Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/55fb8c-4759-46a3-ad76-6253b5f762c2/1/cS_a1I8TjGpskpHH8qU4NbgxviY.roa
File:                     cS_a1I8TjGpskpHH8qU4NbgxviY.roa (raw, json)
Hash identifier:          dQRHt40jRYateGcIxYcl6B/OKxOIJmVqe4Al+jMxx0U=
Subject key identifier:   71:2F:DA:D4:8F:13:8C:6A:6C:92:91:C7:F2:A5:38:35:B8:31:BE:26
Certificate issuer:       /CN=1be6354f38c094634034bbe2bcf91674ea63e355
Certificate serial:       01449A02
Authority key identifier: 1B:E6:35:4F:38:C0:94:63:40:34:BB:E2:BC:F9:16:74:EA:63:E3:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G-Y1TzjAlGNANLvivPkWdOpj41U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/55fb8c-4759-46a3-ad76-6253b5f762c2/1/cS_a1I8TjGpskpHH8qU4NbgxviY.roa
Signing time:             Sat 01 Jan 2022 04:56:33 +0000
ROA not before:           Sat 01 Jan 2022 04:56:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.145.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21273090 (0x1449a02)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1be6354f38c094634034bbe2bcf91674ea63e355
        Validity
            Not Before: Jan  1 04:56:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=712fdad48f138c6a6c9291c7f2a53835b831be26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:12:72:ad:ec:f5:ce:58:af:be:8d:a5:3a:dc:
                    b0:8e:29:94:23:d5:8a:1e:31:af:bc:d4:54:70:f4:
                    32:e1:15:33:b3:4a:b5:08:8b:9e:46:0f:9e:5c:61:
                    8f:06:38:3f:bf:2b:73:82:ed:9a:74:5a:bf:65:da:
                    a2:27:f6:66:3b:2f:09:80:4b:f2:08:87:a7:2c:ed:
                    5e:0b:36:ad:0e:f4:8d:d1:3b:f9:4b:55:5d:68:13:
                    de:87:5e:61:9f:c6:57:16:17:c0:df:cd:04:62:ee:
                    00:55:41:b3:56:00:01:2c:1f:96:0b:49:5e:7d:46:
                    88:d6:cf:e8:a3:7f:c5:ea:be:ca:c4:d6:5d:02:7c:
                    92:4a:a8:ef:bf:52:94:e6:f0:fa:5b:b4:d3:31:11:
                    c8:a2:62:2f:e4:5b:ca:a0:06:2b:6e:22:b8:9f:61:
                    76:81:07:1f:83:36:29:99:42:9a:13:15:f2:16:a3:
                    0c:d1:b3:c7:0a:92:8f:4e:48:ef:37:3a:40:c3:37:
                    33:1b:49:3b:68:01:8f:92:d4:4d:41:be:dd:a9:03:
                    00:60:fa:e4:f2:a1:6d:b7:7b:f1:f7:91:4a:fe:8f:
                    4f:4f:35:f8:36:77:72:ca:60:82:58:08:c2:bc:dc:
                    39:3d:d8:18:c8:a6:7b:02:29:4b:59:cd:af:50:4a:
                    fd:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:2F:DA:D4:8F:13:8C:6A:6C:92:91:C7:F2:A5:38:35:B8:31:BE:26
            X509v3 Authority Key Identifier:
                keyid:1B:E6:35:4F:38:C0:94:63:40:34:BB:E2:BC:F9:16:74:EA:63:E3:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Y1TzjAlGNANLvivPkWdOpj41U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/55fb8c-4759-46a3-ad76-6253b5f762c2/1/cS_a1I8TjGpskpHH8qU4NbgxviY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/55fb8c-4759-46a3-ad76-6253b5f762c2/1/G-Y1TzjAlGNANLvivPkWdOpj41U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:78:44:6a:6c:d6:b3:23:70:e0:bb:1d:21:10:fa:17:e1:9d:
