Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/px6o8OcWI5AFuc4sHR8mHHrL2Ro.roa
File:                     px6o8OcWI5AFuc4sHR8mHHrL2Ro.roa (raw, json)
Hash identifier:          X3Rr4qHlHF1UJOCq1tzTtt5Msqjs7fhRtSKHAEBrTDw=
Subject key identifier:   A7:1E:A8:F0:E7:16:23:90:05:B9:CE:2C:1D:1F:26:1C:7A:CB:D9:1A
Certificate issuer:       /CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Certificate serial:       0E740DFB
Authority key identifier: E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/px6o8OcWI5AFuc4sHR8mHHrL2Ro.roa
Signing time:             Sat 01 Jan 2022 06:59:00 +0000
ROA not before:           Sat 01 Jan 2022 06:59:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205136
IP address blocks:        185.81.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 242486779 (0xe740dfb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
        Validity
            Not Before: Jan  1 06:59:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a71ea8f0e716239005b9ce2c1d1f261c7acbd91a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:44:91:45:b8:41:c6:44:f1:e1:df:61:a4:5a:
                    b5:b8:2d:5c:4d:be:2a:00:8d:29:c3:03:7a:e3:95:
                    5f:ca:cf:a8:9c:78:c3:d3:48:4f:31:35:17:3a:d2:
                    0f:b8:1e:10:c6:c1:cc:68:89:fb:00:ca:6b:9b:ad:
                    2b:6c:5e:e2:f5:c6:0d:85:ae:3c:78:15:ca:47:f7:
                    e4:ac:7a:71:7d:df:35:55:87:ce:38:29:1c:45:6c:
                    c9:bb:13:ad:14:53:02:0b:78:c0:a5:0d:d6:48:28:
                    82:b4:31:41:01:c3:c0:1a:fe:0a:8a:07:7d:cd:db:
                    8f:32:c4:42:3f:b6:91:32:42:cf:03:f6:71:ea:9a:
                    be:d9:b1:5d:e5:db:0a:34:4f:f7:4f:c8:aa:40:34:
                    dd:e6:62:c0:36:4b:03:8d:87:31:ab:48:c8:27:3b:
                    13:4b:96:be:28:1d:59:80:30:bb:e1:4e:72:5a:2f:
                    ce:56:f9:b8:73:92:fa:8d:58:91:21:8d:4f:0b:f9:
                    5b:e2:d9:3e:0e:03:6b:f2:51:ef:b6:39:68:3e:f9:
                    ba:e1:f4:17:e5:8c:c5:d0:9d:ec:4c:7b:89:61:bd:
                    0b:04:04:76:d0:1f:69:68:0c:de:ef:b9:ee:c5:3d:
                    d4:5e:43:6b:f2:33:a7:e2:cb:74:51:57:e3:99:b6:
                    61:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1E:A8:F0:E7:16:23:90:05:B9:CE:2C:1D:1F:26:1C:7A:CB:D9:1A
            X509v3 Authority Key Identifier:
                keyid:E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/px6o8OcWI5AFuc4sHR8mHHrL2Ro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:7b:f1:54:e3:75:67:3a:4d:e8:e6:2f:bc:99:4f:77:6d:1d:
         4a:9e:c0:77:f2:d1:16:bb:d2:21:a8:38:a8:06:18:f6:24:ab:
         08:6f:8f:b7:0d:78:37:79:b0:e4:4d:84:1b:d2:3c:75:fd:ba:
         85:c5:3a:1f:f3:92:59:c6:de:57:77:37:9d:03:c7:98:a5:d8:
         ae:5f:25:9a:ca:61:b9:d3:69:40:4d:6b:7e:ec:a1:80:df:20:
         80:76:ae:69:e3:44:20:21:7f:53:6a:51:fa:97:0c:da:ef:13:
         07:25:8e:13:ef:44:7e:9a:b8:4d:8d:69:76:51:21:2b:c9:76:
         b5:2c:8a:a1:1e:ff:62:e7:09:5f:3a:9b:7e:1e:44:b6:db:fc:
         3d:a1:3f:c0:dd:8b:a3:6d:7b:22:40:c0:d0:0d:ca:25:a0:5d:
         82:f7:0b:3e:a5:65:b6:e3:67:13:ba:9c:52:75:0e:4a:46:da:
         3b:3c:60:77:52:8d:13:8b:44:1a:eb:53:6b:16:4a:ea:de:84:
         38:a0:18:80:37:67:c2:fd:17:cf:6e:be:da:e7:47:d2:b3:24:
         e3:c2:37:20:de:70:84:c0:c8:4a:ef:1c:45:58:92:6f:0b:3f:
         69:4f:cf:67:72:6b:5b:84:23:fb:56:57:5f:19:5c:18:60:b4:
         cc:dc:7d:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDnQN+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDNiYWM0YTFiYmJhNTZjYzQzNDg2MWE0Yzc2OWZmOWNlMmQxNWVjMB4XDTIyMDEw
MTA2NTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcxZWE4ZjBlNzE2
MjM5MDA1YjljZTJjMWQxZjI2MWM3YWNiZDkxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVEkUW4QcZE8eHfYaRatbgtXE2+KgCNKcMDeuOVX8rPqJx4
w9NITzE1FzrSD7geEMbBzGiJ+wDKa5utK2xe4vXGDYWuPHgVykf35Kx6cX3fNVWH
zjgpHEVsybsTrRRTAgt4wKUN1kgogrQxQQHDwBr+CooHfc3bjzLEQj+2kTJCzwP2
ceqavtmxXeXbCjRP90/IqkA03eZiwDZLA42HMatIyCc7E0uWvigdWYAwu+FOclov
zlb5uHOS+o1YkSGNTwv5W+LZPg4Da/JR77Y5aD75uuH0F+WMxdCd7Ex7iWG9CwQE
dtAfaWgM3u+57sU91F5Da/Izp+LLdFFX45m2Ya8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnHqjw5xYjkAW5ziwdHyYcesvZGjAfBgNVHSMEGDAWgBTkO6xKG7ulbMQ0
hhpMdp/5zi0V7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVEdXNTaHU3cFd6RU5JWWFUSGFmLWM0dEZldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvZjJhYjBmLWJlNDMtNDY2NS1iYmFhLTFjZDNjYjA3ZWY1ZC8x
L3B4Nm84T2NXSTVBRnVjNHNIUjhtSEhyTDJSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
ZjJhYjBmLWJlNDMtNDY2NS1iYmFhLTFjZDNjYjA3ZWY1ZC8xLzVEdXNTaHU3cFd6
RU5JWWFUSGFmLWM0dEZldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlRaDANBgkqhkiG9w0BAQsFAAOC
AQEAbHvxVON1ZzpN6OYvvJlPd20dSp7Ad/LRFrvSIag4qAYY9iSrCG+Ptw14N3mw
5E2EG9I8df26hcU6H/OSWcbeV3c3nQPHmKXYrl8lmsphudNpQE1rfuyhgN8ggHau
aeNEICF/U2pR+pcM2u8TByWOE+9Efpq4TY1pdlEhK8l2tSyKoR7/YucJXzqbfh5E
ttv8PaE/wN2Lo217IkDA0A3KJaBdgvcLPqVltuNnE7qcUnUOSkbaOzxgd1KNE4tE
GutTaxZK6t6EOKAYgDdnwv0Xz26+2udH0rMk48I3IN5whMDISu8cRViSbws/aU/P
Z3JrW4Qj+1ZXXxlcGGC0zNx9GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:10 2024 by rpki-client on console-fra.rpki-client.org