Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/VLeYGiSgYSIE8H4qxiic7ZlhqFo.roa
File:                     VLeYGiSgYSIE8H4qxiic7ZlhqFo.roa (raw, json)
Hash identifier:          pthlzq7g/cV/M83NfXLiN6w6ib4Aqam7fgElYzTmPVk=
Subject key identifier:   54:B7:98:1A:24:A0:61:22:04:F0:7E:2A:C6:28:9C:ED:99:61:A8:5A
Certificate issuer:       /CN=ebc66403ad0c4537af9c32b0def0c52ac2aab104
Certificate serial:       018553E0D4A606B8654EBC0ED1C8FDE4A378
Authority key identifier: EB:C6:64:03:AD:0C:45:37:AF:9C:32:B0:DE:F0:C5:2A:C2:AA:B1:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/68ZkA60MRTevnDKw3vDFKsKqsQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/VLeYGiSgYSIE8H4qxiic7ZlhqFo.roa
Signing time:             Tue 27 Dec 2022 13:58:41 +0000
ROA not before:           Tue 27 Dec 2022 13:58:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        185.33.92.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:53:e0:d4:a6:06:b8:65:4e:bc:0e:d1:c8:fd:e4:a3:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebc66403ad0c4537af9c32b0def0c52ac2aab104
        Validity
            Not Before: Dec 27 13:58:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54b7981a24a0612204f07e2ac6289ced9961a85a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:72:05:33:65:e6:6e:b4:90:cd:c1:ac:28:88:
                    71:b7:b4:74:80:f0:0f:ae:50:7c:af:79:40:5c:b6:
                    57:04:05:45:07:6f:4a:7e:67:14:02:63:c5:b2:eb:
                    5f:e3:0e:7d:6a:bf:a5:7e:3b:96:f1:02:a3:b7:98:
                    21:54:e8:23:ba:e2:14:5f:d2:b5:c2:72:a9:37:d2:
                    db:59:d3:95:a7:98:14:b9:a6:b0:76:78:42:09:9e:
                    90:5b:ee:26:57:27:d5:5e:d4:1f:36:6f:88:94:6c:
                    60:16:cb:2b:71:a8:0c:8c:9b:5c:a1:e1:69:5c:b1:
                    1a:ac:d8:7c:bb:ee:10:d4:7d:e8:1c:ab:9f:84:a4:
                    a3:01:d0:5b:44:21:08:24:3e:d1:d9:19:29:1b:6e:
                    99:3b:e0:ae:3a:24:6d:49:d9:34:2f:91:2d:03:db:
                    83:ed:91:35:51:41:1a:42:29:4a:bc:3b:cc:bd:08:
                    54:7a:d0:62:8b:a1:29:71:90:21:29:e2:31:7b:de:
                    fd:d6:f4:78:b9:9f:49:01:cd:e5:3c:63:62:fc:f9:
                    75:30:4c:98:77:7e:7e:1a:55:27:43:9c:ac:81:91:
                    c0:56:fd:d5:b0:ec:47:77:4e:0d:e1:51:1d:2e:7e:
                    59:aa:e5:16:2a:1d:51:58:9f:b8:a1:df:a0:60:cb:
                    bb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:B7:98:1A:24:A0:61:22:04:F0:7E:2A:C6:28:9C:ED:99:61:A8:5A
            X509v3 Authority Key Identifier:
                keyid:EB:C6:64:03:AD:0C:45:37:AF:9C:32:B0:DE:F0:C5:2A:C2:AA:B1:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68ZkA60MRTevnDKw3vDFKsKqsQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/VLeYGiSgYSIE8H4qxiic7ZlhqFo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/68ZkA60MRTevnDKw3vDFKsKqsQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:32:e4:f7:61:d4:9b:5a:d7:60:e7:9f:9e:eb:8c:26:e6:07:
