Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Sg33m5pABuYUvTQPHMzEx8mIvAI.roa
File:                     Sg33m5pABuYUvTQPHMzEx8mIvAI.roa (raw, json)
Hash identifier:          HTakezfp26OCrTpOOhdbJ5h4A2PH+RlyWtvCB9eVi3A=
Subject key identifier:   4A:0D:F7:9B:9A:40:06:E6:14:BD:34:0F:1C:CC:C4:C7:C9:88:BC:02
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       018460BB150D4AC159548F8104FBB9A94BBC
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Sg33m5pABuYUvTQPHMzEx8mIvAI.roa
Signing time:             Thu 10 Nov 2022 08:49:44 +0000
ROA not before:           Thu 10 Nov 2022 08:49:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     149457
IP address blocks:        185.233.17.0/24 maxlen: 24
                          85.92.114.0/24 maxlen: 24
                          193.107.218.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:bb:15:0d:4a:c1:59:54:8f:81:04:fb:b9:a9:4b:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Nov 10 08:49:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a0df79b9a4006e614bd340f1cccc4c7c988bc02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bd:7c:0f:3d:b5:d2:0b:26:a8:bd:bc:12:1e:
                    dc:53:bb:13:01:1b:15:51:6c:13:07:55:18:4e:12:
                    d7:bc:52:bb:4b:11:0a:d7:68:e5:3f:95:f7:a7:16:
                    31:11:84:d2:97:db:0c:b5:08:bf:24:78:72:ac:01:
                    4e:22:b9:38:5b:5b:ed:45:ec:73:e0:cb:5f:5e:2f:
                    92:7a:21:f9:a4:d6:60:5e:5f:36:32:b9:b0:fe:2e:
                    0e:48:03:aa:f1:74:37:4f:e6:ef:41:0a:f7:d5:ba:
                    4c:92:12:87:6c:1a:51:a3:9d:a9:52:15:bb:cd:56:
                    5a:dc:63:dd:c4:c0:00:a5:ab:02:8f:01:d8:2c:13:
                    7c:6d:6a:25:10:3e:11:54:06:59:6d:b8:7b:f6:39:
                    e2:db:67:15:c8:97:7d:cd:84:9d:6a:50:3c:a0:02:
                    5d:d9:c0:19:55:77:79:a2:0e:00:76:ca:ed:7e:ae:
                    87:fa:2b:57:a9:90:8e:fd:94:bb:e8:b3:f0:95:2b:
                    9a:30:2e:c6:5c:05:e7:d8:d5:6c:ef:90:37:af:0c:
                    2d:de:0f:3a:cf:f1:cb:a3:18:95:ef:6a:83:29:7b:
                    ed:35:5e:cd:36:1d:52:4a:63:67:d3:67:1d:2a:1f:
                    4c:b9:12:56:9f:1c:67:46:b1:bb:61:fb:d1:cf:ef:
                    cf:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:0D:F7:9B:9A:40:06:E6:14:BD:34:0F:1C:CC:C4:C7:C9:88:BC:02
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Sg33m5pABuYUvTQPHMzEx8mIvAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.92.114.0/24
                  185.233.17.0/24
                  193.107.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:7f:41:ee:99:19:98:29:3d:5f:10:56:64:b4:9a:77:dd:2b:
         ad:ce:39:83:a2:70:42:5d:66:82:23:28:72:a8:b8:7d:90:ce:
         45:28:6e:9d:85:c2:09:7b:68:d0:e2:28:a2:96:cc:4b:17:31:
         80:67:44:b9:fd:16:ac:07:b8:3d:26:dd:57:1d:dd:cc:b5:05:
         99:b4:4f:a2:92:6a:0a:cc:ce:44:c9:9a:87:58:b2:2b:6f:81:
         ab:28:8a:31:8c:70:f0:8b:45:be:f8:cb:39:5a:6d:e8:c8:da:
         14:88:8b:12:45:14:80:9a:c2:d9:31:93:8d:a4:6a:8b:20:75:
         67:43:6c:7a:c4:a5:1e:86:80:a4:07:d4:27:5e:61:6e:6b:57:
         04:b9:d2:15:c3:93:41:78:d5:9a:1a:f8:5e:c2:ee:4b:e1:5a:
         ae:74:eb:88:34:32:5e:5a:82:33:93:e7:5d:88:cf:ac:2c:39:
         7c:0c:d7:92:9a:33:3e:41:e8:21:de:c3:32:8e:e0:9f:a7:09:
         6a:e1:07:ce:f6:d1:cd:e9:c9:ab:8f:d6:03:9f:e2:54:7e:42:
         7d:4e:90:1e:9b:7f:a8:5b:8e:7a:44:04:35:33:ac:d9:1a:f4:
         15:18:a0:1d:f6:50:d0:f8:e0:59:ad:d8:65:72:30:93:f5:22:
         a5:59:93:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRguxUNSsFZVI+BBPu5qUu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjIxMTEwMDg0OTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBkZjc5YjlhNDAwNmU2MTRiZDM0MGYxY2NjYzRjN2M5ODhiYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur18Dz210gsmqL28Eh7cU7sTARsV
UWwTB1UYThLXvFK7SxEK12jlP5X3pxYxEYTSl9sMtQi/JHhyrAFOIrk4W1vtRexz
4MtfXi+SeiH5pNZgXl82Mrmw/i4OSAOq8XQ3T+bvQQr31bpMkhKHbBpRo52pUhW7
zVZa3GPdxMAApasCjwHYLBN8bWolED4RVAZZbbh79jni22cVyJd9zYSdalA8oAJd
2cAZVXd5og4Adsrtfq6H+itXqZCO/ZS76LPwlSuaMC7GXAXn2NVs75A3rwwt3g86
z/HLoxiV72qDKXvtNV7NNh1SSmNn02cdKh9MuRJWnxxnRrG7YfvRz+/P9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEoN95uaQAbmFL00DxzMxMfJiLwCMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvU2czM201cEFCdVlVdlRRUEhNekV4OG1JdkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVVxyAwQA
uekRAwQAwWvaMA0GCSqGSIb3DQEBCwUAA4IBAQA2f0HumRmYKT1fEFZktJp33Sut
zjmDonBCXWaCIyhyqLh9kM5FKG6dhcIJe2jQ4iiilsxLFzGAZ0S5/RasB7g9Jt1X
Hd3MtQWZtE+ikmoKzM5EyZqHWLIrb4GrKIoxjHDwi0W++Ms5Wm3oyNoUiIsSRRSA
msLZMZONpGqLIHVnQ2x6xKUehoCkB9QnXmFua1cEudIVw5NBeNWaGvhewu5L4Vqu
dOuINDJeWoIzk+ddiM+sLDl8DNeSmjM+Qegh3sMyjuCfpwlq4QfO9tHN6cmrj9YD
n+JUfkJ9TpAem3+oW456RAQ1M6zZGvQVGKAd9lDQ+OBZrdhlcjCT9SKlWZM7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org