Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/CyAHpFYMUJ45yrcnlCtrHhKaHyw.roa
File:                     CyAHpFYMUJ45yrcnlCtrHhKaHyw.roa (raw, json)
Hash identifier:          zi7cpBK5iTlUaHxVi9g37zgMS88f2gmhSm/gfOsb2f8=
Subject key identifier:   0B:20:07:A4:56:0C:50:9E:39:CA:B7:27:94:2B:6B:1E:12:9A:1F:2C
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       018466A1138C8A8B5748EE04E5F17FD98A29
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/CyAHpFYMUJ45yrcnlCtrHhKaHyw.roa
Signing time:             Fri 11 Nov 2022 12:19:03 +0000
ROA not before:           Fri 11 Nov 2022 12:19:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        185.189.32.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:66:a1:13:8c:8a:8b:57:48:ee:04:e5:f1:7f:d9:8a:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Nov 11 12:19:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b2007a4560c509e39cab727942b6b1e129a1f2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:9a:45:b4:75:75:70:8f:fb:f5:10:c0:ba:7e:
                    ab:2d:53:6e:e8:f0:51:d7:8a:fb:26:5f:f5:bc:3e:
                    5d:c9:b7:5d:77:c6:75:81:83:12:d6:26:0b:d6:2d:
                    73:c7:2f:b7:ad:b9:9f:49:13:61:1b:48:8c:97:d0:
                    c7:0e:5c:91:9a:dd:17:09:85:26:db:f7:09:7f:05:
                    1e:de:a8:a4:78:85:03:9f:88:06:db:ac:82:17:c9:
                    87:87:4d:22:f5:4f:5f:60:d5:76:07:60:0b:bf:a0:
                    13:a2:c5:73:1c:1d:bf:90:33:ca:28:f2:8d:49:be:
                    32:b6:8b:1d:53:d7:e6:19:f9:83:45:52:d1:8f:3d:
                    78:b5:f0:a4:d7:da:89:17:62:0f:6b:d5:90:ff:6c:
                    05:8c:62:da:02:dd:ae:7c:d4:a1:5e:0e:c2:c8:de:
                    02:82:14:d7:35:6c:8f:f7:35:d7:dd:6a:d3:3a:7c:
                    00:35:e6:1b:97:ff:68:93:85:12:6b:37:19:90:0e:
                    74:5d:e0:0d:25:1b:ec:65:6c:b8:c2:24:55:6f:67:
                    9b:81:28:2b:d1:64:fa:44:24:ba:74:26:a4:03:ba:
                    72:2a:ea:97:2a:6e:13:3d:ca:e0:b9:fd:73:4c:c3:
                    3e:5d:ac:90:26:eb:42:ce:59:fd:e7:08:1c:ce:bc:
                    ec:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:20:07:A4:56:0C:50:9E:39:CA:B7:27:94:2B:6B:1E:12:9A:1F:2C
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/CyAHpFYMUJ45yrcnlCtrHhKaHyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:95:f9:65:20:71:82:d8:f1:0e:78:be:fe:dd:32:9c:12:d8:
         1b:85:c8:1e:88:f1:94:d6:6d:dc:47:73:11:24:57:45:95:28:
         fb:6c:c8:75:22:f0:6d:fc:2c:41:b8:cb:fd:00:2e:6d:dc:9c:
         bb:1e:af:02:1f:f7:35:3e:c4:41:c0:0c:b7:dc:99:33:41:e5:
         0e:a8:8b:a5:00:1c:e1:24:84:27:b7:3c:c2:a6:c1:cb:38:ae:
         0e:52:61:32:72:32:55:de:53:34:96:54:10:89:90:fe:d2:7c:
         ae:e7:7f:8c:c5:7a:ab:f4:96:92:87:d3:e4:01:df:20:d2:dd:
         2c:64:43:b5:57:d1:8b:54:44:48:1e:f2:fd:8a:84:03:54:7a:
         73:9c:64:12:86:c0:b4:e7:d1:d7:5a:94:c8:08:13:8d:c1:d8:
         2b:4b:9e:c8:f6:01:b5:3b:27:de:e1:11:10:a0:93:43:43:00:
         4d:54:d8:c0:02:00:20:10:5e:09:8d:86:dc:30:b1:66:c5:e1:
         f3:ce:fb:6d:85:37:a9:ee:c9:00:8a:5d:47:dd:ce:4a:61:53:
         bf:a6:c6:c9:f7:f8:cd:1c:d4:ba:93:0f:c6:1c:01:69:b4:75:
         ea:66:9c:7d:91:0c:65:7a:f8:d8:ab:1d:60:e7:07:7e:23:07:
         86:aa:6c:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRmoROMiotXSO4E5fF/2YopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjIxMTExMTIxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjIwMDdhNDU2MGM1MDllMzljYWI3Mjc5NDJiNmIxZTEyOWExZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAippFtHV1cI/79RDAun6rLVNu6PBR
14r7Jl/1vD5dybddd8Z1gYMS1iYL1i1zxy+3rbmfSRNhG0iMl9DHDlyRmt0XCYUm
2/cJfwUe3qikeIUDn4gG26yCF8mHh00i9U9fYNV2B2ALv6ATosVzHB2/kDPKKPKN
Sb4ytosdU9fmGfmDRVLRjz14tfCk19qJF2IPa9WQ/2wFjGLaAt2ufNShXg7CyN4C
ghTXNWyP9zXX3WrTOnwANeYbl/9ok4USazcZkA50XeANJRvsZWy4wiRVb2ebgSgr
0WT6RCS6dCakA7pyKuqXKm4TPcrguf1zTMM+XayQJutCzln95wgczrzsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsgB6RWDFCeOcq3J5Qrax4Smh8sMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvQ3lBSHBGWU1VSjQ1eXJjbmxDdHJIaEthSHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub0gMA0G
CSqGSIb3DQEBCwUAA4IBAQBqlfllIHGC2PEOeL7+3TKcEtgbhcgeiPGU1m3cR3MR
JFdFlSj7bMh1IvBt/CxBuMv9AC5t3Jy7Hq8CH/c1PsRBwAy33JkzQeUOqIulABzh
JIQntzzCpsHLOK4OUmEycjJV3lM0llQQiZD+0nyu53+MxXqr9JaSh9PkAd8g0t0s
ZEO1V9GLVERIHvL9ioQDVHpznGQShsC059HXWpTICBONwdgrS57I9gG1Oyfe4REQ
oJNDQwBNVNjAAgAgEF4JjYbcMLFmxeHzzvtthTep7skAil1H3c5KYVO/psbJ9/jN
HNS6kw/GHAFptHXqZpx9kQxlevjYqx1g5wd+IweGqmyP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:14 2024 by rpki-client on console-ams.rpki-client.org