Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/U2JY0knEOEQpieDcmZjx5yfx3zk.roa
File:                     U2JY0knEOEQpieDcmZjx5yfx3zk.roa (raw, json)
Hash identifier:          uU79l93TAAXTjVXuPIrcBX5dDRkSqtzlUGBxVvwVnkM=
Subject key identifier:   53:62:58:D2:49:C4:38:44:29:89:E0:DC:99:98:F1:E7:27:F1:DF:39
Certificate issuer:       /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial:       C8F8A6
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/U2JY0knEOEQpieDcmZjx5yfx3zk.roa
Signing time:             Sat 01 Jan 2022 02:54:06 +0000
ROA not before:           Sat 01 Jan 2022 02:54:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41211
IP address blocks:        85.112.81.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13170854 (0xc8f8a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
        Validity
            Not Before: Jan  1 02:54:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=536258d249c438442989e0dc9998f1e727f1df39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:35:23:93:a9:f5:61:a0:7f:96:86:a1:fe:a9:
                    28:22:a4:68:3a:95:75:62:95:0f:20:ba:9f:cc:ee:
                    ad:bc:f9:77:94:20:e6:c5:c2:6c:06:64:93:1b:f9:
                    72:c3:cd:83:39:24:60:32:97:a6:00:77:a0:17:b2:
                    a5:fb:aa:06:39:ee:9b:98:49:e5:86:22:d3:dd:a5:
                    ed:0c:45:a6:22:0f:f6:34:05:c6:1e:15:77:8c:a6:
                    07:28:1f:45:8c:80:b6:11:ff:d1:1f:ab:41:d1:03:
                    57:e6:44:94:d4:55:e8:d5:b6:4e:49:21:d9:49:d4:
                    f1:14:70:d5:55:0a:a3:5a:52:2e:c7:14:72:4f:65:
                    72:03:90:c9:87:77:4b:a8:98:b1:f8:ca:d9:e0:10:
                    69:3d:a8:9c:3d:1d:d2:47:d5:ee:f1:cd:12:26:b3:
                    ac:ed:07:43:03:f3:33:4f:d4:ec:ea:04:f9:a9:4e:
                    ae:f2:da:b9:3c:a0:e8:f1:80:73:d2:b1:89:1b:27:
                    fb:89:97:2b:90:17:cf:19:82:25:e0:6a:6a:42:6c:
                    a1:f7:00:7f:7e:5a:5a:0f:1b:34:0c:41:6d:f9:48:
                    7c:88:aa:ec:10:af:94:79:6d:dc:06:2a:b2:f2:41:
                    5a:6f:3a:dd:97:8b:3a:67:82:be:95:78:f9:7a:8b:
                    cd:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:62:58:D2:49:C4:38:44:29:89:E0:DC:99:98:F1:E7:27:F1:DF:39
            X509v3 Authority Key Identifier:
                keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/U2JY0knEOEQpieDcmZjx5yfx3zk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.112.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:3f:fc:5b:8f:54:b7:24:a7:82:2f:81:ca:21:e2:80:d0:32:
         ff:4b:d4:9a:89:a7:79:6c:56:e0:97:a4:85:7a:d0:c1:59:4a:
         e7:fc:c7:a5:b5:87:5c:0c:09:d5:5b:f9:b6:a1:45:9a:01:1d:
         57:c2:d0:9a:83:61:2d:a0:27:94:69:c4:f5:f2:50:c9:fc:0f:
         6f:8d:9e:de:73:db:79:00:4d:36:a3:4b:d8:01:c7:da:db:da:
         56:a1:13:62:bc:2d:dc:18:03:a2:c5:83:d2:91:8d:3a:c9:38:
         5b:de:c2:87:94:7a:5a:98:79:e0:2d:ab:20:92:22:3e:39:46:
         71:24:c9:56:63:0f:af:54:7c:59:70:90:a6:85:79:b1:34:be:
         47:77:fa:4e:66:dd:3a:1e:83:98:5b:50:e6:d4:45:c0:2c:55:
         f3:24:4c:20:d6:03:73:00:3e:3d:a6:3d:65:5d:bb:f2:ad:d8:
         82:68:e0:5e:d0:b2:3a:5a:a0:05:df:35:e8:d5:df:07:5e:bf:
         ae:e3:fe:10:b1:f6:3f:79:a7:fe:95:fc:0b:9c:8e:ed:b0:ee:
         14:7e:5f:70:cf:88:cc:2a:5f:e5:af:ca:b9:b5:f8:b8:bd:16:
         bc:84:cc:9e:a6:08:c7:2b:a3:05:53:5b:ca:21:4a:16:5a:e4:
         66:6d:84:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMj4pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWNkNjRjOTc4MzdkN2JmYWMwNjYzN2RkOTUyYmRlZGUwYzI1ZDg1MB4XDTIyMDEw
MTAyNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM2MjU4ZDI0OWM0
Mzg0NDI5ODllMGRjOTk5OGYxZTcyN2YxZGYzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI1I5Op9WGgf5aGof6pKCKkaDqVdWKVDyC6n8zurbz5d5Qg
5sXCbAZkkxv5csPNgzkkYDKXpgB3oBeypfuqBjnum5hJ5YYi092l7QxFpiIP9jQF
xh4Vd4ymBygfRYyAthH/0R+rQdEDV+ZElNRV6NW2Tkkh2UnU8RRw1VUKo1pSLscU
ck9lcgOQyYd3S6iYsfjK2eAQaT2onD0d0kfV7vHNEiazrO0HQwPzM0/U7OoE+alO
rvLauTyg6PGAc9KxiRsn+4mXK5AXzxmCJeBqakJsofcAf35aWg8bNAxBbflIfIiq
7BCvlHlt3AYqsvJBWm863ZeLOmeCvpV4+XqLzbMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTYljSScQ4RCmJ4NyZmPHnJ/HfOTAfBgNVHSMEGDAWgBSuzWTJeDfXv6wG
Y33ZUr3t4MJdhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JzMWt5WGczMTctc0JtTjkyVks5N2VEQ1hZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8x
L1UySlkwa25FT0VRcGllRGNtWmp4NXlmeDN6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8xL3JzMWt5WGczMTct
c0JtTjkyVks5N2VEQ1hZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFVwUTANBgkqhkiG9w0BAQsFAAOC
AQEATz/8W49UtySngi+ByiHigNAy/0vUmomneWxW4JekhXrQwVlK5/zHpbWHXAwJ
1Vv5tqFFmgEdV8LQmoNhLaAnlGnE9fJQyfwPb42e3nPbeQBNNqNL2AHH2tvaVqET
Yrwt3BgDosWD0pGNOsk4W97Ch5R6Wph54C2rIJIiPjlGcSTJVmMPr1R8WXCQpoV5
sTS+R3f6TmbdOh6DmFtQ5tRFwCxV8yRMINYDcwA+PaY9ZV278q3YgmjgXtCyOlqg
Bd816NXfB16/ruP+ELH2P3mn/pX8C5yO7bDuFH5fcM+IzCpf5a/KubX4uL0WvITM
nqYIxyujBVNbyiFKFlrkZm2EOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:24 2024 by rpki-client on console-ams.rpki-client.org