Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/DyGjhGLkgj5hqUdlphUJbFggr4U.roa
File:                     DyGjhGLkgj5hqUdlphUJbFggr4U.roa (raw, json)
Hash identifier:          3LI8QiUbsOOREOziwA1QiigYQOoLpSMLebHHpQM1Q6I=
Subject key identifier:   0F:21:A3:84:62:E4:82:3E:61:A9:47:65:A6:15:09:6C:58:20:AF:85
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018262967368E7223AD2C5F30A90852BE253
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/DyGjhGLkgj5hqUdlphUJbFggr4U.roa
Signing time:             Wed 03 Aug 2022 07:23:23 +0000
ROA not before:           Wed 03 Aug 2022 07:23:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203535
IP address blocks:        151.251.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:62:96:73:68:e7:22:3a:d2:c5:f3:0a:90:85:2b:e2:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Aug  3 07:23:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0f21a38462e4823e61a94765a615096c5820af85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d7:87:19:25:d6:61:5c:37:b1:bb:f1:2d:c4:
                    08:44:6a:66:c9:6f:5c:5b:52:ac:36:ba:af:95:b3:
                    70:33:a8:a5:b9:62:cd:e9:95:18:bb:66:e6:75:9e:
                    85:04:ee:b9:7e:2c:1c:d2:28:90:b9:12:8a:9f:e9:
                    3c:c7:ab:7e:38:01:07:54:94:7c:02:19:81:65:dc:
                    5b:a3:cc:b8:d9:3e:b3:41:4e:78:41:ce:da:68:a8:
                    d0:1e:d0:89:42:e4:2f:cc:d0:78:49:9e:b6:62:4f:
                    c5:9b:0d:ad:36:e3:d9:61:05:33:d2:19:bb:d8:80:
                    eb:bb:c8:2d:24:2f:d7:d6:e9:9d:19:b1:56:43:6c:
                    55:c6:d2:c6:d0:2a:39:8d:d3:49:fb:3b:94:42:5c:
                    85:26:3d:d9:6c:bb:32:8e:c4:6f:07:ff:ef:be:1b:
                    75:dd:86:72:e1:3d:05:b7:bd:a0:0b:ee:0c:da:1f:
                    0e:f9:f6:9a:09:8d:dc:33:4e:38:03:5a:3f:65:3e:
                    e9:7a:2a:ab:3e:82:f4:05:85:58:f0:6c:c1:5a:d0:
                    8c:bf:ac:3b:67:4a:d7:92:ac:dc:99:ec:6d:38:9d:
                    31:d3:cc:1a:3a:22:6a:ce:db:2b:e5:07:b7:1c:72:
                    fa:b0:9a:28:86:b0:f2:c7:77:f6:83:d4:84:04:c2:
                    fa:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:21:A3:84:62:E4:82:3E:61:A9:47:65:A6:15:09:6C:58:20:AF:85
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/DyGjhGLkgj5hqUdlphUJbFggr4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.251.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:3d:2f:2d:cc:81:a8:4f:2f:96:82:e9:47:eb:16:aa:fa:ee:
         f3:b4:41:db:a1:ef:0b:35:4c:c3:55:69:84:91:7b:62:f1:69:
         bb:6b:72:60:e9:97:ef:d4:99:4b:93:9a:8a:bb:6b:f7:31:bb:
         2a:6c:0e:3b:88:03:43:78:4f:88:64:73:31:33:ea:4b:62:6c:
         58:50:68:36:58:a9:05:cb:9e:27:16:7d:92:c9:1a:c4:1c:7a:
         ca:9a:02:f2:2b:ef:27:65:96:1d:6e:31:b2:6f:50:cc:e1:b1:
         d2:87:9a:f7:8e:ad:62:19:3b:5e:41:10:7f:99:6f:ef:a5:a4:
         7e:f2:b5:43:49:51:c9:93:38:93:a5:2c:33:18:b3:c8:f1:72:
         45:78:e9:29:cc:0e:28:91:d9:17:53:35:ee:ad:87:3a:d4:ea:
         62:74:74:19:18:96:78:3c:81:00:ce:4d:20:98:4f:d8:97:b1:
         a7:95:30:77:56:2d:b9:e9:f2:98:68:32:34:bc:5e:98:84:c3:
         ba:29:25:c7:f8:db:88:de:5b:fa:66:0e:c2:dc:3a:b3:27:bf:
         52:ce:42:8c:53:58:8f:be:4b:02:d1:33:71:60:b4:31:53:da:
         3d:45:27:29:f4:76:19:f3:10:27:03:71:f7:d0:69:06:7a:91:
         91:a4:63:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJilnNo5yI60sXzCpCFK+JTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjIwODAzMDcyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIxYTM4NDYyZTQ4MjNlNjFhOTQ3NjVhNjE1MDk2YzU4MjBhZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdeHGSXWYVw3sbvxLcQIRGpmyW9c
W1KsNrqvlbNwM6iluWLN6ZUYu2bmdZ6FBO65fiwc0iiQuRKKn+k8x6t+OAEHVJR8
AhmBZdxbo8y42T6zQU54Qc7aaKjQHtCJQuQvzNB4SZ62Yk/Fmw2tNuPZYQUz0hm7
2IDru8gtJC/X1umdGbFWQ2xVxtLG0Co5jdNJ+zuUQlyFJj3ZbLsyjsRvB//vvht1
3YZy4T0Ft72gC+4M2h8O+faaCY3cM044A1o/ZT7peiqrPoL0BYVY8GzBWtCMv6w7
Z0rXkqzcmextOJ0x08waOiJqztsr5Qe3HHL6sJoohrDyx3f2g9SEBML6wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8ho4Ri5II+YalHZaYVCWxYIK+FMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvRHlHamhHTGtnajVocVVkbHBoVUpiRmdncjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/vgMA0G
CSqGSIb3DQEBCwUAA4IBAQBqPS8tzIGoTy+WgulH6xaq+u7ztEHboe8LNUzDVWmE
kXti8Wm7a3Jg6Zfv1JlLk5qKu2v3MbsqbA47iANDeE+IZHMxM+pLYmxYUGg2WKkF
y54nFn2SyRrEHHrKmgLyK+8nZZYdbjGyb1DM4bHSh5r3jq1iGTteQRB/mW/vpaR+
8rVDSVHJkziTpSwzGLPI8XJFeOkpzA4okdkXUzXurYc61OpidHQZGJZ4PIEAzk0g
mE/Yl7GnlTB3Vi256fKYaDI0vF6YhMO6KSXH+NuI3lv6Zg7C3DqzJ79SzkKMU1iP
vksC0TNxYLQxU9o9RScp9HYZ8xAnA3H30GkGepGRpGNs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:06 2024 by rpki-client on console-fra.rpki-client.org