Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/4Ysf38LJYRz3ePw_5x8bkva4OX0.roa
File:                     4Ysf38LJYRz3ePw_5x8bkva4OX0.roa (raw, json)
Hash identifier:          rz0vT+FH/PQmDPUaShCFdVEShEgGxmbMBrS0YvXCH9w=
Subject key identifier:   E1:8B:1F:DF:C2:C9:61:1C:F7:78:FC:3F:E7:1F:1B:92:F6:B8:39:7D
Certificate issuer:       /CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Certificate serial:       0183D665D891D4B85F76AB5AA7292B9CBD61
Authority key identifier: 70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/4Ysf38LJYRz3ePw_5x8bkva4OX0.roa
Signing time:             Fri 14 Oct 2022 12:09:02 +0000
ROA not before:           Fri 14 Oct 2022 12:09:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        185.189.110.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d6:65:d8:91:d4:b8:5f:76:ab:5a:a7:29:2b:9c:bd:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
        Validity
            Not Before: Oct 14 12:09:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e18b1fdfc2c9611cf778fc3fe71f1b92f6b8397d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b1:9b:73:76:b8:d0:5d:06:e5:12:67:c2:ee:
                    18:dc:44:e7:85:f8:8f:30:fc:26:ce:c2:70:71:4c:
                    5f:21:ee:e8:d2:46:80:4e:90:39:c4:f6:35:16:3f:
                    78:00:40:97:04:16:68:e8:09:b7:d2:bd:66:c5:4e:
                    aa:f4:43:09:a5:c0:dc:23:0d:af:29:11:a9:01:df:
                    64:7c:2e:f6:45:d2:25:2b:dc:8a:a8:14:54:5b:1f:
                    3c:58:1a:5c:0e:7a:fa:3f:32:6b:2f:a7:b3:e9:bf:
                    3c:25:de:c9:bd:94:5f:80:29:fa:91:62:89:a8:d3:
                    30:09:f1:3f:ce:86:1f:23:2c:3a:7a:f5:44:f1:96:
                    43:86:8d:e4:47:e1:e2:44:83:13:38:d9:40:d5:46:
                    ab:dd:97:8a:92:3f:c7:4b:96:3d:09:9a:00:94:87:
                    21:c9:70:c4:54:88:cf:45:19:83:d5:9a:f0:0a:e6:
                    e4:de:b7:1c:6a:8f:1d:5b:db:0e:c2:8b:17:3f:a7:
                    d6:34:91:3a:77:a5:69:ee:53:1a:23:b5:4e:9a:74:
                    b4:93:38:c2:20:fe:d1:57:d3:b0:e4:8e:e1:aa:46:
                    60:88:cf:62:ec:a8:fb:62:a3:24:fb:60:f3:bd:cd:
                    4d:3a:e1:ba:04:d4:56:d5:ed:c8:4f:8b:d4:ee:c5:
                    cd:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:8B:1F:DF:C2:C9:61:1C:F7:78:FC:3F:E7:1F:1B:92:F6:B8:39:7D
            X509v3 Authority Key Identifier:
                keyid:70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/4Ysf38LJYRz3ePw_5x8bkva4OX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:64:35:21:e8:8d:89:77:56:8b:7e:c7:c8:fc:91:3c:a4:e5:
         c8:b4:b9:ed:58:2b:3a:33:2c:6a:1a:dd:fb:d5:a0:51:61:79:
         15:f7:ff:65:87:39:78:92:30:56:cc:8a:1e:8e:34:27:67:35:
         ed:91:d7:bb:ae:50:55:cf:4d:e0:a4:6a:f4:a1:c6:c0:3a:42:
         75:6b:83:90:71:4d:98:b9:d1:a5:9e:25:49:45:b0:32:d2:d1:
         7c:45:a0:f7:d3:d7:f3:e4:a5:e2:e0:bb:73:ff:7c:a6:53:d7:
         c2:df:6b:d6:a8:de:da:3e:4b:18:b0:c6:2c:2d:b0:91:77:2f:
         01:9a:bd:a9:4e:94:db:49:ee:b0:39:36:1f:40:d8:da:3f:2a:
         7f:4e:8d:c0:fc:21:f8:18:ac:7f:e5:06:c5:0c:b2:40:37:7c:
         ff:02:76:4d:b1:e0:c8:ba:c0:4c:f3:48:17:c9:c0:87:28:fe:
         55:ab:5f:19:94:08:b9:76:c6:3a:95:bd:33:d6:15:d7:2e:28:
         6f:7b:a6:0b:c0:6f:4f:49:be:e9:60:46:23:e2:cc:40:b9:cb:
         45:7f:15:83:91:33:89:57:d4:5b:22:f7:e2:07:73:1d:3c:2e:
         07:41:aa:fe:cd:a6:13:b2:10:06:1f:70:e3:36:01:6f:e7:c5:
         67:d0:f0:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPWZdiR1LhfdqtapykrnL1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjE5MGQ2Zjg5YTQzNGNjZTVjYjhjMGQ0YjM4YTE2Njlk
ZWZiNTkwHhcNMjIxMDE0MTIwOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThiMWZkZmMyYzk2MTFjZjc3OGZjM2ZlNzFmMWI5MmY2YjgzOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLGbc3a40F0G5RJnwu4Y3ETnhfiP
MPwmzsJwcUxfIe7o0kaATpA5xPY1Fj94AECXBBZo6Am30r1mxU6q9EMJpcDcIw2v
KRGpAd9kfC72RdIlK9yKqBRUWx88WBpcDnr6PzJrL6ez6b88Jd7JvZRfgCn6kWKJ
qNMwCfE/zoYfIyw6evVE8ZZDho3kR+HiRIMTONlA1Uar3ZeKkj/HS5Y9CZoAlIch
yXDEVIjPRRmD1ZrwCubk3rccao8dW9sOwosXP6fWNJE6d6Vp7lMaI7VOmnS0kzjC
IP7RV9Ow5I7hqkZgiM9i7Kj7YqMk+2Dzvc1NOuG6BNRW1e3IT4vU7sXNcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGLH9/CyWEc93j8P+cfG5L2uDl9MB8GA1UdIwQY
MBaAFHCxkNb4mkNMzly4wNSzihZp3vtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYt
NDZiZDdkNzk0ZmI2LzEvNFlzZjM4TEpZUnozZVB3XzV4OGJrdmE0T1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYtNDZiZDdkNzk0ZmI2
LzEvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub1uMA0G
CSqGSIb3DQEBCwUAA4IBAQCuZDUh6I2Jd1aLfsfI/JE8pOXItLntWCs6MyxqGt37
1aBRYXkV9/9lhzl4kjBWzIoejjQnZzXtkde7rlBVz03gpGr0ocbAOkJ1a4OQcU2Y
udGlniVJRbAy0tF8RaD309fz5KXi4Ltz/3ymU9fC32vWqN7aPksYsMYsLbCRdy8B
mr2pTpTbSe6wOTYfQNjaPyp/To3A/CH4GKx/5QbFDLJAN3z/AnZNseDIusBM80gX
ycCHKP5Vq18ZlAi5dsY6lb0z1hXXLihve6YLwG9PSb7pYEYj4sxAuctFfxWDkTOJ
V9RbIvfiB3MdPC4HQar+zaYTshAGH3DjNgFv58Vn0PCb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:43 2024 by rpki-client on console-fra.rpki-client.org