Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/1ng-Xr_x5eBQInvFjkSplPwaUM8.roa
File:                     1ng-Xr_x5eBQInvFjkSplPwaUM8.roa (raw, json)
Hash identifier:          ZKmUmsWZ13Qx5CCJpcfQmcDCVeB15Gt68dPEGYLktKk=
Subject key identifier:   D6:78:3E:5E:BF:F1:E5:E0:50:22:7B:C5:8E:44:A9:94:FC:1A:50:CF
Certificate issuer:       /CN=61b866e323382caea961e7d2423e53cab5099131
Certificate serial:       0184BD70B64F22CD2A7FCECF5D1FDC075E7B
Authority key identifier: 61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/1ng-Xr_x5eBQInvFjkSplPwaUM8.roa
Signing time:             Mon 28 Nov 2022 08:53:11 +0000
ROA not before:           Mon 28 Nov 2022 08:53:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25540
IP address blocks:        185.33.12.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:70:b6:4f:22:cd:2a:7f:ce:cf:5d:1f:dc:07:5e:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b866e323382caea961e7d2423e53cab5099131
        Validity
            Not Before: Nov 28 08:53:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d6783e5ebff1e5e050227bc58e44a994fc1a50cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:9c:a5:c7:82:1d:5f:2f:8b:69:33:a2:f7:be:
                    10:a5:96:f1:e3:56:e0:e5:2a:dd:40:1e:88:4b:20:
                    88:db:54:a5:78:ba:6d:37:83:a6:b3:c2:e6:7d:cc:
                    8c:87:9f:1e:4d:75:54:a2:34:53:f0:8e:99:b6:70:
                    e5:8f:ea:18:19:35:81:95:86:36:a9:24:74:35:45:
                    86:12:95:a7:01:46:3f:95:41:24:90:22:ed:e1:43:
                    ba:35:29:be:a1:6d:5b:bc:d0:a7:99:81:94:2f:ff:
                    6f:2c:12:95:63:71:e9:d9:7b:e6:63:07:22:3b:b3:
                    32:34:31:ce:b6:b4:19:d8:c9:dc:ea:3f:5f:29:77:
                    ee:75:7b:14:42:c1:f0:fb:8d:19:dd:a2:9b:6f:6f:
                    c6:c3:7d:db:8a:24:a6:4d:b9:50:68:4a:44:7b:f4:
                    a4:ba:08:d3:35:89:a5:24:39:e2:30:ce:1a:d3:ae:
                    aa:14:13:14:ed:08:b6:87:2c:a1:25:9c:41:be:dd:
                    b2:de:2c:60:a0:50:52:33:54:4f:92:70:4c:5a:19:
                    9b:75:1f:3f:94:aa:89:cc:0c:b1:35:7e:11:83:a1:
                    b6:ea:5e:97:76:ca:43:7d:e2:fc:e6:3f:2c:cc:8b:
                    06:36:dd:1e:2d:be:4d:84:3d:33:4b:74:f7:7e:7f:
                    ba:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:78:3E:5E:BF:F1:E5:E0:50:22:7B:C5:8E:44:A9:94:FC:1A:50:CF
            X509v3 Authority Key Identifier:
                keyid:61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/1ng-Xr_x5eBQInvFjkSplPwaUM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f8:d1:a0:0e:ff:7a:9a:84:1a:cf:ab:bf:ad:4e:96:bf:db:
         7e:0d:b3:0d:e6:89:f9:e6:21:7f:bb:38:86:bd:cb:3c:6b:90:
         66:12:8c:30:ef:3d:e6:15:97:f8:40:23:0e:59:7a:47:41:26:
         5b:e1:02:90:fc:6b:58:08:47:e0:9f:3c:b8:65:3a:b6:a7:9a:
         b4:1c:06:73:87:8b:61:a7:e6:ae:b8:42:00:7f:12:b9:09:fb:
         27:94:07:49:98:5a:d1:26:82:24:e8:5f:86:85:d2:95:3f:6e:
         f0:6a:df:e9:1a:5f:ae:af:d1:a7:e8:db:2f:f2:99:e2:30:b4:
         2c:5c:6a:f3:e4:72:7f:ca:f6:61:7e:4c:95:8c:be:5c:3d:d3:
         d8:f1:b3:3c:17:0a:b2:45:23:bb:28:6f:28:50:86:f2:57:4c:
         7e:87:bd:f3:d9:2d:36:5b:f4:9a:30:70:1c:c5:79:e6:41:10:
         30:42:e8:6c:27:0c:3b:1c:2e:e1:de:ae:a1:32:66:d6:04:cc:
         fc:4b:b3:42:17:66:4f:56:8f:1e:d6:87:5f:54:15:8a:17:23:
         a6:1b:e6:8c:ec:4f:f7:7e:6f:fa:c9:c4:e5:9c:1e:ae:9f:cd:
         84:57:ec:13:95:16:b2:e9:93:d5:e7:b9:8d:70:14:be:cc:35:
         c9:27:1c:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9cLZPIs0qf87PXR/cB157MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjg2NmUzMjMzODJjYWVhOTYxZTdkMjQyM2U1M2NhYjUw
OTkxMzEwHhcNMjIxMTI4MDg1MzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc4M2U1ZWJmZjFlNWUwNTAyMjdiYzU4ZTQ0YTk5NGZjMWE1MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZylx4IdXy+LaTOi974QpZbx41bg
5SrdQB6ISyCI21SleLptN4Oms8LmfcyMh58eTXVUojRT8I6ZtnDlj+oYGTWBlYY2
qSR0NUWGEpWnAUY/lUEkkCLt4UO6NSm+oW1bvNCnmYGUL/9vLBKVY3Hp2XvmYwci
O7MyNDHOtrQZ2Mnc6j9fKXfudXsUQsHw+40Z3aKbb2/Gw33biiSmTblQaEpEe/Sk
ugjTNYmlJDniMM4a066qFBMU7Qi2hyyhJZxBvt2y3ixgoFBSM1RPknBMWhmbdR8/
lKqJzAyxNX4Rg6G26l6XdspDfeL85j8szIsGNt0eLb5NhD0zS3T3fn+6WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZ4Pl6/8eXgUCJ7xY5EqZT8GlDPMB8GA1UdIwQY
MBaAFGG4ZuMjOCyuqWHn0kI+U8q1CZExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEt
ZDkyZTY4ZGZmZmU0LzEvMW5nLVhyX3g1ZUJRSW52RmprU3BsUHdhVU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEtZDkyZTY4ZGZmZmU0
LzEvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEMMA0G
CSqGSIb3DQEBCwUAA4IBAQCH+NGgDv96moQaz6u/rU6Wv9t+DbMN5on55iF/uziG
vcs8a5BmEoww7z3mFZf4QCMOWXpHQSZb4QKQ/GtYCEfgnzy4ZTq2p5q0HAZzh4th
p+auuEIAfxK5CfsnlAdJmFrRJoIk6F+GhdKVP27wat/pGl+ur9Gn6Nsv8pniMLQs
XGrz5HJ/yvZhfkyVjL5cPdPY8bM8FwqyRSO7KG8oUIbyV0x+h73z2S02W/SaMHAc
xXnmQRAwQuhsJww7HC7h3q6hMmbWBMz8S7NCF2ZPVo8e1odfVBWKFyOmG+aM7E/3
fm/6ycTlnB6un82EV+wTlRay6ZPV57mNcBS+zDXJJxwh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:00 2024 by rpki-client on console-fra.rpki-client.org