Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mXPqAhmj-DB17A4AeKwz6h2OC7o.roa
File:                     mXPqAhmj-DB17A4AeKwz6h2OC7o.roa (raw, json)
Hash identifier:          99Q4530H/DCbPVx+rbiQRLlN06fbfUFtvoHZ1EblzGg=
Subject key identifier:   99:73:EA:02:19:A3:F8:30:75:EC:0E:00:78:AC:33:EA:1D:8E:0B:BA
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01853EE744FCDD03E189FA4687929B421521
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mXPqAhmj-DB17A4AeKwz6h2OC7o.roa
Signing time:             Fri 23 Dec 2022 12:13:41 +0000
ROA not before:           Fri 23 Dec 2022 12:13:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12695
IP address blocks:        185.113.138.0/23 maxlen: 23
                          185.75.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3e:e7:44:fc:dd:03:e1:89:fa:46:87:92:9b:42:15:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Dec 23 12:13:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9973ea0219a3f83075ec0e0078ac33ea1d8e0bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a3:39:44:b1:8e:d7:2f:02:64:79:9c:4f:68:
                    e6:b7:5f:32:71:d3:0d:b6:48:39:49:10:90:ec:20:
                    4e:d4:83:29:2d:f7:2a:e5:a5:9c:49:a6:b5:3a:cc:
                    6a:2d:97:fb:42:68:fb:bf:1e:f9:47:b7:cf:1b:59:
                    1e:e4:9f:55:b2:ca:a4:28:23:dc:ba:df:8e:29:8c:
                    32:ce:19:f5:10:8b:6c:8f:f7:3a:fe:0c:5d:b9:4a:
                    8e:68:4b:b7:75:a2:2a:40:5a:d2:6f:95:3a:4a:4f:
                    9d:8a:d8:cb:e0:86:84:09:9e:d9:bc:e8:cb:c2:6e:
                    54:ce:4e:41:ac:39:69:7e:ec:d8:c2:35:89:03:07:
                    18:8b:24:c3:a7:e4:60:5d:a2:5a:ea:28:e8:25:e4:
                    5b:ab:d6:a8:21:b3:1f:94:e3:0f:90:ab:f2:51:09:
                    e0:7b:9d:7d:28:cb:85:ec:73:fc:a4:4d:c7:65:0e:
                    74:57:7e:90:89:d3:15:54:62:d3:9c:ab:7b:41:53:
                    8b:40:b0:25:81:9b:8e:a2:de:74:1d:48:30:68:54:
                    70:8a:7d:df:56:b9:57:a7:70:72:76:ec:ac:0d:72:
                    00:3e:60:21:dd:56:35:b6:be:a6:75:3d:f3:63:0f:
                    7c:ad:35:9e:f6:5f:37:61:fe:26:4f:85:c8:8e:8e:
                    33:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:73:EA:02:19:A3:F8:30:75:EC:0E:00:78:AC:33:EA:1D:8E:0B:BA
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mXPqAhmj-DB17A4AeKwz6h2OC7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.135.0/24
                  185.113.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:1c:0e:e4:20:bf:0a:2f:38:4a:37:22:aa:ad:44:1d:12:5f:
         5e:e0:a5:04:a1:b7:b7:25:80:e3:f4:e8:49:a7:7d:75:6f:72:
         c7:8b:bd:d4:95:3b:1e:98:cf:a5:3d:74:21:b2:7c:d5:e4:b8:
         a2:bf:87:5e:a1:43:ce:95:55:aa:1c:ad:7d:42:bd:9a:a7:fd:
         d2:50:2b:1f:e0:3b:99:f6:cd:ac:1e:8d:f2:19:af:fd:40:19:
         37:dc:28:4b:11:1b:a9:c2:31:06:e1:11:db:44:51:c2:95:0d:
         5a:c5:5f:04:b3:e8:0f:f8:86:9c:ec:56:20:51:55:fa:fa:35:
         44:03:41:8c:be:a0:16:ff:1a:31:4f:81:e8:ae:38:27:31:5a:
         5c:45:de:15:63:dd:e1:00:a0:3d:a8:8d:56:10:1e:16:e8:f7:
         63:c6:a8:e9:ce:58:6a:33:ce:73:54:58:d5:42:74:2d:2d:17:
         42:7e:6b:de:af:2d:04:68:8f:49:e8:c4:85:10:61:14:1f:e1:
         d1:d0:94:1c:eb:3b:79:2e:7b:43:54:af:c8:c3:3d:41:47:70:
         bf:af:47:c8:a5:88:19:cb:a7:1b:4c:1f:fa:a6:94:4c:27:49:
         75:a4:fd:db:05:b7:85:00:6d:73:54:a1:86:ec:c3:33:8c:d9:
         0a:4d:69:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU+50T83QPhifpGh5KbQhUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIxMjIzMTIxMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTczZWEwMjE5YTNmODMwNzVlYzBlMDA3OGFjMzNlYTFkOGUwYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraM5RLGO1y8CZHmcT2jmt18ycdMN
tkg5SRCQ7CBO1IMpLfcq5aWcSaa1OsxqLZf7Qmj7vx75R7fPG1ke5J9VssqkKCPc
ut+OKYwyzhn1EItsj/c6/gxduUqOaEu3daIqQFrSb5U6Sk+ditjL4IaECZ7ZvOjL
wm5Uzk5BrDlpfuzYwjWJAwcYiyTDp+RgXaJa6ijoJeRbq9aoIbMflOMPkKvyUQng
e519KMuF7HP8pE3HZQ50V36QidMVVGLTnKt7QVOLQLAlgZuOot50HUgwaFRwin3f
VrlXp3ByduysDXIAPmAh3VY1tr6mdT3zYw98rTWe9l83Yf4mT4XIjo4z6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJlz6gIZo/gwdewOAHisM+odjgu6MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvbVhQcUFobWotREIxN0E0QWVLd3o2aDJPQzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUuHAwQB
uXGKMA0GCSqGSIb3DQEBCwUAA4IBAQCZHA7kIL8KLzhKNyKqrUQdEl9e4KUEobe3
JYDj9OhJp311b3LHi73UlTsemM+lPXQhsnzV5Liiv4deoUPOlVWqHK19Qr2ap/3S
UCsf4DuZ9s2sHo3yGa/9QBk33ChLERupwjEG4RHbRFHClQ1axV8Es+gP+Iac7FYg
UVX6+jVEA0GMvqAW/xoxT4HorjgnMVpcRd4VY93hAKA9qI1WEB4W6Pdjxqjpzlhq
M85zVFjVQnQtLRdCfmvery0EaI9J6MSFEGEUH+HR0JQc6zt5LntDVK/Iwz1BR3C/
r0fIpYgZy6cbTB/6ppRMJ0l1pP3bBbeFAG1zVKGG7MMzjNkKTWm/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org