Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/dNPvPtmTPym3c2Vx8in8wnB7USU.roa
File:                     dNPvPtmTPym3c2Vx8in8wnB7USU.roa (raw, json)
Hash identifier:          nVet7VvdraUfgG4q3ZyqTn4nTSqsqpM7EENB+nwBe+4=
Subject key identifier:   74:D3:EF:3E:D9:93:3F:29:B7:73:65:71:F2:29:FC:C2:70:7B:51:25
Certificate issuer:       /CN=53390b13c9ef4afcfd08124111e6f63dc30165aa
Certificate serial:       05D542E1
Authority key identifier: 53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/dNPvPtmTPym3c2Vx8in8wnB7USU.roa
Signing time:             Sat 01 Jan 2022 06:53:05 +0000
ROA not before:           Sat 01 Jan 2022 06:53:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31655
IP address blocks:        185.9.232.0/22 maxlen: 24
                          2a02:df80::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 97862369 (0x5d542e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53390b13c9ef4afcfd08124111e6f63dc30165aa
        Validity
            Not Before: Jan  1 06:53:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74d3ef3ed9933f29b7736571f229fcc2707b5125
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7a:8a:a6:c3:17:12:81:c8:b3:2b:17:4d:d4:
                    02:28:fc:36:54:3b:18:d8:ba:df:68:31:80:20:7e:
                    e1:ae:8e:78:9d:d3:7b:67:8f:86:14:c1:f3:f1:dd:
                    ac:fd:e1:2d:24:4e:a8:e2:1f:bc:5c:ec:d0:95:66:
                    b0:77:e2:8f:e6:ce:43:b5:08:fd:e5:04:12:32:d9:
                    4c:7b:9b:27:a1:97:1d:69:52:5d:33:ab:5b:03:f4:
                    83:44:34:5e:a1:8c:2c:20:52:98:d5:26:ae:9b:35:
                    18:9c:52:1c:ca:ff:2f:01:d6:b3:db:d2:9f:99:1a:
                    1c:6b:5e:75:61:01:86:f7:96:6d:bd:03:79:2d:ac:
                    3f:c6:aa:6a:ee:63:75:1b:f6:5b:a2:24:81:e1:5b:
                    86:97:97:8f:4e:c4:e4:2b:c9:56:cb:1d:ce:16:24:
                    6d:8e:78:63:a8:f2:1c:c2:77:97:2b:c6:e1:24:a9:
                    14:c7:b0:97:23:43:12:b6:71:be:bd:5c:dc:24:4d:
                    ec:9d:08:f9:47:2c:64:10:9b:9d:be:4a:df:38:17:
                    23:62:79:8e:2a:d3:ed:39:0c:13:cd:8f:01:71:c8:
                    fc:8b:18:be:80:16:62:61:b0:c4:03:f9:86:f4:f9:
                    a4:2d:61:36:b6:f7:65:50:0c:be:4a:0d:ac:5b:98:
                    e2:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D3:EF:3E:D9:93:3F:29:B7:73:65:71:F2:29:FC:C2:70:7B:51:25
            X509v3 Authority Key Identifier:
                keyid:53:39:0B:13:C9:EF:4A:FC:FD:08:12:41:11:E6:F6:3D:C3:01:65:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzkLE8nvSvz9CBJBEeb2PcMBZao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/dNPvPtmTPym3c2Vx8in8wnB7USU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/89c4ab-984b-4f6c-bdd0-33d7ac370979/1/UzkLE8nvSvz9CBJBEeb2PcMBZao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.9.232.0/22
