Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/dY_paYl_KlssovdqeDkXPaHRtvM.roa
File:                     dY_paYl_KlssovdqeDkXPaHRtvM.roa (raw, json)
Hash identifier:          KKIYx8QZkz2GyLZVzNv1xQNVDFtJ5J267EQqVlnNA6o=
Subject key identifier:   75:8F:E9:69:89:7F:2A:5B:2C:A2:F7:6A:78:39:17:3D:A1:D1:B6:F3
Certificate issuer:       /CN=23d8f620999506cc86d7548ea7282bb129f02d68
Certificate serial:       02E6EDE5
Authority key identifier: 23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/dY_paYl_KlssovdqeDkXPaHRtvM.roa
Signing time:             Sat 01 Jan 2022 14:56:58 +0000
ROA not before:           Sat 01 Jan 2022 14:56:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.31.204.0/24 maxlen: 24
                          46.227.44.0/24 maxlen: 24
                          46.227.40.0/24 maxlen: 24
                          185.31.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48688613 (0x2e6ede5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23d8f620999506cc86d7548ea7282bb129f02d68
        Validity
            Not Before: Jan  1 14:56:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=758fe969897f2a5b2ca2f76a7839173da1d1b6f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:32:1a:40:8f:96:b5:19:0b:88:3b:e7:0d:69:
                    85:59:b2:f2:f2:9e:5d:3e:09:83:9e:0e:c1:a9:4a:
                    c3:92:9b:cb:2b:e7:2c:57:02:05:f2:46:b9:ef:fd:
                    60:56:b9:cd:2a:9f:9b:9f:4c:f1:29:46:39:5b:f5:
                    6f:bb:02:38:4e:5d:17:a8:66:86:81:a5:8a:07:6b:
                    c1:d4:cb:aa:ee:e7:04:64:c7:b8:b6:84:01:51:c8:
                    0e:48:0f:cf:cb:37:03:d3:d2:a4:26:c2:90:15:fb:
                    d1:0b:b2:f8:26:9f:94:7c:6a:70:cd:37:ae:5e:be:
                    de:2d:8e:1d:a4:5d:ec:ce:f4:84:5d:f0:bf:cc:4e:
                    a1:bb:31:2b:b4:14:b3:55:e0:83:36:8d:b6:d7:03:
                    8a:5d:e3:e4:85:41:1d:d1:92:7b:11:2a:f9:ca:10:
                    9a:bc:06:18:e3:18:1f:62:7f:48:17:79:81:5c:5c:
                    93:67:16:a0:bd:6f:6f:37:25:04:e7:a4:ef:6d:55:
                    41:6c:fe:e6:2b:92:b3:99:7b:f5:b8:d0:5d:a0:e9:
                    44:48:ae:5d:fc:db:24:79:4f:18:cd:8f:3a:4d:a9:
                    8b:4f:3c:32:52:4d:d2:de:31:1d:a9:93:c6:fd:09:
                    6b:8d:0f:0b:73:11:c0:51:03:41:3c:26:b6:47:19:
                    87:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8F:E9:69:89:7F:2A:5B:2C:A2:F7:6A:78:39:17:3D:A1:D1:B6:F3
            X509v3 Authority Key Identifier:
                keyid:23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/dY_paYl_KlssovdqeDkXPaHRtvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/I9j2IJmVBsyG11SOpygrsSnwLWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.40.0/24
                  46.227.44.0/24
