Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/ac7fa3-dbe8-493b-b8a7-3be0313ec590/1/7BeJ2cXDz1AQ0SVGUpB1g9h1WcE.roa
File:                     7BeJ2cXDz1AQ0SVGUpB1g9h1WcE.roa (raw, json)
Hash identifier:          Vd2hymj9EFtLTMPkuCrc533cOns8k1bf1zg/qn55t60=
Subject key identifier:   EC:17:89:D9:C5:C3:CF:50:10:D1:25:46:52:90:75:83:D8:75:59:C1
Certificate issuer:       /CN=092cc4e3f11a0f5ee7c56f67ce099601a4cfbbb6
Certificate serial:       03558699
Authority key identifier: 09:2C:C4:E3:F1:1A:0F:5E:E7:C5:6F:67:CE:09:96:01:A4:CF:BB:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CSzE4_EaD17nxW9nzgmWAaTPu7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/ac7fa3-dbe8-493b-b8a7-3be0313ec590/1/7BeJ2cXDz1AQ0SVGUpB1g9h1WcE.roa
Signing time:             Sat 01 Jan 2022 12:59:50 +0000
ROA not before:           Sat 01 Jan 2022 12:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200695
IP address blocks:        185.98.233.0/24 maxlen: 24
                          185.98.232.0/24 maxlen: 24
                          185.98.235.0/24 maxlen: 24
                          185.98.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55936665 (0x3558699)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=092cc4e3f11a0f5ee7c56f67ce099601a4cfbbb6
        Validity
            Not Before: Jan  1 12:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec1789d9c5c3cf5010d1254652907583d87559c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:cf:0d:ec:29:c4:39:ec:8a:84:52:3f:f4:c7:
                    fe:cd:f9:af:d3:16:8e:2a:5a:bb:5e:d8:ff:ce:ac:
                    21:9b:3a:ff:05:60:c9:71:7e:af:a6:f7:6b:34:c3:
                    36:32:cd:3d:5a:e1:6b:61:c6:df:32:d3:97:1e:6b:
                    c6:9b:c8:3d:3a:cb:93:56:d0:20:b5:d3:78:8f:14:
                    81:f0:47:f1:a8:d6:2a:0c:6f:87:f5:3e:b5:b5:ea:
                    89:60:8b:2d:e9:e8:01:54:50:84:f3:5c:90:9b:57:
                    d7:bb:66:18:04:71:05:d7:8c:57:08:96:79:eb:9c:
                    a0:9d:1c:95:ca:56:ce:73:4b:6b:46:d5:1f:8e:d2:
                    8a:cb:1e:2d:cd:29:d3:67:19:15:7a:94:22:d8:1d:
                    dc:05:8e:27:f4:78:42:5d:46:9c:1a:4d:85:1b:75:
                    55:cd:2b:69:a9:64:1b:92:1c:19:0e:6f:16:8c:f1:
                    91:50:d7:13:30:51:9f:cb:79:8e:8a:3b:3a:4a:44:
                    5a:4d:8c:aa:fe:b4:0d:fb:82:0c:0c:59:cc:44:01:
                    1f:b9:ec:d1:db:df:89:d1:3e:de:66:d9:3c:f0:f2:
                    e5:dc:e0:e1:8a:eb:41:7a:09:f4:b1:4d:53:a9:2d:
                    42:90:26:27:92:ed:81:53:99:b6:27:de:ac:63:5d:
                    59:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:17:89:D9:C5:C3:CF:50:10:D1:25:46:52:90:75:83:D8:75:59:C1
            X509v3 Authority Key Identifier:
