Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ifoAlumeWbdNDJhqDWIs1CKLT7Q.roa
File:                     ifoAlumeWbdNDJhqDWIs1CKLT7Q.roa (raw, json)
Hash identifier:          g3tATNADfdmRjPyw77DDy2BuwoRSwfEjrSQjOhh3naM=
Subject key identifier:   89:FA:00:96:E9:9E:59:B7:4D:0C:98:6A:0D:62:2C:D4:22:8B:4F:B4
Certificate issuer:       /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial:       388807B7
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ifoAlumeWbdNDJhqDWIs1CKLT7Q.roa
Signing time:             Sat 01 Jan 2022 12:00:55 +0000
ROA not before:           Sat 01 Jan 2022 12:00:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50607
IP address blocks:        185.48.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 948438967 (0x388807b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
        Validity
            Not Before: Jan  1 12:00:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=89fa0096e99e59b74d0c986a0d622cd4228b4fb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f8:e3:b4:02:db:5f:ee:be:1e:90:d4:7b:8d:
                    da:f5:a7:f9:06:20:06:5c:81:a8:66:c2:5f:fb:74:
                    46:e3:db:f8:73:42:31:b1:35:ea:3a:74:ea:c5:a8:
                    9a:a3:02:4f:b9:28:1a:ab:04:1b:6e:8f:ad:be:27:
                    6e:68:ea:55:ca:8c:78:14:60:0e:8e:aa:3c:c0:19:
                    53:10:cd:2b:58:cd:d5:4e:f1:83:80:98:fd:88:b6:
                    38:ac:9b:9b:a0:ef:c4:e1:2e:be:cf:27:2d:7b:32:
                    84:82:03:cd:62:eb:7b:e4:87:9b:b4:25:e0:94:22:
                    c2:11:3c:c8:79:d0:f1:32:bc:fd:1e:18:d4:c1:0d:
                    c3:72:e0:e1:69:0f:dd:00:43:1b:d8:be:ab:b8:1e:
                    bf:f1:61:34:9e:4a:fd:25:e2:88:db:e2:b6:ca:04:
                    71:8c:95:b5:32:22:b7:b8:5f:15:46:f1:5d:8d:6c:
                    ac:60:40:a4:16:e0:c4:3d:13:e0:91:41:15:0a:6c:
                    35:49:16:45:64:25:8f:bb:d1:00:33:63:49:38:9a:
                    72:2b:c4:9f:c2:9d:c4:f1:8e:d6:7a:7b:d1:93:6c:
                    8c:58:b6:ed:14:db:e0:52:d3:2d:0c:66:10:0f:07:
                    76:01:17:25:c3:27:1e:98:56:43:e9:f7:13:ab:b4:
                    d3:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:FA:00:96:E9:9E:59:B7:4D:0C:98:6A:0D:62:2C:D4:22:8B:4F:B4
            X509v3 Authority Key Identifier:
                keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ifoAlumeWbdNDJhqDWIs1CKLT7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.48.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:ab:ae:b8:e0:2e:ba:1f:95:28:e5:ff:89:6b:a1:a3:87:e8:
         f7:48:b3:d7:9e:8c:d4:9d:e4:00:65:db:8c:6c:24:1f:69:32:
         ae:5c:9f:d9:e9:03:d9:4d:11:4b:61:51:77:89:27:73:f6:a5:
         b3:a3:93:24:f9:25:59:18:de:d1:35:92:26:22:e6:6b:82:4c:
         ed:01:d2:63:d5:2b:7a:82:2c:68:64:4e:bd:2b:56:ed:c9:e4:
         02:7c:0b:02:a4:59:ce:10:ed:e3:ee:1b:d7:c8:77:f4:ee:2b:
         16:4b:4f:01:20:2d:0a:c0:4f:ce:db:3b:a5:49:1f:08:1e:d6:
         d8:5d:c7:90:b2:5f:c7:3c:4d:b3:aa:54:4e:ad:d4:c0:d3:82:
         d6:b5:db:43:ec:61:67:b6:a2:0a:d8:70:e1:d2:cb:ec:72:62:
         56:7f:35:f8:da:84:dd:ed:bf:3e:ea:06:22:2f:e2:2d:25:14:
         39:e5:18:df:aa:d7:a5:c4:94:ab:8f:c3:40:14:33:30:8d:f6:
         c2:7c:02:8a:52:b8:a3:75:d7:16:25:a4:2a:68:e3:33:96:9b:
         04:77:a0:ee:67:dc:c9:15:53:0b:85:8f:c1:5b:04:91:41:2f:
         22:0f:85:3a:83:7b:52:83:53:2e:70:f0:33:5a:fd:7f:a1:73:
         19:24:be:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOIgHtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWI4N2IzYjA5Y2NiNjlhNmRlMjA0NjhlOTBlY2JiMThmNWVjYmI2MB4XDTIyMDEw
MTEyMDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODlmYTAwOTZlOTll
NTliNzRkMGM5ODZhMGQ2MjJjZDQyMjhiNGZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP447QC21/uvh6Q1HuN2vWn+QYgBlyBqGbCX/t0RuPb+HNC
MbE16jp06sWomqMCT7koGqsEG26Prb4nbmjqVcqMeBRgDo6qPMAZUxDNK1jN1U7x
g4CY/Yi2OKybm6DvxOEuvs8nLXsyhIIDzWLre+SHm7Ql4JQiwhE8yHnQ8TK8/R4Y
1MENw3Lg4WkP3QBDG9i+q7gev/FhNJ5K/SXiiNvitsoEcYyVtTIit7hfFUbxXY1s
rGBApBbgxD0T4JFBFQpsNUkWRWQlj7vRADNjSTiacivEn8KdxPGO1np70ZNsjFi2
7RTb4FLTLQxmEA8HdgEXJcMnHphWQ+n3E6u008ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSJ+gCW6Z5Zt00MmGoNYizUIotPtDAfBgNVHSMEGDAWgBS5uHs7Ccy2mm3i
BGjpDsuxj17LtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ViaDdPd25NdHBwdDRnUm82UTdMc1k5ZXk3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvMDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8x
L2lmb0FsdW1lV2JkTkRKaHFEV0lzMUNLTFQ3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
MDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8xL3ViaDdPd25NdHBw
dDRnUm82UTdMc1k5ZXk3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkwCTANBgkqhkiG9w0BAQsFAAOC
AQEAuKuuuOAuuh+VKOX/iWuho4fo90iz156M1J3kAGXbjGwkH2kyrlyf2ekD2U0R
S2FRd4knc/als6OTJPklWRje0TWSJiLma4JM7QHSY9UreoIsaGROvStW7cnkAnwL
AqRZzhDt4+4b18h39O4rFktPASAtCsBPzts7pUkfCB7W2F3HkLJfxzxNs6pUTq3U
wNOC1rXbQ+xhZ7aiCthw4dLL7HJiVn81+NqE3e2/PuoGIi/iLSUUOeUY36rXpcSU
q4/DQBQzMI32wnwCilK4o3XXFiWkKmjjM5abBHeg7mfcyRVTC4WPwVsEkUEvIg+F
OoN7UoNTLnDwM1r9f6FzGSS+gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:11 2024 by rpki-client on console-fra.rpki-client.org