Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/Nb3jtKLAwRwWFZwEE-MoCX9o5AY.roa
File:                     Nb3jtKLAwRwWFZwEE-MoCX9o5AY.roa (raw, json)
Hash identifier:          WY55s34tj3GgpUMOCFxj9Wpt+8H99bivmTgkStFOANU=
Subject key identifier:   35:BD:E3:B4:A2:C0:C1:1C:16:15:9C:04:13:E3:28:09:7F:68:E4:06
Certificate issuer:       /CN=ea1c951d61b87da19439784d23667a89cb3290a4
Certificate serial:       019809BA
Authority key identifier: EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/Nb3jtKLAwRwWFZwEE-MoCX9o5AY.roa
Signing time:             Sat 01 Jan 2022 03:57:10 +0000
ROA not before:           Sat 01 Jan 2022 03:57:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203603
IP address blocks:        185.249.233.0/24 maxlen: 24
                          185.249.234.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26741178 (0x19809ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea1c951d61b87da19439784d23667a89cb3290a4
        Validity
            Not Before: Jan  1 03:57:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35bde3b4a2c0c11c16159c0413e328097f68e406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:25:19:37:4b:92:f0:8e:e1:ca:91:af:cf:ba:
                    9d:f3:dc:65:eb:92:5d:49:27:3a:95:32:d7:27:0a:
                    5c:30:d1:c8:6a:89:3f:7f:34:b3:b8:fa:8a:8e:0e:
                    31:5b:8c:6c:c9:23:41:ed:9e:3a:a1:6a:11:f6:93:
                    f9:03:89:54:e1:0d:b1:7f:44:c9:a8:af:c2:9b:ab:
                    9b:a8:12:07:22:27:12:27:47:7f:17:20:c2:fd:2e:
                    d2:60:88:4b:49:68:0c:52:b5:ab:af:9d:ca:7e:86:
                    25:d2:02:c1:44:1d:ff:8c:23:18:db:96:a3:e3:0a:
                    70:67:ba:18:0d:73:48:22:93:00:c5:17:54:f2:ba:
                    2b:2d:fd:fb:52:93:ce:34:6d:17:bb:fe:3e:45:df:
                    12:18:c3:74:91:78:17:f6:71:83:85:c8:7c:42:27:
                    11:d5:5b:2d:9c:db:96:c8:95:74:c1:1c:0c:f7:d3:
                    0e:d3:c3:50:33:30:84:41:3e:db:a0:95:e2:06:5c:
                    41:e4:6c:dd:76:a3:bd:89:de:82:96:75:a4:25:c8:
                    6b:82:d9:66:7f:34:80:2b:6f:66:e4:b1:ec:18:bb:
                    f2:2f:8d:de:50:08:30:16:58:08:7a:75:ea:82:a3:
                    49:f1:a6:c0:9c:e3:24:1c:51:5a:97:bc:10:3e:05:
                    1d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:BD:E3:B4:A2:C0:C1:1C:16:15:9C:04:13:E3:28:09:7F:68:E4:06
            X509v3 Authority Key Identifier:
                keyid:EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/Nb3jtKLAwRwWFZwEE-MoCX9o5AY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.233.0-185.249.235.255

    Signature Algorithm: sha256WithRSAEncryption
