Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/W8d5NeShzhw_jjS_1T1SjgXmu1k.roa
File:                     W8d5NeShzhw_jjS_1T1SjgXmu1k.roa (raw, json)
Hash identifier:          Mws4xa7jTbj3jrSsU4QnxgYZuQiYK7JLaYUB1LCV3Vc=
Subject key identifier:   5B:C7:79:35:E4:A1:CE:1C:3F:8E:34:BF:D5:3D:52:8E:05:E6:BB:59
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0182438F56009B1E9B5E88CF501B208CC275
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/W8d5NeShzhw_jjS_1T1SjgXmu1k.roa
Signing time:             Thu 28 Jul 2022 06:47:23 +0000
ROA not before:           Thu 28 Jul 2022 06:47:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24875
IP address blocks:        185.53.210.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:43:8f:56:00:9b:1e:9b:5e:88:cf:50:1b:20:8c:c2:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Jul 28 06:47:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5bc77935e4a1ce1c3f8e34bfd53d528e05e6bb59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:99:d3:e1:74:ce:90:9f:af:de:af:18:cd:ac:
                    e8:7b:26:e8:55:8f:dc:4b:8a:6f:88:e7:72:2e:2a:
                    c2:d2:c3:47:94:93:c5:9e:be:b5:95:55:c6:2f:c7:
                    2e:ad:fe:f4:33:9b:0a:b1:6f:69:15:19:9e:da:60:
                    95:4a:de:76:25:b0:79:65:97:c4:c0:86:eb:c9:5b:
                    59:e2:8b:8e:13:52:5c:43:73:bc:5e:23:bf:ef:c7:
                    2c:12:47:e7:9b:b2:b7:32:e3:3b:1d:7b:86:d5:88:
                    0e:26:32:69:26:de:6f:8d:28:37:a5:39:c3:9b:cc:
                    51:fa:92:00:f6:f8:c1:18:32:85:2f:82:33:79:28:
                    ed:48:0f:cb:b8:00:b9:e9:a1:da:bd:fe:3d:49:4b:
                    e7:be:88:25:c4:f6:11:e4:a9:70:77:16:61:9e:44:
                    a6:9e:1e:68:43:84:f0:b8:ac:29:30:66:00:e6:0d:
                    56:d5:f1:af:41:9a:23:bb:8e:59:a0:ef:88:4d:c8:
                    20:7e:4c:f6:54:de:04:be:55:82:11:4e:92:8f:0c:
                    e3:6d:d0:5b:87:df:5b:ad:ea:f0:e0:f4:f5:70:b6:
                    27:0a:43:39:ef:77:f7:21:1d:76:01:24:92:73:a4:
                    92:f1:09:e2:58:2a:64:0d:3c:d2:eb:8d:5a:1a:0c:
                    d4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:C7:79:35:E4:A1:CE:1C:3F:8E:34:BF:D5:3D:52:8E:05:E6:BB:59
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/W8d5NeShzhw_jjS_1T1SjgXmu1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.53.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:36:98:ce:c1:67:73:56:ad:10:fc:ad:d0:fa:4c:19:1d:a9:
         ad:68:ac:8d:35:7c:67:92:54:82:67:15:d4:46:85:df:94:42:
         ec:13:dc:51:cf:07:ab:8d:a9:f8:61:c5:ab:73:f3:1a:bf:35:
         0b:1e:64:35:87:a6:c7:7f:a7:5b:a6:c0:40:b4:c8:fb:a5:fe:
         bf:58:03:93:f9:2f:3a:2f:e8:88:5e:83:f9:d0:72:11:de:9b:
         2c:bc:d1:7e:6e:a1:02:43:75:5f:3f:6a:e1:69:74:21:af:66:
         49:8c:e6:dd:b7:85:8f:c9:90:f7:57:e2:52:b2:86:8a:dc:c7:
         6a:80:af:ed:fa:32:d7:1b:cb:5f:e0:95:c9:2a:38:fe:64:6c:
         bd:63:9a:48:0e:c8:df:38:ec:b5:d3:34:06:b1:87:e1:70:b4:
         27:5b:34:78:c0:58:c2:26:f2:fb:62:82:26:2d:76:df:07:b5:
         f0:ae:2d:be:71:6f:a3:9b:ba:a6:24:f1:b8:16:79:09:6f:45:
         8e:5c:e5:fe:35:3b:7c:05:db:85:c1:e8:07:3d:b3:17:a8:12:
         6f:7c:04:79:a1:9e:b9:a8:a9:fe:b6:48:80:52:f1:64:1d:ed:
         91:d9:12:01:68:54:bb:95:f5:ff:5e:b8:24:79:bc:9c:c6:2a:
         35:f2:bc:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJDj1YAmx6bXojPUBsgjMJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIwNzI4MDY0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM3NzkzNWU0YTFjZTFjM2Y4ZTM0YmZkNTNkNTI4ZTA1ZTZiYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZnT4XTOkJ+v3q8YzazoeyboVY/c
S4pviOdyLirC0sNHlJPFnr61lVXGL8curf70M5sKsW9pFRme2mCVSt52JbB5ZZfE
wIbryVtZ4ouOE1JcQ3O8XiO/78csEkfnm7K3MuM7HXuG1YgOJjJpJt5vjSg3pTnD
m8xR+pIA9vjBGDKFL4IzeSjtSA/LuAC56aHavf49SUvnvoglxPYR5KlwdxZhnkSm
nh5oQ4TwuKwpMGYA5g1W1fGvQZoju45ZoO+ITcggfkz2VN4EvlWCEU6SjwzjbdBb
h99brerw4PT1cLYnCkM573f3IR12ASSSc6SS8QniWCpkDTzS641aGgzUfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvHeTXkoc4cP440v9U9Uo4F5rtZMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvVzhkNU5lU2h6aHdfampTXzFUMVNqZ1htdTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTXSMA0G
CSqGSIb3DQEBCwUAA4IBAQAsNpjOwWdzVq0Q/K3Q+kwZHamtaKyNNXxnklSCZxXU
RoXflELsE9xRzwerjan4YcWrc/MavzULHmQ1h6bHf6dbpsBAtMj7pf6/WAOT+S86
L+iIXoP50HIR3pssvNF+bqECQ3VfP2rhaXQhr2ZJjObdt4WPyZD3V+JSsoaK3Mdq
gK/t+jLXG8tf4JXJKjj+ZGy9Y5pIDsjfOOy10zQGsYfhcLQnWzR4wFjCJvL7YoIm
LXbfB7Xwri2+cW+jm7qmJPG4FnkJb0WOXOX+NTt8BduFwegHPbMXqBJvfAR5oZ65
qKn+tkiAUvFkHe2R2RIBaFS7lfX/Xrgkebycxio18rzx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:36 2024 by rpki-client on console-ams.rpki-client.org