Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa
File:                     nyA78qcpU8TEtfafz29DNvAV47Q.roa (raw, json)
Hash identifier:          qeQlJZ0fF7sp9ETErtyg0DdYGvlkbwb8ectawmY/GiM=
Subject key identifier:   9F:20:3B:F2:A7:29:53:C4:C4:B5:F6:9F:CF:6F:43:36:F0:15:E3:B4
Certificate issuer:       /CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Certificate serial:       0D244AD8
Authority key identifier: 1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa
Signing time:             Sat 01 Jan 2022 12:56:24 +0000
ROA not before:           Sat 01 Jan 2022 12:56:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204958
IP address blocks:        185.232.237.0/24 maxlen: 24
                          185.232.239.0/24 maxlen: 24
                          185.232.236.0/24 maxlen: 24
                          185.232.236.0/22 maxlen: 22
                          185.232.238.0/24 maxlen: 24
                          2a07:ff00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220482264 (0xd244ad8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
        Validity
            Not Before: Jan  1 12:56:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9f203bf2a72953c4c4b5f69fcf6f4336f015e3b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5f:c5:01:a7:3d:a3:eb:97:c3:d5:b3:27:44:
                    82:3f:72:b9:c8:d9:e9:87:89:27:73:30:66:d4:63:
                    f6:f5:61:e7:68:ec:da:dd:61:1a:16:65:76:c2:58:
                    9f:62:0b:6d:55:c6:23:40:c9:17:b5:13:13:83:be:
                    87:ca:24:3b:41:8f:41:0a:92:52:81:f0:ae:89:50:
                    b2:6e:1d:2c:08:90:aa:af:0f:e6:d5:f8:05:15:41:
                    e1:05:b5:10:bf:c0:47:0e:34:be:ae:9e:9c:82:69:
                    44:a0:cd:28:40:78:a8:1c:bb:25:16:2f:cb:c3:ff:
                    0e:7b:89:18:1a:08:00:71:ac:44:aa:41:ac:8f:33:
                    a7:db:fa:e0:ca:45:5e:d4:42:82:40:18:f9:f9:c8:
                    d7:65:a4:fe:f3:8c:d4:b0:71:69:cb:af:f9:3f:d1:
                    70:47:d4:93:6b:12:e5:cc:cf:38:31:d8:89:37:ce:
                    e2:12:5a:4c:88:dd:8f:37:98:07:4e:59:e6:57:4d:
                    a1:1b:1b:1f:18:1e:67:99:b5:ca:33:98:82:7c:f1:
                    37:80:f8:e4:45:35:b8:e2:f0:a5:96:b0:13:a5:58:
                    da:8f:22:32:10:1c:ea:11:c0:f5:44:c4:34:f6:fc:
                    04:ac:fd:b5:5e:61:09:dc:6e:27:35:b8:bd:df:0c:
                    1a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:20:3B:F2:A7:29:53:C4:C4:B5:F6:9F:CF:6F:43:36:F0:15:E3:B4
            X509v3 Authority Key Identifier:
                keyid:1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/nyA78qcpU8TEtfafz29DNvAV47Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.236.0/22
                IPv6:
