Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/0TGbzMRedeDlg7Tuz7maItZndzA.roa
File:                     0TGbzMRedeDlg7Tuz7maItZndzA.roa (raw, json)
Hash identifier:          9JrRAWe2BtK54dY96F3vxGtOURThbE8YvD1x66XAuQU=
Subject key identifier:   D1:31:9B:CC:C4:5E:75:E0:E5:83:B4:EE:CF:B9:9A:22:D6:67:77:30
Certificate issuer:       /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial:       1A295501
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/0TGbzMRedeDlg7Tuz7maItZndzA.roa
Signing time:             Sat 01 Jan 2022 12:55:13 +0000
ROA not before:           Sat 01 Jan 2022 12:55:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        185.162.73.0/24 maxlen: 24
                          185.162.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 438916353 (0x1a295501)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
        Validity
            Not Before: Jan  1 12:55:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1319bccc45e75e0e583b4eecfb99a22d6677730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:5f:c9:f2:50:e2:2c:9a:1b:60:e6:dd:2f:d3:
                    a7:46:cf:d1:29:cc:54:50:87:f8:35:1a:2c:86:33:
                    28:1c:5a:72:f4:4a:02:4d:c3:bd:11:1c:eb:43:87:
                    55:c6:30:62:9f:e9:1d:6f:4d:0b:b7:d8:52:fb:55:
                    6d:16:92:09:15:63:96:5e:24:d5:b0:bc:c3:de:05:
                    7e:d3:49:78:95:44:ce:02:3f:aa:59:e3:b7:ed:c3:
                    35:b3:e7:5d:15:66:fe:97:8e:42:3f:17:35:59:c2:
                    12:43:1f:d4:aa:62:64:61:cc:f4:dd:2b:89:85:3e:
                    c8:44:07:51:c8:20:0e:6f:f5:fc:65:45:3e:d4:35:
                    2a:79:15:3e:cb:98:cb:08:55:93:e8:02:23:d5:ab:
                    6b:38:fb:c5:4e:77:e8:09:6d:b5:c2:92:8f:83:55:
                    01:b0:38:c7:7e:1b:d0:17:3e:e2:ba:d5:93:c8:4b:
                    02:cc:32:95:99:f2:ec:ec:bf:ca:57:ea:be:35:59:
                    a6:e9:a1:7d:1a:84:46:1a:76:e1:72:47:94:9c:04:
                    71:83:45:c1:bd:1a:a5:7e:02:65:88:e2:37:37:ad:
                    af:39:46:ef:c8:bf:45:88:5e:3a:58:53:f4:00:0b:
                    ac:10:5d:a0:5a:cf:d5:87:40:d1:77:a8:c6:71:10:
                    22:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:31:9B:CC:C4:5E:75:E0:E5:83:B4:EE:CF:B9:9A:22:D6:67:77:30
            X509v3 Authority Key Identifier:
                keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/0TGbzMRedeDlg7Tuz7maItZndzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:ca:81:7d:61:ed:c4:2b:a8:e6:8c:fb:c2:d6:6a:f2:88:b1:
         5c:74:af:64:33:98:5a:31:36:28:91:e7:4a:de:c0:a8:21:50:
         6a:76:a5:3e:a2:4a:41:75:84:d9:d2:41:e6:56:5d:72:09:c3:
         77:d9:95:00:39:c1:23:08:e6:2e:9c:26:cf:b5:78:81:67:24:
         7a:3c:da:d5:bb:96:d7:8b:e2:93:f0:0e:55:bc:ab:b3:61:35:
         bc:9f:f3:7f:57:02:cb:fd:2b:d9:bc:d5:2b:ca:0a:8c:58:7e:
         2d:6a:c2:51:fa:7a:30:3b:06:5c:38:20:3e:c6:f2:cc:24:7f:
         58:7a:13:f2:d6:a1:72:71:fd:e8:a3:c3:71:81:3f:05:c4:2e:
         21:f0:2c:aa:dd:9b:a9:9d:a2:80:f7:55:e1:ba:e4:e9:cb:8b:
         96:ab:f4:32:ed:48:bf:69:b9:4b:c7:23:2f:a2:5d:8d:5e:73:
         fc:3b:b5:52:b4:95:8c:8c:94:6c:b8:da:52:3b:cf:6a:4d:b3:
         12:07:a3:c7:8a:18:c2:b0:2f:05:42:5b:eb:31:db:59:0a:ba:
         01:99:0f:1f:f1:d7:e8:0e:f2:e6:1c:db:0d:72:97:1b:7b:53:
         cc:fa:21:d6:c5:aa:8b:c7:3c:1f:96:e7:76:53:cf:d2:4f:64:
         a1:9f:c2:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGilVATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzI0ZGVmYmFhZGU5M2U5OThlMTNhOTQyMDI5ZGQ1OTNiOGIyZWEzMB4XDTIyMDEw
MTEyNTUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEzMTliY2NjNDVl
NzVlMGU1ODNiNGVlY2ZiOTlhMjJkNjY3NzczMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxfyfJQ4iyaG2Dm3S/Tp0bP0SnMVFCH+DUaLIYzKBxacvRK
Ak3DvREc60OHVcYwYp/pHW9NC7fYUvtVbRaSCRVjll4k1bC8w94FftNJeJVEzgI/
qlnjt+3DNbPnXRVm/peOQj8XNVnCEkMf1KpiZGHM9N0riYU+yEQHUcggDm/1/GVF
PtQ1KnkVPsuYywhVk+gCI9Wrazj7xU536AlttcKSj4NVAbA4x34b0Bc+4rrVk8hL
AswylZny7Oy/ylfqvjVZpumhfRqERhp24XJHlJwEcYNFwb0apX4CZYjiNzetrzlG
78i/RYheOlhT9AALrBBdoFrP1YdA0XeoxnEQIrMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRMZvMxF514OWDtO7PuZoi1md3MDAfBgNVHSMEGDAWgBRTJN77qt6T6Zjh
OpQgKd1ZO4suozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V5VGUtNnJlay1tWTRUcVVJQ25kV1R1TExxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8x
LzBUR2J6TVJlZGVEbGc3VHV6N21hSXRabmR6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
Mjk0ZTg0LWNmYzUtNDVhNC1hNWNkLTMzYjc0NTk5NzVlMC8xL1V5VGUtNnJlay1t
WTRUcVVJQ25kV1R1TExxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmiSDANBgkqhkiG9w0BAQsFAAOC
AQEAksqBfWHtxCuo5oz7wtZq8oixXHSvZDOYWjE2KJHnSt7AqCFQanalPqJKQXWE
2dJB5lZdcgnDd9mVADnBIwjmLpwmz7V4gWckejza1buW14vik/AOVbyrs2E1vJ/z
f1cCy/0r2bzVK8oKjFh+LWrCUfp6MDsGXDggPsbyzCR/WHoT8tahcnH96KPDcYE/
BcQuIfAsqt2bqZ2igPdV4brk6cuLlqv0Mu1Iv2m5S8cjL6JdjV5z/Du1UrSVjIyU
bLjaUjvPak2zEgejx4oYwrAvBUJb6zHbWQq6AZkPH/HX6A7y5hzbDXKXG3tTzPoh
1sWqi8c8H5bndlPP0k9koZ/CSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:27 2023 by rpki-client on console-fra.rpki-client.org