Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/ytRCqfmbj1W2ozY2_-eX53pwXt8.roa
File:                     ytRCqfmbj1W2ozY2_-eX53pwXt8.roa (raw, json)
Hash identifier:          c10ZIPpaJ/pxNgLi7bpgP1bjUijv6ile9a+xwYnZtXU=
Subject key identifier:   CA:D4:42:A9:F9:9B:8F:55:B6:A3:36:36:FF:E7:97:E7:7A:70:5E:DF
Certificate issuer:       /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial:       3943CEE5
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/ytRCqfmbj1W2ozY2_-eX53pwXt8.roa
Signing time:             Sat 01 Jan 2022 08:05:32 +0000
ROA not before:           Sat 01 Jan 2022 08:05:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43965
IP address blocks:        194.225.48.0/20 maxlen: 24
                          194.225.184.0/22 maxlen: 24
                          194.225.192.0/19 maxlen: 24
                          2001:14e8:2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 960745189 (0x3943cee5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
        Validity
            Not Before: Jan  1 08:05:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cad442a9f99b8f55b6a33636ffe797e77a705edf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5d:25:6e:d6:2e:54:c9:92:4b:ab:b4:58:4a:
                    b0:18:76:35:0d:4c:81:dc:89:4d:45:d8:b4:16:13:
                    74:fb:0e:c6:6d:56:0b:99:a3:bb:79:c5:5b:38:da:
                    d5:74:72:26:93:db:7a:4b:b7:39:40:c4:ef:44:be:
                    c8:bd:f8:c5:d4:8c:46:68:bf:3a:d8:07:25:ea:e0:
                    47:5a:8f:7a:55:cd:78:c0:3c:f9:5e:f4:f0:92:ac:
                    43:58:97:3d:88:f2:03:fa:4b:4a:d9:72:ac:a9:67:
                    df:86:f5:8a:d5:12:cc:5d:ac:e9:46:b8:2d:f5:0f:
                    c5:bd:01:34:5f:3a:c9:08:1e:46:f1:29:53:25:59:
                    a7:f2:a1:ee:9c:ce:0f:e6:0f:8d:46:24:01:91:fd:
                    15:a3:90:ab:82:47:9e:bd:91:d7:58:6a:f1:b0:f8:
                    d5:92:a2:cb:3e:29:4b:69:e3:3a:99:55:f0:5f:cc:
                    a5:f2:be:8d:09:be:64:24:3b:ab:b4:8a:4e:6d:af:
                    96:36:b0:84:1e:bc:8f:0a:a2:a2:7b:e3:4e:90:e8:
                    44:77:73:3a:8c:35:fa:b8:8f:d1:c3:12:64:e5:b6:
                    ad:56:62:4a:f2:d4:fc:d9:bd:a8:ea:ee:a7:5c:98:
                    cd:81:c9:d9:c4:59:b5:91:ea:25:c6:a4:f1:6b:ac:
                    85:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D4:42:A9:F9:9B:8F:55:B6:A3:36:36:FF:E7:97:E7:7A:70:5E:DF
            X509v3 Authority Key Identifier:
                keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/ytRCqfmbj1W2ozY2_-eX53pwXt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.225.48.0/20
                  194.225.184.0/22
                  194.225.192.0/19
                IPv6:
                  2001:14e8:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:11:9d:0e:11:8b:61:1a:4b:1d:36:58:73:67:83:69:fa:0e:
         d2:4b:9b:52:b1:75:c8:88:3a:2a:11:28:4e:ad:db:57:04:a6:
         8f:51:50:09:9a:59:e3:68:6e:45:a3:4c:66:00:c9:e1:78:0a:
         18:dd:d5:be:ab:f2:57:2b:66:f1:1d:4b:e9:45:0d:fd:ce:a3:
         19:fd:9d:96:6d:ca:06:9b:1c:58:9b:2c:2f:bb:3b:c1:a1:ba:
         a3:8d:b4:b3:68:0e:3b:ec:ca:2a:78:76:ac:86:0d:f1:cb:b6:
         34:0d:ac:b6:b2:6d:be:39:86:f9:a2:94:bb:ad:6d:d2:79:e6:
         6a:0b:c7:53:94:bd:82:de:7e:a5:13:1d:1b:c4:bc:fc:fc:46:
         2f:95:51:98:48:de:ee:bd:25:fc:24:25:e7:fb:cb:d0:d4:f4:
         1d:80:02:0e:bb:ea:79:67:20:88:35:ef:93:00:c4:d4:fc:86:
         05:35:31:e6:bc:e1:65:75:43:d2:cc:b1:38:cb:a3:fb:fc:ef:
         aa:40:54:19:b3:e5:29:55:bb:93:ba:90:6b:4f:3b:b9:07:56:
         11:bb:35:b3:23:10:0c:a5:9d:36:f1:a6:61:08:45:9d:43:4e:
         68:c8:23:cb:2d:c8:d2:81:b8:cc:d5:a3:9a:79:b8:f5:77:38:
         2c:b0:f8:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEOUPO5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODNkNzYwNTEwMTdkMGFmYTkxNWZjZmI3OTBhMDBmNDY2N2IwYTg4MB4XDTIyMDEw
MTA4MDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FkNDQyYTlmOTli
OGY1NWI2YTMzNjM2ZmZlNzk3ZTc3YTcwNWVkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9dJW7WLlTJkkurtFhKsBh2NQ1MgdyJTUXYtBYTdPsOxm1W
C5mju3nFWzja1XRyJpPbeku3OUDE70S+yL34xdSMRmi/OtgHJergR1qPelXNeMA8
+V708JKsQ1iXPYjyA/pLStlyrKln34b1itUSzF2s6Ua4LfUPxb0BNF86yQgeRvEp
UyVZp/Kh7pzOD+YPjUYkAZH9FaOQq4JHnr2R11hq8bD41ZKiyz4pS2njOplV8F/M
pfK+jQm+ZCQ7q7SKTm2vljawhB68jwqionvjTpDoRHdzOow1+riP0cMSZOW2rVZi
SvLU/Nm9qOrup1yYzYHJ2cRZtZHqJcak8WushdECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTK1EKp+ZuPVbajNjb/55fnenBe3zAfBgNVHSMEGDAWgBRYPXYFEBfQr6kV
/Pt5CgD0ZnsKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dEMTJCUkFYMEstcEZmejdlUW9BOUdaN0NvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvNGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8x
L3l0UkNxZm1iajFXMm96WTJfLWVYNTNwd1h0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
NGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8xL1dEMTJCUkFYMEst
cEZmejdlUW9BOUdaN0NvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEBMLhMAMEAsLhuAMEBcLhwDAPBAIA
AjAJAwcAIAEU6AACMA0GCSqGSIb3DQEBCwUAA4IBAQB9EZ0OEYthGksdNlhzZ4Np
+g7SS5tSsXXIiDoqEShOrdtXBKaPUVAJmlnjaG5Fo0xmAMnheAoY3dW+q/JXK2bx
HUvpRQ39zqMZ/Z2WbcoGmxxYmywvuzvBobqjjbSzaA477MoqeHashg3xy7Y0Day2
sm2+OYb5opS7rW3SeeZqC8dTlL2C3n6lEx0bxLz8/EYvlVGYSN7uvSX8JCXn+8vQ
1PQdgAIOu+p5ZyCINe+TAMTU/IYFNTHmvOFldUPSzLE4y6P7/O+qQFQZs+UpVbuT
upBrTzu5B1YRuzWzIxAMpZ028aZhCEWdQ05oyCPLLcjSgbjM1aOaebj1dzgssPhz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org