Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/25GMARMPorq7t0HjutBkYHzw9as.roa
File:                     25GMARMPorq7t0HjutBkYHzw9as.roa (raw, json)
Hash identifier:          08KOXi4M0FRW0lHKZ68GLIG34uLUoiF/rfmr7RBr/UA=
Subject key identifier:   DB:91:8C:01:13:0F:A2:BA:BB:B7:41:E3:BA:D0:64:60:7C:F0:F5:AB
Certificate issuer:       /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial:       0183C1D52AFF6DA38711E306FA6B296302EA
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/25GMARMPorq7t0HjutBkYHzw9as.roa
Signing time:             Mon 10 Oct 2022 12:18:36 +0000
ROA not before:           Mon 10 Oct 2022 12:18:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202196
IP address blocks:        185.150.61.0/24 maxlen: 24
                          185.150.63.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c1:d5:2a:ff:6d:a3:87:11:e3:06:fa:6b:29:63:02:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
        Validity
            Not Before: Oct 10 12:18:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db918c01130fa2babbb741e3bad064607cf0f5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a3:86:f8:1d:f9:ea:c6:b2:e0:c6:39:21:fa:
                    1d:7b:7e:96:f1:62:b7:e8:95:12:1a:39:e5:e4:c5:
                    ab:34:6e:94:09:5b:86:a7:8c:2b:5e:44:1e:93:51:
                    6a:8a:72:e0:de:07:46:63:54:f4:c8:8e:97:bd:c2:
                    50:c1:96:4b:ca:56:7d:2e:bd:55:14:ab:39:73:6b:
                    da:d1:2c:1b:b0:f0:3a:89:39:a2:ab:eb:e7:20:62:
                    49:99:1c:0b:66:ce:56:73:90:a3:b7:0c:48:69:3f:
                    05:d0:93:57:ac:0c:09:c1:88:c3:b0:68:70:69:a0:
                    6b:72:90:be:3c:be:a8:f6:a4:9c:4b:90:bb:81:b5:
                    ed:ba:a0:34:20:47:e6:05:d0:08:2d:65:ef:40:18:
                    de:73:09:fa:c9:f5:68:d5:28:1d:51:34:c8:51:c9:
                    ec:08:24:27:f8:36:ad:44:7b:87:05:3a:26:77:b9:
                    55:18:fe:df:54:63:48:d8:28:09:10:52:ff:1a:2d:
                    15:31:b4:92:8f:5f:dd:0a:cb:f1:36:98:19:51:a9:
                    0b:dc:50:89:9c:5d:83:19:19:c7:eb:3c:27:a9:09:
                    16:14:fd:86:38:0b:80:77:d0:cc:aa:5a:7c:72:ac:
                    84:16:a6:17:02:b0:e4:e4:ae:08:c8:80:0e:56:8f:
                    a1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:91:8C:01:13:0F:A2:BA:BB:B7:41:E3:BA:D0:64:60:7C:F0:F5:AB
            X509v3 Authority Key Identifier:
                keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/25GMARMPorq7t0HjutBkYHzw9as.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.61.0/24
                  185.150.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:7f:fc:c1:19:7a:d0:8c:76:39:9e:b9:db:46:d3:ed:29:a2:
         db:44:da:84:17:70:a9:00:e1:4e:61:e7:f7:62:42:e5:b5:b7:
         3b:06:4c:57:65:11:c2:81:5a:1c:fc:d8:e1:04:6e:f4:24:8c:
         c3:50:f9:05:58:0b:46:37:b9:72:ec:8c:0e:f9:e0:10:5b:2f:
         42:2e:45:40:ab:06:14:6e:1a:05:4b:73:ca:18:27:75:e9:a7:
         7e:45:d4:55:4a:dd:63:8f:be:a3:e7:28:f6:6d:2d:93:36:b4:
         d2:a1:27:ec:1c:f5:9e:54:39:d1:2d:32:d7:ec:8f:74:7e:ea:
         81:4b:2b:a5:e4:d1:7f:0a:2e:aa:7c:dd:55:4a:d7:a0:ef:aa:
         19:76:89:01:b1:89:ef:75:bc:a8:d7:3c:65:3e:84:1e:64:73:
         3a:d9:d0:2c:b2:da:a0:dc:e8:42:a1:21:29:79:42:4f:10:1e:
         16:a3:a2:58:a9:62:6d:da:f0:1a:29:26:b6:4c:e9:97:96:2e:
         59:5b:4d:44:b5:a0:08:87:47:af:fa:9f:cb:a4:96:23:bb:68:
         ca:56:4b:e7:95:31:7f:f3:43:03:cd:03:cb:cd:75:a5:23:28:
         db:69:e8:0a:88:5c:d9:86:eb:be:f2:10:74:7e:65:de:af:fa:
         8f:28:b8:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPB1Sr/baOHEeMG+mspYwLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjIxMDEwMTIxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkxOGMwMTEzMGZhMmJhYmJiNzQxZTNiYWQwNjQ2MDdjZjBmNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKOG+B356say4MY5Ifode36W8WK3
6JUSGjnl5MWrNG6UCVuGp4wrXkQek1FqinLg3gdGY1T0yI6XvcJQwZZLylZ9Lr1V
FKs5c2va0SwbsPA6iTmiq+vnIGJJmRwLZs5Wc5CjtwxIaT8F0JNXrAwJwYjDsGhw
aaBrcpC+PL6o9qScS5C7gbXtuqA0IEfmBdAILWXvQBjecwn6yfVo1SgdUTTIUcns
CCQn+DatRHuHBTomd7lVGP7fVGNI2CgJEFL/Gi0VMbSSj1/dCsvxNpgZUakL3FCJ
nF2DGRnH6zwnqQkWFP2GOAuAd9DMqlp8cqyEFqYXArDk5K4IyIAOVo+hOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNuRjAETD6K6u7dB47rQZGB88PWrMB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvMjVHTUFSTVBvcnE3dDBIanV0QmtZSHp3OWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZY9AwQA
uZY/MA0GCSqGSIb3DQEBCwUAA4IBAQAef/zBGXrQjHY5nrnbRtPtKaLbRNqEF3Cp
AOFOYef3YkLltbc7BkxXZRHCgVoc/NjhBG70JIzDUPkFWAtGN7ly7IwO+eAQWy9C
LkVAqwYUbhoFS3PKGCd16ad+RdRVSt1jj76j5yj2bS2TNrTSoSfsHPWeVDnRLTLX
7I90fuqBSyul5NF/Ci6qfN1VSteg76oZdokBsYnvdbyo1zxlPoQeZHM62dAsstqg
3OhCoSEpeUJPEB4Wo6JYqWJt2vAaKSa2TOmXli5ZW01EtaAIh0ev+p/LpJYju2jK
VkvnlTF/80MDzQPLzXWlIyjbaegKiFzZhuu+8hB0fmXer/qPKLhD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org