         63:d0:91:f5:17:ea:b0:7d:11:43:ea:30:e5:08:ed:37:d5:78:
         72:2e:3d:6b:e6:d8:02:02:e1:cb:f4:9c:db:99:2a:53:13:76:
         45:ac:9c:7f:21:33:5e:cc:71:fa:e8:67:e4:64:51:c6:7c:a3:
         5d:c2:0d:06:64:3c:41:f6:00:02:ce:a9:18:08:61:be:70:98:
         ce:2c:fe:15:ed:b4:78:a7:2a:df:6e:bf:3a:a4:db:2c:d3:e6:
         83:53:a2:7a:48:bf:72:a8:22:05:c3:6a:2f:4c:49:39:4c:ae:
         19:9b:54:43:fe:2c:cc:53:7e:18:1b:3a:44:d1:7b:fc:a3:f5:
         bb:be:e1:92:20:93:c0:4d:76:d8:89:2a:bf:aa:f5:41:52:0c:
         c0:f6:12:7a:8c:48:08:7e:58:53:88:6d:5c:87:6b:68:85:02:
         20:79:c3:af:93:20:ef:2b:59:3f:22:26:bd:f6:db:10:f2:d5:
         e7:5a:97:42:f2:21:21:1e:57:56:1e:06:8d:f7:d4:30:a9:f2:
         24:5c:4e:e1:e7:f9:9a:cf:1a:32:c8:47:92:cb:73:8b:b3:e8:
         bc:c2:a6:2a:88:df:de:b5:bc:5a:18:f8:ad:22:ee:ef:f5:be:
         41:ab:79:7a:bc:03:b6:ca:dd:9d:2c:0e:de:42:47:6a:fb:2c:
         ce:3b:0f:23
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAZgJujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTFjOTUxZDYxYjg3ZGExOTQzOTc4NGQyMzY2N2E4OWNiMzI5MGE0MB4XDTIyMDEw
MTAzNTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzViZGUzYjRhMmMw
YzExYzE2MTU5YzA0MTNlMzI4MDk3ZjY4ZTQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUlGTdLkvCO4cqRr8+6nfPcZeuSXUknOpUy1ycKXDDRyGqJ
P380s7j6io4OMVuMbMkjQe2eOqFqEfaT+QOJVOENsX9Eyaivwpurm6gSByInEidH
fxcgwv0u0mCIS0loDFK1q6+dyn6GJdICwUQd/4wjGNuWo+MKcGe6GA1zSCKTAMUX
VPK6Ky39+1KTzjRtF7v+PkXfEhjDdJF4F/Zxg4XIfEInEdVbLZzblsiVdMEcDPfT
DtPDUDMwhEE+26CV4gZcQeRs3XajvYnegpZ1pCXIa4LZZn80gCtvZuSx7Bi78i+N
3lAIMBZYCHp16oKjSfGmwJzjJBxRWpe8ED4FHWcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQ1veO0osDBHBYVnAQT4ygJf2jkBjAfBgNVHSMEGDAWgBTqHJUdYbh9oZQ5
eE0jZnqJyzKQpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZoeVZIV0c0ZmFHVU9YaE5JMlo2aWNzeWtLUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNjE3NzE1LTk0ODQtNDBmOS04OTZjLTcyNGIxYTAyMTJkNC8x
L05iM2p0S0xBd1J3V0Zad0VFLU1vQ1g5bzVBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
NjE3NzE1LTk0ODQtNDBmOS04OTZjLTcyNGIxYTAyMTJkNC8xLzZoeVZIV0c0ZmFH
VU9YaE5JMlo2aWNzeWtLUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAufnpAwQCufnoMA0GCSqGSIb3
DQEBCwUAA4IBAQBj0JH1F+qwfRFD6jDlCO031XhyLj1r5tgCAuHL9JzbmSpTE3ZF
rJx/ITNezHH66GfkZFHGfKNdwg0GZDxB9gACzqkYCGG+cJjOLP4V7bR4pyrfbr86
pNss0+aDU6J6SL9yqCIFw2ovTEk5TK4Zm1RD/izMU34YGzpE0Xv8o/W7vuGSIJPA
TXbYiSq/qvVBUgzA9hJ6jEgIflhTiG1ch2tohQIgecOvkyDvK1k/Iia99tsQ8tXn
WpdC8iEhHldWHgaN99QwqfIkXE7h5/mazxoyyEeSy3OLs+i8wqYqiN/etbxaGPit
Iu7v9b5Bq3l6vAO2yt2dLA7eQkdq+yzOOw8j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:31 2024 by rpki-client on console-fra.rpki-client.org