Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/U2sWUiGDfPIujfioagRM35gd5oA.roa
File:                     U2sWUiGDfPIujfioagRM35gd5oA.roa (raw, json)
Hash identifier:          xw4s3UpeSroW9JuJT15DqVY5Gnxry/f8LyoO1gS6nVI=
Subject key identifier:   53:6B:16:52:21:83:7C:F2:2E:8D:F8:A8:6A:04:4C:DF:98:1D:E6:80
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       0183EFB6B31A2C4196050DA0D4EC8E3A42EF
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/U2sWUiGDfPIujfioagRM35gd5oA.roa
Signing time:             Wed 19 Oct 2022 10:07:51 +0000
ROA not before:           Wed 19 Oct 2022 10:07:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48715
IP address blocks:        185.239.2.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ef:b6:b3:1a:2c:41:96:05:0d:a0:d4:ec:8e:3a:42:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Oct 19 10:07:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=536b165221837cf22e8df8a86a044cdf981de680
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3e:35:5e:98:ed:78:e1:0c:7c:2f:e1:ad:d5:
                    2d:38:a8:15:4c:b0:4e:3e:02:a2:6b:f7:bd:21:5a:
                    d1:c8:0e:67:53:da:0b:b1:af:34:f1:cb:d2:a6:0e:
                    5d:77:79:40:69:e6:bf:61:8e:7c:b2:a2:88:ce:56:
                    ff:cb:4d:af:b2:96:28:b4:a2:b9:e3:b1:1b:21:9d:
                    8f:40:4e:59:84:25:05:12:10:24:26:68:89:e7:c4:
                    76:90:24:18:70:ac:ff:03:67:f2:22:19:9d:7a:20:
                    50:eb:16:61:f1:61:a6:4e:aa:e5:ac:78:e8:bc:5a:
                    90:d4:5f:95:c3:fb:c9:ea:11:99:f4:d8:ba:1d:ae:
                    26:8e:d2:e5:e3:1f:2a:5c:2d:c6:a6:05:74:ee:5d:
                    96:9e:a8:bc:f6:93:11:6d:1d:b6:e7:9d:81:d2:2e:
                    27:7a:ee:f6:8b:dc:e8:68:93:c8:b6:f4:81:90:da:
                    77:0f:74:f0:00:8d:5c:7e:ae:a8:e4:a9:a8:12:69:
                    14:e1:77:b7:1b:0e:a0:80:3e:d1:54:90:2c:8f:97:
                    f3:45:af:53:3e:24:b3:45:a7:f2:d2:8d:1e:e9:9d:
                    70:66:8b:aa:56:73:f3:5c:0f:ad:b8:88:45:f3:f0:
                    6c:96:70:c1:39:a0:0b:6d:86:be:d4:be:c4:2b:34:
                    3e:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:6B:16:52:21:83:7C:F2:2E:8D:F8:A8:6A:04:4C:DF:98:1D:E6:80
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/U2sWUiGDfPIujfioagRM35gd5oA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9b:ec:48:b0:8b:99:00:c8:9a:5c:ae:f9:fb:bf:c7:fa:d1:93:
         04:51:ec:74:01:ce:3b:d3:e0:ad:e0:f5:19:97:04:e3:5c:6f:
         6a:3c:4a:5d:30:e2:13:d6:db:09:38:c6:a5:98:1a:13:81:e0:
         99:cc:b7:b8:06:02:6e:4a:68:30:f3:c0:1c:30:60:72:11:b4:
         9c:14:93:66:89:9f:60:fb:85:83:a9:7a:9a:3a:2c:b2:48:72:
         03:8f:5c:37:0c:59:13:e0:03:8a:af:ef:ea:68:7b:89:67:50:
         b5:41:94:4d:dc:a7:08:89:42:49:02:36:fb:a1:12:fb:61:d2:
         9f:25:2b:51:c6:f3:52:2c:00:ec:d0:4a:7b:7c:d2:45:36:00:
         d6:56:f3:f8:66:66:9d:b0:2e:89:7a:d5:3d:e2:ac:e4:03:66:
         06:5f:68:c9:1c:1a:63:ca:5b:82:9d:e8:db:9b:83:2b:24:1e:
         d1:ce:a0:22:d3:76:e8:9e:32:b8:94:05:f7:d6:b6:8a:0c:65:
         08:35:98:fc:03:a4:b7:1d:59:f2:64:5c:d2:ba:2f:39:23:52:
         84:6b:2f:70:45:01:2e:c0:00:db:b8:e4:24:5f:fe:d8:f4:85:
         44:63:fb:7a:76:23:26:bf:d4:90:01:72:eb:88:b5:da:34:c7:
         b6:c6:02:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPvtrMaLEGWBQ2g1OyOOkLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjIxMDE5MTAwNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZiMTY1MjIxODM3Y2YyMmU4ZGY4YTg2YTA0NGNkZjk4MWRlNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj41XpjteOEMfC/hrdUtOKgVTLBO
PgKia/e9IVrRyA5nU9oLsa808cvSpg5dd3lAaea/YY58sqKIzlb/y02vspYotKK5
47EbIZ2PQE5ZhCUFEhAkJmiJ58R2kCQYcKz/A2fyIhmdeiBQ6xZh8WGmTqrlrHjo
vFqQ1F+Vw/vJ6hGZ9Ni6Ha4mjtLl4x8qXC3GpgV07l2Wnqi89pMRbR22552B0i4n
eu72i9zoaJPItvSBkNp3D3TwAI1cfq6o5KmoEmkU4Xe3Gw6ggD7RVJAsj5fzRa9T
PiSzRafy0o0e6Z1wZouqVnPzXA+tuIhF8/BslnDBOaALbYa+1L7EKzQ+ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNrFlIhg3zyLo34qGoETN+YHeaAMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvVTJzV1VpR0RmUEl1amZpb2FnUk0zNWdkNW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue8CMA0G
CSqGSIb3DQEBCwUAA4IBAQCb7Eiwi5kAyJpcrvn7v8f60ZMEUex0Ac470+Ct4PUZ
lwTjXG9qPEpdMOIT1tsJOMalmBoTgeCZzLe4BgJuSmgw88AcMGByEbScFJNmiZ9g
+4WDqXqaOiyySHIDj1w3DFkT4AOKr+/qaHuJZ1C1QZRN3KcIiUJJAjb7oRL7YdKf
JStRxvNSLADs0Ep7fNJFNgDWVvP4ZmadsC6JetU94qzkA2YGX2jJHBpjyluCnejb
m4MrJB7RzqAi03bonjK4lAX31raKDGUINZj8A6S3HVnyZFzSui85I1KEay9wRQEu
wADbuOQkX/7Y9IVEY/t6diMmv9SQAXLriLXaNMe2xgKC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org