                  2a07:ff00::/29

    Signature Algorithm: sha256WithRSAEncryption
         0c:9d:0d:d7:ad:93:89:64:f9:f3:45:ce:ac:72:67:f8:20:d0:
         d3:17:9b:1f:e7:50:41:86:12:0f:06:29:11:82:62:a2:77:7c:
         47:77:e4:57:b7:05:1a:89:d3:59:21:ce:0f:fb:35:6c:2d:c2:
         0c:a5:cc:06:2f:70:11:b9:53:13:ff:ca:79:32:1e:49:99:56:
         1b:5d:15:f0:af:5e:fd:3b:49:b9:87:d3:a4:36:5c:c7:6f:59:
         20:05:19:f1:cb:3f:6b:e7:f4:ff:35:80:56:50:2f:77:4e:68:
         51:ce:09:88:bc:9b:06:33:2a:05:f5:6f:a0:90:27:77:6a:b2:
         e7:85:9b:2b:a2:32:ca:9f:b5:1b:9b:da:34:23:d3:94:bf:6c:
         a0:11:26:93:5e:07:7d:ce:ab:b4:a0:4d:ad:db:96:f6:9a:2a:
         30:02:68:e4:2b:59:6f:69:03:8c:47:f5:f2:12:94:2e:bf:c7:
         07:0f:c4:18:92:9c:55:66:97:d9:db:7b:1e:09:de:50:c9:9c:
         48:5d:4c:42:77:dc:29:a8:1e:79:7f:06:4c:9a:73:be:54:d0:
         50:d5:9c:4f:be:0f:a5:32:23:02:ed:c9:26:56:9a:26:8d:a1:
         a5:75:24:eb:da:10:88:b8:20:de:4e:85:a6:b8:be:dd:3a:40:
         5a:b5:06:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDSRK2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGQ1Y2QyYTAyNjFlMWU2MDY5ZGQ3NzU4OTRkODI2ZWU4ODM2YzFlMB4XDTIyMDEw
MTEyNTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYyMDNiZjJhNzI5
NTNjNGM0YjVmNjlmY2Y2ZjQzMzZmMDE1ZTNiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1fxQGnPaPrl8PVsydEgj9yucjZ6YeJJ3MwZtRj9vVh52js
2t1hGhZldsJYn2ILbVXGI0DJF7UTE4O+h8okO0GPQQqSUoHwrolQsm4dLAiQqq8P
5tX4BRVB4QW1EL/ARw40vq6enIJpRKDNKEB4qBy7JRYvy8P/DnuJGBoIAHGsRKpB
rI8zp9v64MpFXtRCgkAY+fnI12Wk/vOM1LBxacuv+T/RcEfUk2sS5czPODHYiTfO
4hJaTIjdjzeYB05Z5ldNoRsbHxgeZ5m1yjOYgnzxN4D45EU1uOLwpZawE6VY2o8i
MhAc6hHA9UTENPb8BKz9tV5hCdxuJzW4vd8MGmkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSfIDvypylTxMS19p/Pb0M28BXjtDAfBgNVHSMEGDAWgBQd1c0qAmHh5gad
13WJTYJu6INsHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkWE5LZ0poNGVZR25kZDFpVTJDYnVpRGJCNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNGZlOTgzLTcxNTItNDkzMy05ZjM2LWQ4NmNhZGQ2MTBiOC8x
L255QTc4cWNwVThURXRmYWZ6MjlETnZBVjQ3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NGZlOTgzLTcxNTItNDkzMy05ZjM2LWQ4NmNhZGQ2MTBiOC8xL0hkWE5LZ0poNGVZ
R25kZDFpVTJDYnVpRGJCNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArno7DANBAIAAjAHAwUDKgf/ADAN
BgkqhkiG9w0BAQsFAAOCAQEADJ0N162TiWT580XOrHJn+CDQ0xebH+dQQYYSDwYp
EYJiond8R3fkV7cFGonTWSHOD/s1bC3CDKXMBi9wEblTE//KeTIeSZlWG10V8K9e
/TtJuYfTpDZcx29ZIAUZ8cs/a+f0/zWAVlAvd05oUc4JiLybBjMqBfVvoJAnd2qy
54WbK6Iyyp+1G5vaNCPTlL9soBEmk14Hfc6rtKBNrduW9poqMAJo5CtZb2kDjEf1
8hKULr/HBw/EGJKcVWaX2dt7HgneUMmcSF1MQnfcKageeX8GTJpzvlTQUNWcT74P
pTIjAu3JJlaaJo2hpXUk69oQiLgg3k6Fpri+3TpAWrUGGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:02 2024 by rpki-client on console-ams.rpki-client.org