Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/ykG9FR61M8M6QW6KY9Ep0oi3IYE.roa
File:                     ykG9FR61M8M6QW6KY9Ep0oi3IYE.roa (raw, json)
Hash identifier:          vpfztW7TXBYCZT1jKvFaDDz+nGoo3D645sr3xPNL5JY=
Subject key identifier:   CA:41:BD:15:1E:B5:33:C3:3A:41:6E:8A:63:D1:29:D2:88:B7:21:81
Certificate issuer:       /CN=ef1f01881b73c8e9b5d92239229a6e512eca4e7c
Certificate serial:       0DAEDFF6
Authority key identifier: EF:1F:01:88:1B:73:C8:E9:B5:D9:22:39:22:9A:6E:51:2E:CA:4E:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7x8BiBtzyOm12SI5IppuUS7KTnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/ykG9FR61M8M6QW6KY9Ep0oi3IYE.roa
Signing time:             Sat 01 Jan 2022 15:05:17 +0000
ROA not before:           Sat 01 Jan 2022 15:05:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205418
IP address blocks:        185.155.181.0/24 maxlen: 24
                          185.155.183.0/24 maxlen: 24
                          2a00:8c40:243::/48 maxlen: 48
                          2a00:8c40:235::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 229564406 (0xdaedff6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef1f01881b73c8e9b5d92239229a6e512eca4e7c
        Validity
            Not Before: Jan  1 15:05:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ca41bd151eb533c33a416e8a63d129d288b72181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:73:f9:fa:80:eb:0b:8f:4b:7d:57:90:71:3c:
                    62:16:fd:be:b4:a8:06:2c:07:d8:39:70:d6:df:f1:
                    7f:25:d3:49:0f:d3:64:74:92:73:f7:7e:ca:dc:db:
                    23:54:a8:c6:50:7a:26:5f:84:ac:5e:09:83:e4:50:
                    8a:5a:cf:63:6c:90:17:5f:e4:86:4b:7c:21:e9:87:
                    44:48:4e:29:c7:79:2f:45:f6:e4:c0:cc:d5:88:61:
                    b7:11:fb:c1:f2:a3:a2:d7:b6:bd:5e:63:da:99:b1:
                    60:29:d8:5c:b8:a6:7b:e9:18:eb:3d:e0:6b:31:06:
                    3d:1d:08:46:67:c9:76:88:eb:2b:04:4f:ab:2a:24:
                    b1:3a:c1:70:c0:49:11:2f:70:f1:c9:cf:79:45:80:
                    7c:0e:15:8b:09:fc:5a:fc:8c:aa:59:76:4a:1f:2c:
                    98:d5:f5:22:ff:31:f5:7d:18:ff:ee:c0:46:ea:c6:
                    c8:c5:38:f3:07:78:8f:ae:90:7f:5d:f8:c9:0c:e9:
                    a3:c6:01:64:f4:f4:35:42:ff:07:2f:86:02:66:ea:
                    83:2a:96:27:05:bc:0b:d9:86:87:68:ef:e2:23:23:
                    42:79:52:d0:b7:f8:cd:84:b1:02:a8:d3:e2:54:a7:
                    0b:93:34:20:07:40:3e:f0:14:31:c2:95:a9:94:76:
                    99:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:41:BD:15:1E:B5:33:C3:3A:41:6E:8A:63:D1:29:D2:88:B7:21:81
            X509v3 Authority Key Identifier:
                keyid:EF:1F:01:88:1B:73:C8:E9:B5:D9:22:39:22:9A:6E:51:2E:CA:4E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7x8BiBtzyOm12SI5IppuUS7KTnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/ykG9FR61M8M6QW6KY9Ep0oi3IYE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/7x8BiBtzyOm12SI5IppuUS7KTnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.181.0/24
