Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/X4mdLijI_rslyj4mSPqICQDIdgM.roa
File:                     X4mdLijI_rslyj4mSPqICQDIdgM.roa (raw, json)
Hash identifier:          6N7CeIR+FBNKFqhYTRjQYaQ8zj2+eJiUwgWpjO5Xeyw=
Subject key identifier:   5F:89:9D:2E:28:C8:FE:BB:25:CA:3E:26:48:FA:88:09:00:C8:76:03
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       08D8405E
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/X4mdLijI_rslyj4mSPqICQDIdgM.roa
Signing time:             Sat 01 Jan 2022 07:01:24 +0000
ROA not before:           Sat 01 Jan 2022 07:01:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39458
IP address blocks:        85.92.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 148389982 (0x8d8405e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Jan  1 07:01:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f899d2e28c8febb25ca3e2648fa880900c87603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:23:6d:ac:df:79:4d:65:5d:f0:28:e0:18:2a:
                    8d:9d:64:02:54:f1:c2:29:43:2c:64:b3:2e:f9:bf:
                    72:c6:3a:bf:99:f8:d4:6b:20:31:7c:58:90:5c:25:
                    6f:94:c2:c1:b3:e4:00:a3:bb:b9:81:30:65:26:14:
                    53:fb:22:b0:34:af:ee:b8:68:99:47:8a:28:a7:b6:
                    3e:32:2a:b6:2a:a7:10:c1:17:d8:1e:29:dd:a8:60:
                    03:d3:43:1e:08:66:7a:93:ba:d2:38:5c:55:28:03:
                    cd:1d:db:84:1a:f1:d9:22:34:84:c4:30:8a:ce:50:
                    db:59:80:fc:bb:b3:73:47:f2:4b:ee:2d:77:76:50:
                    cb:aa:9f:d1:05:2d:cb:ed:63:a5:8b:c3:7b:b9:6b:
                    6c:18:7e:3b:63:b9:c3:5d:7b:a2:08:f6:f9:35:8e:
                    55:c0:16:d2:e3:0c:00:c1:6a:97:68:f8:05:f8:48:
                    10:06:38:17:0f:a2:90:2d:37:b6:44:37:39:1d:14:
                    cf:f1:5f:96:fa:59:ae:6e:4f:e5:84:fd:8a:bf:39:
                    f2:60:f2:2f:cc:7c:19:53:3a:93:e2:d7:d1:09:c5:
                    36:df:ae:84:20:3e:d4:48:c3:52:7b:99:13:4e:29:
                    60:d8:48:0f:d7:e4:2a:cb:25:93:6d:02:d9:4f:75:
                    d9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:89:9D:2E:28:C8:FE:BB:25:CA:3E:26:48:FA:88:09:00:C8:76:03
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/X4mdLijI_rslyj4mSPqICQDIdgM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.92.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:a3:f3:4d:1e:a5:e6:63:35:c0:34:39:08:3d:7c:6d:93:2e:
         a2:7c:8c:ce:5b:48:82:a5:6c:05:f5:7e:91:ce:80:cc:6f:86:
         e5:82:e7:ff:57:0f:be:ad:03:9b:ab:75:92:a5:71:ee:f1:41:
         ac:21:08:1c:74:6d:69:40:e1:72:cb:24:60:67:32:86:eb:67:
         01:4e:9b:8f:76:d9:e5:5a:52:56:7b:db:da:38:b4:a2:a6:f9:
         96:70:d0:e1:0a:b4:6e:72:49:22:3d:ad:fd:54:70:4e:bc:c0:
         75:7a:3e:39:c2:69:e0:30:e7:b6:2b:b6:78:2d:0f:bf:c1:c6:
         63:d9:e6:3d:ad:e7:9c:c7:3e:82:5e:bf:39:d8:89:60:d0:49:
         c9:28:fd:e9:84:f2:07:3c:b0:d1:9b:71:c2:9c:c2:bc:b5:bb:
         25:24:10:84:61:84:b6:de:d2:48:48:fa:f4:8e:fe:19:9e:c5:
         d5:35:9f:dd:ae:ae:f2:69:ab:57:ea:bb:be:6c:8c:71:af:cf:
         0d:3b:cc:f3:e4:8e:c6:e3:c1:8b:20:df:9e:3c:36:56:ef:6b:
         17:2e:7d:ad:ea:60:6e:e1:89:b2:a6:24:f2:f3:1f:51:45:ec:
         34:31:a9:43:94:2f:b2:4d:7d:d3:47:c4:31:8c:9c:f9:59:c2:
         b5:1b:c5:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECNhAXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2QwM2YyOTgxODBjYzEwOWYxOWQ0YjE5OTJjN2Q3MWM1NmM4ZGNjMB4XDTIyMDEw
MTA3MDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4OTlkMmUyOGM4
ZmViYjI1Y2EzZTI2NDhmYTg4MDkwMGM4NzYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQjbazfeU1lXfAo4BgqjZ1kAlTxwilDLGSzLvm/csY6v5n4
1GsgMXxYkFwlb5TCwbPkAKO7uYEwZSYUU/sisDSv7rhomUeKKKe2PjIqtiqnEMEX
2B4p3ahgA9NDHghmepO60jhcVSgDzR3bhBrx2SI0hMQwis5Q21mA/Luzc0fyS+4t
d3ZQy6qf0QUty+1jpYvDe7lrbBh+O2O5w117ogj2+TWOVcAW0uMMAMFql2j4BfhI
EAY4Fw+ikC03tkQ3OR0Uz/FflvpZrm5P5YT9ir858mDyL8x8GVM6k+LX0QnFNt+u
hCA+1EjDUnuZE04pYNhID9fkKsslk20C2U912UUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfiZ0uKMj+uyXKPiZI+ogJAMh2AzAfBgNVHSMEGDAWgBQX0D8pgYDMEJ8Z
1LGZLH1xxWyNzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5QV9LWUdBekJDZkdkU3htU3g5Y2NWc2pjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8x
L1g0bWRMaWpJX3JzbHlqNG1TUHFJQ1FESWRnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8xL0Y5QV9LWUdBekJD
ZkdkU3htU3g5Y2NWc2pjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFVccTANBgkqhkiG9w0BAQsFAAOC
AQEASaPzTR6l5mM1wDQ5CD18bZMuonyMzltIgqVsBfV+kc6AzG+G5YLn/1cPvq0D
m6t1kqVx7vFBrCEIHHRtaUDhcsskYGcyhutnAU6bj3bZ5VpSVnvb2ji0oqb5lnDQ
4Qq0bnJJIj2t/VRwTrzAdXo+OcJp4DDntiu2eC0Pv8HGY9nmPa3nnMc+gl6/OdiJ
YNBJySj96YTyBzyw0ZtxwpzCvLW7JSQQhGGEtt7SSEj69I7+GZ7F1TWf3a6u8mmr
V+q7vmyMca/PDTvM8+SOxuPBiyDfnjw2Vu9rFy59repgbuGJsqYk8vMfUUXsNDGp
Q5Qvsk1900fEMYyc+VnCtRvFTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org