Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ngLl-_rwKZHxlF7yGRGCBfIBc8Q.roa
File:                     ngLl-_rwKZHxlF7yGRGCBfIBc8Q.roa (raw, json)
Hash identifier:          1LDSot54k9V+wojPH/BpsLQN2u6WlhU7ybpDfsDoMtg=
Subject key identifier:   9E:02:E5:FB:FA:F0:29:91:F1:94:5E:F2:19:11:82:05:F2:01:73:C4
Certificate issuer:       /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial:       131A8319
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ngLl-_rwKZHxlF7yGRGCBfIBc8Q.roa
Signing time:             Sun 01 May 2022 05:08:19 +0000
ROA not before:           Sun 01 May 2022 05:08:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48359
IP address blocks:        185.129.201.0/24 maxlen: 24
                          185.129.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320504601 (0x131a8319)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
        Validity
            Not Before: May  1 05:08:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e02e5fbfaf02991f1945ef219118205f20173c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9c:3a:7b:ed:d9:ab:d8:7b:23:5e:44:11:8a:
                    de:a7:7e:64:db:6f:46:9f:e6:96:87:bd:44:5a:e2:
                    cb:b0:a1:12:80:23:11:a8:72:c9:d5:97:4f:9b:45:
                    7b:e4:3c:dc:50:11:be:08:ab:a8:24:47:91:24:60:
                    24:fb:4b:ad:16:94:0e:8e:80:a3:73:e0:99:7b:5f:
                    9a:c1:9b:4c:80:70:aa:f7:3b:41:b4:83:85:3f:18:
                    fa:3d:2e:12:03:55:fb:cf:75:28:2e:9d:c7:0b:a6:
                    b9:c2:5e:f2:1a:53:6c:d7:9f:5a:39:d8:41:dd:34:
                    f5:86:e1:49:80:37:26:f4:63:d9:3d:e5:23:77:ca:
                    a7:f2:20:2a:0f:38:60:6b:3d:cd:4b:0a:5f:0b:80:
                    37:c2:2f:a9:e3:93:94:38:58:f7:13:c9:45:64:77:
                    d4:88:f0:36:97:d1:da:3c:83:d9:aa:8e:bd:80:c1:
                    00:20:ea:75:8c:cb:78:db:df:1f:a1:ff:c2:f4:0f:
                    b1:6e:ff:91:02:97:eb:aa:b5:40:33:98:b8:7a:5d:
                    09:f5:91:45:db:20:c8:8f:42:25:f3:ff:19:06:af:
                    c7:b2:be:a9:de:25:5a:81:21:5c:87:15:3d:64:db:
                    f5:0a:20:83:66:3b:ad:d9:4d:8a:18:fe:e2:f6:60:
                    07:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:02:E5:FB:FA:F0:29:91:F1:94:5E:F2:19:11:82:05:F2:01:73:C4
            X509v3 Authority Key Identifier:
                keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ngLl-_rwKZHxlF7yGRGCBfIBc8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.201.0/24
                  185.129.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:a1:2b:a1:96:7a:6b:b1:5e:71:a5:94:fe:60:67:33:12:e4:
         ce:d6:b8:f6:9d:1f:e1:87:6d:a0:0d:ff:2e:1f:1a:98:13:54:
         8a:90:f6:83:bd:99:d0:cc:f2:70:6b:d4:3b:5d:22:30:39:03:
         f6:33:c6:02:0c:f1:c5:80:62:69:e3:77:9d:42:ff:72:58:b2:
         00:af:b4:a1:ba:54:b8:3a:e6:7d:0f:3a:1d:ea:6b:68:96:bc:
         af:4a:cc:bd:60:a5:d4:7e:c2:59:21:fd:63:c4:0a:ce:13:57:
         a1:f5:20:8d:99:c8:2b:2f:a6:a9:79:d1:e5:5f:7b:fe:7c:7b:
         43:de:50:09:8f:ea:d0:ca:89:c7:84:b8:72:c1:e9:97:6d:ae:
         b4:0c:af:02:6b:bc:4a:f2:53:70:67:24:77:87:50:62:66:5f:
         42:7a:24:55:4f:cc:96:19:ff:20:4a:79:12:ef:8f:0c:e3:cf:
         19:8b:e1:24:dd:69:5a:43:97:bf:27:25:71:bb:60:71:7b:72:
         9a:44:49:f2:4d:fc:af:d8:be:c7:09:fe:91:e5:a9:48:41:8d:
         d0:68:b3:cf:7c:43:22:68:93:49:9f:30:3e:53:d7:0b:2b:1b:
         16:55:ae:9e:16:dc:47:d8:a1:45:d9:1b:37:7e:81:d8:0c:36:
         6d:d2:bf:1e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEExqDGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmJkNTEyNzIwNjRiNjNiMmM2NjNjMDI5NmJhMTFkYjVlYTIzOGMwMB4XDTIyMDUw
MTA1MDgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUwMmU1ZmJmYWYw
Mjk5MWYxOTQ1ZWYyMTkxMTgyMDVmMjAxNzNjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMycOnvt2avYeyNeRBGK3qd+ZNtvRp/mloe9RFriy7ChEoAj
EahyydWXT5tFe+Q83FARvgirqCRHkSRgJPtLrRaUDo6Ao3PgmXtfmsGbTIBwqvc7
QbSDhT8Y+j0uEgNV+891KC6dxwumucJe8hpTbNefWjnYQd009YbhSYA3JvRj2T3l
I3fKp/IgKg84YGs9zUsKXwuAN8IvqeOTlDhY9xPJRWR31IjwNpfR2jyD2aqOvYDB
ACDqdYzLeNvfH6H/wvQPsW7/kQKX66q1QDOYuHpdCfWRRdsgyI9CJfP/GQavx7K+
qd4lWoEhXIcVPWTb9Qogg2Y7rdlNihj+4vZgB70CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSeAuX7+vApkfGUXvIZEYIF8gFzxDAfBgNVHSMEGDAWgBR7vVEnIGS2Oyxm
PAKWuhHbXqI4wDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U3MVJKeUJrdGpzc1pqd0Nscm9SMjE2aU9NQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYjgyYTA2LWFiMGQtNGFkZi04YTg1LTk3YzlhYWI4MjhmMi8x
L25nTGwtX3J3S1pIeGxGN3lHUkdDQmZJQmM4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YjgyYTA2LWFiMGQtNGFkZi04YTg1LTk3YzlhYWI4MjhmMi8xL2U3MVJKeUJrdGpz
c1pqd0Nscm9SMjE2aU9NQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmByQMEALmB1DANBgkqhkiG9w0B
AQsFAAOCAQEAg6EroZZ6a7FecaWU/mBnMxLkzta49p0f4YdtoA3/Lh8amBNUipD2
g72Z0MzycGvUO10iMDkD9jPGAgzxxYBiaeN3nUL/cliyAK+0obpUuDrmfQ86Hepr
aJa8r0rMvWCl1H7CWSH9Y8QKzhNXofUgjZnIKy+mqXnR5V97/nx7Q95QCY/q0MqJ
x4S4csHpl22utAyvAmu8SvJTcGckd4dQYmZfQnokVU/Mlhn/IEp5Eu+PDOPPGYvh
JN1pWkOXvyclcbtgcXtymkRJ8k38r9i+xwn+keWpSEGN0Gizz3xDImiTSZ8wPlPX
CysbFlWunhbcR9ihRdkbN36B2Aw2bdK/Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org