Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/30279f-79e7-4dd2-a2e6-732fee90855d/1/YrWB4YNQ1wexwPhVDpZB4xdiQxo.roa
File:                     YrWB4YNQ1wexwPhVDpZB4xdiQxo.roa (raw, json)
Hash identifier:          HMVWjxbeAKk0C17HlKVcuO+a6ujonaGswR7wvGgP/tw=
Subject key identifier:   62:B5:81:E1:83:50:D7:07:B1:C0:F8:55:0E:96:41:E3:17:62:43:1A
Certificate issuer:       /CN=64b0ab01ca0d034e50d1085a741232fe8cbb4cbf
Certificate serial:       04E6307A
Authority key identifier: 64:B0:AB:01:CA:0D:03:4E:50:D1:08:5A:74:12:32:FE:8C:BB:4C:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLCrAcoNA05Q0QhadBIy_oy7TL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/30279f-79e7-4dd2-a2e6-732fee90855d/1/YrWB4YNQ1wexwPhVDpZB4xdiQxo.roa
Signing time:             Sat 01 Jan 2022 06:54:22 +0000
ROA not before:           Sat 01 Jan 2022 06:54:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        212.104.211.0/24 maxlen: 24
                          212.11.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82194554 (0x4e6307a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b0ab01ca0d034e50d1085a741232fe8cbb4cbf
        Validity
            Not Before: Jan  1 06:54:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62b581e18350d707b1c0f8550e9641e31762431a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b9:90:92:9f:aa:46:24:f2:31:30:26:f1:03:
                    a5:32:93:32:75:ee:69:d5:8f:37:8d:ef:95:0d:84:
                    11:51:c2:5f:bb:13:22:10:e0:e0:aa:7a:db:3b:30:
                    8b:7f:9c:36:0c:55:82:45:61:8c:b6:19:07:cb:5f:
                    3a:0f:f0:75:02:99:1b:e1:d0:ca:d8:ff:51:09:64:
                    b9:cb:77:60:73:ef:20:4a:0e:a9:1c:ae:2b:3a:12:
                    bc:16:ac:68:06:19:b2:bf:22:ca:44:bf:0c:58:7e:
                    d5:8d:03:92:da:9d:51:3b:01:45:8a:52:bf:cb:00:
                    2d:cd:ac:bf:4f:29:ae:6d:77:0c:49:14:d3:f2:2b:
                    ce:d2:a5:39:2a:78:d4:a8:27:96:9d:11:ed:ee:e5:
                    9b:93:ed:5e:75:23:8d:65:86:38:03:d5:15:a0:52:
                    b0:d4:54:fe:17:06:ee:f7:9e:12:a6:39:03:a7:dc:
                    58:3e:3f:4f:01:e8:55:9c:27:cd:4b:e2:bd:bb:5a:
                    dc:5c:67:b4:86:b7:df:2e:dc:f5:1b:bf:34:a2:6b:
                    f6:53:58:71:71:2b:ad:1d:5a:59:2d:d8:60:4d:ee:
                    9c:df:ac:14:6d:53:49:7b:60:12:8e:01:ae:75:b5:
                    ef:3e:c2:1f:bc:26:a1:e2:ca:b6:71:5a:b0:63:1c:
                    f9:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B5:81:E1:83:50:D7:07:B1:C0:F8:55:0E:96:41:E3:17:62:43:1A
            X509v3 Authority Key Identifier:
                keyid:64:B0:AB:01:CA:0D:03:4E:50:D1:08:5A:74:12:32:FE:8C:BB:4C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLCrAcoNA05Q0QhadBIy_oy7TL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/30279f-79e7-4dd2-a2e6-732fee90855d/1/YrWB4YNQ1wexwPhVDpZB4xdiQxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/30279f-79e7-4dd2-a2e6-732fee90855d/1/ZLCrAcoNA05Q0QhadBIy_oy7TL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.11.93.0/24
