Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/yP7mrFbkxTinnIEm2316_Gd-xMA.roa
File:                     yP7mrFbkxTinnIEm2316_Gd-xMA.roa (raw, json)
Hash identifier:          tKNNzWg+NSVeOezMXIkCYWadklSZ8h7xB8oATKcaXYM=
Subject key identifier:   C8:FE:E6:AC:56:E4:C5:38:A7:9C:81:26:DB:7D:7A:FC:67:7E:C4:C0
Certificate issuer:       /CN=6b8408befc02dfd6e61908548785a008a4b74d67
Certificate serial:       0184EC6DA8761F83071385D8D6D9ECDBFAFB
Authority key identifier: 6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a4QIvvwC39bmGQhUh4WgCKS3TWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/yP7mrFbkxTinnIEm2316_Gd-xMA.roa
Signing time:             Wed 07 Dec 2022 11:52:00 +0000
ROA not before:           Wed 07 Dec 2022 11:52:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44622
IP address blocks:        85.202.224.0/21 maxlen: 21
                          85.202.224.0/20 maxlen: 20
                          85.202.232.0/21 maxlen: 21
                          91.209.218.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ec:6d:a8:76:1f:83:07:13:85:d8:d6:d9:ec:db:fa:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b8408befc02dfd6e61908548785a008a4b74d67
        Validity
            Not Before: Dec  7 11:52:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8fee6ac56e4c538a79c8126db7d7afc677ec4c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:de:73:78:e6:80:b7:c3:2c:1f:99:5b:44:c5:
                    72:82:aa:8b:0d:26:06:7e:d2:53:5a:49:1e:60:4a:
                    b2:d8:fc:31:50:e5:b2:c6:a2:65:a8:18:f2:6d:3f:
                    53:be:df:6f:77:d0:f1:a3:8f:88:1c:b7:3b:f8:a3:
                    5f:d8:6b:b5:02:3e:37:4b:45:70:aa:81:7b:13:c9:
                    b9:09:49:fb:97:9a:d9:5a:9e:49:73:82:ef:f2:a8:
                    53:71:e6:8a:69:61:78:9a:e7:f9:df:dd:7c:11:de:
                    ff:d1:a8:a0:d0:b0:8e:bf:3f:0b:3a:1d:71:90:65:
                    62:c4:74:9f:89:7d:41:e6:43:fd:3b:38:48:68:d5:
                    61:12:d0:16:2a:b8:b6:d2:1c:65:82:dd:50:ec:25:
                    af:72:13:91:ec:49:6b:01:4a:fa:e9:18:37:fa:4e:
                    4b:97:d5:80:9e:95:7a:fb:c4:6f:05:ca:e8:89:7b:
                    5c:87:f7:58:52:0e:a6:69:bc:b5:f6:f2:ff:b4:bb:
                    35:55:df:fe:2e:c2:82:cc:b4:85:83:18:50:55:5a:
                    34:3a:ab:86:4e:d6:32:73:52:ab:b6:75:7c:b7:ca:
                    4c:49:71:ac:ce:c9:31:72:72:8f:fb:0b:be:84:1c:
                    56:4f:95:4b:28:06:5b:62:71:61:e1:aa:0d:3d:25:
                    f4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:FE:E6:AC:56:E4:C5:38:A7:9C:81:26:DB:7D:7A:FC:67:7E:C4:C0
            X509v3 Authority Key Identifier:
                keyid:6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4QIvvwC39bmGQhUh4WgCKS3TWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/yP7mrFbkxTinnIEm2316_Gd-xMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/a4QIvvwC39bmGQhUh4WgCKS3TWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.224.0/20
