Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa
File:                     YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa (raw, json)
Hash identifier:          CJ8MEHtetV4YUASmoM/ipOvDJSUdouxcihGYv6k0iwA=
Subject key identifier:   60:60:DF:AB:5A:F6:14:F2:DD:A7:E3:38:A7:FB:DA:14:9A:A6:F9:D0
Certificate issuer:       /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial:       33FC59CB
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa
Signing time:             Sat 01 Jan 2022 13:59:50 +0000
ROA not before:           Sat 01 Jan 2022 13:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25091
IP address blocks:        46.20.240.0/20 maxlen: 24
                          185.60.52.0/22 maxlen: 24
                          5.144.32.0/21 maxlen: 24
                          2a02:2528::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 872176075 (0x33fc59cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
        Validity
            Not Before: Jan  1 13:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6060dfab5af614f2dda7e338a7fbda149aa6f9d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3b:fc:08:e2:50:7b:4b:fd:dc:73:8a:4f:1e:
                    e1:93:5b:b1:15:fb:d4:8a:83:6c:42:40:e2:7b:95:
                    4a:46:42:77:03:53:7d:93:89:ad:2e:3d:fe:61:bf:
                    52:fb:7a:3e:fe:0f:16:75:25:06:8d:84:9b:71:0b:
                    f1:8c:4d:f3:6d:54:b7:73:89:70:d4:1c:c3:4e:05:
                    cf:06:75:7a:1b:47:c2:41:9a:26:4e:e8:0e:74:6a:
                    84:0a:1c:c3:d4:74:2f:af:4f:60:a6:4b:91:9f:00:
                    b7:cb:91:44:4a:fb:31:91:d9:9b:dd:66:d5:72:b3:
                    c7:a4:e9:91:bc:74:b9:ab:e3:51:a1:5c:e2:09:b5:
                    ba:52:3b:c8:fa:91:18:5c:53:10:92:bb:b4:d9:1e:
                    de:37:5b:65:83:22:b7:51:77:c6:77:d6:b8:c3:5a:
                    ed:de:8b:b1:15:4c:2d:a8:0b:7f:14:7b:1d:76:30:
                    96:9a:40:85:43:7d:d5:fd:1a:42:79:0c:f4:65:fe:
                    31:34:47:12:34:5f:19:25:dd:6a:b4:5e:81:e3:af:
                    20:d2:36:f9:a6:37:cd:cc:e0:f9:05:52:b2:81:7d:
                    9d:f6:4d:33:1c:18:6e:f6:46:c1:81:c3:19:a1:89:
                    40:84:ec:b5:e3:bb:20:24:a8:fa:cc:e3:28:5d:1b:
                    8c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:60:DF:AB:5A:F6:14:F2:DD:A7:E3:38:A7:FB:DA:14:9A:A6:F9:D0
            X509v3 Authority Key Identifier:
                keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/YGDfq1r2FPLdp-M4p_vaFJqm-dA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.32.0/21
                  46.20.240.0/20
                  185.60.52.0/22
                IPv6:
                  2a02:2528::/29

