Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/ddyhfh1sX7B_urVRZbyRKPQG31s.roa
File:                     ddyhfh1sX7B_urVRZbyRKPQG31s.roa (raw, json)
Hash identifier:          AAZv7uRHl7KI5qupyoaMpekFtvUdPbrv7REf7brikWQ=
Subject key identifier:   75:DC:A1:7E:1D:6C:5F:B0:7F:BA:B5:51:65:BC:91:28:F4:06:DF:5B
Certificate issuer:       /CN=7699c189027e25ecc53f98b52ea65ae725d2a730
Certificate serial:       02A7D714
Authority key identifier: 76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/ddyhfh1sX7B_urVRZbyRKPQG31s.roa
Signing time:             Sat 01 Jan 2022 12:54:43 +0000
ROA not before:           Sat 01 Jan 2022 12:54:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60781
IP address blocks:        185.46.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44554004 (0x2a7d714)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7699c189027e25ecc53f98b52ea65ae725d2a730
        Validity
            Not Before: Jan  1 12:54:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75dca17e1d6c5fb07fbab55165bc9128f406df5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:87:d7:9b:9c:57:e7:38:b4:ec:30:af:c2:2b:
                    d6:82:5b:ba:37:03:05:24:eb:3f:e6:39:07:b3:ac:
                    84:f7:31:36:d6:3b:05:e5:59:18:a7:b8:2b:fd:c8:
                    a3:93:4a:9c:1d:52:d4:31:af:43:6b:2c:45:1e:45:
                    44:76:97:1e:ce:07:b2:89:e9:37:c9:d7:cc:db:5d:
                    22:6c:ff:2a:06:5b:bc:2e:f1:d7:fc:2b:c0:12:26:
                    5f:9b:af:67:2d:98:61:5a:5e:eb:e8:93:0d:22:95:
                    b8:bc:66:8e:85:0c:d1:0b:80:d6:b2:f1:c4:40:12:
                    f3:5c:3b:05:cc:1a:9b:c7:c5:75:1e:7d:1f:6e:aa:
                    3a:cb:dc:ca:e9:a8:23:89:c0:5d:c3:3e:16:f6:e7:
                    dc:c2:77:d7:f9:b3:04:c4:9f:bf:83:db:bd:ba:a7:
                    27:50:eb:2c:fb:6f:52:3f:b4:9e:96:6d:ac:dd:01:
                    20:ee:c8:3b:98:97:d2:62:96:0c:95:2c:93:73:4d:
                    65:54:f6:29:75:11:64:d5:e4:58:60:b8:63:90:01:
                    55:d3:10:99:b5:ad:bc:9a:fa:77:9f:fc:92:e1:4d:
                    ab:d2:b0:f9:84:d9:10:75:c4:02:14:b1:ef:e0:06:
                    7e:c0:2a:5a:71:38:de:c2:01:0e:80:79:68:7e:48:
                    0f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:DC:A1:7E:1D:6C:5F:B0:7F:BA:B5:51:65:BC:91:28:F4:06:DF:5B
            X509v3 Authority Key Identifier:
                keyid:76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/ddyhfh1sX7B_urVRZbyRKPQG31s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/dpnBiQJ-JezFP5i1LqZa5yXSpzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:cf:e0:5e:64:92:72:6d:cc:91:92:eb:63:80:f2:2b:37:ed:
