Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/YmipIdN3ESWhG0S9-c6MI8-HBvs.roa
File:                     YmipIdN3ESWhG0S9-c6MI8-HBvs.roa (raw, json)
Hash identifier:          2azQv0cT9Uf8ONrSF2md+yxhhhofojFYOU3MAaqqRV0=
Subject key identifier:   62:68:A9:21:D3:77:11:25:A1:1B:44:BD:F9:CE:8C:23:CF:87:06:FB
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       0FEB169A
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/YmipIdN3ESWhG0S9-c6MI8-HBvs.roa
Signing time:             Sat 01 Jan 2022 14:59:47 +0000
ROA not before:           Sat 01 Jan 2022 14:59:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207537
IP address blocks:        185.133.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 267064986 (0xfeb169a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan  1 14:59:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6268a921d3771125a11b44bdf9ce8c23cf8706fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ea:a2:f9:e7:fb:20:55:dc:21:cb:3c:87:df:
                    7d:75:e0:8a:ed:6e:6a:c3:4e:1d:e6:43:42:c0:03:
                    18:70:c4:7e:01:b6:ed:ab:6b:86:65:7a:cd:90:40:
                    d2:4a:7f:df:22:0e:d0:92:10:34:4f:03:68:95:0c:
                    e9:28:11:42:a3:80:53:4c:4f:db:c4:74:9b:03:40:
                    c0:e8:00:ab:79:6c:3b:b0:c2:a5:f5:a3:59:73:6b:
                    c6:82:62:91:07:13:57:ae:7d:69:07:95:8a:cc:33:
                    92:b4:ce:64:b1:1b:8e:69:61:f9:d8:f0:5b:fd:f9:
                    cd:17:24:94:fe:42:36:80:dd:2f:ed:2d:28:11:66:
                    d7:7e:cb:fa:df:b0:d1:b0:31:54:26:56:a5:f3:f9:
                    ce:35:77:b2:28:6c:1d:1b:f9:c6:8b:a1:88:49:fd:
                    12:6c:25:f6:b0:4f:a5:94:14:fe:54:55:d7:eb:45:
                    2e:b0:5f:2b:a3:ad:fb:fe:e2:a9:24:f6:36:d2:a5:
                    4b:cf:c4:e0:c2:b7:c5:d1:4d:8b:fd:36:a0:c5:fd:
                    2a:da:21:8f:e1:92:28:df:26:75:0a:8e:44:37:69:
                    fb:75:31:2f:dc:28:5f:df:a2:78:97:fb:57:1f:09:
                    cc:c9:16:82:4d:fe:93:2a:1c:94:72:0c:53:80:79:
                    0d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:68:A9:21:D3:77:11:25:A1:1B:44:BD:F9:CE:8C:23:CF:87:06:FB
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/YmipIdN3ESWhG0S9-c6MI8-HBvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:b0:d8:35:bf:bf:b6:25:4d:10:ad:d6:ef:c6:60:c3:c0:77:
         e3:19:27:28:5d:c4:cd:34:fd:cd:56:7c:30:46:3d:45:5c:e9:
         5a:27:8f:5f:e8:42:cb:3b:ba:16:f8:b7:a7:4c:54:40:3b:6e:
         dc:de:75:f6:b5:40:b6:35:43:14:58:9a:41:09:7a:35:34:17:
         41:4a:2f:40:7f:dd:88:08:6c:c5:a1:b8:b5:4f:6b:3c:84:95:
         3d:a4:5e:e5:97:a9:fa:8f:93:bc:7c:e2:a4:b3:ab:75:36:66:
         f2:76:cf:da:6b:8c:9d:cc:07:9f:2e:18:d7:d8:be:60:51:68:
         5f:a5:cb:25:b7:41:83:6c:a2:1e:83:ca:5f:6c:11:60:cb:6d:
         4d:b0:4a:b4:e4:c8:3d:d7:81:a6:ce:d6:1b:1b:1a:b7:81:23:
         1d:a3:a1:10:5b:a4:8e:c4:56:0c:b8:1c:27:f1:ed:83:bc:07:
         16:e7:fe:9d:c8:5f:66:48:08:98:14:fa:da:80:db:54:29:c8:
         01:3f:bc:df:65:26:5d:d8:df:8c:ba:01:7a:4c:1f:c8:14:36:
         31:b6:12:da:b1:4f:63:00:30:bc:25:06:4b:71:94:07:1b:d7:
         bb:a0:c5:6b:d7:5b:3b:13:3d:c6:a1:64:98:a9:ff:df:e1:00:
         9a:8a:8f:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED+sWmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDEw
MTE0NTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI2OGE5MjFkMzc3
MTEyNWExMWI0NGJkZjljZThjMjNjZjg3MDZmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLqovnn+yBV3CHLPIfffXXgiu1uasNOHeZDQsADGHDEfgG2
7atrhmV6zZBA0kp/3yIO0JIQNE8DaJUM6SgRQqOAU0xP28R0mwNAwOgAq3lsO7DC
pfWjWXNrxoJikQcTV659aQeViswzkrTOZLEbjmlh+djwW/35zRcklP5CNoDdL+0t
KBFm137L+t+w0bAxVCZWpfP5zjV3sihsHRv5xouhiEn9Emwl9rBPpZQU/lRV1+tF
LrBfK6Ot+/7iqST2NtKlS8/E4MK3xdFNi/02oMX9Ktohj+GSKN8mdQqORDdp+3Ux
L9woX9+ieJf7Vx8JzMkWgk3+kyoclHIMU4B5DQcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiaKkh03cRJaEbRL35zowjz4cG+zAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L1ltaXBJZE4zRVNXaEcwUzktYzZNSTgtSEJ2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmF0zANBgkqhkiG9w0BAQsFAAOC
AQEAgLDYNb+/tiVNEK3W78Zgw8B34xknKF3EzTT9zVZ8MEY9RVzpWiePX+hCyzu6
Fvi3p0xUQDtu3N519rVAtjVDFFiaQQl6NTQXQUovQH/diAhsxaG4tU9rPISVPaRe
5Zep+o+TvHzipLOrdTZm8nbP2muMncwHny4Y19i+YFFoX6XLJbdBg2yiHoPKX2wR
YMttTbBKtOTIPdeBps7WGxsat4EjHaOhEFukjsRWDLgcJ/Htg7wHFuf+nchfZkgI
mBT62oDbVCnIAT+832UmXdjfjLoBekwfyBQ2MbYS2rFPYwAwvCUGS3GUBxvXu6DF
a9dbOxM9xqFkmKn/3+EAmoqPYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org