    Signature Algorithm: sha256WithRSAEncryption
         9e:5a:ee:cf:7c:51:2c:15:4f:22:4c:4f:fb:58:c7:22:86:74:
         41:a8:54:49:62:2b:00:a1:6d:c5:16:a8:db:fa:fc:51:92:2d:
         68:67:2c:4b:7e:b2:18:66:ff:b8:0a:e3:42:83:9b:f9:af:50:
         33:0a:7d:e1:87:c1:44:1f:8e:28:bb:f0:8e:91:86:3d:2b:b5:
         36:d6:20:44:62:b8:88:c8:3b:8c:e0:c2:5a:2f:5b:3a:79:b4:
         5c:dc:ae:a3:20:03:69:91:80:c7:f3:d8:61:5c:5a:32:f2:04:
         d2:36:e7:fc:01:27:06:53:36:8f:13:53:01:b9:03:e9:dd:b9:
         df:b9:06:e5:77:83:d7:af:c9:d2:4d:16:b2:a6:a6:dd:fa:46:
         53:fd:78:47:7d:c3:58:71:07:b8:47:79:5a:4c:25:ae:45:04:
         fa:35:ce:8a:28:8c:6e:28:32:4a:31:ca:d9:d3:e5:4e:e7:22:
         b1:d3:27:12:23:65:e8:2a:fc:14:9c:ed:2d:77:5a:69:e2:93:
         06:44:53:5c:51:c9:53:19:06:7b:83:ba:92:15:3b:5b:3c:b9:
         4a:5c:42:71:c6:39:95:f7:f6:83:fc:9d:af:35:ad:da:2b:ad:
         4b:30:1b:fa:31:7b:e8:e4:dd:3b:67:ea:d1:2f:ce:c8:57:4a:
         5a:f5:37:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM/xZyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWZjMGJlYzYwZDBiYWNlMTg4OTY3N2JkOWJiOTAxOTBjYzRmZDIyMB4XDTIyMDEw
MTEzNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA2MGRmYWI1YWY2
MTRmMmRkYTdlMzM4YTdmYmRhMTQ5YWE2ZjlkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw7/AjiUHtL/dxzik8e4ZNbsRX71IqDbEJA4nuVSkZCdwNT
fZOJrS49/mG/Uvt6Pv4PFnUlBo2Em3EL8YxN821Ut3OJcNQcw04FzwZ1ehtHwkGa
Jk7oDnRqhAocw9R0L69PYKZLkZ8At8uRREr7MZHZm91m1XKzx6Tpkbx0uavjUaFc
4gm1ulI7yPqRGFxTEJK7tNke3jdbZYMit1F3xnfWuMNa7d6LsRVMLagLfxR7HXYw
lppAhUN91f0aQnkM9GX+MTRHEjRfGSXdarRegeOvINI2+aY3zczg+QVSsoF9nfZN
MxwYbvZGwYHDGaGJQITsteO7ICSo+szjKF0bjDsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRgYN+rWvYU8t2n4zin+9oUmqb50DAfBgNVHSMEGDAWgBTZ/AvsYNC6zhiJ
Z3vZu5AZDMT9IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJmd0w3R0RRdXM0WWlXZDcyYnVRR1F6RV9TSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYjBkNmU2LTJlZDctNDkyOC1hZDY5LTM0NjkwMzRmYTQ0MS8x
L1lHRGZxMXIyRlBMZHAtTTRwX3ZhRkpxbS1kQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
YjBkNmU2LTJlZDctNDkyOC1hZDY5LTM0NjkwMzRmYTQ0MS8xLzJmd0w3R0RRdXM0
WWlXZDcyYnVRR1F6RV9TSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwWQIAMEBC4U8AMEArk8NDANBAIA
AjAHAwUDKgIlKDANBgkqhkiG9w0BAQsFAAOCAQEAnlruz3xRLBVPIkxP+1jHIoZ0
QahUSWIrAKFtxRao2/r8UZItaGcsS36yGGb/uArjQoOb+a9QMwp94YfBRB+OKLvw
jpGGPSu1NtYgRGK4iMg7jODCWi9bOnm0XNyuoyADaZGAx/PYYVxaMvIE0jbn/AEn
BlM2jxNTAbkD6d2537kG5XeD16/J0k0Wsqam3fpGU/14R33DWHEHuEd5WkwlrkUE
+jXOiiiMbigySjHK2dPlTucisdMnEiNl6Cr8FJztLXdaaeKTBkRTXFHJUxkGe4O6
khU7Wzy5SlxCccY5lff2g/ydrzWt2iutSzAb+jF76OTdO2fq0S/OyFdKWvU3fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:46 2024 by rpki-client on console-ams.rpki-client.org