         92:f3:d0:ff:6b:e1:d8:39:93:fe:d1:81:f2:8a:d1:cb:6f:a0:
         98:80:57:f9:40:49:54:e9:0d:b0:15:3a:13:bc:17:8f:6e:f5:
         44:84:c5:9a:be:41:ca:f9:5b:2a:6b:39:71:51:7a:29:1e:25:
         8c:2b:80:cd:9f:25:71:1e:4d:74:c3:51:04:02:50:44:e8:86:
         eb:18:c4:48:97:82:b0:fc:71:86:a1:2d:9f:dd:52:c4:e9:27:
         98:56:4a:44:eb:fd:07:d2:e0:c1:51:38:ad:ec:55:b0:14:7d:
         db:0c:f3:a4:05:7b:42:74:e5:da:62:33:46:03:39:63:f5:70:
         78:b8:87:bc:62:f4:84:17:5f:16:7d:b8:4e:ca:94:e9:57:52:
         e2:d0:79:77:1f:ba:7f:14:e6:9a:4f:46:14:2d:e5:4d:9e:88:
         27:a5:80:c2:2a:5a:9e:e5:43:86:ae:fa:9d:a4:85:4d:f7:5b:
         55:9e:6b:f5:d6:4b:23:b0:84:0d:13:e6:2b:ad:7f:8f:00:f6:
         9f:a7:2d:03:ab:a5:f1:25:95:2d:ca:4e:ac:98:dc:6b:19:23:
         40:5a:e4:4b:5a:fd:3a:d1:e0:e6:e5:e4:13:2b:ef:3a:f0:de:
         c5:c5:00:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqfXFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Njk5YzE4OTAyN2UyNWVjYzUzZjk4YjUyZWE2NWFlNzI1ZDJhNzMwMB4XDTIyMDEw
MTEyNTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVkY2ExN2UxZDZj
NWZiMDdmYmFiNTUxNjViYzkxMjhmNDA2ZGY1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuH15ucV+c4tOwwr8Ir1oJbujcDBSTrP+Y5B7OshPcxNtY7
BeVZGKe4K/3Io5NKnB1S1DGvQ2ssRR5FRHaXHs4HsonpN8nXzNtdImz/KgZbvC7x
1/wrwBImX5uvZy2YYVpe6+iTDSKVuLxmjoUM0QuA1rLxxEAS81w7Bcwam8fFdR59
H26qOsvcyumoI4nAXcM+Fvbn3MJ31/mzBMSfv4PbvbqnJ1DrLPtvUj+0npZtrN0B
IO7IO5iX0mKWDJUsk3NNZVT2KXURZNXkWGC4Y5ABVdMQmbWtvJr6d5/8kuFNq9Kw
+YTZEHXEAhSx7+AGfsAqWnE43sIBDoB5aH5ID6cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR13KF+HWxfsH+6tVFlvJEo9AbfWzAfBgNVHSMEGDAWgBR2mcGJAn4l7MU/
mLUuplrnJdKnMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RwbkJpUUotSmV6RlA1aTFMcVphNXlYU3B6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvNzE3NTU1LTM1NGYtNGIzNy04YTZhLTA5NDA0MzY2OTFiZC8x
L2RkeWhmaDFzWDdCX3VyVlJaYnlSS1BRRzMxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
NzE3NTU1LTM1NGYtNGIzNy04YTZhLTA5NDA0MzY2OTFiZC8xL2RwbkJpUUotSmV6
RlA1aTFMcVphNXlYU3B6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALku6DANBgkqhkiG9w0BAQsFAAOC
AQEAZs/gXmSScm3MkZLrY4DyKzftkvPQ/2vh2DmT/tGB8orRy2+gmIBX+UBJVOkN
sBU6E7wXj271RITFmr5ByvlbKms5cVF6KR4ljCuAzZ8lcR5NdMNRBAJQROiG6xjE
SJeCsPxxhqEtn91SxOknmFZKROv9B9LgwVE4rexVsBR92wzzpAV7QnTl2mIzRgM5
Y/VweLiHvGL0hBdfFn24TsqU6VdS4tB5dx+6fxTmmk9GFC3lTZ6IJ6WAwipanuVD
hq76naSFTfdbVZ5r9dZLI7CEDRPmK61/jwD2n6ctA6ul8SWVLcpOrJjcaxkjQFrk
S1r9OtHg5uXkEyvvOvDexcUAoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:02 2024 by rpki-client on console-ams.rpki-client.org