVHSMEGDAWgBSlxjc+qxnPQ90v
QxETmDg+4rrQMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BjWTNQcXNaejBQZEwwTVJFNWc0UHVLNjBEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8x
L3QyTW52Z0c3clVERVk0d0pGNUxUMjZhd1VmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
ZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8xL3BjWTNQcXNaejBQ
ZEwwTVJFNWc0UHVLNjBEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAueQBAwQCueQAMA0GCSqGSIb3
DQEBCwUAA4IBAQAb3ftpqui9t7cWKzmH7D3rH+MMy8yKxujimFVeAFkR+6/TgPxn
MuLfs+voqqiO4y8T9kfxEbuz9TdLd9QLrdS5Y29DXGn4a056+uwkmYJSc+sLfeLC
RuCzZnTbjBMJan8upt2tRlENFYvd4/d0habOB8yrbcguMuav/0v+NPRkCkQjl3GB
sdeQz+f6f10vPMlSJS1Hc3E/0Odo8T0kQ4IUyNNZfw+qPz1lPqmQRaVVY/n+w9QO
izAoUzO3GB/YQp8wshRFGJgBisZEfJch2EfxWN6orPLt1SzbhDvMu6MK6sQYSTk7
X8vXihHGJkYY53sGjAjsA2whsszkJxdkRIWg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:12 2024 by rpki-client on console-ams.rpki-client.org