Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/5Y2QaUK30mN0xfjm8zakfmLkvic.roa
File:                     5Y2QaUK30mN0xfjm8zakfmLkvic.roa (raw, json)
Hash identifier:          ECX4JaPg6xEaal67wlES82QZKjoeanzd+YeHKCdKJl4=
Subject key identifier:   E5:8D:90:69:42:B7:D2:63:74:C5:F8:E6:F3:36:A4:7E:62:E4:BE:27
Certificate issuer:       /CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
Certificate serial:       0A31EC8C
Authority key identifier: 57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/5Y2QaUK30mN0xfjm8zakfmLkvic.roa
Signing time:             Sat 01 Jan 2022 06:56:40 +0000
ROA not before:           Sat 01 Jan 2022 06:56:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209898
IP address blocks:        185.155.30.0/24 maxlen: 24
                          185.155.31.0/24 maxlen: 24
                          185.155.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171043980 (0xa31ec8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57e898bf420924f976b5ae451108b9e6a01fc7dc
        Validity
            Not Before: Jan  1 06:56:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e58d906942b7d26374c5f8e6f336a47e62e4be27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:97:6e:0d:38:f0:da:db:d3:f5:93:5b:be:4d:
                    9e:ec:f5:25:8f:23:c3:6f:18:98:b9:10:d6:25:87:
                    12:c0:1a:35:a3:fe:95:bc:46:d9:94:b8:94:ff:e3:
                    03:f4:6e:0f:e7:3e:db:81:71:98:b7:40:2f:74:a1:
                    e0:30:08:e5:eb:cd:cf:29:41:90:5c:14:78:be:3a:
                    f9:a6:f1:af:b6:d9:9a:45:44:b4:56:a9:6c:aa:c6:
                    c5:c5:41:ce:93:05:5b:9e:ae:7d:6d:df:ab:51:5f:
                    f4:19:3c:d0:9a:b4:95:75:91:f3:1f:ec:c2:28:9c:
                    85:f7:8c:42:c8:9b:14:1f:79:5b:ab:a7:8f:61:ed:
                    4e:ef:96:9c:c9:8c:13:a9:93:0b:83:5f:8d:00:c4:
                    0c:d7:f2:8c:0f:c1:b4:a7:a6:ab:26:f7:7d:72:ae:
                    e8:e1:c7:bd:4e:5f:44:85:16:3f:d6:a7:88:6d:e4:
                    a2:75:89:4c:cd:9f:cd:e0:59:34:f7:04:60:7d:d6:
                    95:2b:f4:9e:3f:de:68:b7:76:59:70:55:92:f7:fa:
                    46:1f:af:f5:73:a6:91:f7:7a:b8:76:97:22:df:f0:
                    72:99:db:23:b2:09:13:4b:29:7b:a0:db:fe:c6:99:
                    1f:d6:94:4b:e2:25:56:62:6c:b5:7e:a4:33:a0:a2:
                    6a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:8D:90:69:42:B7:D2:63:74:C5:F8:E6:F3:36:A4:7E:62:E4:BE:27
            X509v3 Authority Key Identifier:
                keyid:57:E8:98:BF:42:09:24:F9:76:B5:AE:45:11:08:B9:E6:A0:1F:C7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-iYv0IJJPl2ta5FEQi55qAfx9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/5Y2QaUK30mN0xfjm8zakfmLkvic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c514cd-7954-44ce-bd7f-713b41688706/1/V-iYv0IJJPl2ta5FEQi55qAfx9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.29.0-185.155.31.255

