Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/m0uUqexGdreWsygGSVv1EuVKGik.roa
File:                     m0uUqexGdreWsygGSVv1EuVKGik.roa (raw, json)
Hash identifier:          vdA1vyqEmOSnO1Cem5x/trYzzreW6RHij8Z3PFK9utw=
Subject key identifier:   9B:4B:94:A9:EC:46:76:B7:96:B3:28:06:49:5B:F5:12:E5:4A:1A:29
Certificate issuer:       /CN=1527455ea7fce17cfd0431985258d13e06bfa735
Certificate serial:       6EE171
Authority key identifier: 15:27:45:5E:A7:FC:E1:7C:FD:04:31:98:52:58:D1:3E:06:BF:A7:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSdFXqf84Xz9BDGYUljRPga_pzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/m0uUqexGdreWsygGSVv1EuVKGik.roa
Signing time:             Sat 01 Jan 2022 02:56:23 +0000
ROA not before:           Sat 01 Jan 2022 02:56:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.95.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7266673 (0x6ee171)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1527455ea7fce17cfd0431985258d13e06bfa735
        Validity
            Not Before: Jan  1 02:56:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b4b94a9ec4676b796b32806495bf512e54a1a29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:df:43:0d:b2:37:71:12:07:9b:9d:cd:f5:ad:
                    1c:93:66:b9:f9:e0:20:7e:33:d4:d7:2f:e9:85:fa:
                    77:86:94:a2:42:63:15:a3:3b:7d:47:78:d5:4e:f0:
                    69:c8:b0:c4:3f:23:3b:cd:9a:17:7e:04:8a:70:2b:
                    41:b0:81:21:e5:73:e2:43:2b:24:fd:4a:19:b4:23:
                    d4:5f:4e:e8:39:6c:5f:c8:12:46:ee:65:6f:a8:53:
                    dd:33:b4:5a:5b:d4:46:38:09:59:ba:e4:33:38:5a:
                    9a:18:5c:c3:d2:00:e6:ec:3e:a2:1b:27:f5:ff:79:
                    56:e9:ae:a3:85:e9:1d:7e:15:5c:bb:9d:71:9e:0c:
                    6c:2f:8a:32:e4:3c:92:ed:6e:a5:bd:4c:54:a8:10:
                    28:ef:3b:21:5a:62:17:9d:65:28:9a:78:91:24:51:
                    64:7f:61:e6:86:02:c9:e3:f6:19:3e:e3:d5:1d:34:
                    48:30:9c:01:09:52:a4:07:e7:c0:53:3f:4c:41:b7:
                    20:21:41:e9:45:12:c2:67:dc:10:cf:9f:b1:58:2e:
                    b3:b4:f2:37:9c:37:77:3e:19:b1:24:3a:e8:d6:9d:
                    a5:ed:85:7b:d8:16:4f:23:43:f7:12:00:d4:e4:3b:
                    14:71:6e:a1:f1:81:35:51:51:58:6c:c8:66:3a:62:
                    f2:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:4B:94:A9:EC:46:76:B7:96:B3:28:06:49:5B:F5:12:E5:4A:1A:29
            X509v3 Authority Key Identifier:
                keyid:15:27:45:5E:A7:FC:E1:7C:FD:04:31:98:52:58:D1:3E:06:BF:A7:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSdFXqf84Xz9BDGYUljRPga_pzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/m0uUqexGdreWsygGSVv1EuVKGik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/24c4f6-21ee-4b6b-a945-98f8ccd5db8d/1/FSdFXqf84Xz9BDGYUljRPga_pzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:19:3e:df:e1:03:de:1e:98:10:49:62:9a:75:ac:3e:21:a7:
         07:f9:4b:b0:7a:f7:ea:9a:86:40:a9:c2:d6:db:9e:6a:79:b5:
         57:b6:9e:32:a1:d3:e7:61:d8:e7:ac:44:e5:8b:9d:5d:3c:59:
         3f:c5:1b:ff:4b:d4:7a:2e:e3:1e:ef:4e:c7:54:cf:d6:a8:1c:
         01:ef:d1:ee:03:74:11:a9:c7:62:9b:37:3e:61:ba:95:b3:54:
         2d:ac:47:3d:cd:a7:56:4a:9f:b9:88:59:39:3f:85:e4:b7:79:
         c1:c7:40:3b:1b:08:8b:ad:a5:53:d2:20:53:46:a3:25:1e:48:
         1d:52:5c:57:35:97:97:c6:66:14:af:ee:75:9a:4d:9b:b7:5a:
         62:ba:e7:2e:40:1c:70:cb:c5:d6:36:23:0f:6c:49:2d:20:e9:
         bb:90:61:2b:ed:13:57:3a:79:5b:37:27:1f:ab:2b:5c:5c:53:
         8f:b2:71:c3:23:8e:6b:f9:98:3b:44:e8:96:50:34:7a:99:9d:
         c3:e0:e6:c1:5b:bd:d6:c4:28:99:79:58:8d:53:f0:5c:ee:ab:
         41:cd:99:67:65:fd:8b:7b:1d:5e:61:ac:97:28:0b:b7:4a:38:
         6d:6a:d1:e8:97:33:58:d5:5f:bb:b2:e2:0a:ec:e6:ad:cf:ed:
         47:13:64:30
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDbuFxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE1
Mjc0NTVlYTdmY2UxN2NmZDA0MzE5ODUyNThkMTNlMDZiZmE3MzUwHhcNMjIwMTAx
MDI1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YjRiOTRhOWVjNDY3
NmI3OTZiMzI4MDY0OTViZjUxMmU1NGExYTI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAot9DDbI3cRIHm53N9a0ck2a5+eAgfjPU1y/phfp3hpSiQmMV
ozt9R3jVTvBpyLDEPyM7zZoXfgSKcCtBsIEh5XPiQysk/UoZtCPUX07oOWxfyBJG
7mVvqFPdM7RaW9RGOAlZuuQzOFqaGFzD0gDm7D6iGyf1/3lW6a6jhekdfhVcu51x
ngxsL4oy5DyS7W6lvUxUqBAo7zshWmIXnWUomniRJFFkf2HmhgLJ4/YZPuPVHTRI
MJwBCVKkB+fAUz9MQbcgIUHpRRLCZ9wQz5+xWC6ztPI3nDd3PhmxJDro1p2l7YV7
2BZPI0P3EgDU5DsUcW6h8YE1UVFYbMhmOmLyjwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJtLlKnsRna3lrMoBklb9RLlShopMB8GA1UdIwQYMBaAFBUnRV6n/OF8/QQx
mFJY0T4Gv6c1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RlNkRlhxZjg0WHo5QkRHWVVsalJQZ2FfcHpVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMy8yNGM0ZjYtMjFlZS00YjZiLWE5NDUtOThmOGNjZDVkYjhkLzEv
bTB1VXFleEdkcmVXc3lnR1NWdjFFdVZLR2lrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8y
NGM0ZjYtMjFlZS00YjZiLWE5NDUtOThmOGNjZDVkYjhkLzEvRlNkRlhxZjg0WHo5
QkRHWVVsalJQZ2FfcHpVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV+uMA0GCSqGSIb3DQEBCwUAA4IB
AQBXGT7f4QPeHpgQSWKadaw+IacH+UuwevfqmoZAqcLW255qebVXtp4yodPnYdjn
rETli51dPFk/xRv/S9R6LuMe707HVM/WqBwB79HuA3QRqcdimzc+YbqVs1QtrEc9
zadWSp+5iFk5P4Xkt3nBx0A7GwiLraVT0iBTRqMlHkgdUlxXNZeXxmYUr+51mk2b
t1piuucuQBxwy8XWNiMPbEktIOm7kGEr7RNXOnlbNycfqytcXFOPsnHDI45r+Zg7
ROiWUDR6mZ3D4ObBW73WxCiZeViNU/Bc7qtBzZlnZf2Lex1eYayXKAu3SjhtatHo
lzNY1V+7suIK7Oatz+1HE2Qw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org