Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/infiyyNRZrBQjTArOzNbDaxD_E4.roa
File:                     infiyyNRZrBQjTArOzNbDaxD_E4.roa (raw, json)
Hash identifier:          mv/endBMUA7lzeLdB69HZct7330P9DcXIfIv0v2P4hg=
Subject key identifier:   8A:77:E2:CB:23:51:66:B0:50:8D:30:2B:3B:33:5B:0D:AC:43:FC:4E
Certificate issuer:       /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial:       0184607F944E389535732F704B53DE81BE00
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/infiyyNRZrBQjTArOzNbDaxD_E4.roa
Signing time:             Thu 10 Nov 2022 07:44:44 +0000
ROA not before:           Thu 10 Nov 2022 07:44:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.212.204.0/23 maxlen: 24
                          185.212.206.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:7f:94:4e:38:95:35:73:2f:70:4b:53:de:81:be:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
        Validity
            Not Before: Nov 10 07:44:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8a77e2cb235166b0508d302b3b335b0dac43fc4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ec:1d:af:55:18:f9:e0:0d:45:cd:ba:a9:b3:
                    92:3d:2f:64:05:88:40:16:e6:1e:b7:1e:10:3e:19:
                    f6:41:8c:08:43:65:2f:59:9d:93:60:68:5a:2f:75:
                    a1:c1:0b:a5:f7:0d:d8:09:e8:dd:3f:85:d0:ca:c4:
                    28:5f:93:c3:a8:61:79:06:35:bc:65:5a:db:2f:4a:
                    b6:52:50:ac:7c:1e:1d:e0:a2:1b:40:c7:53:16:3b:
                    72:63:9c:90:0e:f1:91:16:56:db:b3:90:a7:61:85:
                    3d:e1:f3:04:07:43:bd:f2:00:26:91:67:d7:08:11:
                    d8:8e:93:b3:31:fc:fc:5c:7f:ef:97:93:e7:0e:de:
                    9a:6c:6a:61:ae:fe:59:8e:1c:e8:ee:76:df:1f:bf:
                    d4:c6:dd:4c:1b:bb:8e:62:08:ea:12:e2:51:44:f0:
                    fd:db:db:c0:30:41:c0:5d:55:e1:2d:86:71:0a:bd:
                    2a:2e:01:38:96:6e:c0:62:5e:f1:43:ee:39:32:d4:
                    45:6c:17:ad:a4:eb:77:8c:15:3f:1d:51:02:eb:15:
                    a7:6d:47:9f:99:60:bc:ab:79:bf:a1:ac:60:93:7c:
                    ed:a6:a0:55:8e:2d:ff:db:ce:4b:19:2f:72:c1:2a:
                    6e:d4:55:3d:da:49:82:b8:3a:57:5d:35:df:f2:ec:
                    3c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:77:E2:CB:23:51:66:B0:50:8D:30:2B:3B:33:5B:0D:AC:43:FC:4E
            X509v3 Authority Key Identifier:
                keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/infiyyNRZrBQjTArOzNbDaxD_E4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:8a:ea:3e:a8:20:97:c7:2c:4e:88:83:ce:d1:38:20:99:3e:
         c7:88:b5:87:c9:ff:16:19:61:44:32:9d:8a:bb:a3:f7:8a:f1:
         3f:83:31:61:c3:94:d5:2d:42:11:a1:27:9b:e5:e9:ab:6a:86:
         5b:95:ed:43:14:48:99:8f:a9:e6:11:4a:47:6b:d8:05:62:24:
         3f:96:66:cc:33:cd:e8:9e:8d:f3:29:1b:49:73:d4:75:f5:69:
         18:82:fb:bb:86:68:fd:64:f1:74:40:79:ac:40:2b:a6:a9:45:
         08:1f:59:d8:e1:a2:b1:6d:9b:64:77:66:9f:e9:b2:f3:92:23:
         02:17:53:aa:4f:80:9a:99:ab:23:df:8d:05:d6:4f:77:6f:aa:
         f5:82:fd:10:24:66:15:eb:67:56:a4:c6:5a:75:3e:a0:3c:0b:
         93:c3:27:5d:30:0a:5b:5a:2c:10:64:c3:f6:1a:17:4c:25:3c:
         b1:00:34:4d:cf:8e:57:9c:b8:a4:84:ba:15:09:80:cd:da:f0:
         7d:9a:9a:73:67:2f:22:48:85:6c:7e:a2:b9:0d:c5:ec:65:5f:
         51:09:95:01:39:01:58:31:b7:c6:70:1f:7d:31:ea:30:a6:32:
         4a:d4:a7:67:cc:ac:37:7d:93:32:90:31:95:78:b2:8a:f9:16:
         b6:a8:90:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRgf5ROOJU1cy9wS1Pegb4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjIxMTEwMDc0NDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc3ZTJjYjIzNTE2NmIwNTA4ZDMwMmIzYjMzNWIwZGFjNDNmYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOwdr1UY+eANRc26qbOSPS9kBYhA
FuYetx4QPhn2QYwIQ2UvWZ2TYGhaL3WhwQul9w3YCejdP4XQysQoX5PDqGF5BjW8
ZVrbL0q2UlCsfB4d4KIbQMdTFjtyY5yQDvGRFlbbs5CnYYU94fMEB0O98gAmkWfX
CBHYjpOzMfz8XH/vl5PnDt6abGphrv5Zjhzo7nbfH7/Uxt1MG7uOYgjqEuJRRPD9
29vAMEHAXVXhLYZxCr0qLgE4lm7AYl7xQ+45MtRFbBetpOt3jBU/HVEC6xWnbUef
mWC8q3m/oaxgk3ztpqBVji3/285LGS9ywSpu1FU92kmCuDpXXTXf8uw8AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIp34ssjUWawUI0wKzszWw2sQ/xOMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvaW5maXl5TlJackJRalRBck96TmJEYXhEX0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudTMMA0G
CSqGSIb3DQEBCwUAA4IBAQAiiuo+qCCXxyxOiIPO0TggmT7HiLWHyf8WGWFEMp2K
u6P3ivE/gzFhw5TVLUIRoSeb5emraoZble1DFEiZj6nmEUpHa9gFYiQ/lmbMM83o
no3zKRtJc9R19WkYgvu7hmj9ZPF0QHmsQCumqUUIH1nY4aKxbZtkd2af6bLzkiMC
F1OqT4Camasj340F1k93b6r1gv0QJGYV62dWpMZadT6gPAuTwyddMApbWiwQZMP2
GhdMJTyxADRNz45XnLikhLoVCYDN2vB9mppzZy8iSIVsfqK5DcXsZV9RCZUBOQFY
MbfGcB99MeowpjJK1KdnzKw3fZMykDGVeLKK+Ra2qJDl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:21 2024 by rpki-client on console-fra.rpki-client.org