Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/E8lXuMKraz8c8xDhPVNazUqdirY.roa
File:                     E8lXuMKraz8c8xDhPVNazUqdirY.roa (raw, json)
Hash identifier:          J1o+aZjdPK0B4Nlc5KV9wn38gbLGkmCCV1vNeJIJCKk=
Subject key identifier:   13:C9:57:B8:C2:AB:6B:3F:1C:F3:10:E1:3D:53:5A:CD:4A:9D:8A:B6
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       0182A5AA43B27212258312BE7F38F0DE36A8
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/E8lXuMKraz8c8xDhPVNazUqdirY.roa
Signing time:             Tue 16 Aug 2022 07:59:35 +0000
ROA not before:           Tue 16 Aug 2022 07:59:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49981
IP address blocks:        185.162.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a5:aa:43:b2:72:12:25:83:12:be:7f:38:f0:de:36:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Aug 16 07:59:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=13c957b8c2ab6b3f1cf310e13d535acd4a9d8ab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7e:cc:9b:fe:aa:64:0a:fe:b4:94:b0:07:d0:
                    2a:6c:5d:d6:b9:8b:d5:3a:65:e4:d4:e7:63:19:3d:
                    0c:e7:81:b4:01:f5:ae:da:72:3d:d3:59:01:06:07:
                    73:bb:6c:91:da:8e:2c:e1:56:bd:cd:43:96:6f:64:
                    2c:92:d1:cf:34:f6:a9:1d:8b:f3:2f:48:7f:2d:6f:
                    5d:30:82:79:46:b2:56:61:79:e9:ff:a6:51:27:e4:
                    f9:65:5f:91:a7:c5:d4:7b:fe:0f:3a:64:5a:cd:80:
                    4d:fb:59:2b:fc:00:ed:20:82:31:80:1a:d7:dd:e8:
                    41:0e:68:cf:1f:cd:59:76:cc:24:12:35:5a:10:37:
                    c8:ec:b8:7f:13:48:b0:f8:c0:00:0a:f2:23:f4:77:
                    f3:67:e3:05:16:10:3e:b0:c8:b4:2d:08:9c:db:9b:
                    a1:7c:93:25:87:36:04:8a:aa:73:38:9d:40:0e:85:
                    be:9f:35:c8:05:36:d3:b4:c3:eb:11:8a:ff:ef:4e:
                    a6:04:4c:70:ef:87:42:95:b3:8c:ee:af:42:bf:70:
                    3a:54:11:92:94:ea:08:a6:88:f1:85:e3:70:33:39:
                    0b:3b:80:e0:f0:97:f5:b1:4c:95:ff:9c:82:d9:93:
                    b1:4a:b6:dd:10:92:6e:2a:a4:7b:52:b3:bb:0a:17:
                    f3:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:C9:57:B8:C2:AB:6B:3F:1C:F3:10:E1:3D:53:5A:CD:4A:9D:8A:B6
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/E8lXuMKraz8c8xDhPVNazUqdirY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:24:ec:63:e0:08:98:c8:de:5a:36:19:14:1a:81:fc:6a:21:
         a0:b5:ca:63:37:41:db:7d:08:cf:16:88:b5:0d:c2:bd:4d:af:
         ae:4a:5f:5b:cb:0f:44:54:a9:e2:29:d7:34:99:0f:3d:f7:33:
         71:5f:b0:0e:53:ce:43:92:27:c8:ef:34:05:24:c8:9a:38:84:
         54:fb:3c:e6:5d:7b:71:58:9d:a1:25:6a:99:52:fd:c7:75:49:
         bb:36:95:13:70:f3:b5:27:01:71:f4:42:c3:f4:ff:d0:73:fa:
         b2:14:7f:e6:93:4c:ef:4e:f4:f7:83:ab:cd:91:e5:bb:14:71:
         8a:2a:56:48:f6:11:f4:e4:ed:45:a7:11:cb:ea:7a:67:b4:ac:
         95:09:f2:2a:83:28:be:77:8d:94:23:49:50:72:47:bb:8e:96:
         fa:cb:60:49:50:72:83:0f:ac:b9:98:66:82:2e:ba:ff:49:d0:
         cb:57:d6:2f:bc:58:bd:27:37:7d:68:b6:42:e2:30:ab:48:dd:
         c7:54:ca:6f:67:94:88:4f:d8:a8:0a:20:b7:d0:ad:59:eb:db:
         8b:2e:0d:37:09:55:16:b2:92:2b:aa:4c:82:05:32:5e:18:fc:
         30:0f:5b:64:f6:89:22:fe:d1:1d:7f:24:ad:f7:64:1f:98:87:
         06:72:f3:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKlqkOychIlgxK+fzjw3jaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjIwODE2MDc1OTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2M5NTdiOGMyYWI2YjNmMWNmMzEwZTEzZDUzNWFjZDRhOWQ4YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn37Mm/6qZAr+tJSwB9AqbF3WuYvV
OmXk1OdjGT0M54G0AfWu2nI901kBBgdzu2yR2o4s4Va9zUOWb2QsktHPNPapHYvz
L0h/LW9dMIJ5RrJWYXnp/6ZRJ+T5ZV+Rp8XUe/4POmRazYBN+1kr/ADtIIIxgBrX
3ehBDmjPH81ZdswkEjVaEDfI7Lh/E0iw+MAACvIj9HfzZ+MFFhA+sMi0LQic25uh
fJMlhzYEiqpzOJ1ADoW+nzXIBTbTtMPrEYr/706mBExw74dClbOM7q9Cv3A6VBGS
lOoIpojxheNwMzkLO4Dg8Jf1sUyV/5yC2ZOxSrbdEJJuKqR7UrO7ChfzjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPJV7jCq2s/HPMQ4T1TWs1KnYq2MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvRThsWHVNS3JhejhjOHhEaFBWTmF6VXFkaXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaLrMA0G
CSqGSIb3DQEBCwUAA4IBAQBAJOxj4AiYyN5aNhkUGoH8aiGgtcpjN0HbfQjPFoi1
DcK9Ta+uSl9byw9EVKniKdc0mQ899zNxX7AOU85DkifI7zQFJMiaOIRU+zzmXXtx
WJ2hJWqZUv3HdUm7NpUTcPO1JwFx9ELD9P/Qc/qyFH/mk0zvTvT3g6vNkeW7FHGK
KlZI9hH05O1FpxHL6npntKyVCfIqgyi+d42UI0lQcke7jpb6y2BJUHKDD6y5mGaC
Lrr/SdDLV9YvvFi9Jzd9aLZC4jCrSN3HVMpvZ5SIT9ioCiC30K1Z69uLLg03CVUW
spIrqkyCBTJeGPwwD1tk9oki/tEdfySt92QfmIcGcvNY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org