Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/yRzORrygXyXunIWqTEp6NRy95C0.roa
File:                     yRzORrygXyXunIWqTEp6NRy95C0.roa (raw, json)
Hash identifier:          RAeaS7mNsSgBpcihD6bGKoU4D71IRQjWhJl/UUanZF4=
Subject key identifier:   C9:1C:CE:46:BC:A0:5F:25:EE:9C:85:AA:4C:4A:7A:35:1C:BD:E4:2D
Certificate issuer:       /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial:       1B645CBC
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/yRzORrygXyXunIWqTEp6NRy95C0.roa
Signing time:             Sun 24 Apr 2022 07:09:39 +0000
ROA not before:           Sun 24 Apr 2022 07:09:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46573
IP address blocks:        185.18.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 459562172 (0x1b645cbc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
        Validity
            Not Before: Apr 24 07:09:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c91cce46bca05f25ee9c85aa4c4a7a351cbde42d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:16:2a:87:94:4b:1b:8f:6d:40:d5:97:04:fa:
                    03:8f:97:7b:51:db:f5:1d:f2:95:9b:68:27:09:4f:
                    f4:1a:a7:eb:da:f9:ff:0d:05:25:67:00:14:e4:83:
                    b2:38:79:f9:1a:b4:d7:39:fd:3c:75:6b:c9:7c:92:
                    8f:36:4c:fc:17:5b:af:44:04:8d:84:e5:46:f8:47:
                    ad:63:68:be:fc:d7:01:24:ef:a5:a1:37:65:d1:38:
                    f4:29:f7:b2:62:bb:4e:b2:d6:89:7f:e4:48:91:da:
                    a0:c5:e3:41:66:31:23:72:e5:df:f0:ae:dd:fd:75:
                    f4:ee:bf:da:08:2b:ab:c6:2f:45:d9:50:3b:65:42:
                    d2:bd:01:27:20:0d:b7:6b:82:bb:9b:ee:39:5d:55:
                    bf:84:2d:9e:f9:46:30:6d:f9:4e:bc:ca:3a:3d:d4:
                    33:75:0f:5c:ba:fc:51:e1:5d:90:68:ed:9f:7b:65:
                    be:2a:16:c7:7a:ba:26:0f:85:51:fb:22:df:24:1a:
                    c3:62:13:74:7e:78:39:98:3e:2b:06:fd:2b:2f:7d:
                    e3:f0:40:ff:69:60:fd:bd:67:25:69:e7:45:fe:08:
                    34:92:3e:fa:97:94:4c:a0:7f:5f:b6:ad:8d:ab:ba:
                    14:75:9e:5f:04:ef:ca:7b:8b:88:2b:8a:83:a1:39:
                    f5:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:1C:CE:46:BC:A0:5F:25:EE:9C:85:AA:4C:4A:7A:35:1C:BD:E4:2D
            X509v3 Authority Key Identifier:
                keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/yRzORrygXyXunIWqTEp6NRy95C0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:7b:af:42:5d:28:a5:50:f2:fb:e9:04:c8:77:a9:0b:c7:6f:
         18:18:90:01:2e:6c:d6:dd:53:4b:c9:35:e8:82:e6:40:4f:c7:
         62:5d:c9:be:d4:e1:92:9e:2b:78:46:5b:d0:5d:1d:5a:c8:13:
         54:df:32:e3:67:50:dd:bb:23:4b:57:c5:04:90:d2:75:6e:95:
         b8:ac:ca:b2:95:4f:de:23:4d:71:77:a9:4e:14:88:29:02:8e:
         d9:11:56:75:5d:5e:cd:85:84:17:21:7a:aa:f0:98:7d:34:fd:
         60:26:8b:cd:cc:c3:18:2c:1f:b0:17:c8:7b:20:f4:5f:f6:09:
         df:1a:53:98:b9:ff:6a:18:12:fc:d7:7c:73:4d:c2:27:52:a5:
         b7:78:1f:65:61:e2:2b:38:29:4b:60:bb:e3:fd:a3:ca:00:ac:
         21:71:e9:1e:06:b8:03:84:f5:a0:f8:88:27:a7:41:b2:eb:95:
         03:c1:ee:a5:2d:76:53:db:b7:38:b2:61:04:a0:60:39:f5:fc:
         eb:18:40:d2:c8:98:3e:bd:c4:59:dd:64:54:e0:6c:b6:4f:21:
         81:9a:23:10:7c:32:57:d4:d1:ca:f9:1f:ca:ba:ce:46:0b:d6:
         1d:9e:b4:05:5e:73:02:5b:31:4f:13:31:0e:62:46:dc:50:f2:
         24:f1:8e:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG2RcvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNjMzlkMTg5OWU2OTliZjUxNzc0MThlZTM4MTQ4OWVkZmY0MzgwMB4XDTIyMDQy
NDA3MDkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzkxY2NlNDZiY2Ew
NWYyNWVlOWM4NWFhNGM0YTdhMzUxY2JkZTQyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoWKoeUSxuPbUDVlwT6A4+Xe1Hb9R3ylZtoJwlP9Bqn69r5
/w0FJWcAFOSDsjh5+Rq01zn9PHVryXySjzZM/Bdbr0QEjYTlRvhHrWNovvzXASTv
paE3ZdE49Cn3smK7TrLWiX/kSJHaoMXjQWYxI3Ll3/Cu3f119O6/2ggrq8YvRdlQ
O2VC0r0BJyANt2uCu5vuOV1Vv4QtnvlGMG35TrzKOj3UM3UPXLr8UeFdkGjtn3tl
vioWx3q6Jg+FUfsi3yQaw2ITdH54OZg+Kwb9Ky994/BA/2lg/b1nJWnnRf4INJI+
+peUTKB/X7atjau6FHWeXwTvynuLiCuKg6E59R0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJHM5GvKBfJe6chapMSno1HL3kLTAfBgNVHSMEGDAWgBR8PDnRiZ5pm/UX
dBjuOBSJ7f9DgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdzUwWW1lYVp2MUYzUVk3amdVaWUzX1E0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8x
L3lSek9ScnlnWHlYdW5JV3FURXA2TlJ5OTVDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8xL2ZEdzUwWW1lYVp2
MUYzUVk3amdVaWUzX1E0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkSezANBgkqhkiG9w0BAQsFAAOC
AQEASXuvQl0opVDy++kEyHepC8dvGBiQAS5s1t1TS8k16ILmQE/HYl3JvtThkp4r
eEZb0F0dWsgTVN8y42dQ3bsjS1fFBJDSdW6VuKzKspVP3iNNcXepThSIKQKO2RFW
dV1ezYWEFyF6qvCYfTT9YCaLzczDGCwfsBfIeyD0X/YJ3xpTmLn/ahgS/Nd8c03C
J1Klt3gfZWHiKzgpS2C74/2jygCsIXHpHga4A4T1oPiIJ6dBsuuVA8HupS12U9u3
OLJhBKBgOfX86xhA0siYPr3EWd1kVOBstk8hgZojEHwyV9TRyvkfyrrORgvWHZ60
BV5zAlsxTxMxDmJG3FDyJPGOBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org