Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/e5AwhN8GJgITyUggUC-inRbF7ko.roa
File:                     e5AwhN8GJgITyUggUC-inRbF7ko.roa (raw, json)
Hash identifier:          gzH5BkN2WizFan8oW8HoTEb5qQZmjytVKW1DczWN0L0=
Subject key identifier:   7B:90:30:84:DF:06:26:02:13:C9:48:20:50:2F:A2:9D:16:C5:EE:4A
Certificate issuer:       /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial:       0B6D01E1
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/e5AwhN8GJgITyUggUC-inRbF7ko.roa
Signing time:             Fri 08 Apr 2022 11:13:11 +0000
ROA not before:           Fri 08 Apr 2022 11:13:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29670
IP address blocks:        185.174.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191693281 (0xb6d01e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
        Validity
            Not Before: Apr  8 11:13:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7b903084df06260213c94820502fa29d16c5ee4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b2:9a:c7:66:0b:08:55:70:1f:fe:61:56:66:
                    d9:1b:4a:f8:5a:c3:1e:8d:b8:65:48:92:7a:23:04:
                    10:0b:a0:63:a7:f1:b5:a4:3f:90:21:95:22:17:d0:
                    48:3e:80:aa:75:79:fb:12:d4:7c:56:5d:82:40:50:
                    91:d1:41:d8:f5:f1:53:35:b5:9a:bb:ea:b7:e7:6f:
                    ba:ca:e8:41:da:34:de:c4:5d:df:f9:11:fa:85:42:
                    3c:0f:21:3f:13:b9:ab:85:ee:05:96:55:3b:39:40:
                    4a:cf:54:2a:5f:83:96:08:4d:7d:f9:5b:2f:6d:b5:
                    c9:69:87:e3:a4:88:02:36:37:e1:7d:46:00:98:0c:
                    48:d9:4b:7f:74:91:3c:42:48:26:f0:44:1e:8e:85:
                    0a:2c:e5:6c:58:fb:6d:fb:f7:60:68:55:41:35:ba:
                    dd:08:30:65:4a:a8:2a:c0:9f:ad:98:19:96:71:6c:
                    b0:c5:a4:3e:bd:c6:cc:29:5b:f3:34:f3:80:75:ee:
                    8f:67:c2:66:f6:3d:c6:00:8f:b4:ba:b5:7f:1b:ce:
                    41:d4:7a:3c:6d:7d:0f:56:01:90:84:0d:68:21:7f:
                    e1:14:5e:f5:f2:49:f0:5b:de:ab:b1:b1:1b:1e:61:
                    12:1b:a4:96:1e:46:1a:6a:56:aa:8c:54:23:3d:2c:
                    7f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:90:30:84:DF:06:26:02:13:C9:48:20:50:2F:A2:9D:16:C5:EE:4A
            X509v3 Authority Key Identifier:
                keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/e5AwhN8GJgITyUggUC-inRbF7ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.174.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:1d:e9:82:f6:09:48:78:b6:25:9c:35:c4:b3:f8:29:18:42:
         cd:bc:6e:bf:76:b8:d9:f6:ff:ab:b5:7b:de:bd:92:2f:28:7a:
         2f:ae:d8:24:53:87:96:e9:34:a8:6b:be:48:a5:13:cc:62:70:
         b6:96:d0:50:32:88:b9:86:2d:a3:92:43:84:04:15:75:ce:5a:
         39:97:6a:74:05:fc:51:5b:45:5f:b9:11:4a:ef:1b:1b:42:cc:
         42:09:a2:ab:5e:e3:bd:ca:87:34:3d:82:64:77:2c:d0:5b:ed:
         00:1a:2b:b2:84:03:2d:20:14:be:60:f4:d0:78:75:66:85:8f:
         e7:84:99:dd:5d:f6:3f:45:a7:d6:7f:dc:5c:04:96:ce:4d:05:
         e6:b1:65:50:1f:a5:a0:79:e7:3d:f6:e9:dc:82:fb:7b:36:61:
         8e:3d:97:28:ef:a2:44:68:52:c5:b0:ae:13:33:1f:2f:96:ad:
         6f:95:d6:d3:8d:02:65:3f:56:90:27:e8:54:e5:94:25:34:33:
         05:bf:38:30:e1:2e:d4:38:5e:3b:e9:d8:59:b4:46:b3:0c:8d:
         3b:9e:ec:d5:69:9a:da:ca:4e:1f:7c:dc:47:3c:47:74:ac:ce:
         84:cd:bb:05:35:af:e7:e8:8a:80:c6:c7:13:6e:c7:7b:08:cc:
         82:6b:25:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC20B4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWNlNTY5YTE0YzJkYjM3NzJmMjMxODdjZTY4ZTY1NDFlYzAwNDhlMB4XDTIyMDQw
ODExMTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I5MDMwODRkZjA2
MjYwMjEzYzk0ODIwNTAyZmEyOWQxNmM1ZWU0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+ymsdmCwhVcB/+YVZm2RtK+FrDHo24ZUiSeiMEEAugY6fx
taQ/kCGVIhfQSD6AqnV5+xLUfFZdgkBQkdFB2PXxUzW1mrvqt+dvusroQdo03sRd
3/kR+oVCPA8hPxO5q4XuBZZVOzlASs9UKl+DlghNfflbL221yWmH46SIAjY34X1G
AJgMSNlLf3SRPEJIJvBEHo6FCizlbFj7bfv3YGhVQTW63QgwZUqoKsCfrZgZlnFs
sMWkPr3GzClb8zTzgHXuj2fCZvY9xgCPtLq1fxvOQdR6PG19D1YBkIQNaCF/4RRe
9fJJ8Fveq7GxGx5hEhuklh5GGmpWqoxUIz0sf6sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR7kDCE3wYmAhPJSCBQL6KdFsXuSjAfBgNVHSMEGDAWgBSZzlaaFMLbN3Ly
MYfOaOZUHsAEjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21jNVdtaFRDMnpkeThqR0h6bWptVkI3QUJJNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvY2M2ZTk5LTZlNWYtNDAxYi05MTJkLTEwOTU1NDRjNmM1MC8x
L2U1QXdoTjhHSmdJVHlVZ2dVQy1pblJiRjdrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
Y2M2ZTk5LTZlNWYtNDAxYi05MTJkLTEwOTU1NDRjNmM1MC8xL21jNVdtaFRDMnpk
eThqR0h6bWptVkI3QUJJNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmuKDANBgkqhkiG9w0BAQsFAAOC
AQEAhB3pgvYJSHi2JZw1xLP4KRhCzbxuv3a42fb/q7V73r2SLyh6L67YJFOHluk0
qGu+SKUTzGJwtpbQUDKIuYYto5JDhAQVdc5aOZdqdAX8UVtFX7kRSu8bG0LMQgmi
q17jvcqHND2CZHcs0FvtABorsoQDLSAUvmD00Hh1ZoWP54SZ3V32P0Wn1n/cXASW
zk0F5rFlUB+loHnnPfbp3IL7ezZhjj2XKO+iRGhSxbCuEzMfL5atb5XW040CZT9W
kCfoVOWUJTQzBb84MOEu1DheO+nYWbRGswyNO57s1Wma2spOH3zcRzxHdKzOhM27
BTWv5+iKgMbHE27HewjMgmsl6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:27 2024 by rpki-client on console-fra.rpki-client.org