Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/evvN7OH24kf9FibTkbigVTCKWvg.roa
File:                     evvN7OH24kf9FibTkbigVTCKWvg.roa (raw, json)
Hash identifier:          swhdQzbTwDsnck5VbYz1wmZu8oncWV5Hq7M4dUryTNE=
Subject key identifier:   7A:FB:CD:EC:E1:F6:E2:47:FD:16:26:D3:91:B8:A0:55:30:8A:5A:F8
Certificate issuer:       /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial:       0184BD7BB0F4ABDE313A06AD48FBE67FAB23
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/evvN7OH24kf9FibTkbigVTCKWvg.roa
Signing time:             Mon 28 Nov 2022 09:05:10 +0000
ROA not before:           Mon 28 Nov 2022 09:05:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203977
IP address blocks:        185.146.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:7b:b0:f4:ab:de:31:3a:06:ad:48:fb:e6:7f:ab:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
        Validity
            Not Before: Nov 28 09:05:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7afbcdece1f6e247fd1626d391b8a055308a5af8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:34:45:c3:84:e2:6e:d2:c3:ac:19:14:0f:42:
                    d4:3e:13:51:93:09:e1:ab:59:8f:62:5d:2c:06:fb:
                    56:f2:eb:c9:23:27:22:05:72:bc:ec:20:91:ac:f6:
                    f9:b4:24:52:aa:1e:05:f6:3b:90:69:d8:cc:3e:1d:
                    b4:bd:9f:9d:c1:66:33:da:0e:41:5e:7d:14:2a:9e:
                    84:39:c0:38:d8:3c:ac:5f:99:b4:da:a6:19:0c:e1:
                    76:97:34:fb:1c:43:4c:88:15:27:32:a2:2b:dd:19:
                    30:d8:b9:f3:41:86:74:b4:d5:d1:c7:ef:83:ee:7a:
                    1c:de:7b:e3:d6:e5:37:f3:01:9f:d0:4e:27:19:97:
                    9e:45:c0:0a:38:fe:69:84:e1:cb:a2:a3:8c:83:b7:
                    9b:08:81:c5:07:b5:15:52:81:2d:2e:e8:0b:d6:b8:
                    7d:91:d7:f5:1f:a9:6b:64:ea:a1:bb:84:15:50:fc:
                    91:0b:cd:39:5d:34:f7:af:eb:33:99:43:bc:ce:47:
                    07:ae:d1:f5:16:8e:b4:3f:06:23:00:fe:08:f3:97:
                    0a:3e:50:cc:f4:a7:2c:df:71:0f:06:ee:77:02:de:
                    92:bd:54:34:ec:5e:50:57:fa:ed:01:58:1f:20:50:
                    8f:73:c0:04:c0:f1:a7:52:df:f7:15:3e:4c:c8:fd:
                    c4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:FB:CD:EC:E1:F6:E2:47:FD:16:26:D3:91:B8:A0:55:30:8A:5A:F8
            X509v3 Authority Key Identifier:
                keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/evvN7OH24kf9FibTkbigVTCKWvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.146.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:86:49:d2:c7:fa:ec:35:06:cf:48:98:5d:a2:06:fb:20:6c:
         0b:85:37:c1:8c:3b:c7:94:ed:f0:19:f7:c7:b5:18:85:48:c7:
         17:3b:c8:c7:44:82:f8:06:80:9a:5d:03:ad:8b:cb:8a:56:82:
         b6:69:6e:56:f8:62:a5:0a:fd:8f:1d:67:94:ff:e4:8f:44:1a:
         6c:81:25:d6:e5:4e:10:f5:77:08:0c:6e:31:19:1d:d2:8c:1a:
         c5:d0:de:bb:d3:d6:98:b5:b7:47:12:12:8f:46:a3:51:49:e2:
         2a:1a:58:79:6e:21:3a:d0:6c:46:18:31:6d:bc:ee:1f:f6:c7:
         61:dd:52:81:43:d3:e6:c6:0f:58:3e:90:f4:cc:59:e4:15:d5:
         d0:da:a9:14:7c:4f:47:83:af:33:e7:ed:3f:a2:7d:d7:ec:00:
         50:98:11:c1:3a:e7:80:f6:c4:54:d7:10:ba:d1:55:e8:e8:60:
         4c:54:c7:2f:bd:9f:66:9c:0f:46:13:ab:73:99:ab:86:70:a7:
         23:7f:85:72:fc:8c:ca:e5:55:0a:04:84:15:8f:8a:4e:a5:33:
         e4:69:08:db:90:18:68:8d:c7:8d:da:ba:e3:87:fc:18:6b:49:
         93:eb:a5:2e:8a:a6:ec:6f:97:b6:00:7e:83:df:7c:fc:77:4b:
         3d:50:06:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9e7D0q94xOgatSPvmf6sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjIxMTI4MDkwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWZiY2RlY2UxZjZlMjQ3ZmQxNjI2ZDM5MWI4YTA1NTMwOGE1YWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzRFw4TibtLDrBkUD0LUPhNRkwnh
q1mPYl0sBvtW8uvJIyciBXK87CCRrPb5tCRSqh4F9juQadjMPh20vZ+dwWYz2g5B
Xn0UKp6EOcA42DysX5m02qYZDOF2lzT7HENMiBUnMqIr3Rkw2LnzQYZ0tNXRx++D
7noc3nvj1uU38wGf0E4nGZeeRcAKOP5phOHLoqOMg7ebCIHFB7UVUoEtLugL1rh9
kdf1H6lrZOqhu4QVUPyRC805XTT3r+szmUO8zkcHrtH1Fo60PwYjAP4I85cKPlDM
9Kcs33EPBu53At6SvVQ07F5QV/rtAVgfIFCPc8AEwPGnUt/3FT5MyP3E9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHr7zezh9uJH/RYm05G4oFUwilr4MB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvZXZ2TjdPSDI0a2Y5RmliVGtiaWdWVENLV3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZLiMA0G
CSqGSIb3DQEBCwUAA4IBAQBIhknSx/rsNQbPSJhdogb7IGwLhTfBjDvHlO3wGffH
tRiFSMcXO8jHRIL4BoCaXQOti8uKVoK2aW5W+GKlCv2PHWeU/+SPRBpsgSXW5U4Q
9XcIDG4xGR3SjBrF0N6709aYtbdHEhKPRqNRSeIqGlh5biE60GxGGDFtvO4f9sdh
3VKBQ9Pmxg9YPpD0zFnkFdXQ2qkUfE9Hg68z5+0/on3X7ABQmBHBOueA9sRU1xC6
0VXo6GBMVMcvvZ9mnA9GE6tzmauGcKcjf4Vy/IzK5VUKBIQVj4pOpTPkaQjbkBho
jceN2rrjh/wYa0mT66Uuiqbsb5e2AH6D33z8d0s9UAYI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org