Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UT8yQN27gcNH5MKMyC33rqqYPfE.roa
File:                     UT8yQN27gcNH5MKMyC33rqqYPfE.roa (raw, json)
Hash identifier:          99IgXOZPc6u3SKL8OTyK8+rHha+SyrOtBq0ZNn8gBKo=
Subject key identifier:   51:3F:32:40:DD:BB:81:C3:47:E4:C2:8C:C8:2D:F7:AE:AA:98:3D:F1
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       09B61549
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UT8yQN27gcNH5MKMyC33rqqYPfE.roa
Signing time:             Mon 04 Apr 2022 07:23:50 +0000
ROA not before:           Mon 04 Apr 2022 07:23:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 162927945 (0x9b61549)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Apr  4 07:23:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=513f3240ddbb81c347e4c28cc82df7aeaa983df1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6e:e3:32:32:cb:9c:17:80:64:3c:39:af:f7:
                    af:cf:83:fa:62:67:ec:c1:cf:27:be:07:6e:4c:c4:
                    b0:4e:b9:fc:ac:ab:1f:93:be:61:6d:ce:10:52:31:
                    7a:15:59:2c:a0:45:d1:ad:d9:ad:f4:b8:b9:48:bb:
                    b1:3e:8b:d2:76:3e:c7:43:f5:82:02:e1:e7:de:d4:
                    2a:4d:22:34:9f:ed:17:73:fa:3d:7f:84:13:d6:2e:
                    28:42:2e:79:68:92:21:6c:56:b2:7d:61:b8:68:ac:
                    28:23:06:90:e4:c8:7f:c6:8d:ea:dd:07:ed:b6:1a:
                    19:65:6e:0b:08:f3:6b:c1:eb:b8:24:1a:d2:5f:87:
                    a6:57:6e:50:b1:a9:80:09:3e:05:5c:e7:2a:72:a3:
                    c3:07:33:37:c9:7e:14:a9:82:37:92:fc:23:e7:d3:
                    f5:b0:52:8e:0a:3a:f7:6e:40:b7:e9:23:2c:14:d6:
                    ca:a6:55:b2:b2:7c:4d:5e:7c:4b:8c:a6:59:f1:a3:
                    aa:56:7a:fc:e9:56:0b:f7:e3:1e:ad:6b:97:46:ac:
                    1a:4b:d0:34:1e:70:a4:e9:70:11:b4:cd:40:12:62:
                    f4:7e:10:7f:fe:1b:20:a0:90:a3:5d:0b:55:25:e7:
                    08:76:55:bc:77:a7:b6:18:e9:15:66:28:dd:18:dd:
                    9f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:3F:32:40:DD:BB:81:C3:47:E4:C2:8C:C8:2D:F7:AE:AA:98:3D:F1
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/UT8yQN27gcNH5MKMyC33rqqYPfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:82:64:70:6d:6b:0e:e0:5e:31:1f:55:bb:83:bf:10:48:b9:
         a0:54:ad:30:80:88:64:25:23:b8:ab:9d:75:18:15:8f:ca:33:
         20:e1:2e:4f:0d:b3:a2:21:a4:84:8f:2c:86:90:27:f6:87:02:
         3a:1e:2c:97:ef:2d:25:56:fa:40:e3:97:c6:47:e1:a3:dc:fe:
         3a:d6:c8:83:4e:98:66:a6:9b:96:75:53:c7:9b:b5:2b:9f:74:
         71:56:b4:77:4b:d0:9f:31:52:a9:92:c3:98:1d:80:75:46:d1:
         9a:08:39:1c:89:bf:e4:02:31:1c:2f:ba:f8:4b:85:d6:f6:a4:
         7c:0e:75:77:af:70:c2:11:65:87:f6:70:db:54:c9:4a:74:5a:
         3c:89:15:9e:2d:77:b5:61:56:84:0b:33:8d:6d:7f:fb:c8:a6:
         a8:3b:9e:32:70:d9:73:7b:34:4e:f4:9c:0d:28:68:5c:07:0c:
         90:ae:ed:85:60:c3:24:b5:ac:1a:81:6e:e5:88:26:68:cd:bd:
         32:aa:03:d3:e9:65:0f:59:90:dc:d9:5f:a7:c6:3b:f1:7c:0f:
         a4:28:e2:30:5f:90:8a:dc:f3:c8:be:9c:3b:ef:9d:a7:c8:b5:
         79:ee:0d:d3:87:2b:a5:c4:72:4d:6d:74:76:0a:51:c3:45:11:
         fe:ba:85:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECbYVSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDQw
NDA3MjM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEzZjMyNDBkZGJi
ODFjMzQ3ZTRjMjhjYzgyZGY3YWVhYTk4M2RmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdu4zIyy5wXgGQ8Oa/3r8+D+mJn7MHPJ74HbkzEsE65/Kyr
H5O+YW3OEFIxehVZLKBF0a3ZrfS4uUi7sT6L0nY+x0P1ggLh597UKk0iNJ/tF3P6
PX+EE9YuKEIueWiSIWxWsn1huGisKCMGkOTIf8aN6t0H7bYaGWVuCwjza8HruCQa
0l+HplduULGpgAk+BVznKnKjwwczN8l+FKmCN5L8I+fT9bBSjgo6925At+kjLBTW
yqZVsrJ8TV58S4ymWfGjqlZ6/OlWC/fjHq1rl0asGkvQNB5wpOlwEbTNQBJi9H4Q
f/4bIKCQo10LVSXnCHZVvHenthjpFWYo3Rjdn0kCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRRPzJA3buBw0fkwozILfeuqpg98TAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
L1VUOHlRTjI3Z2NOSDVNS015QzMzcnFxWVBmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALmJ1zAPBAIAAjAJAwcAKgOloAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCxgmRwbWsO4F4xH1W7g78QSLmgVK0wgIhkJSO4
q511GBWPyjMg4S5PDbOiIaSEjyyGkCf2hwI6HiyX7y0lVvpA45fGR+Gj3P461siD
TphmppuWdVPHm7Urn3RxVrR3S9CfMVKpksOYHYB1RtGaCDkcib/kAjEcL7r4S4XW
9qR8DnV3r3DCEWWH9nDbVMlKdFo8iRWeLXe1YVaECzONbX/7yKaoO54ycNlzezRO
9JwNKGhcBwyQru2FYMMktawagW7liCZozb0yqgPT6WUPWZDc2V+nxjvxfA+kKOIw
X5CK3PPIvpw7752nyLV57g3ThyulxHJNbXR2ClHDRRH+uoVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org