Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/gYrdGTe7U4lxX5yNJgXTgCN3XNE.roa
File:                     gYrdGTe7U4lxX5yNJgXTgCN3XNE.roa (raw, json)
Hash identifier:          q5TImVQxcr0yfQUbrpel70OBJI9cM3ELlsxZNRlWpVo=
Subject key identifier:   81:8A:DD:19:37:BB:53:89:71:5F:9C:8D:26:05:D3:80:23:77:5C:D1
Certificate issuer:       /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial:       03F1567B
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/gYrdGTe7U4lxX5yNJgXTgCN3XNE.roa
Signing time:             Sun 29 May 2022 11:38:14 +0000
ROA not before:           Sun 29 May 2022 11:38:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213145
IP address blocks:        188.125.175.0/24 maxlen: 24
                          185.117.99.0/24 maxlen: 24
                          185.117.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66147963 (0x3f1567b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
        Validity
            Not Before: May 29 11:38:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=818add1937bb5389715f9c8d2605d38023775cd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a1:60:fc:4a:a7:83:d6:1a:3f:b5:03:56:86:
                    a5:c2:bf:cd:ba:28:ec:91:66:53:47:3d:cc:40:d7:
                    a4:65:f5:ef:41:be:53:8e:cb:d8:e2:4f:5f:89:65:
                    3e:7c:20:f1:3c:66:83:13:67:cc:7e:8e:45:42:09:
                    fc:e2:c6:90:7b:9d:4a:3d:a5:72:13:3d:e9:43:f8:
                    ca:32:52:28:3e:e6:f2:e0:53:a0:c5:fa:09:bb:3b:
                    ca:38:a1:b1:52:d4:8c:1e:1c:2c:30:c6:7f:0b:c5:
                    83:ae:2d:7b:33:2c:ac:d8:bf:ab:35:63:70:cf:80:
                    da:18:6f:a3:c5:67:82:c5:d9:f8:58:31:9c:d4:a6:
                    64:fd:8b:86:84:ab:34:a6:43:25:07:58:37:34:5e:
                    bc:9a:e3:34:b8:87:70:e8:33:b9:06:0c:6f:b1:50:
                    fe:12:18:f2:bb:eb:3c:e4:8a:ba:7e:47:15:2b:31:
                    d7:26:c0:45:2c:1e:58:ca:50:a9:aa:ec:7f:8e:9f:
                    b0:9b:ef:3d:97:41:42:0a:e5:15:ba:d9:47:74:b8:
                    32:2a:16:36:6e:75:ba:fc:8b:07:3c:20:c4:57:20:
                    cc:34:0a:e9:a2:a1:6f:fa:fe:fc:81:3d:d3:75:ef:
                    94:01:32:f6:42:c2:15:01:4f:81:7c:93:14:07:a9:
                    5b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:8A:DD:19:37:BB:53:89:71:5F:9C:8D:26:05:D3:80:23:77:5C:D1
            X509v3 Authority Key Identifier:
                keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/gYrdGTe7U4lxX5yNJgXTgCN3XNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.99.0/24
                  185.117.120.0/22
                  188.125.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:22:99:69:7f:70:22:49:89:7f:5e:d9:ad:1f:b8:62:0e:cb:
         a5:af:16:3b:ba:4b:77:fc:c9:47:23:8c:36:db:0b:7a:cb:a0:
         8b:17:4d:9e:0d:88:30:3c:0e:c7:5a:c0:a4:37:94:d0:72:01:
         c2:eb:21:93:f9:6a:a6:b4:ee:5e:30:cb:82:3d:17:e9:d9:58:
         9a:75:30:51:3d:93:61:bd:d6:c4:77:6f:f3:86:98:72:18:8d:
         b2:d3:9a:19:ec:73:47:2c:97:19:e0:bf:02:da:b3:ff:a2:c8:
         5f:67:2b:d3:af:ab:b9:31:0e:2b:4d:ac:ab:e1:b9:dc:f9:97:
         38:6e:c9:cf:e2:f7:74:10:43:93:7b:52:86:37:38:04:eb:c8:
         9d:02:9a:0a:63:e2:00:fa:15:8c:fa:2b:95:a1:f0:49:e2:17:
         76:3b:87:f9:54:25:8b:6a:2a:e6:0e:04:db:35:46:90:cb:75:
         d3:4b:90:05:d9:27:97:1f:8d:74:3b:cd:4d:39:18:5d:7c:f2:
         8a:d8:2d:49:53:6c:8b:59:b1:2f:ee:51:9f:9b:f8:c9:7c:95:
         35:a0:66:f6:88:f3:40:00:ca:01:1d:70:c3:74:4d:d2:85:ab:
         d1:75:0c:14:ac:dc:b8:98:6c:b0:85:33:88:39:87:d0:85:96:
         ac:6c:2f:4f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA/FWezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTllNjg4N2VhNzU3MmE2NDExMzA2Yzg3YjBjYzA4OTM5N2E2MzU0MB4XDTIyMDUy
OTExMzgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE4YWRkMTkzN2Ji
NTM4OTcxNWY5YzhkMjYwNWQzODAyMzc3NWNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANChYPxKp4PWGj+1A1aGpcK/zboo7JFmU0c9zEDXpGX170G+
U47L2OJPX4llPnwg8TxmgxNnzH6ORUIJ/OLGkHudSj2lchM96UP4yjJSKD7m8uBT
oMX6Cbs7yjihsVLUjB4cLDDGfwvFg64tezMsrNi/qzVjcM+A2hhvo8VngsXZ+Fgx
nNSmZP2LhoSrNKZDJQdYNzRevJrjNLiHcOgzuQYMb7FQ/hIY8rvrPOSKun5HFSsx
1ybARSweWMpQqarsf46fsJvvPZdBQgrlFbrZR3S4MioWNm51uvyLBzwgxFcgzDQK
6aKhb/r+/IE903XvlAEy9kLCFQFPgXyTFAepWwECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSBit0ZN7tTiXFfnI0mBdOAI3dc0TAfBgNVHSMEGDAWgBSenmiH6nVypkET
Bsh7DMCJOXpjVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wNW9oLXAxY3FaQkV3Yklld3pBaVRsNlkxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZTJhYmFkLTU4ZmEtNGNlZC04NjUwLWVjNTA4ZGVjNzc5My8x
L2dZcmRHVGU3VTRseFg1eU5KZ1hUZ0NOM1hORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZTJhYmFkLTU4ZmEtNGNlZC04NjUwLWVjNTA4ZGVjNzc5My8xL25wNW9oLXAxY3Fa
QkV3Yklld3pBaVRsNlkxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALl1YwMEArl1eAMEALx9rzANBgkq
hkiG9w0BAQsFAAOCAQEANSKZaX9wIkmJf17ZrR+4Yg7Lpa8WO7pLd/zJRyOMNtsL
esugixdNng2IMDwOx1rApDeU0HIBwushk/lqprTuXjDLgj0X6dlYmnUwUT2TYb3W
xHdv84aYchiNstOaGexzRyyXGeC/Atqz/6LIX2cr06+ruTEOK02sq+G53PmXOG7J
z+L3dBBDk3tShjc4BOvInQKaCmPiAPoVjPorlaHwSeIXdjuH+VQli2oq5g4E2zVG
kMt100uQBdknlx+NdDvNTTkYXXzyitgtSVNsi1mxL+5Rn5v4yXyVNaBm9ojzQADK
AR1ww3RN0oWr0XUMFKzcuJhssIUziDmH0IWWrGwvTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:01 2024 by rpki-client on console-fra.rpki-client.org