                keyid:09:2C:C4:E3:F1:1A:0F:5E:E7:C5:6F:67:CE:09:96:01:A4:CF:BB:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSzE4_EaD17nxW9nzgmWAaTPu7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/ac7fa3-dbe8-493b-b8a7-3be0313ec590/1/7BeJ2cXDz1AQ0SVGUpB1g9h1WcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/ac7fa3-dbe8-493b-b8a7-3be0313ec590/1/CSzE4_EaD17nxW9nzgmWAaTPu7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.98.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:66:1c:c3:41:03:03:49:24:11:25:01:9f:29:5c:ae:39:9d:
         ad:0e:05:fb:7c:0c:d5:f6:45:1c:20:de:cc:15:32:02:c5:5f:
         0f:8d:e8:4e:6d:2e:47:63:73:df:dd:73:27:3e:5b:e2:28:da:
         db:49:6a:a7:d0:27:fb:aa:14:1d:92:ae:fb:0e:c9:39:57:7f:
         bd:e9:37:70:b5:75:74:00:77:4a:34:f0:35:a8:cb:00:6d:d2:
         ca:c8:16:df:d8:8d:2f:7c:cd:80:cf:3b:a2:e3:40:cb:bc:29:
         ec:ed:02:0a:01:04:f2:24:33:26:33:93:65:ce:d4:5b:09:56:
         a0:08:24:8c:9d:f8:be:8a:fb:a3:b1:85:7f:bb:11:f8:4b:45:
         89:7d:35:67:4a:21:1d:86:ed:0e:3b:09:d3:f5:5d:76:a6:ea:
         1a:6a:52:cd:2d:38:87:bd:76:2e:96:0e:81:b7:54:16:e9:a7:
         e6:85:ad:82:0e:28:bb:90:1b:e1:07:30:ed:0b:4f:79:94:cb:
         23:5f:7a:eb:72:9f:a2:29:1c:f2:1e:de:97:da:6c:74:0b:9f:
         83:9c:38:8a:a1:c5:c2:cd:1c:06:c4:8a:71:50:08:0a:81:c8:
         47:a6:b8:84:1d:20:8b:f4:1a:40:35:49:e8:21:d4:29:27:88:
         ca:da:a8:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1WGmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTJjYzRlM2YxMWEwZjVlZTdjNTZmNjdjZTA5OTYwMWE0Y2ZiYmI2MB4XDTIyMDEw
MTEyNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMxNzg5ZDljNWMz
Y2Y1MDEwZDEyNTQ2NTI5MDc1ODNkODc1NTljMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnPDewpxDnsioRSP/TH/s35r9MWjipau17Y/86sIZs6/wVg
yXF+r6b3azTDNjLNPVrha2HG3zLTlx5rxpvIPTrLk1bQILXTeI8UgfBH8ajWKgxv
h/U+tbXqiWCLLenoAVRQhPNckJtX17tmGARxBdeMVwiWeeucoJ0clcpWznNLa0bV
H47SisseLc0p02cZFXqUItgd3AWOJ/R4Ql1GnBpNhRt1Vc0raalkG5IcGQ5vFozx
kVDXEzBRn8t5joo7OkpEWk2Mqv60DfuCDAxZzEQBH7ns0dvfidE+3mbZPPDy5dzg
4YrrQXoJ9LFNU6ktQpAmJ5LtgVOZtiferGNdWb8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsF4nZxcPPUBDRJUZSkHWD2HVZwTAfBgNVHSMEGDAWgBQJLMTj8RoPXufF
b2fOCZYBpM+7tjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NTekU0X0VhRDE3bnhXOW56Z21XQWFUUHU3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYWM3ZmEzLWRiZTgtNDkzYi1iOGE3LTNiZTAzMTNlYzU5MC8x
LzdCZUoyY1hEejFBUTBTVkdVcEIxZzloMVdjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YWM3ZmEzLWRiZTgtNDkzYi1iOGE3LTNiZTAzMTNlYzU5MC8xL0NTekU0X0VhRDE3
bnhXOW56Z21XQWFUUHU3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArli6DANBgkqhkiG9w0BAQsFAAOC
AQEAZWYcw0EDA0kkESUBnylcrjmdrQ4F+3wM1fZFHCDezBUyAsVfD43oTm0uR2Nz
391zJz5b4ija20lqp9An+6oUHZKu+w7JOVd/vek3cLV1dAB3SjTwNajLAG3SysgW
39iNL3zNgM87ouNAy7wp7O0CCgEE8iQzJjOTZc7UWwlWoAgkjJ34vor7o7GFf7sR
+EtFiX01Z0ohHYbtDjsJ0/VddqbqGmpSzS04h712LpYOgbdUFumn5oWtgg4ou5Ab
4Qcw7QtPeZTLI19663Kfoikc8h7el9psdAufg5w4iqHFws0cBsSKcVAICoHIR6a4
hB0gi/QaQDVJ6CHUKSeIytqoHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-fra.rpki-client.org