Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/NU52rXQ4jyeDjYYlciDWblgnWAk.roa
File:                     NU52rXQ4jyeDjYYlciDWblgnWAk.roa (raw, json)
Hash identifier:          RAuwDPfiqBgjWYsCUflIeEBFXFu3sDLJ7+n642oRiFk=
Subject key identifier:   35:4E:76:AD:74:38:8F:27:83:8D:86:25:72:20:D6:6E:58:27:58:09
Certificate issuer:       /CN=7699c189027e25ecc53f98b52ea65ae725d2a730
Certificate serial:       02A7E5E7
Authority key identifier: 76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/NU52rXQ4jyeDjYYlciDWblgnWAk.roa
Signing time:             Sat 01 Jan 2022 12:54:44 +0000
ROA not before:           Sat 01 Jan 2022 12:54:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        185.46.233.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44557799 (0x2a7e5e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7699c189027e25ecc53f98b52ea65ae725d2a730
        Validity
            Not Before: Jan  1 12:54:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=354e76ad74388f27838d86257220d66e58275809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f8:ef:a1:44:4e:49:c0:4f:3c:bd:f0:e3:70:
                    71:59:88:b0:b3:e8:27:30:c6:aa:1b:cb:cc:28:72:
                    6f:92:15:a8:1a:11:4d:84:ff:14:da:bf:38:cb:41:
                    21:40:94:01:33:59:fe:60:55:20:24:cd:60:30:03:
                    b8:81:0b:18:11:0b:b1:70:ef:d8:a6:a8:12:50:37:
                    95:16:bd:b1:df:25:1b:b7:60:19:69:cd:cb:28:e3:
                    12:aa:94:1c:b5:0a:47:6b:0a:e6:d6:c5:7b:b9:81:
                    28:e6:21:58:90:50:13:77:f0:23:30:6c:92:76:e9:
                    25:d7:76:31:55:f5:cc:f9:35:fa:be:e5:5a:13:bc:
                    19:5e:3b:4f:95:07:44:66:58:2f:89:4b:2d:37:5b:
                    e2:57:a3:2f:6a:b2:97:da:2a:1e:64:fa:12:22:a8:
                    bd:b3:89:4e:e6:f9:a3:87:7d:da:40:17:53:99:7b:
                    a7:ee:2f:e9:a7:eb:a4:df:ec:f3:b5:53:b9:5f:43:
                    f8:03:89:8a:e7:1e:9b:1e:cf:86:49:35:7a:b1:8a:
                    6a:32:58:31:3e:ce:8e:51:6e:c9:41:26:20:0b:00:
                    17:5b:9f:66:44:f4:03:89:e3:52:35:06:8e:90:f6:
                    d5:93:52:5b:74:a0:00:fa:c3:8b:8a:2c:51:4f:8b:
                    a7:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:4E:76:AD:74:38:8F:27:83:8D:86:25:72:20:D6:6E:58:27:58:09
            X509v3 Authority Key Identifier:
                keyid:76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/NU52rXQ4jyeDjYYlciDWblgnWAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/dpnBiQJ-JezFP5i1LqZa5yXSpzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:ba:d0:ff:a9:d5:03:4e:04:b2:b9:34:28:69:ae:ed:ca:36:
         12:0b:fa:48:e9:6b:53:9a:ad:e0:74:a6:df:59:be:ef:0d:4c:
         74:13:5a:d4:61:b5:91:a4:9c:44:f7:e0:3f:a3:14:ee:b5:ed:
         c1:96:9b:39:fd:3a:04:3c:a9:40:2c:c6:f5:67:03:05:19:37:
         16:87:d7:74:33:44:90:74:1e:ea:e2:f6:da:4e:c5:ea:15:ac:
         b3:95:db:5b:39:75:a9:67:0e:fe:6b:15:3a:73:33:de:83:98:
         54:0f:9a:72:6a:dc:67:4f:c0:dd:c3:35:92:54:ec:09:63:50:
         f3:fc:d7:64:13:b1:32:9a:27:32:6c:b2:fe:a0:5d:87:ad:34:
         34:71:11:ce:76:f6:e9:16:2d:05:36:ed:23:f2:f0:7b:1b:c6:
         d8:4c:cb:7d:83:e1:00:db:44:db:a2:f6:f5:56:a8:a6:1e:0d:
         c4:f3:89:15:58:89:3c:e3:2f:92:b4:e1:2b:9e:4d:e2:b4:71:
         7a:ad:d2:e9:d0:44:cc:f2:1d:72:ab:61:ed:6b:23:87:93:69:
         1d:22:61:b2:3f:81:0d:33:e4:37:c6:f3:66:03:38:d7:0d:85:
         68:66:63:b3:05:5c:b1:81:9f:d5:25:fb:6c:a4:7f:ed:a1:b8:
         d8:0a:bf:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqfl5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Njk5YzE4OTAyN2UyNWVjYzUzZjk4YjUyZWE2NWFlNzI1ZDJhNzMwMB4XDTIyMDEw
MTEyNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU0ZTc2YWQ3NDM4
OGYyNzgzOGQ4NjI1NzIyMGQ2NmU1ODI3NTgwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD476FETknATzy98ONwcVmIsLPoJzDGqhvLzChyb5IVqBoR
TYT/FNq/OMtBIUCUATNZ/mBVICTNYDADuIELGBELsXDv2KaoElA3lRa9sd8lG7dg
GWnNyyjjEqqUHLUKR2sK5tbFe7mBKOYhWJBQE3fwIzBsknbpJdd2MVX1zPk1+r7l
WhO8GV47T5UHRGZYL4lLLTdb4lejL2qyl9oqHmT6EiKovbOJTub5o4d92kAXU5l7
p+4v6afrpN/s87VTuV9D+AOJiucemx7Phkk1erGKajJYMT7OjlFuyUEmIAsAF1uf
ZkT0A4njUjUGjpD21ZNSW3SgAPrDi4osUU+Lp6kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1TnatdDiPJ4ONhiVyINZuWCdYCTAfBgNVHSMEGDAWgBR2mcGJAn4l7MU/
mLUuplrnJdKnMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RwbkJpUUotSmV6RlA1aTFMcVphNXlYU3B6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvNzE3NTU1LTM1NGYtNGIzNy04YTZhLTA5NDA0MzY2OTFiZC8x
L05VNTJyWFE0anllRGpZWWxjaURXYmxnbldBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
NzE3NTU1LTM1NGYtNGIzNy04YTZhLTA5NDA0MzY2OTFiZC8xL2RwbkJpUUotSmV6
RlA1aTFMcVphNXlYU3B6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALku6TANBgkqhkiG9w0BAQsFAAOC
AQEAebrQ/6nVA04Esrk0KGmu7co2Egv6SOlrU5qt4HSm31m+7w1MdBNa1GG1kaSc
RPfgP6MU7rXtwZabOf06BDypQCzG9WcDBRk3FofXdDNEkHQe6uL22k7F6hWss5Xb
Wzl1qWcO/msVOnMz3oOYVA+acmrcZ0/A3cM1klTsCWNQ8/zXZBOxMponMmyy/qBd
h600NHERznb26RYtBTbtI/LwexvG2EzLfYPhANtE26L29Vaoph4NxPOJFViJPOMv
krThK55N4rRxeq3S6dBEzPIdcqth7Wsjh5NpHSJhsj+BDTPkN8bzZgM41w2FaGZj
swVcsYGf1SX7bKR/7aG42Aq/EQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:01 2024 by rpki-client on console-fra.rpki-client.org