Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ny03xom-Gpsj79tJ0DWhrwPJniA.roa
File:                     ny03xom-Gpsj79tJ0DWhrwPJniA.roa (raw, json)
Hash identifier:          UCvwY2QJviMqm6fACONbW155y/W67RgPdE6FKzk4rn8=
Subject key identifier:   9F:2D:37:C6:89:BE:1A:9B:23:EF:DB:49:D0:35:A1:AF:03:C9:9E:20
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01827C970573DF893FE50A57A09F5CEC6F97
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ny03xom-Gpsj79tJ0DWhrwPJniA.roa
Signing time:             Mon 08 Aug 2022 08:34:08 +0000
ROA not before:           Mon 08 Aug 2022 08:34:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12695
IP address blocks:        185.113.138.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7c:97:05:73:df:89:3f:e5:0a:57:a0:9f:5c:ec:6f:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Aug  8 08:34:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9f2d37c689be1a9b23efdb49d035a1af03c99e20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:94:69:25:6c:f2:95:08:99:86:b6:ba:d1:57:
                    d4:71:3c:f5:c0:19:17:d2:6f:7a:40:68:87:1d:eb:
                    45:dd:9c:58:8b:18:1f:6f:ff:d3:63:4c:15:24:37:
                    49:d2:7a:f2:f3:8a:bb:f4:45:bc:b8:ff:b8:fb:d2:
                    cd:b0:7e:4e:95:fb:34:19:bd:c7:00:b9:87:73:83:
                    6a:be:0e:4d:41:1f:2b:7a:f2:e0:e6:93:7c:0d:d3:
                    bd:68:73:e3:af:55:96:7d:7d:f1:28:14:c3:55:b0:
                    f9:c0:71:14:7b:fc:af:8e:62:e1:fc:d4:de:5c:9d:
                    cf:25:b0:ef:25:6c:17:35:de:7a:7d:d4:5d:22:d1:
                    95:8c:cd:13:89:fc:9a:6e:09:a7:a0:ad:7b:40:ef:
                    4e:b7:73:77:37:ab:34:ee:25:1d:b9:3e:64:c7:27:
                    cc:75:64:6f:ef:c5:1d:cc:25:ed:1a:33:68:1d:a2:
                    0e:fa:64:92:34:d7:99:74:e6:7f:4b:ca:15:d4:f3:
                    cd:17:4f:7d:99:a8:58:df:e0:db:ec:9a:0d:c5:0e:
                    fd:a1:79:75:eb:5a:61:49:61:a5:15:fc:25:42:a9:
                    1e:5e:b8:52:c2:e6:f1:2a:0a:24:65:b1:af:78:6a:
                    7e:94:58:ec:3f:4f:9b:e3:8e:de:8a:ea:79:22:65:
                    8a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:2D:37:C6:89:BE:1A:9B:23:EF:DB:49:D0:35:A1:AF:03:C9:9E:20
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ny03xom-Gpsj79tJ0DWhrwPJniA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.113.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:6d:26:da:8a:af:83:89:60:57:60:d3:41:d6:c4:60:79:03:
         89:38:a6:8f:40:c3:20:5b:5b:1d:b7:54:97:53:7d:b5:76:ee:
         3c:8b:e8:4e:4f:e0:a4:eb:9f:ab:ac:99:8e:2f:95:15:75:c3:
         5d:31:73:4e:45:4a:1c:34:49:7f:a8:db:28:00:03:fd:77:2c:
         81:32:1a:ff:2d:5d:02:d0:70:57:72:25:d4:e9:43:96:c0:d3:
         b0:ae:00:c6:03:2a:e4:19:c5:84:f5:ce:29:e5:9a:0b:8a:c9:
         c1:cc:44:1e:27:8d:ea:44:4d:83:fb:88:8f:67:92:3e:d3:26:
         cb:ae:52:68:91:a7:07:0c:26:49:70:03:3b:08:cc:3f:9e:85:
         3e:5c:f0:bc:9f:5c:f3:ed:25:97:e5:b8:b3:7a:8b:5f:dc:61:
         f3:42:98:91:88:6d:61:09:c8:e4:a4:35:53:fd:26:0a:b2:0a:
         94:52:ee:02:56:37:41:00:91:c4:cf:5c:7e:75:0b:0b:dc:c0:
         91:78:5f:fe:4a:e3:d9:ff:fb:5c:24:88:fb:70:0a:dd:99:3e:
         04:98:3f:a8:dd:ef:57:2b:0f:f9:2f:eb:7d:73:e6:28:7f:c0:
         d1:ee:5f:1e:10:a8:cf:e1:b2:b7:ab:eb:6d:f4:89:bc:87:6c:
         c6:37:be:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ8lwVz34k/5QpXoJ9c7G+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwODA4MDgzNDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJkMzdjNjg5YmUxYTliMjNlZmRiNDlkMDM1YTFhZjAzYzk5ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5RpJWzylQiZhra60VfUcTz1wBkX
0m96QGiHHetF3ZxYixgfb//TY0wVJDdJ0nry84q79EW8uP+4+9LNsH5Olfs0Gb3H
ALmHc4Nqvg5NQR8revLg5pN8DdO9aHPjr1WWfX3xKBTDVbD5wHEUe/yvjmLh/NTe
XJ3PJbDvJWwXNd56fdRdItGVjM0TifyabgmnoK17QO9Ot3N3N6s07iUduT5kxyfM
dWRv78UdzCXtGjNoHaIO+mSSNNeZdOZ/S8oV1PPNF099mahY3+Db7JoNxQ79oXl1
61phSWGlFfwlQqkeXrhSwubxKgokZbGveGp+lFjsP0+b447eiup5ImWKWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8tN8aJvhqbI+/bSdA1oa8DyZ4gMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvbnkwM3hvbS1HcHNqNzl0SjBEV2hyd1BKbmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXGKMA0G
CSqGSIb3DQEBCwUAA4IBAQB0bSbaiq+DiWBXYNNB1sRgeQOJOKaPQMMgW1sdt1SX
U321du48i+hOT+Ck65+rrJmOL5UVdcNdMXNORUocNEl/qNsoAAP9dyyBMhr/LV0C
0HBXciXU6UOWwNOwrgDGAyrkGcWE9c4p5ZoLisnBzEQeJ43qRE2D+4iPZ5I+0ybL
rlJokacHDCZJcAM7CMw/noU+XPC8n1zz7SWX5bizeotf3GHzQpiRiG1hCcjkpDVT
/SYKsgqUUu4CVjdBAJHEz1x+dQsL3MCReF/+SuPZ//tcJIj7cArdmT4EmD+o3e9X
Kw/5L+t9c+Yof8DR7l8eEKjP4bK3q+tt9Im8h2zGN766
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org