Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/9yM0aMfNy9TG0__Lqv4zDmhLdBA.roa
File:                     9yM0aMfNy9TG0__Lqv4zDmhLdBA.roa (raw, json)
Hash identifier:          8OG01EZOs4LWp/ANd9xFCowkoxe0qYfYJue6ZhvnWJM=
Subject key identifier:   F7:23:34:68:C7:CD:CB:D4:C6:D3:FF:CB:AA:FE:33:0E:68:4B:74:10
Certificate issuer:       /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial:       09E0951C
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/9yM0aMfNy9TG0__Lqv4zDmhLdBA.roa
Signing time:             Sat 01 Jan 2022 05:53:31 +0000
ROA not before:           Sat 01 Jan 2022 05:53:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15830
IP address blocks:        185.43.192.0/24 maxlen: 24
                          185.43.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165713180 (0x9e0951c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
        Validity
            Not Before: Jan  1 05:53:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7233468c7cdcbd4c6d3ffcbaafe330e684b7410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:49:cd:69:65:b3:46:3d:1d:c4:d8:98:e3:67:
                    5c:26:b9:cf:22:ee:60:60:0c:56:29:60:5c:69:b0:
                    15:40:e0:09:80:c1:46:cc:71:f6:c3:6a:bf:0a:3b:
                    2c:a3:ec:f0:45:0c:cb:a7:fc:5b:80:2d:5a:96:2f:
                    58:cd:bf:d9:63:3f:b9:0c:e4:05:57:cb:de:79:8a:
                    95:a5:7d:f5:06:ce:fd:f4:7f:d4:c4:2f:51:4f:7a:
                    dc:fc:71:ae:be:5f:a3:e7:06:22:c3:26:b6:bd:9b:
                    3e:e3:06:cd:3c:b9:5f:3c:90:bb:98:76:b6:42:df:
                    22:8d:0a:89:25:bf:e3:d9:29:cf:a7:c0:03:1b:bf:
                    7f:9d:12:52:0e:6a:74:0d:04:5d:d5:20:9d:44:bf:
                    60:3e:00:f5:c6:0e:f7:19:1a:cb:f4:5b:19:55:6e:
                    d8:f5:43:9c:6e:e3:0d:05:a0:73:da:1a:a3:34:19:
                    a6:09:50:ee:8a:26:d9:14:9d:99:4e:2f:4b:d9:fb:
                    8c:f7:4f:53:52:7b:b6:49:a3:e3:e2:e0:d3:53:1b:
                    f1:4e:c9:7c:ac:42:85:5e:8e:5e:37:b8:d5:a8:b9:
                    35:bb:39:c4:e1:fd:21:42:28:b4:d1:e0:dd:77:e5:
                    ad:62:e5:36:24:39:40:cb:37:96:db:1c:41:45:a9:
                    a4:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:23:34:68:C7:CD:CB:D4:C6:D3:FF:CB:AA:FE:33:0E:68:4B:74:10
            X509v3 Authority Key Identifier:
                keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/9yM0aMfNy9TG0__Lqv4zDmhLdBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:20:26:7e:f4:13:aa:34:ba:06:51:f9:80:64:7f:5b:26:c0:
         1f:1a:47:c6:08:3b:21:64:b1:87:04:d9:75:a7:32:ca:7e:9e:
         2c:75:70:74:01:58:d5:0c:93:9f:a7:65:73:34:60:1b:0c:58:
         42:ad:d2:f3:19:5d:cf:90:90:1c:b1:58:28:9c:ae:13:94:11:
         66:2f:45:b6:4a:f5:6a:5b:ed:e8:a7:5d:c0:ca:29:b1:42:5f:
         88:72:e0:05:c8:a7:ee:64:a3:06:d0:7a:5e:5a:f0:d0:e6:7b:
         b5:62:7a:4d:d8:e0:1a:c9:b4:a4:eb:d6:44:73:7c:22:3c:62:
         c2:5b:74:47:4e:9c:43:2c:c5:61:f4:f3:16:c9:16:98:07:3d:
         4e:bc:1f:d6:e4:60:cb:59:e3:73:d9:78:4f:de:a8:61:7d:a2:
         e1:6b:d2:de:21:7b:2d:b3:8c:30:dd:36:db:a5:2f:e8:93:e3:
         f3:09:6e:9b:93:18:c5:d9:c9:19:a2:c6:4e:12:e8:52:29:76:
         04:4d:b1:16:cd:3c:77:67:09:b1:93:af:77:75:a2:a6:87:21:
         af:8a:3e:e3:16:14:06:6f:c5:11:9a:3c:e7:13:9b:5e:6d:49:
         67:8e:a7:ef:2c:65:57:c0:dc:57:11:77:33:ee:4c:8e:1c:cd:
         05:ec:89:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeCVHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWQyNzIxZjJlMmJkMDExYjhhNjg2MGFkMjU3MmM0MDVjMGI1NDBmMB4XDTIyMDEw
MTA1NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcyMzM0NjhjN2Nk
Y2JkNGM2ZDNmZmNiYWFmZTMzMGU2ODRiNzQxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpJzWlls0Y9HcTYmONnXCa5zyLuYGAMVilgXGmwFUDgCYDB
Rsxx9sNqvwo7LKPs8EUMy6f8W4AtWpYvWM2/2WM/uQzkBVfL3nmKlaV99QbO/fR/
1MQvUU963Pxxrr5fo+cGIsMmtr2bPuMGzTy5XzyQu5h2tkLfIo0KiSW/49kpz6fA
Axu/f50SUg5qdA0EXdUgnUS/YD4A9cYO9xkay/RbGVVu2PVDnG7jDQWgc9oaozQZ
pglQ7oom2RSdmU4vS9n7jPdPU1J7tkmj4+Lg01Mb8U7JfKxChV6OXje41ai5Nbs5
xOH9IUIotNHg3XflrWLlNiQ5QMs3ltscQUWppB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3IzRox83L1MbT/8uq/jMOaEt0EDAfBgNVHSMEGDAWgBTp0nIfLivQEbim
hgrSVyxAXAtUDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZkSnlIeTRyMEJHNHBvWUswbGNzUUZ3TFZBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvMzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8x
Lzl5TTBhTWZOeTlURzBfX0xxdjR6RG1oTGRCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
MzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8xLzZkSnlIeTRyMEJH
NHBvWUswbGNzUUZ3TFZBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkrwDANBgkqhkiG9w0BAQsFAAOC
AQEAqSAmfvQTqjS6BlH5gGR/WybAHxpHxgg7IWSxhwTZdacyyn6eLHVwdAFY1QyT
n6dlczRgGwxYQq3S8xldz5CQHLFYKJyuE5QRZi9Ftkr1alvt6KddwMopsUJfiHLg
Bcin7mSjBtB6Xlrw0OZ7tWJ6TdjgGsm0pOvWRHN8Ijxiwlt0R06cQyzFYfTzFskW
mAc9Trwf1uRgy1njc9l4T96oYX2i4WvS3iF7LbOMMN0226Uv6JPj8wlum5MYxdnJ
GaLGThLoUil2BE2xFs08d2cJsZOvd3Wipochr4o+4xYUBm/FEZo85xObXm1JZ46n
7yxlV8DcVxF3M+5MjhzNBeyJRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org