Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_9ctesvNWChYGYGU8LRkg-mvcX0.roa
File:                     _9ctesvNWChYGYGU8LRkg-mvcX0.roa (raw, json)
Hash identifier:          +Ys51ISDj+a704cs5SoRQ5gJWgHiz8azxxm3RTVL3Us=
Subject key identifier:   FF:D7:2D:7A:CB:CD:58:28:58:19:81:94:F0:B4:64:83:E9:AF:71:7D
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01821A64B798FF40F38FBEB82E05BB29ED55
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_9ctesvNWChYGYGU8LRkg-mvcX0.roa
Signing time:             Wed 20 Jul 2022 06:56:24 +0000
ROA not before:           Wed 20 Jul 2022 06:56:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207637
IP address blocks:        212.183.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1a:64:b7:98:ff:40:f3:8f:be:b8:2e:05:bb:29:ed:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jul 20 06:56:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ffd72d7acbcd582858198194f0b46483e9af717d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f4:99:62:62:5a:36:95:d4:0d:3d:86:1d:a9:
                    be:a7:3a:d4:b6:13:f3:c8:f4:46:77:f9:9d:0a:08:
                    78:b6:66:82:cd:66:e5:31:a5:93:61:ab:51:49:91:
                    ac:c0:a3:a6:ed:6b:b2:2c:96:3b:ca:9e:41:bd:69:
                    4c:ab:d3:5d:51:5b:f3:69:b7:c2:d4:06:90:ed:88:
                    a1:da:1c:01:b7:11:47:0e:ed:8a:e8:ca:79:91:03:
                    4c:2d:0c:f9:f3:74:ec:06:b1:6e:c0:0a:45:32:63:
                    37:79:ef:17:2c:71:b9:7d:cc:ac:e6:b0:73:34:35:
                    df:57:35:08:df:6e:0a:d2:38:7c:c8:79:d0:0b:98:
                    2a:99:a5:71:b1:5c:04:f4:92:19:e8:d6:d3:7f:60:
                    46:30:12:f8:c6:b5:dd:6c:de:b1:18:0a:a4:8e:9e:
                    4c:c7:82:f2:35:31:b1:e5:73:75:86:05:fb:e4:2d:
                    a8:5c:33:9c:6f:06:68:f2:9f:b2:27:1d:55:d4:4e:
                    46:87:1b:d5:96:a5:67:ee:68:92:f3:65:a8:96:a4:
                    28:be:29:fa:03:11:03:1c:cc:76:93:15:2f:16:eb:
                    e9:3e:d0:b7:6b:15:6c:e6:c9:17:7b:15:ff:9d:ce:
                    ba:a2:e2:ff:a4:38:b2:58:d9:e8:eb:f3:d1:7d:bb:
                    ff:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:D7:2D:7A:CB:CD:58:28:58:19:81:94:F0:B4:64:83:E9:AF:71:7D
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/_9ctesvNWChYGYGU8LRkg-mvcX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.183.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:64:d0:e7:36:34:5a:46:2c:d1:df:f9:46:14:4b:2c:35:ac:
         1a:05:31:b5:7e:42:c2:4d:0f:ac:b4:76:8f:6a:3d:c7:e7:4f:
         58:ee:ad:d4:9a:e8:7d:60:b8:d5:fc:99:5f:12:11:a1:28:c5:
         16:d5:75:ac:64:f8:40:8c:77:4b:0f:55:52:07:ad:fa:ca:3f:
         bd:08:27:16:eb:5c:1e:2e:2d:29:ef:17:a0:43:70:f4:a1:c9:
         7f:f2:02:59:56:79:6e:dd:dd:57:6f:49:b8:1c:47:1a:a4:31:
         81:ed:2d:2e:e9:30:b4:ea:a9:ee:95:92:ed:d0:a2:47:39:a3:
         cb:33:99:43:99:07:6b:71:71:da:96:63:f6:be:b5:17:b1:0e:
         83:98:3d:b4:82:8b:62:fc:a0:d9:da:c7:1a:29:1b:af:d9:64:
         f8:2d:9a:d0:a1:e9:59:25:22:78:44:61:ee:f2:79:c2:52:02:
         68:56:28:5b:ea:96:89:b2:02:e1:b4:cd:b7:c6:e6:1d:73:84:
         f6:e0:47:31:02:13:f5:ba:58:32:f2:7c:4c:ac:6b:e7:c5:41:
         0c:ad:8e:3c:6d:63:61:22:67:78:ae:20:6d:83:de:02:f3:54:
         e8:95:4c:16:88:c8:24:d9:4d:ec:43:2b:2b:4a:bd:14:7d:0e:
         e0:4b:f5:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIaZLeY/0Dzj764LgW7Ke1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzIwMDY1NjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmQ3MmQ3YWNiY2Q1ODI4NTgxOTgxOTRmMGI0NjQ4M2U5YWY3MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fSZYmJaNpXUDT2GHam+pzrUthPz
yPRGd/mdCgh4tmaCzWblMaWTYatRSZGswKOm7WuyLJY7yp5BvWlMq9NdUVvzabfC
1AaQ7Yih2hwBtxFHDu2K6Mp5kQNMLQz583TsBrFuwApFMmM3ee8XLHG5fcys5rBz
NDXfVzUI324K0jh8yHnQC5gqmaVxsVwE9JIZ6NbTf2BGMBL4xrXdbN6xGAqkjp5M
x4LyNTGx5XN1hgX75C2oXDOcbwZo8p+yJx1V1E5GhxvVlqVn7miS82WolqQovin6
AxEDHMx2kxUvFuvpPtC3axVs5skXexX/nc66ouL/pDiyWNno6/PRfbv/EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/XLXrLzVgoWBmBlPC0ZIPpr3F9MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvXzljdGVzdk5XQ2hZR1lHVThMUmtnLW12Y1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LcwMA0G
CSqGSIb3DQEBCwUAA4IBAQDXZNDnNjRaRizR3/lGFEssNawaBTG1fkLCTQ+stHaP
aj3H509Y7q3Umuh9YLjV/JlfEhGhKMUW1XWsZPhAjHdLD1VSB636yj+9CCcW61we
Li0p7xegQ3D0ocl/8gJZVnlu3d1Xb0m4HEcapDGB7S0u6TC06qnulZLt0KJHOaPL
M5lDmQdrcXHalmP2vrUXsQ6DmD20goti/KDZ2scaKRuv2WT4LZrQoelZJSJ4RGHu
8nnCUgJoVihb6paJsgLhtM23xuYdc4T24EcxAhP1ulgy8nxMrGvnxUEMrY48bWNh
Imd4riBtg94C81TolUwWiMgk2U3sQysrSr0UfQ7gS/UE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org