                  185.31.204.0/24
                  185.31.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:53:8f:57:ce:e1:c6:c7:1d:17:4d:c3:32:89:36:08:e6:e9:
         9f:f1:4a:3f:f6:17:95:dd:d7:93:df:02:a8:f7:1f:01:b8:2e:
         8f:ae:c2:de:b0:9b:39:0e:fb:b1:79:dd:31:5c:50:e2:da:38:
         52:4c:31:2d:da:55:44:99:51:ab:2b:56:b2:45:30:94:01:9e:
         ed:b7:5d:37:f9:df:58:c2:0c:0f:02:2d:44:d8:a1:d0:23:43:
         63:fc:fe:53:7f:14:23:12:e6:0a:2a:cb:c6:93:97:e4:b6:70:
         54:fc:e6:ff:c8:a5:c5:06:5b:66:98:c2:c0:a3:b6:69:c1:93:
         b5:a9:a3:87:81:8d:27:f3:02:27:b1:8c:0b:ea:46:bf:18:dd:
         82:cc:d9:30:a7:52:66:cf:a3:12:2a:99:d2:a4:51:9a:25:6c:
         4f:e6:67:cf:6e:71:1b:21:eb:6a:61:77:aa:0f:2b:5d:51:0e:
         19:48:8c:b8:1a:3b:10:8a:ff:0c:27:c7:9e:9d:b4:0c:da:8a:
         2c:de:ae:71:b8:43:ad:aa:d0:d7:60:1c:e1:20:57:c1:73:83:
         e3:9c:a0:02:c2:ec:57:5a:ca:ad:31:29:bd:d1:ef:84:6b:a4:
         e6:60:aa:0d:46:77:a2:96:1c:61:37:bb:bb:d1:fd:18:56:aa:
         61:bb:68:57
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAubt5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2Q4ZjYyMDk5OTUwNmNjODZkNzU0OGVhNzI4MmJiMTI5ZjAyZDY4MB4XDTIyMDEw
MTE0NTY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU4ZmU5Njk4OTdm
MmE1YjJjYTJmNzZhNzgzOTE3M2RhMWQxYjZmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsyGkCPlrUZC4g75w1phVmy8vKeXT4Jg54OwalKw5Kbyyvn
LFcCBfJGue/9YFa5zSqfm59M8SlGOVv1b7sCOE5dF6hmhoGligdrwdTLqu7nBGTH
uLaEAVHIDkgPz8s3A9PSpCbCkBX70Quy+CaflHxqcM03rl6+3i2OHaRd7M70hF3w
v8xOobsxK7QUs1XggzaNttcDil3j5IVBHdGSexEq+coQmrwGGOMYH2J/SBd5gVxc
k2cWoL1vbzclBOek721VQWz+5iuSs5l79bjQXaDpREiuXfzbJHlPGM2POk2pi088
MlJN0t4xHamTxv0Ja40PC3MRwFEDQTwmtkcZh0UCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR1j+lpiX8qWyyi92p4ORc9odG28zAfBgNVHSMEGDAWgBQj2PYgmZUGzIbX
VI6nKCuxKfAtaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5ajJJSm1WQnN5RzExU09weWdyc1Nud0xXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNDAzZWM0LTI2NmUtNGVhNC1iYTNhLTRmZGM0OGRhOGYzMy8x
L2RZX3BhWWxfS2xzc292ZHFlRGtYUGFIUnR2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NDAzZWM0LTI2NmUtNGVhNC1iYTNhLTRmZGM0OGRhOGYzMy8xL0k5ajJJSm1WQnN5
RzExU09weWdyc1Nud0xXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC7jKAMEAC7jLAMEALkfzAMEALkf
zzANBgkqhkiG9w0BAQsFAAOCAQEAfFOPV87hxscdF03DMok2CObpn/FKP/YXld3X
k98CqPcfAbguj67C3rCbOQ77sXndMVxQ4to4UkwxLdpVRJlRqytWskUwlAGe7bdd
N/nfWMIMDwItRNih0CNDY/z+U38UIxLmCirLxpOX5LZwVPzm/8ilxQZbZpjCwKO2
acGTtamjh4GNJ/MCJ7GMC+pGvxjdgszZMKdSZs+jEiqZ0qRRmiVsT+Znz25xGyHr
amF3qg8rXVEOGUiMuBo7EIr/DCfHnp20DNqKLN6ucbhDrarQ12Ac4SBXwXOD45yg
AsLsV1rKrTEpvdHvhGuk5mCqDUZ3opYcYTe7u9H9GFaqYbtoVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:07 2024 by rpki-client on console-ams.rpki-client.org