                IPv6:
                  2a02:df80::/29

    Signature Algorithm: sha256WithRSAEncryption
         b1:51:b0:6d:26:39:95:ef:5d:0b:62:40:8d:39:b4:3e:57:9d:
         fe:83:b0:ab:f9:37:54:26:30:14:33:9d:f4:85:a0:88:30:d3:
         af:65:84:34:ce:7a:5c:0d:d8:f1:c4:8a:ba:9e:4c:75:41:79:
         c3:18:89:68:76:04:7f:27:e0:95:87:03:ec:cf:63:71:21:34:
         45:94:d7:a9:ad:96:a4:2e:bc:e0:53:ab:25:a3:75:72:39:d9:
         d3:78:2f:18:b6:4d:5e:af:f2:77:a3:a8:ab:9b:d7:e4:fb:0a:
         86:ad:fe:f4:15:72:49:fd:dd:7c:a6:90:c0:44:d1:7d:19:be:
         05:d3:9d:e7:de:b3:4c:88:63:b1:4b:f7:06:64:97:65:ce:3c:
         01:36:38:d9:6a:c4:45:b8:6d:24:81:07:52:34:fa:41:a6:89:
         99:0b:f5:18:8e:68:f2:89:1f:09:21:2a:96:da:3f:f2:62:bc:
         4c:0b:3b:4c:5b:24:56:5a:e4:4d:19:16:b2:ab:60:98:57:a9:
         f9:23:39:a1:cc:97:0c:44:4b:46:f4:db:e5:f7:dc:fd:a9:3f:
         71:b6:d0:6b:58:e8:7a:e4:75:06:a3:3b:d1:0e:24:e5:91:a1:
         48:7c:4e:aa:3b:bc:cc:27:3b:a9:ad:f6:79:11:1c:6a:fc:77:
         c4:d1:cc:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBdVC4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzM5MGIxM2M5ZWY0YWZjZmQwODEyNDExMWU2ZjYzZGMzMDE2NWFhMB4XDTIyMDEw
MTA2NTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRkM2VmM2VkOTkz
M2YyOWI3NzM2NTcxZjIyOWZjYzI3MDdiNTEyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZ6iqbDFxKByLMrF03UAij8NlQ7GNi632gxgCB+4a6OeJ3T
e2ePhhTB8/HdrP3hLSROqOIfvFzs0JVmsHfij+bOQ7UI/eUEEjLZTHubJ6GXHWlS
XTOrWwP0g0Q0XqGMLCBSmNUmrps1GJxSHMr/LwHWs9vSn5kaHGtedWEBhveWbb0D
eS2sP8aqau5jdRv2W6IkgeFbhpeXj07E5CvJVssdzhYkbY54Y6jyHMJ3lyvG4SSp
FMewlyNDErZxvr1c3CRN7J0I+UcsZBCbnb5K3zgXI2J5jirT7TkME82PAXHI/IsY
voAWYmGwxAP5hvT5pC1hNrb3ZVAMvkoNrFuY4lsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR00+8+2ZM/KbdzZXHyKfzCcHtRJTAfBgNVHSMEGDAWgBRTOQsTye9K/P0I
EkER5vY9wwFlqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V6a0xFOG52U3Z6OUNCSkJFZWIyUGNNQlphby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvODljNGFiLTk4NGItNGY2Yy1iZGQwLTMzZDdhYzM3MDk3OS8x
L2ROUHZQdG1UUHltM2MyVng4aW44d25CN1VTVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ODljNGFiLTk4NGItNGY2Yy1iZGQwLTMzZDdhYzM3MDk3OS8xL1V6a0xFOG52U3Z6
OUNCSkJFZWIyUGNNQlphby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkJ6DANBAIAAjAHAwUDKgLfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsVGwbSY5le9dC2JAjTm0Pled/oOwq/k3VCYwFDOd
9IWgiDDTr2WENM56XA3Y8cSKup5MdUF5wxiJaHYEfyfglYcD7M9jcSE0RZTXqa2W
pC684FOrJaN1cjnZ03gvGLZNXq/yd6Ooq5vX5PsKhq3+9BVySf3dfKaQwETRfRm+
BdOd596zTIhjsUv3BmSXZc48ATY42WrERbhtJIEHUjT6QaaJmQv1GI5o8okfCSEq
lto/8mK8TAs7TFskVlrkTRkWsqtgmFep+SM5ocyXDERLRvTb5ffc/ak/cbbQa1jo
euR1BqM70Q4k5ZGhSHxOqju8zCc7qa32eREcavx3xNHMLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:23 2024 by rpki-client on console-ams.rpki-client.org