         3c:02:8a:5c:b3:01:26:bc:62:2a:0a:28:f0:15:32:62:e2:f2:
         a7:42:3f:4b:ca:f5:68:e7:8f:b9:1c:78:f6:42:58:64:28:37:
         5f:31:2e:db:52:a7:31:89:c4:80:08:ec:12:0c:f5:c8:52:bb:
         10:12:5d:81:e1:7a:06:59:b1:bc:b7:d8:f5:d0:ba:7b:e5:93:
         3d:ee:d0:c8:b1:62:cd:11:c1:5e:1b:6c:56:3e:ec:5f:6b:b8:
         17:03:4b:a3:ed:ae:a9:fc:99:77:83:0d:ab:84:5c:89:f6:58:
         e2:a6:27:6a:c9:4c:40:91:99:17:3c:c7:26:46:63:6f:2d:0a:
         5b:fe:8c:e7:7e:86:97:d6:56:de:67:6b:26:43:74:0f:2a:6e:
         72:12:6b:ee:92:25:10:00:23:ea:9a:26:a0:ca:38:a1:63:a3:
         5c:9d:97:05:f8:24:a8:38:67:5e:52:f2:9c:c9:09:9b:09:0f:
         78:77:11:35:c8:f3:d5:5c:3c:d4:ac:5f:f0:f3:46:10:90:5f:
         c2:bb:92:9a:72:d4:4f:e0:d6:3c:65:06:97:be:fb:23:52:71:
         f7:93:1b:3d:2a:ea:21:6f:fa:78:e3:d7:96:e4:9e:8d:6e:32:
         27:9a:45:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUSaAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmU2MzU0ZjM4YzA5NDYzNDAzNGJiZTJiY2Y5MTY3NGVhNjNlMzU1MB4XDTIyMDEw
MTA0NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzEyZmRhZDQ4ZjEz
OGM2YTZjOTI5MWM3ZjJhNTM4MzViODMxYmUyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMScq3s9c5Yr76NpTrcsI4plCPVih4xr7zUVHD0MuEVM7NK
tQiLnkYPnlxhjwY4P78rc4LtmnRav2Xaoif2ZjsvCYBL8giHpyztXgs2rQ70jdE7
+UtVXWgT3odeYZ/GVxYXwN/NBGLuAFVBs1YAASwflgtJXn1GiNbP6KN/xeq+ysTW
XQJ8kkqo779SlObw+lu00zERyKJiL+RbyqAGK24iuJ9hdoEHH4M2KZlCmhMV8haj
DNGzxwqSj05I7zc6QMM3MxtJO2gBj5LUTUG+3akDAGD65PKhbbd78feRSv6PT081
+DZ3cspgglgIwrzcOT3YGMimewIpS1nNr1BK/UMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxL9rUjxOMamySkcfypTg1uDG+JjAfBgNVHSMEGDAWgBQb5jVPOMCUY0A0
u+K8+RZ06mPjVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ctWTFUempBbEdOQU5Mdml2UGtXZE9wajQxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvNTVmYjhjLTQ3NTktNDZhMy1hZDc2LTYyNTNiNWY3NjJjMi8x
L2NTX2ExSThUakdwc2twSEg4cVU0TmJneHZpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
NTVmYjhjLTQ3NTktNDZhMy1hZDc2LTYyNTNiNWY3NjJjMi8xL0ctWTFUempBbEdO
QU5Mdml2UGtXZE9wajQxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmR6DANBgkqhkiG9w0BAQsFAAOC
AQEAV3hEamzWsyNw4LsdIRD6F+GdPAKKXLMBJrxiKgoo8BUyYuLyp0I/S8r1aOeP
uRx49kJYZCg3XzEu21KnMYnEgAjsEgz1yFK7EBJdgeF6BlmxvLfY9dC6e+WTPe7Q
yLFizRHBXhtsVj7sX2u4FwNLo+2uqfyZd4MNq4RcifZY4qYnaslMQJGZFzzHJkZj
by0KW/6M536Gl9ZW3mdrJkN0DypuchJr7pIlEAAj6pomoMo4oWOjXJ2XBfgkqDhn
XlLynMkJmwkPeHcRNcjz1Vw81Kxf8PNGEJBfwruSmnLUT+DWPGUGl777I1Jx95Mb
PSrqIW/6eOPXluSejW4yJ5pFjA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:51 2023 by rpki-client on console-ams.rpki-client.org