         5e:03:ae:22:22:46:03:32:e0:a1:b7:bd:81:31:d8:c5:50:a1:
         f7:88:c1:3c:32:04:ce:31:48:f5:2b:4f:ea:5b:3d:ef:06:a8:
         a3:a5:83:a6:df:ff:a7:cd:ea:95:ed:1b:ef:64:18:4d:90:fd:
         79:d8:fc:18:f2:e0:f2:c1:b4:d4:31:8d:ba:c3:26:09:d7:f5:
         1e:6d:d1:cf:de:01:e1:c3:2c:d4:62:f6:f6:b4:56:fc:34:fb:
         94:a3:aa:ae:59:97:06:32:22:51:25:50:33:75:b6:89:ef:28:
         ee:22:e9:ca:99:21:06:9f:0d:dc:c9:fc:ae:8d:8e:44:7e:e9:
         de:84:f1:a9:2a:ce:22:4e:75:c7:89:1a:ad:9e:77:56:9d:e1:
         60:91:69:ca:dd:4c:d7:11:cc:4a:50:da:48:90:60:e1:f8:d9:
         50:84:bf:a2:59:c9:30:8f:c5:47:29:14:6f:56:64:c0:48:0a:
         90:5e:e7:2f:44:3d:85:df:fb:28:3f:b8:97:c9:80:cc:bb:10:
         f2:6a:52:79:71:78:bc:b9:09:f8:98:8b:39:a8:20:f7:57:f3:
         9d:db:95:7a:ca:3e:f5:de:04:25:dd:4d:0d:36:5b:8f:25:cd:
         62:8f:78:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVT4NSmBrhlTrwO0cj95KN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzY2NDAzYWQwYzQ1MzdhZjljMzJiMGRlZjBjNTJhYzJh
YWIxMDQwHhcNMjIxMjI3MTM1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI3OTgxYTI0YTA2MTIyMDRmMDdlMmFjNjI4OWNlZDk5NjFhODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HIFM2XmbrSQzcGsKIhxt7R0gPAP
rlB8r3lAXLZXBAVFB29KfmcUAmPFsutf4w59ar+lfjuW8QKjt5ghVOgjuuIUX9K1
wnKpN9LbWdOVp5gUuaawdnhCCZ6QW+4mVyfVXtQfNm+IlGxgFssrcagMjJtcoeFp
XLEarNh8u+4Q1H3oHKufhKSjAdBbRCEIJD7R2RkpG26ZO+CuOiRtSdk0L5EtA9uD
7ZE1UUEaQilKvDvMvQhUetBii6EpcZAhKeIxe9791vR4uZ9JAc3lPGNi/Pl1MEyY
d35+GlUnQ5ysgZHAVv3VsOxHd04N4VEdLn5ZquUWKh1RWJ+4od+gYMu7TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFS3mBokoGEiBPB+KsYonO2ZYahaMB8GA1UdIwQY
MBaAFOvGZAOtDEU3r5wysN7wxSrCqrEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhaa0E2ME1SVGV2bkRLdzN2REZLc0txc1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi83MjgxZGEtMGViMC00MGE4LTk5ODMt
ZDFhOWRhNGExMzBkLzEvVkxlWUdpU2dZU0lFOEg0cXhpaWM3WmxocUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi83MjgxZGEtMGViMC00MGE4LTk5ODMtZDFhOWRhNGExMzBk
LzEvNjhaa0E2ME1SVGV2bkRLdzN2REZLc0txc1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSFcMA0G
CSqGSIb3DQEBCwUAA4IBAQBbMuT3YdSbWtdg55+e64wm5gdeA64iIkYDMuCht72B
MdjFUKH3iME8MgTOMUj1K0/qWz3vBqijpYOm3/+nzeqV7RvvZBhNkP152PwY8uDy
wbTUMY26wyYJ1/UebdHP3gHhwyzUYvb2tFb8NPuUo6quWZcGMiJRJVAzdbaJ7yju
IunKmSEGnw3cyfyujY5EfunehPGpKs4iTnXHiRqtnndWneFgkWnK3UzXEcxKUNpI
kGDh+NlQhL+iWckwj8VHKRRvVmTASAqQXucvRD2F3/soP7iXyYDMuxDyalJ5cXi8
uQn4mIs5qCD3V/Od25V6yj713gQl3U0NNluPJc1ij3je
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:15 2024 by rpki-client on console-ams.rpki-client.org