                  185.155.183.0/24
                IPv6:
                  2a00:8c40:235::/48
                  2a00:8c40:243::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:d9:d0:36:53:43:58:23:0a:95:30:ac:12:eb:95:7a:dc:38:
         6a:ef:fe:50:1b:29:bd:4f:13:1c:fd:ef:9c:c9:c2:ce:25:33:
         1e:31:aa:d6:39:7d:7a:17:14:1a:a1:c4:68:6c:21:84:81:91:
         f8:2c:c9:d8:8b:3c:07:d8:26:28:5a:77:9a:67:7c:4d:72:bb:
         19:76:d2:19:24:e4:52:9f:7d:39:ef:aa:8f:5d:bc:d6:57:90:
         a6:27:eb:8d:88:d2:69:ec:f8:94:d6:89:91:1f:62:dc:d7:d8:
         55:56:ea:af:c5:f9:b2:7a:8a:2f:15:ff:4f:34:e7:d5:d3:68:
         9b:0e:fb:79:6d:ba:66:98:cc:ff:1a:db:2c:e9:f0:b9:55:f9:
         99:be:0e:1b:9f:3d:1b:5e:fe:db:53:16:76:e3:a9:e6:05:af:
         e4:1d:b7:ad:56:31:68:10:25:9e:25:a3:71:78:3a:31:e9:ff:
         9e:01:f0:72:9b:3e:07:fc:1b:61:90:0b:14:8f:a6:33:6a:7a:
         29:37:db:7d:af:f9:e3:f6:b7:81:ee:2d:d2:1b:7b:5e:ec:90:
         d6:c2:b4:70:0d:a1:c8:c7:50:e3:61:08:6a:27:49:f6:de:b6:
         da:e9:03:14:7c:03:c7:2b:69:df:23:85:be:f4:93:da:ba:6b:
         d4:20:4e:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEDa7f9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjFmMDE4ODFiNzNjOGU5YjVkOTIyMzkyMjlhNmU1MTJlY2E0ZTdjMB4XDTIyMDEw
MTE1MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E0MWJkMTUxZWI1
MzNjMzNhNDE2ZThhNjNkMTI5ZDI4OGI3MjE4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtz+fqA6wuPS31XkHE8Yhb9vrSoBiwH2Dlw1t/xfyXTSQ/T
ZHSSc/d+ytzbI1SoxlB6Jl+ErF4Jg+RQilrPY2yQF1/khkt8IemHREhOKcd5L0X2
5MDM1YhhtxH7wfKjote2vV5j2pmxYCnYXLime+kY6z3gazEGPR0IRmfJdojrKwRP
qyoksTrBcMBJES9w8cnPeUWAfA4Viwn8WvyMqll2Sh8smNX1Iv8x9X0Y/+7ARurG
yMU48wd4j66Qf134yQzpo8YBZPT0NUL/By+GAmbqgyqWJwW8C9mGh2jv4iMjQnlS
0Lf4zYSxAqjT4lSnC5M0IAdAPvAUMcKVqZR2mRkCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTKQb0VHrUzwzpBbopj0SnSiLchgTAfBgNVHSMEGDAWgBTvHwGIG3PI6bXZ
Ijkimm5RLspOfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzd4OEJpQnR6eU9tMTJTSTVJcHB1VVM3S1Rudy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNjc1Mzk5LTgxYmUtNGZlYy05Zjg2LTU1MTMxY2MxZWZlYS8x
L3lrRzlGUjYxTThNNlFXNktZOUVwMG9pM0lZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
Njc1Mzk5LTgxYmUtNGZlYy05Zjg2LTU1MTMxY2MxZWZlYS8xLzd4OEJpQnR6eU9t
MTJTSTVJcHB1VVM3S1Rudy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALmbtQMEALmbtzAYBAIAAjASAwcA
KgCMQAI1AwcAKgCMQAJDMA0GCSqGSIb3DQEBCwUAA4IBAQB42dA2U0NYIwqVMKwS
65V63Dhq7/5QGym9TxMc/e+cycLOJTMeMarWOX16FxQaocRobCGEgZH4LMnYizwH
2CYoWneaZ3xNcrsZdtIZJORSn30576qPXbzWV5CmJ+uNiNJp7PiU1omRH2Lc19hV
VuqvxfmyeoovFf9PNOfV02ibDvt5bbpmmMz/Gtss6fC5VfmZvg4bnz0bXv7bUxZ2
46nmBa/kHbetVjFoECWeJaNxeDox6f+eAfBymz4H/BthkAsUj6YzanopN9t9r/nj
9reB7i3SG3te7JDWwrRwDaHIx1DjYQhqJ0n23rba6QMUfAPHK2nfI4W+9JPaumvU
IE7G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org