    Signature Algorithm: sha256WithRSAEncryption
         0e:77:9f:93:cb:0f:48:7e:62:dd:8e:6d:e2:91:ae:6f:60:f2:
         fb:43:fe:06:5c:fd:5e:f9:12:2c:d4:a0:e6:46:50:40:1f:0c:
         8e:02:d4:c7:78:c5:3c:cd:15:22:9e:cf:ef:d9:5a:26:0d:06:
         f6:5a:ea:7e:6b:7b:68:29:40:63:67:c0:47:d6:53:28:2d:6d:
         48:ea:e0:3f:a4:76:23:2a:61:00:b4:91:1d:6c:91:d3:2c:12:
         63:d6:e7:30:25:af:ab:4e:6d:c2:c3:12:97:fe:54:9a:a9:82:
         31:c3:f6:b2:73:70:a5:28:1b:8d:bc:23:4b:80:08:3a:a4:3a:
         45:7e:84:6b:81:02:3f:89:e9:6e:fe:b4:b1:cb:09:4f:b7:f0:
         93:ca:18:30:7d:9b:f1:ff:69:ee:62:89:80:ca:7a:6a:3c:b7:
         c7:1f:52:f0:b3:ea:96:d7:31:b9:7a:18:9a:d6:32:60:61:8d:
         09:8e:6e:70:c5:83:5a:9a:6b:26:18:cd:dd:fd:46:80:63:c1:
         84:f6:e7:15:30:9a:6c:64:d9:1f:ed:03:a8:af:9a:37:67:f9:
         28:89:be:78:81:b1:63:77:eb:50:aa:16:fe:84:cc:a4:50:e6:
         66:30:5e:09:45:ac:63:ce:c1:b8:3e:f9:cf:f4:c6:0e:7d:cb:
         57:fe:0f:d3
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECjHsjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2U4OThiZjQyMDkyNGY5NzZiNWFlNDUxMTA4YjllNmEwMWZjN2RjMB4XDTIyMDEw
MTA2NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU4ZDkwNjk0MmI3
ZDI2Mzc0YzVmOGU2ZjMzNmE0N2U2MmU0YmUyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+Xbg048Nrb0/WTW75Nnuz1JY8jw28YmLkQ1iWHEsAaNaP+
lbxG2ZS4lP/jA/RuD+c+24FxmLdAL3Sh4DAI5evNzylBkFwUeL46+abxr7bZmkVE
tFapbKrGxcVBzpMFW56ufW3fq1Ff9Bk80Jq0lXWR8x/swiichfeMQsibFB95W6un
j2HtTu+WnMmME6mTC4NfjQDEDNfyjA/BtKemqyb3fXKu6OHHvU5fRIUWP9aniG3k
onWJTM2fzeBZNPcEYH3WlSv0nj/eaLd2WXBVkvf6Rh+v9XOmkfd6uHaXIt/wcpnb
I7IJE0spe6Db/saZH9aUS+IlVmJstX6kM6Ciao0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTljZBpQrfSY3TF+ObzNqR+YuS+JzAfBgNVHSMEGDAWgBRX6Ji/Qgkk+Xa1
rkURCLnmoB/H3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YtaVl2MElKSlBsMnRhNUZFUWk1NXFBZng5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvYzUxNGNkLTc5NTQtNDRjZS1iZDdmLTcxM2I0MTY4ODcwNi8x
LzVZMlFhVUszMG1OMHhmam04emFrZm1Ma3ZpYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
YzUxNGNkLTc5NTQtNDRjZS1iZDdmLTcxM2I0MTY4ODcwNi8xL1YtaVl2MElKSlBs
MnRhNUZFUWk1NXFBZng5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAuZsdAwQFuZsAMA0GCSqGSIb3
DQEBCwUAA4IBAQAOd5+Tyw9IfmLdjm3ika5vYPL7Q/4GXP1e+RIs1KDmRlBAHwyO
AtTHeMU8zRUins/v2VomDQb2Wup+a3toKUBjZ8BH1lMoLW1I6uA/pHYjKmEAtJEd
bJHTLBJj1ucwJa+rTm3CwxKX/lSaqYIxw/ayc3ClKBuNvCNLgAg6pDpFfoRrgQI/
ielu/rSxywlPt/CTyhgwfZvx/2nuYomAynpqPLfHH1Lws+qW1zG5ehia1jJgYY0J
jm5wxYNammsmGM3d/UaAY8GE9ucVMJpsZNkf7QOor5o3Z/koib54gbFjd+tQqhb+
hMykUOZmMF4JRaxjzsG4PvnP9MYOfctX/g/T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:25 2024 by rpki-client on console-fra.rpki-client.org