Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/MzYFDhuHflEYp6qI7fHyxbLa5pE.roa
File:                     MzYFDhuHflEYp6qI7fHyxbLa5pE.roa (raw, json)
Hash identifier:          GfHduSV6bvw5Vl1Znr7V/wBSlsDJi/HDNeBIVBKxJIM=
Subject key identifier:   33:36:05:0E:1B:87:7E:51:18:A7:AA:88:ED:F1:F2:C5:B2:DA:E6:91
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       101B5A18
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/MzYFDhuHflEYp6qI7fHyxbLa5pE.roa
Signing time:             Wed 09 Mar 2022 15:46:50 +0000
ROA not before:           Wed 09 Mar 2022 15:46:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35758
IP address blocks:        185.200.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 270227992 (0x101b5a18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Mar  9 15:46:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3336050e1b877e5118a7aa88edf1f2c5b2dae691
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:05:0e:1f:d4:89:df:d0:c5:4c:26:34:7e:f2:
                    a9:18:d0:f1:22:d3:e3:6d:67:3e:f7:f7:83:09:16:
                    e3:79:a6:d3:cb:48:58:4e:38:5c:a0:b6:39:0c:35:
                    b8:00:cd:b9:db:81:6b:c1:7b:20:e5:f5:a9:48:f4:
                    12:37:31:97:df:e2:d5:0c:42:95:36:5f:4f:e7:4f:
                    0d:38:92:48:50:c7:d1:b6:a0:6c:d3:5d:69:fe:79:
                    9b:31:4b:03:96:36:55:b2:2f:62:b7:d8:12:71:0e:
                    bd:f8:34:7d:c8:ef:0a:55:93:16:bd:3a:58:97:10:
                    c8:84:59:d4:39:7b:d7:9f:76:f9:8f:33:79:6a:43:
                    e9:68:36:9a:c7:ee:c3:b0:e0:d2:f7:f9:12:64:a2:
                    0d:fc:a4:d6:1c:02:e4:2e:7f:4b:50:a3:8e:3f:72:
                    54:6e:8a:31:73:9f:47:4f:1b:02:d0:72:6b:10:33:
                    15:e2:05:3f:7c:19:37:3a:8c:03:38:ba:23:af:bd:
                    51:85:70:f0:05:74:50:5a:08:05:a0:2e:e9:ae:89:
                    b5:57:ef:d2:55:17:f5:a3:2d:7e:05:d8:01:5c:51:
                    57:a4:e5:2f:7c:47:00:ff:b1:fd:a5:d2:9a:f5:a9:
                    16:82:6d:6a:8b:0c:65:3b:ab:d6:40:85:40:2e:ad:
                    9e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:36:05:0E:1B:87:7E:51:18:A7:AA:88:ED:F1:F2:C5:B2:DA:E6:91
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/MzYFDhuHflEYp6qI7fHyxbLa5pE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:af:4b:2e:39:94:92:76:71:03:de:b8:c7:f3:0d:66:a6:9e:
         b2:1b:d3:b6:bf:81:87:19:88:2f:ab:fc:f8:e6:75:7f:de:7e:
         30:07:de:43:1b:68:e2:99:ee:61:96:40:07:4c:94:d9:ff:70:
         86:3c:69:f9:6a:e1:17:59:c6:10:e5:7b:4a:86:fb:e1:62:8f:
         5c:2a:0c:4b:c7:d0:ad:e3:4f:eb:b3:a9:2c:ec:05:05:2f:78:
         75:f9:94:85:35:30:99:27:ef:f3:3c:4f:4a:fc:c4:04:b1:eb:
         73:3f:2b:13:20:75:ca:a8:2c:b6:01:5a:29:32:73:aa:17:2d:
         38:44:27:0b:70:78:f4:a3:cd:8a:93:7e:d7:fc:dd:bc:f9:db:
         fd:28:56:a0:4a:6e:a2:c0:39:8a:e1:4a:51:d9:8c:cf:ce:ae:
         59:b5:d0:69:91:11:e2:51:3e:01:2d:09:76:21:27:6e:a5:09:
         71:2d:47:30:9c:e9:56:b3:72:fc:e6:ee:2f:eb:a7:41:8a:8b:
         87:6d:8d:2d:f6:1a:60:16:18:fe:4e:3e:cc:52:ce:5a:b1:3b:
         6b:25:c2:65:94:8e:2c:43:7b:8b:e3:44:82:3f:cc:01:18:21:
         df:f8:91:63:0a:78:8e:77:b2:bc:91:84:98:71:ae:2f:4c:dc:
         8e:72:af:aa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEBtaGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGRlNGIzYjgyZjIwOWI3MDFhZTM0MGNmNTNiOTc0MDc4ZjE2YTlmMB4XDTIyMDMw
OTE1NDY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMzNjA1MGUxYjg3
N2U1MTE4YTdhYTg4ZWRmMWYyYzViMmRhZTY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsFDh/Uid/QxUwmNH7yqRjQ8SLT421nPvf3gwkW43mm08tI
WE44XKC2OQw1uADNuduBa8F7IOX1qUj0Ejcxl9/i1QxClTZfT+dPDTiSSFDH0bag
bNNdaf55mzFLA5Y2VbIvYrfYEnEOvfg0fcjvClWTFr06WJcQyIRZ1Dl71592+Y8z
eWpD6Wg2msfuw7Dg0vf5EmSiDfyk1hwC5C5/S1Cjjj9yVG6KMXOfR08bAtByaxAz
FeIFP3wZNzqMAzi6I6+9UYVw8AV0UFoIBaAu6a6JtVfv0lUX9aMtfgXYAVxRV6Tl
L3xHAP+x/aXSmvWpFoJtaosMZTur1kCFQC6tnqECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQzNgUOG4d+URinqojt8fLFstrmkTAfBgNVHSMEGDAWgBRd3ks7gvIJtwGu
NAz1O5dAePFqnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hkNUxPNEx5Q2JjQnJqUU05VHVYUUhqeGFwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMDJiZGYwLWJmMjktNGRhZS1iMTliLTg2YTU1MThlMmQ1Mi8x
L016WUZEaHVIZmxFWXA2cUk3Zkh5eGJMYTVwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MDJiZGYwLWJmMjktNGRhZS1iMTliLTg2YTU1MThlMmQ1Mi8xL1hkNUxPNEx5Q2Jj
QnJqUU05VHVYUUhqeGFwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnI9zANBgkqhkiG9w0BAQsFAAOC
AQEANq9LLjmUknZxA964x/MNZqaeshvTtr+BhxmIL6v8+OZ1f95+MAfeQxto4pnu
YZZAB0yU2f9whjxp+WrhF1nGEOV7Sob74WKPXCoMS8fQreNP67OpLOwFBS94dfmU
hTUwmSfv8zxPSvzEBLHrcz8rEyB1yqgstgFaKTJzqhctOEQnC3B49KPNipN+1/zd
vPnb/ShWoEpuosA5iuFKUdmMz86uWbXQaZER4lE+AS0JdiEnbqUJcS1HMJzpVrNy
/ObuL+unQYqLh22NLfYaYBYY/k4+zFLOWrE7ayXCZZSOLEN7i+NEgj/MARgh3/iR
Ywp4jneyvJGEmHGuL0zcjnKvqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org