                  212.104.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:be:b2:78:33:39:86:b3:d9:9e:f5:c4:77:49:8d:dc:4b:8e:
         53:78:68:3c:b5:b0:3b:8b:53:84:c1:6c:c9:24:d6:87:32:c7:
         42:06:da:7b:ba:e4:d3:7e:65:99:bf:60:86:58:0d:17:5d:77:
         7f:52:da:2c:78:91:d1:3e:35:d7:f3:bf:58:d3:b8:8f:be:9b:
         99:f2:ec:79:e0:9c:63:a4:b2:37:d0:30:a6:e3:2b:cc:fe:57:
         a1:c0:f4:f3:c3:31:bd:ce:2e:51:2e:bf:2c:32:7f:34:2b:18:
         9d:a5:14:73:42:56:23:a3:61:b5:e0:da:16:d2:28:d0:84:a7:
         06:d2:85:8e:45:eb:f3:d9:e8:a2:c0:40:13:63:cb:1d:7c:e7:
         11:58:99:07:62:b8:af:61:fc:e5:1b:db:dd:a3:af:a3:59:fd:
         5d:e6:b4:6e:88:c9:e6:db:83:3a:f7:59:0b:79:bd:7a:42:d6:
         f8:d5:7f:6d:0b:ba:62:3e:be:31:7a:38:ac:b7:a4:19:df:7c:
         d8:6f:24:33:44:9c:9d:c1:6a:0d:bb:db:69:d9:cd:ba:7e:c1:
         d2:46:e9:32:6a:a0:fe:cf:f7:dd:46:59:d2:dc:cf:58:6a:4f:
         78:58:72:d3:7b:c4:96:63:e8:bd:3c:4a:71:53:e3:60:0a:5f:
         58:af:74:14
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBOYwejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGIwYWIwMWNhMGQwMzRlNTBkMTA4NWE3NDEyMzJmZThjYmI0Y2JmMB4XDTIyMDEw
MTA2NTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJiNTgxZTE4MzUw
ZDcwN2IxYzBmODU1MGU5NjQxZTMxNzYyNDMxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIq5kJKfqkYk8jEwJvEDpTKTMnXuadWPN43vlQ2EEVHCX7sT
IhDg4Kp62zswi3+cNgxVgkVhjLYZB8tfOg/wdQKZG+HQytj/UQlkuct3YHPvIEoO
qRyuKzoSvBasaAYZsr8iykS/DFh+1Y0DktqdUTsBRYpSv8sALc2sv08prm13DEkU
0/IrztKlOSp41Kgnlp0R7e7lm5PtXnUjjWWGOAPVFaBSsNRU/hcG7veeEqY5A6fc
WD4/TwHoVZwnzUvivbta3FxntIa33y7c9Ru/NKJr9lNYcXErrR1aWS3YYE3unN+s
FG1TSXtgEo4BrnW17z7CH7wmoeLKtnFasGMc+WMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRitYHhg1DXB7HA+FUOlkHjF2JDGjAfBgNVHSMEGDAWgBRksKsByg0DTlDR
CFp0EjL+jLtMvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pMQ3JBY29OQTA1UTBRaGFkQkl5X295N1RMOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvMzAyNzlmLTc5ZTctNGRkMi1hMmU2LTczMmZlZTkwODU1ZC8x
L1lyV0I0WU5RMXdleHdQaFZEcFpCNHhkaVF4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
MzAyNzlmLTc5ZTctNGRkMi1hMmU2LTczMmZlZTkwODU1ZC8xL1pMQ3JBY29OQTA1
UTBRaGFkQkl5X295N1RMOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANQLXQMEANRo0zANBgkqhkiG9w0B
AQsFAAOCAQEAE76yeDM5hrPZnvXEd0mN3EuOU3hoPLWwO4tThMFsySTWhzLHQgba
e7rk035lmb9ghlgNF113f1LaLHiR0T411/O/WNO4j76bmfLseeCcY6SyN9AwpuMr
zP5XocD088Mxvc4uUS6/LDJ/NCsYnaUUc0JWI6NhteDaFtIo0ISnBtKFjkXr89no
osBAE2PLHXznEViZB2K4r2H85Rvb3aOvo1n9Xea0bojJ5tuDOvdZC3m9ekLW+NV/
bQu6Yj6+MXo4rLekGd982G8kM0ScncFqDbvbadnNun7B0kbpMmqg/s/33UZZ0tzP
WGpPeFhy03vElmPovTxKcVPjYApfWK90FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:53 2024 by rpki-client on console-ams.rpki-client.org