Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/f13nxRF2lJ_blDQoDZeVeKKh7p0.roa
File:                     f13nxRF2lJ_blDQoDZeVeKKh7p0.roa (raw, json)
Hash identifier:          rkGCFlAnilHzUioM3XO/VteSP1/eQx2XlGZ3jedcj5I=
Subject key identifier:   7F:5D:E7:C5:11:76:94:9F:DB:94:34:28:0D:97:95:78:A2:A1:EE:9D
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       0181E73C1593DD2825A3334A96F52C5D41E1
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/f13nxRF2lJ_blDQoDZeVeKKh7p0.roa
Signing time:             Sun 10 Jul 2022 08:31:23 +0000
ROA not before:           Sun 10 Jul 2022 08:31:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        185.189.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:e7:3c:15:93:dd:28:25:a3:33:4a:96:f5:2c:5d:41:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Jul 10 08:31:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7f5de7c51176949fdb9434280d979578a2a1ee9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:55:56:3f:55:d3:a0:44:26:fa:fa:46:ca:99:
                    ca:70:48:11:e1:87:ef:0f:1a:47:4c:41:bc:d5:bc:
                    b4:d4:f6:7d:21:f4:f5:7c:1e:a7:a0:4e:34:b4:f3:
                    db:6e:73:6e:6f:e7:a9:0f:34:36:f4:eb:fe:8f:02:
                    cc:ab:32:73:40:3f:85:ae:9a:6b:58:b9:b8:2c:87:
                    78:6c:ea:96:0e:d9:d2:e2:e5:48:49:5f:1b:ba:d3:
                    6e:f4:4f:d2:6d:d1:23:93:8c:09:9a:58:f3:83:bc:
                    b8:75:96:46:47:f5:bc:94:cd:25:84:03:e0:1b:c2:
                    07:d3:ee:82:0e:ef:1e:1d:f2:4b:8d:3c:77:72:82:
                    c3:a9:58:61:07:e9:cd:b7:1b:b4:fa:1e:b2:fc:2b:
                    64:f2:af:05:06:e6:8f:85:be:dd:4c:c7:79:f2:64:
                    e3:9c:9c:e1:86:0c:38:0e:cb:65:a1:0d:46:8c:df:
                    7b:a4:d4:d6:65:3b:df:6e:47:bd:c7:74:a7:8a:de:
                    ec:2a:ec:98:4a:f7:32:c8:33:6e:bc:f1:f2:6d:5e:
                    80:1f:8d:e3:7e:0a:a6:b6:03:9c:b1:90:8c:9c:49:
                    6b:6d:e5:bc:04:48:c4:f1:b6:73:6e:2d:6c:ab:7d:
                    f2:ff:82:34:42:da:c4:21:ba:7e:90:14:f6:26:9a:
                    fa:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:5D:E7:C5:11:76:94:9F:DB:94:34:28:0D:97:95:78:A2:A1:EE:9D
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/f13nxRF2lJ_blDQoDZeVeKKh7p0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:7e:0d:0b:b5:37:48:13:bb:14:a5:8a:21:bc:bf:1f:a4:33:
         bc:dd:28:21:c4:56:0c:2a:cf:cc:20:36:e9:85:4b:18:3f:40:
         d8:99:ee:4b:55:1f:9a:8a:b2:09:6b:0d:34:33:f0:ed:c0:17:
         cf:99:14:a4:1c:e8:34:08:1c:2d:0c:e4:47:5f:16:30:a2:4e:
         9c:ea:e3:0d:61:62:86:65:f7:89:e3:78:7d:be:3a:e8:35:71:
         df:5a:f2:15:02:fb:76:23:82:b2:a8:09:93:97:e6:d0:6d:38:
         53:e7:70:21:b7:65:38:99:b7:58:15:b2:df:ee:42:76:33:f4:
         1d:8b:c1:56:34:bf:11:f9:1e:af:ee:2e:d5:c8:69:5d:ec:43:
         68:08:28:de:07:cf:f7:e5:47:3e:c6:49:3b:49:3f:4e:fd:ac:
         14:15:7e:25:df:f0:19:2e:e7:7a:93:02:bf:75:1e:45:c6:fb:
         42:5f:9f:0c:b6:b6:cf:db:ee:06:e1:94:a4:62:c9:d9:01:8d:
         89:19:c9:49:29:8d:c3:69:71:9a:d5:37:34:b6:7a:90:f9:4d:
         59:70:13:5f:3b:14:65:a4:fa:ac:18:cc:c8:b6:a7:19:c3:ed:
         b3:83:d7:92:6b:18:30:0f:8f:a3:db:70:6b:e1:1a:89:b5:8b:
         f4:9f:f6:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHnPBWT3SglozNKlvUsXUHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjIwNzEwMDgzMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVkZTdjNTExNzY5NDlmZGI5NDM0MjgwZDk3OTU3OGEyYTFlZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFVWP1XToEQm+vpGypnKcEgR4Yfv
DxpHTEG81by01PZ9IfT1fB6noE40tPPbbnNub+epDzQ29Ov+jwLMqzJzQD+Frppr
WLm4LId4bOqWDtnS4uVISV8butNu9E/SbdEjk4wJmljzg7y4dZZGR/W8lM0lhAPg
G8IH0+6CDu8eHfJLjTx3coLDqVhhB+nNtxu0+h6y/Ctk8q8FBuaPhb7dTMd58mTj
nJzhhgw4DstloQ1GjN97pNTWZTvfbke9x3Snit7sKuyYSvcyyDNuvPHybV6AH43j
fgqmtgOcsZCMnElrbeW8BEjE8bZzbi1sq33y/4I0QtrEIbp+kBT2Jpr6qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9d58URdpSf25Q0KA2XlXiioe6dMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvZjEzbnhSRjJsSl9ibERRb0RaZVZlS0toN3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub0hMA0G
CSqGSIb3DQEBCwUAA4IBAQB8fg0LtTdIE7sUpYohvL8fpDO83SghxFYMKs/MIDbp
hUsYP0DYme5LVR+airIJaw00M/DtwBfPmRSkHOg0CBwtDORHXxYwok6c6uMNYWKG
ZfeJ43h9vjroNXHfWvIVAvt2I4KyqAmTl+bQbThT53Aht2U4mbdYFbLf7kJ2M/Qd
i8FWNL8R+R6v7i7VyGld7ENoCCjeB8/35Uc+xkk7ST9O/awUFX4l3/AZLud6kwK/
dR5FxvtCX58MtrbP2+4G4ZSkYsnZAY2JGclJKY3DaXGa1Tc0tnqQ+U1ZcBNfOxRl
pPqsGMzItqcZw+2zg9eSaxgwD4+j23Br4RqJtYv0n/Y4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:14 2024 by rpki-client on console-ams.rpki-client.org