Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/rtSO9tWgQals5YLC4umJa-ozRAU.roa
File:                     rtSO9tWgQals5YLC4umJa-ozRAU.roa (raw, json)
Hash identifier:          FKa7uW9dCPEXEfcCK6Ojrb/GDhtK5P+WAwbGTPwnwcM=
Subject key identifier:   AE:D4:8E:F6:D5:A0:41:A9:6C:E5:82:C2:E2:E9:89:6B:EA:33:44:05
Certificate issuer:       /CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
Certificate serial:       03AAB967
Authority key identifier: 0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/rtSO9tWgQals5YLC4umJa-ozRAU.roa
Signing time:             Sat 01 Jan 2022 04:02:10 +0000
ROA not before:           Sat 01 Jan 2022 04:02:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206092
IP address blocks:        185.233.133.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61520231 (0x3aab967)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
        Validity
            Not Before: Jan  1 04:02:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aed48ef6d5a041a96ce582c2e2e9896bea334405
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:90:97:64:15:48:25:84:3e:99:e9:a1:f5:24:
                    6c:7f:c3:1d:01:9a:9a:ce:a0:8e:b5:81:3b:26:b0:
                    1c:68:fd:bd:c4:2e:9a:64:46:30:cf:95:ca:91:5e:
                    5c:8a:cd:08:e6:14:c6:fb:67:33:02:9d:4e:8d:3c:
                    15:62:6c:d8:64:7f:3f:97:c2:39:b7:89:9a:2c:cc:
                    68:d4:ed:66:4e:46:71:00:f0:b5:5d:09:ae:8c:d3:
                    c9:fe:38:9d:29:21:dd:8b:69:a1:b6:2d:5d:0c:1f:
                    a9:18:08:c5:9c:24:c9:5e:5f:ab:e7:40:de:14:dd:
                    9b:97:cb:ec:6e:e4:04:cb:10:af:4b:67:8e:c6:ec:
                    20:bb:46:f6:91:f7:b9:5a:d7:15:aa:46:a6:e8:b0:
                    86:79:8e:ae:ff:72:b0:ff:69:d0:8e:0e:f4:9b:ed:
                    26:95:74:ed:58:8c:7d:d8:5a:39:0f:0f:55:2f:9a:
                    9f:38:37:d9:01:bc:b3:2a:bc:f9:de:0f:8d:66:3e:
                    4e:9c:f1:dd:29:2e:e4:16:52:16:89:b8:ee:1a:1e:
                    df:2e:7d:a3:63:eb:4b:95:3d:a8:5e:97:96:b5:09:
                    54:3e:09:03:27:6c:89:b7:67:76:2a:ea:8e:83:5d:
                    64:af:e6:fe:66:a0:14:43:a2:c1:a3:0d:fb:dc:d6:
                    2a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D4:8E:F6:D5:A0:41:A9:6C:E5:82:C2:E2:E9:89:6B:EA:33:44:05
            X509v3 Authority Key Identifier:
                keyid:0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/rtSO9tWgQals5YLC4umJa-ozRAU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.233.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:94:82:72:91:5d:12:62:3b:2c:96:a4:da:58:1c:d9:d7:a9:
         3a:79:e0:dc:73:cb:52:79:7e:23:fe:58:e9:80:03:07:e3:e6:
         c1:ad:4e:9e:a0:12:25:48:55:ea:4a:02:1a:9a:e7:d3:3e:75:
         cf:2b:86:94:66:7e:87:a5:c7:02:64:b3:8e:57:ad:91:a2:cb:
         e0:06:df:a1:dd:45:50:70:91:5a:27:e0:d5:3a:e2:fe:39:a5:
         7e:2d:1e:c3:71:75:0f:91:50:1a:b1:74:82:27:2d:c9:64:8e:
         de:04:46:bd:ff:0c:3b:1e:ef:15:a7:bd:f0:0f:26:40:f8:c9:
         6b:77:53:8e:6e:8f:18:a8:ee:7c:8b:d2:2f:f6:48:99:09:a5:
         6d:5c:81:ff:d5:16:88:90:4f:d8:47:a6:25:b2:d5:e3:ec:ca:
         e3:b9:95:a4:46:f5:71:b8:34:3b:ac:0c:3f:5f:c6:c0:b6:dc:
         48:58:76:bd:a8:4c:b4:f1:f7:03:02:8e:bb:1f:e2:98:66:b7:
         21:c1:d3:58:6d:7c:2e:52:df:1b:45:f3:5b:c9:8b:10:8b:20:
         ec:c5:44:cd:0b:17:3f:23:1d:c2:7e:cb:67:a7:4e:96:68:a2:
         95:8d:a4:57:67:67:63:d8:db:15:2d:b0:30:c3:e3:da:67:a6:
         e8:11:38:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6q5ZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTkxZGUxNzQzN2EwMDI1ZmQxZWRlMTBmNzEwZjE3YTMwODBiM2FiMB4XDTIyMDEw
MTA0MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVkNDhlZjZkNWEw
NDFhOTZjZTU4MmMyZTJlOTg5NmJlYTMzNDQwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGQl2QVSCWEPpnpofUkbH/DHQGams6gjrWBOyawHGj9vcQu
mmRGMM+VypFeXIrNCOYUxvtnMwKdTo08FWJs2GR/P5fCObeJmizMaNTtZk5GcQDw
tV0JrozTyf44nSkh3YtpobYtXQwfqRgIxZwkyV5fq+dA3hTdm5fL7G7kBMsQr0tn
jsbsILtG9pH3uVrXFapGpuiwhnmOrv9ysP9p0I4O9JvtJpV07ViMfdhaOQ8PVS+a
nzg32QG8syq8+d4PjWY+Tpzx3Sku5BZSFom47hoe3y59o2PrS5U9qF6XlrUJVD4J
AydsibdndirqjoNdZK/m/magFEOiwaMN+9zWKt8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSu1I721aBBqWzlgsLi6Ylr6jNEBTAfBgNVHSMEGDAWgBQOkd4XQ3oAJf0e
3hD3EPF6MICzqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RwSGVGME42QUNYOUh0NFE5eER4ZWpDQXM2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvYmFlZjU3LWM0ODQtNDUyMy1iMTRlLTg4ZWJiZjk5NzgwYi8x
L3J0U085dFdnUWFsczVZTEM0dW1KYS1velJBVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
YmFlZjU3LWM0ODQtNDUyMy1iMTRlLTg4ZWJiZjk5NzgwYi8xL0RwSGVGME42QUNY
OUh0NFE5eER4ZWpDQXM2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnphTANBgkqhkiG9w0BAQsFAAOC
AQEAjpSCcpFdEmI7LJak2lgc2depOnng3HPLUnl+I/5Y6YADB+Pmwa1OnqASJUhV
6koCGprn0z51zyuGlGZ+h6XHAmSzjletkaLL4Abfod1FUHCRWifg1Tri/jmlfi0e
w3F1D5FQGrF0gictyWSO3gRGvf8MOx7vFae98A8mQPjJa3dTjm6PGKjufIvSL/ZI
mQmlbVyB/9UWiJBP2EemJbLV4+zK47mVpEb1cbg0O6wMP1/GwLbcSFh2vahMtPH3
AwKOux/imGa3IcHTWG18LlLfG0XzW8mLEIsg7MVEzQsXPyMdwn7LZ6dOlmiilY2k
V2dnY9jbFS2wMMPj2mem6BE48g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:08 2024 by rpki-client on console-ams.rpki-client.org