Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/VLfRX_GG_Vb7pFGQXq-s43QUeEI.roa
File:                     VLfRX_GG_Vb7pFGQXq-s43QUeEI.roa (raw, json)
Hash identifier:          lm39QCiFD0xKmS8GAJcLV8fs/ilxOXsF+08ja0jGZM4=
Subject key identifier:   54:B7:D1:5F:F1:86:FD:56:FB:A4:51:90:5E:AF:AC:E3:74:14:78:42
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0184804A00E073865916EE9CAEA9E06DA953
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/VLfRX_GG_Vb7pFGQXq-s43QUeEI.roa
Signing time:             Wed 16 Nov 2022 11:54:04 +0000
ROA not before:           Wed 16 Nov 2022 11:54:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203252
IP address blocks:        185.246.118.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:4a:00:e0:73:86:59:16:ee:9c:ae:a9:e0:6d:a9:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Nov 16 11:54:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54b7d15ff186fd56fba451905eaface374147842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ee:75:07:5f:78:a5:02:87:41:eb:3f:d4:42:
                    15:a1:18:a0:6a:59:d2:2d:25:d2:c7:d1:08:64:05:
                    2c:99:4f:e9:27:c3:d1:5b:0b:89:91:06:e1:f9:a0:
                    6e:8e:5f:91:8f:cf:6c:3a:e1:ca:a5:f4:55:0a:ec:
                    0a:33:87:e5:25:18:84:9f:1a:90:24:83:40:0f:38:
                    f2:24:57:52:f4:8a:e1:da:df:55:c2:ab:0a:3a:1b:
                    3e:9a:2f:8a:9f:c7:36:d7:30:b5:e6:c3:b2:ab:c0:
                    19:a6:62:cf:a5:ec:d2:84:6c:51:79:11:ea:be:7c:
                    e0:e1:16:de:3f:cf:f8:ce:93:db:07:70:8b:55:ea:
                    49:95:3e:33:02:6b:cc:27:f4:ae:15:5a:f2:7d:f1:
                    b3:bf:65:a4:41:d4:72:9f:aa:ed:60:69:5a:8f:5c:
                    b9:bf:26:07:53:09:19:48:75:46:42:21:01:c5:35:
                    86:91:95:70:12:63:1c:67:d7:9a:c7:4e:da:f1:0f:
                    83:84:c0:44:a9:aa:e5:45:6c:d2:b9:de:9b:e1:f9:
                    02:d0:5f:4a:94:87:e5:3d:60:4c:cd:df:21:1e:ad:
                    99:b4:9f:96:cd:83:9c:68:d3:e6:76:c1:31:c3:5d:
                    1d:98:fc:3d:20:59:43:b3:f0:df:fb:f0:6a:5b:a1:
                    b7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:B7:D1:5F:F1:86:FD:56:FB:A4:51:90:5E:AF:AC:E3:74:14:78:42
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/VLfRX_GG_Vb7pFGQXq-s43QUeEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.246.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:b9:1e:b4:3f:20:50:39:77:0d:ef:71:f1:1a:dc:bf:dc:31:
         d6:57:1d:84:94:f3:91:78:a8:34:88:b3:00:c3:61:9f:d9:2e:
         1f:a4:8a:12:76:76:61:00:0d:22:f2:bf:1e:9d:19:54:8f:ff:
         04:8e:87:85:b4:33:62:fd:10:32:46:32:63:32:90:86:92:5e:
         9f:90:64:d6:71:78:bc:e0:c2:71:84:57:b9:5d:55:02:6a:99:
         0f:e6:3d:3b:96:c7:9a:79:14:00:09:1e:f7:93:b7:28:4a:f7:
         20:f4:dd:aa:0d:12:e6:f5:78:d6:ef:15:b0:43:b7:86:83:da:
         23:3f:70:65:9f:ea:5e:05:f6:ef:54:49:76:60:76:b3:ff:08:
         5c:bf:b0:f2:32:c3:5d:7f:f7:4a:44:01:b7:5a:13:fe:8d:0d:
         7b:b9:1e:7c:aa:9f:2e:23:d9:02:4e:df:66:10:a6:8c:68:a4:
         83:17:64:95:e7:97:48:fd:01:b2:a8:83:15:4d:d2:fd:f7:d0:
         76:ea:69:a1:8e:09:fc:e9:68:5c:2f:7e:71:b2:af:32:e7:5f:
         7f:4e:fd:47:41:24:2d:45:d9:fa:e9:03:14:35:18:60:d1:82:
         63:52:54:47:89:06:0d:6a:27:1b:b5:a1:be:cc:90:65:31:8a:
         c8:47:25:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSASgDgc4ZZFu6crqngbalTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIxMTE2MTE1NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI3ZDE1ZmYxODZmZDU2ZmJhNDUxOTA1ZWFmYWNlMzc0MTQ3ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+51B194pQKHQes/1EIVoRigalnS
LSXSx9EIZAUsmU/pJ8PRWwuJkQbh+aBujl+Rj89sOuHKpfRVCuwKM4flJRiEnxqQ
JINADzjyJFdS9Irh2t9VwqsKOhs+mi+Kn8c21zC15sOyq8AZpmLPpezShGxReRHq
vnzg4RbeP8/4zpPbB3CLVepJlT4zAmvMJ/SuFVryffGzv2WkQdRyn6rtYGlaj1y5
vyYHUwkZSHVGQiEBxTWGkZVwEmMcZ9eax07a8Q+DhMBEqarlRWzSud6b4fkC0F9K
lIflPWBMzd8hHq2ZtJ+WzYOcaNPmdsExw10dmPw9IFlDs/Df+/BqW6G3/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFS30V/xhv1W+6RRkF6vrON0FHhCMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvVkxmUlhfR0dfVmI3cEZHUVhxLXM0M1FVZUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufZ2MA0G
CSqGSIb3DQEBCwUAA4IBAQCVuR60PyBQOXcN73HxGty/3DHWVx2ElPOReKg0iLMA
w2Gf2S4fpIoSdnZhAA0i8r8enRlUj/8EjoeFtDNi/RAyRjJjMpCGkl6fkGTWcXi8
4MJxhFe5XVUCapkP5j07lseaeRQACR73k7coSvcg9N2qDRLm9XjW7xWwQ7eGg9oj
P3Bln+peBfbvVEl2YHaz/whcv7DyMsNdf/dKRAG3WhP+jQ17uR58qp8uI9kCTt9m
EKaMaKSDF2SV55dI/QGyqIMVTdL999B26mmhjgn86WhcL35xsq8y519/Tv1HQSQt
Rdn66QMUNRhg0YJjUlRHiQYNaicbtaG+zJBlMYrIRyVC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org