Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/SnHoq3wDnctixaiFWw81VOEsJlI.roa
File:                     SnHoq3wDnctixaiFWw81VOEsJlI.roa (raw, json)
Hash identifier:          3XXGYkbjmFAC41Ldt/eZX6BtL1TEBeIHxpxvZRGtyCA=
Subject key identifier:   4A:71:E8:AB:7C:03:9D:CB:62:C5:A8:85:5B:0F:35:54:E1:2C:26:52
Certificate issuer:       /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial:       24236177
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/SnHoq3wDnctixaiFWw81VOEsJlI.roa
Signing time:             Sat 01 Jan 2022 02:57:16 +0000
ROA not before:           Sat 01 Jan 2022 02:57:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204755
IP address blocks:        185.241.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 606298487 (0x24236177)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
        Validity
            Not Before: Jan  1 02:57:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a71e8ab7c039dcb62c5a8855b0f3554e12c2652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:2b:e0:f7:06:71:42:c1:47:a5:4d:86:3f:e2:
                    20:4a:5d:0b:78:0a:a4:74:8e:f5:66:d4:5a:40:e1:
                    19:ad:d7:4b:74:d2:45:6a:6b:ae:ef:6f:ab:0b:b4:
                    f4:5b:50:d5:dd:fc:a5:8b:8f:3f:47:23:fc:45:d7:
                    fa:b4:51:12:3c:f9:1d:c9:b4:fa:8e:60:25:eb:04:
                    f6:ad:6c:3b:4f:ea:4b:ae:8b:03:27:3a:ec:4b:f1:
                    7c:49:61:92:10:39:29:d9:ae:c1:2c:ac:5d:4f:d1:
                    29:bf:23:b3:75:9c:41:b5:f2:4c:de:aa:27:21:6c:
                    be:86:7f:69:b7:77:39:5d:6d:96:89:32:a7:63:1d:
                    8c:15:93:f2:ca:85:d9:c2:96:73:14:92:3f:52:c4:
                    46:09:e6:1e:53:8c:f6:4b:c5:43:e8:f2:4c:10:5b:
                    60:80:f1:38:06:4b:8b:06:47:6e:c7:ab:e5:4b:f5:
                    a2:e7:e0:ef:65:66:55:83:5c:54:5c:f9:cf:b7:08:
                    4f:f0:84:da:b3:24:6b:4f:f1:bf:dc:3c:ca:eb:b6:
                    2a:e2:e0:09:91:42:be:95:dc:27:5d:ef:e6:06:80:
                    e0:06:67:82:62:27:db:e4:b5:54:6e:09:96:f2:dc:
                    e2:ac:0d:23:8a:01:ec:f4:4e:18:4a:6a:16:4d:13:
                    5e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:71:E8:AB:7C:03:9D:CB:62:C5:A8:85:5B:0F:35:54:E1:2C:26:52
            X509v3 Authority Key Identifier:
                keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/SnHoq3wDnctixaiFWw81VOEsJlI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:b9:7d:c8:12:e2:32:90:5c:08:1b:2a:2e:b4:13:7d:89:1e:
         7d:f9:d6:f5:2a:09:f5:58:04:af:7a:ff:a8:f0:99:d2:27:9f:
         2e:fa:f3:61:7a:c2:22:23:60:78:3e:94:52:1f:ae:26:b6:14:
         64:3c:4e:ba:fb:5b:0d:ea:91:a2:ef:46:ee:22:f4:1b:2a:68:
         66:ad:54:41:e9:eb:43:f4:05:70:29:5a:f2:43:7e:48:55:83:
         64:f0:aa:0d:a7:06:9d:7f:92:de:ab:c6:a0:69:78:38:30:0b:
         fc:50:36:82:e3:a8:4c:79:f2:16:7d:fc:4e:d6:24:ba:1c:0a:
         8f:3d:0d:79:de:fb:19:9e:b2:7a:a9:91:33:a2:21:5c:52:ca:
         dc:71:11:74:d3:b6:b6:6f:37:4a:5d:94:e0:05:9d:b3:80:52:
         e5:d1:3b:5f:1b:0a:6b:2f:91:33:4d:36:38:3c:97:b1:e3:a3:
         79:b7:b1:1c:d1:a4:03:4e:3f:5c:22:30:12:ca:2a:01:a5:62:
         1b:d7:99:59:c5:f9:cf:f9:ee:66:81:c5:e0:60:6b:69:08:8b:
         bf:cc:58:d7:92:28:28:54:27:39:a1:7d:ca:fc:cd:c5:93:a4:
         dc:a9:27:c7:1b:72:c7:ca:7f:0b:19:96:e3:65:f8:9b:5e:a1:
         28:46:55:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJCNhdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTc5ODYzY2VhODJhZWI4ZTlkZjM4NGIzOWFhNTE3NmY0YmNmYTYxMB4XDTIyMDEw
MTAyNTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE3MWU4YWI3YzAz
OWRjYjYyYzVhODg1NWIwZjM1NTRlMTJjMjY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMr4PcGcULBR6VNhj/iIEpdC3gKpHSO9WbUWkDhGa3XS3TS
RWprru9vqwu09FtQ1d38pYuPP0cj/EXX+rRREjz5Hcm0+o5gJesE9q1sO0/qS66L
Ayc67EvxfElhkhA5KdmuwSysXU/RKb8js3WcQbXyTN6qJyFsvoZ/abd3OV1tloky
p2MdjBWT8sqF2cKWcxSSP1LERgnmHlOM9kvFQ+jyTBBbYIDxOAZLiwZHbser5Uv1
oufg72VmVYNcVFz5z7cIT/CE2rMka0/xv9w8yuu2KuLgCZFCvpXcJ13v5gaA4AZn
gmIn2+S1VG4JlvLc4qwNI4oB7PROGEpqFk0TXqUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKceirfAOdy2LFqIVbDzVU4SwmUjAfBgNVHSMEGDAWgBR5eYY86oKuuOnf
OEs5qlF29Lz6YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VYbUdQT3FDcnJqcDN6aExPYXBSZHZTOC1tRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8x
L1NuSG9xM3dEbmN0aXhhaUZXdzgxVk9Fc0psSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8xL2VYbUdQT3FDcnJq
cDN6aExPYXBSZHZTOC1tRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnxsDANBgkqhkiG9w0BAQsFAAOC
AQEAJbl9yBLiMpBcCBsqLrQTfYkeffnW9SoJ9VgEr3r/qPCZ0iefLvrzYXrCIiNg
eD6UUh+uJrYUZDxOuvtbDeqRou9G7iL0GypoZq1UQenrQ/QFcCla8kN+SFWDZPCq
DacGnX+S3qvGoGl4ODAL/FA2guOoTHnyFn38TtYkuhwKjz0Ned77GZ6yeqmRM6Ih
XFLK3HERdNO2tm83Sl2U4AWds4BS5dE7XxsKay+RM002ODyXseOjebexHNGkA04/
XCIwEsoqAaViG9eZWcX5z/nuZoHF4GBraQiLv8xY15IoKFQnOaF9yvzNxZOk3Kkn
xxtyx8p/CxmW42X4m16hKEZVKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:19 2024 by rpki-client on console-ams.rpki-client.org