                  91.209.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:cc:8f:49:48:79:39:26:98:9b:43:c3:85:b2:0f:c4:62:e7:
         1a:7b:c0:44:e5:6c:90:bd:e3:70:27:94:98:0c:c4:b3:ed:e4:
         52:b1:3e:0a:00:95:16:f8:7b:74:a5:71:3b:90:29:aa:77:a9:
         bf:0a:6a:78:38:7a:cd:ea:c8:ea:39:f0:b8:ba:5f:4b:3d:a3:
         fd:ba:60:31:59:8c:0d:1c:a1:cb:3a:55:80:ae:e1:b3:62:c7:
         46:9a:20:d1:3e:65:20:28:c9:07:4e:41:c9:99:83:28:b5:ee:
         72:ad:eb:a9:74:ca:79:ab:09:81:89:a4:9d:39:c8:b4:0c:5a:
         f7:2e:59:12:10:d5:fa:6e:d0:cc:7a:ea:9f:05:80:00:26:a6:
         ff:8e:35:6f:9a:61:48:2d:ec:a2:56:b5:5c:d1:b4:af:2e:2f:
         12:a1:25:3f:eb:bb:a4:05:0e:f9:9c:db:59:85:70:e3:13:0d:
         d9:bf:7d:78:59:fa:8c:15:69:34:44:6d:df:9c:ab:0a:d7:33:
         ef:8f:d1:b0:07:ac:ea:2b:f8:5a:9e:25:05:26:dd:9d:31:06:
         a2:35:71:93:bf:51:e9:a6:98:ee:e6:29:29:4f:4d:ef:42:35:
         b5:af:b6:67:cb:27:b0:09:69:cf:26:f8:2b:9d:67:77:be:cc:
         25:16:8e:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTsbah2H4MHE4XY1tns2/r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODQwOGJlZmMwMmRmZDZlNjE5MDg1NDg3ODVhMDA4YTRi
NzRkNjcwHhcNMjIxMjA3MTE1MjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZlZTZhYzU2ZTRjNTM4YTc5YzgxMjZkYjdkN2FmYzY3N2VjNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN5zeOaAt8MsH5lbRMVygqqLDSYG
ftJTWkkeYEqy2PwxUOWyxqJlqBjybT9Tvt9vd9Dxo4+IHLc7+KNf2Gu1Aj43S0Vw
qoF7E8m5CUn7l5rZWp5Jc4Lv8qhTceaKaWF4muf53918Ed7/0aig0LCOvz8LOh1x
kGVixHSfiX1B5kP9OzhIaNVhEtAWKri20hxlgt1Q7CWvchOR7ElrAUr66Rg3+k5L
l9WAnpV6+8RvBcroiXtch/dYUg6maby19vL/tLs1Vd/+LsKCzLSFgxhQVVo0OquG
TtYyc1KrtnV8t8pMSXGszskxcnKP+wu+hBxWT5VLKAZbYnFh4aoNPSX0wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMj+5qxW5MU4p5yBJtt9evxnfsTAMB8GA1UdIwQY
MBaAFGuECL78At/W5hkIVIeFoAikt01nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRRSXZ2d0MzOWJtR1FoVWg0V2dDS1MzVFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTYxNWUtMzYxMC00NTIwLTk0ODQt
N2E4YmFlZWY1ZWU0LzEveVA3bXJGYmt4VGlubklFbTIzMTZfR2QteE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTYxNWUtMzYxMC00NTIwLTk0ODQtN2E4YmFlZWY1ZWU0
LzEvYTRRSXZ2d0MzOWJtR1FoVWg0V2dDS1MzVFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVcrgAwQA
W9HaMA0GCSqGSIb3DQEBCwUAA4IBAQDWzI9JSHk5JpibQ8OFsg/EYucae8BE5WyQ
veNwJ5SYDMSz7eRSsT4KAJUW+Ht0pXE7kCmqd6m/Cmp4OHrN6sjqOfC4ul9LPaP9
umAxWYwNHKHLOlWAruGzYsdGmiDRPmUgKMkHTkHJmYMote5yreupdMp5qwmBiaSd
Oci0DFr3LlkSENX6btDMeuqfBYAAJqb/jjVvmmFILeyiVrVc0bSvLi8SoSU/67uk
BQ75nNtZhXDjEw3Zv314WfqMFWk0RG3fnKsK1zPvj9GwB6zqK/haniUFJt2dMQai
NXGTv1Hpppju5ikpT03vQjW1r7ZnyyewCWnPJvgrnWd3vswlFo5j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:03 2024 by rpki-client on console-fra.rpki-client.org