Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/PpNZeQ6Soxwp-ynHPy9sdy8Oa80.roa
File:                     PpNZeQ6Soxwp-ynHPy9sdy8Oa80.roa (raw, json)
Hash identifier:          HWqfzg0kB+pvFQGU/OeATX97+zNQqcQrQ/a9nRxVKs8=
Subject key identifier:   3E:93:59:79:0E:92:A3:1C:29:FB:29:C7:3F:2F:6C:77:2F:0E:6B:CD
Certificate issuer:       /CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Certificate serial:       10153483
Authority key identifier: 9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/PpNZeQ6Soxwp-ynHPy9sdy8Oa80.roa
Signing time:             Sat 01 Jan 2022 00:54:03 +0000
ROA not before:           Sat 01 Jan 2022 00:54:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206678
IP address blocks:        185.181.231.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 269825155 (0x10153483)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
        Validity
            Not Before: Jan  1 00:54:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e9359790e92a31c29fb29c73f2f6c772f0e6bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e3:58:4f:71:c8:57:75:8a:c5:b6:3c:8a:47:
                    40:b3:05:47:b9:5a:9c:dd:d3:e3:51:d3:c3:98:42:
                    3b:db:c5:29:97:40:39:fc:a0:1d:45:a4:b5:fe:ac:
                    53:54:23:41:c8:21:0f:ee:59:2d:b5:0a:5d:3e:99:
                    19:e4:6d:b3:0d:fe:ff:09:32:37:81:48:04:ca:f4:
                    51:cc:ad:33:0d:64:97:db:ae:ff:3e:e7:5a:e9:de:
                    29:80:e3:a0:71:13:1c:c4:87:d5:31:8d:58:e1:35:
                    f8:0e:f8:6c:3c:0d:5c:41:e8:0f:a9:60:12:c8:a8:
                    8b:1c:a9:9e:8c:7a:a4:9c:83:ea:ce:01:d5:0d:58:
                    a7:f5:14:52:9a:e9:59:da:61:98:99:90:50:fc:51:
                    53:c8:ef:0e:dd:d9:dd:b4:72:1b:78:f6:69:a1:e9:
                    50:01:eb:c0:f8:53:a5:20:ed:bb:3e:5a:c1:ec:05:
                    4a:bc:12:dc:1e:46:4e:86:a9:00:fb:34:77:da:31:
                    ae:67:f4:ca:8c:9c:e8:da:77:cc:f6:54:51:ed:3d:
                    8a:2c:9f:9d:bc:35:80:7a:6a:f2:3b:c2:c3:0b:38:
                    6c:f1:7c:0b:9f:98:c7:bb:75:a0:61:35:3b:c0:3c:
                    25:de:32:36:51:0e:19:2a:f2:91:71:60:1e:18:83:
                    6a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:93:59:79:0E:92:A3:1C:29:FB:29:C7:3F:2F:6C:77:2F:0E:6B:CD
            X509v3 Authority Key Identifier:
                keyid:9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/PpNZeQ6Soxwp-ynHPy9sdy8Oa80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.181.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:30:7d:fd:69:cb:2f:f1:d8:26:b2:c4:70:f0:32:44:c0:2c:
         fe:57:10:75:77:c8:8c:f3:af:60:2f:24:a3:95:f4:5d:41:dc:
         7a:60:a1:0d:37:5e:ca:a2:d4:1a:f7:da:e8:a6:f1:c9:77:e5:
         30:22:41:04:8f:22:ec:16:ed:b5:95:15:53:21:4b:ec:bf:26:
         9e:ca:81:57:6a:63:e3:4e:0d:26:61:49:41:63:84:53:e8:8a:
         6d:e1:98:69:4c:21:3d:c2:f9:fa:d9:bd:c7:d4:fa:94:c1:dc:
         34:3c:d4:ba:1b:7f:dc:20:c2:5a:96:16:41:9b:2a:ed:6c:64:
         a9:ae:07:d4:4b:ac:e1:fd:49:17:01:da:e3:2b:0b:79:61:8f:
         74:fc:49:9d:a1:c7:dc:22:f9:17:a6:ef:53:c9:f6:04:28:f0:
         3b:36:ac:fc:c8:89:98:af:5e:63:f8:4f:33:c3:42:2e:c7:b3:
         7c:8f:a0:e3:e7:9c:bc:c9:2e:67:9e:59:9b:63:7b:1e:57:8f:
         86:a9:14:6d:57:b9:06:ae:e1:4d:b6:8d:61:08:b5:77:8e:99:
         17:b2:42:8c:29:cb:13:0a:11:3a:1b:25:2d:f8:94:da:ba:b2:
         6e:f8:a9:98:43:c2:9e:48:d6:1b:41:f6:71:63:a7:a1:a7:e9:
         49:87:e2:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEBU0gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjNmMjlmZjllYTcxYjNjM2RjMWY1YWYwNTRiNDE2NDdjOTFhZjk4MB4XDTIyMDEw
MTAwNTQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U5MzU5NzkwZTky
YTMxYzI5ZmIyOWM3M2YyZjZjNzcyZjBlNmJjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLjWE9xyFd1isW2PIpHQLMFR7lanN3T41HTw5hCO9vFKZdA
OfygHUWktf6sU1QjQcghD+5ZLbUKXT6ZGeRtsw3+/wkyN4FIBMr0UcytMw1kl9uu
/z7nWuneKYDjoHETHMSH1TGNWOE1+A74bDwNXEHoD6lgEsioixypnox6pJyD6s4B
1Q1Yp/UUUprpWdphmJmQUPxRU8jvDt3Z3bRyG3j2aaHpUAHrwPhTpSDtuz5awewF
SrwS3B5GToapAPs0d9oxrmf0yoyc6Np3zPZUUe09iiyfnbw1gHpq8jvCwws4bPF8
C5+Yx7t1oGE1O8A8Jd4yNlEOGSrykXFgHhiDahkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+k1l5DpKjHCn7Kcc/L2x3Lw5rzTAfBgNVHSMEGDAWgBSbPyn/nqcbPD3B
9a8FS0FkfJGvmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L216OHBfNTZuR3p3OXdmV3ZCVXRCWkh5UnI1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvMWFhMmQ4LTYxMDYtNDgwOC04Yzk3LWY0NjIyNGIwZDE2MS8x
L1BwTlplUTZTb3h3cC15bkhQeTlzZHk4T2E4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
MWFhMmQ4LTYxMDYtNDgwOC04Yzk3LWY0NjIyNGIwZDE2MS8xL216OHBfNTZuR3p3
OXdmV3ZCVXRCWkh5UnI1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm15zANBgkqhkiG9w0BAQsFAAOC
AQEALTB9/WnLL/HYJrLEcPAyRMAs/lcQdXfIjPOvYC8ko5X0XUHcemChDTdeyqLU
Gvfa6KbxyXflMCJBBI8i7BbttZUVUyFL7L8mnsqBV2pj404NJmFJQWOEU+iKbeGY
aUwhPcL5+tm9x9T6lMHcNDzUuht/3CDCWpYWQZsq7Wxkqa4H1Eus4f1JFwHa4ysL
eWGPdPxJnaHH3CL5F6bvU8n2BCjwOzas/MiJmK9eY/hPM8NCLsezfI+g4+ecvMku
Z55Zm2N7HlePhqkUbVe5Bq7hTbaNYQi1d46ZF7JCjCnLEwoROhslLfiU2rqybvip
mEPCnkjWG0H2cWOnoafpSYfiHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:35 2024 by rpki-client on console-ams.rpki-client.org