Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/NA51CYfPpg4G0DLg4b_iAmnsGBE.roa
File:                     NA51CYfPpg4G0DLg4b_iAmnsGBE.roa (raw, json)
Hash identifier:          HJSh96UOLgOQIShacd4IZAJ/ro0HrG74at8EAy4vVUg=
Subject key identifier:   34:0E:75:09:87:CF:A6:0E:06:D0:32:E0:E1:BF:E2:02:69:EC:18:11
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       01833FA673106FD99A4173AA7AC8EE0A2E30
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/NA51CYfPpg4G0DLg4b_iAmnsGBE.roa
Signing time:             Thu 15 Sep 2022 05:36:56 +0000
ROA not before:           Thu 15 Sep 2022 05:36:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400039
IP address blocks:        185.143.242.0/24 maxlen: 24
                          185.200.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:3f:a6:73:10:6f:d9:9a:41:73:aa:7a:c8:ee:0a:2e:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Sep 15 05:36:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=340e750987cfa60e06d032e0e1bfe20269ec1811
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:49:8c:b1:86:0d:8a:05:70:ae:6a:95:50:d8:
                    36:56:36:6a:0f:29:67:05:07:b6:f1:fd:96:57:4c:
                    f4:23:bd:be:c5:1b:73:73:86:b2:8d:d1:89:e1:24:
                    ed:b1:58:b8:c5:41:53:6b:d8:80:a4:bc:1c:cc:d9:
                    54:d7:79:b9:fa:1a:51:a7:18:5e:d0:9b:c6:8f:d9:
                    60:cb:db:2f:ad:ea:bd:34:d1:43:3a:de:b2:a2:59:
                    16:09:5c:27:76:52:88:48:5b:fa:86:0e:ab:7f:0c:
                    d8:36:8d:e5:e5:3e:3c:7b:43:0a:a2:79:5d:d4:2c:
                    ef:7f:29:f1:17:70:76:12:a3:15:6a:3b:a7:ef:86:
                    3d:5d:f1:84:9f:33:a3:55:2e:86:95:34:c1:3a:35:
                    e4:76:b5:4b:82:6a:24:5c:30:61:95:22:90:fa:72:
                    5e:c4:ce:48:e0:48:b5:82:18:08:f7:1e:85:ca:11:
                    8c:28:26:a9:ef:11:4f:c4:5f:03:46:33:cc:90:08:
                    a8:b9:1c:7b:29:cc:b6:68:24:35:5a:25:ba:af:71:
                    89:dd:5b:b9:04:16:72:af:b3:34:9c:3b:f7:56:f6:
                    2d:7b:2e:ab:c1:a0:60:1a:24:a5:f6:39:ce:6e:41:
                    67:83:77:59:69:67:80:78:c8:4d:8e:bb:eb:ce:28:
                    7c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:0E:75:09:87:CF:A6:0E:06:D0:32:E0:E1:BF:E2:02:69:EC:18:11
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/NA51CYfPpg4G0DLg4b_iAmnsGBE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.143.242.0/24
                  185.200.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:50:26:ab:ca:80:f6:4c:bb:d3:bb:17:bc:7d:af:a8:9a:6d:
         89:12:7b:e3:27:dd:a2:a1:78:3b:c6:22:8a:d3:95:4c:42:2e:
         97:0b:c0:e3:ad:ff:e4:30:b0:dd:c9:17:7e:23:53:70:89:6c:
         15:a2:e4:ef:cc:cd:90:0c:e5:46:35:5b:4b:1a:55:47:e4:42:
         dc:2a:8f:cf:bc:8f:3f:08:d9:0a:ab:31:3c:81:0f:22:31:72:
         c7:d9:9f:05:5e:09:b9:24:72:95:97:cb:cf:2f:ca:2b:c6:04:
         73:61:d2:7e:bd:57:c8:12:56:7b:73:ad:bf:b8:08:66:cd:b2:
         bd:09:b9:20:83:34:97:21:4a:02:4c:ca:05:99:2b:54:17:f3:
         0b:43:01:a7:2f:6b:56:7d:d5:27:8b:b2:30:2b:1a:76:a6:fe:
         6c:15:5d:96:7c:d4:9c:55:b9:60:8a:a1:2d:04:9e:ed:9f:6f:
         2e:5c:0f:b6:24:9f:4e:d2:ed:e3:9b:33:fc:14:ac:ad:c2:39:
         47:de:c8:25:5a:a1:20:c5:5c:71:f3:ae:5f:be:1b:50:14:9c:
         9e:0f:41:96:26:ac:35:36:67:49:52:16:74:e5:90:03:72:a4:
         1a:0d:ac:07:4b:1e:b6:56:e0:4e:ed:77:4e:41:af:bb:bc:66:
         f6:17:d8:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM/pnMQb9maQXOqesjuCi4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjIwOTE1MDUzNjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBlNzUwOTg3Y2ZhNjBlMDZkMDMyZTBlMWJmZTIwMjY5ZWMxODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUmMsYYNigVwrmqVUNg2VjZqDyln
BQe28f2WV0z0I72+xRtzc4ayjdGJ4STtsVi4xUFTa9iApLwczNlU13m5+hpRpxhe
0JvGj9lgy9svreq9NNFDOt6yolkWCVwndlKISFv6hg6rfwzYNo3l5T48e0MKonld
1CzvfynxF3B2EqMVajun74Y9XfGEnzOjVS6GlTTBOjXkdrVLgmokXDBhlSKQ+nJe
xM5I4Ei1ghgI9x6FyhGMKCap7xFPxF8DRjPMkAiouRx7Kcy2aCQ1WiW6r3GJ3Vu5
BBZyr7M0nDv3VvYtey6rwaBgGiSl9jnObkFng3dZaWeAeMhNjrvrzih85wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQOdQmHz6YOBtAy4OG/4gJp7BgRMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvTkE1MUNZZlBwZzRHMERMZzRiX2lBbW5zR0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuY/yAwQA
ucj1MA0GCSqGSIb3DQEBCwUAA4IBAQArUCaryoD2TLvTuxe8fa+omm2JEnvjJ92i
oXg7xiKK05VMQi6XC8Djrf/kMLDdyRd+I1NwiWwVouTvzM2QDOVGNVtLGlVH5ELc
Ko/PvI8/CNkKqzE8gQ8iMXLH2Z8FXgm5JHKVl8vPL8orxgRzYdJ+vVfIElZ7c62/
uAhmzbK9CbkggzSXIUoCTMoFmStUF/MLQwGnL2tWfdUni7IwKxp2pv5sFV2WfNSc
VblgiqEtBJ7tn28uXA+2JJ9O0u3jmzP8FKytwjlH3sglWqEgxVxx865fvhtQFJye
D0GWJqw1NmdJUhZ05ZADcqQaDawHSx62VuBO7XdOQa+7vGb2F9jo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:06 2023 by rpki-client on console-fra.rpki-client.org