Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/25Y6eN0h5TFR9xFxcyMWcQvRTLI.roa
File:                     25Y6eN0h5TFR9xFxcyMWcQvRTLI.roa (raw, json)
Hash identifier:          8GoTT+OJa8TvVcSO1JSzyMIXJZn251btv2rGo+gLaHU=
Subject key identifier:   DB:96:3A:78:DD:21:E5:31:51:F7:11:71:73:23:16:71:0B:D1:4C:B2
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       0181F92C33AEE469302635B90F3445A388CB
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/25Y6eN0h5TFR9xFxcyMWcQvRTLI.roa
Signing time:             Wed 13 Jul 2022 20:07:12 +0000
ROA not before:           Wed 13 Jul 2022 20:07:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23470
IP address blocks:        185.73.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f9:2c:33:ae:e4:69:30:26:35:b9:0f:34:45:a3:88:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Jul 13 20:07:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db963a78dd21e53151f71171732316710bd14cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f2:d0:dc:98:17:8a:3a:33:b4:b9:6e:24:38:
                    1f:2f:a2:1d:eb:94:2b:d2:85:f1:99:96:b2:91:d4:
                    0b:3f:f5:78:b6:3a:a5:42:ff:cc:0e:04:fc:35:01:
                    49:c2:6a:27:5f:90:a5:1b:fd:3c:46:53:f2:57:5c:
                    db:3b:e7:cc:fd:ff:c2:42:84:b6:70:6c:ae:50:be:
                    82:ee:1b:0a:66:81:56:2b:96:71:34:62:92:85:70:
                    88:83:a7:00:d9:69:1a:79:71:be:ee:d9:91:78:d4:
                    21:dc:23:cc:e7:1a:54:fa:8c:30:5e:15:4f:53:f9:
                    93:c6:f1:4c:b0:b4:34:c9:f1:b1:41:8e:a2:30:94:
                    9d:c6:50:c5:da:0f:67:63:5b:05:b5:95:eb:64:64:
                    bd:fc:69:f3:50:d1:ad:11:ef:9f:c7:f7:c1:39:a0:
                    30:e0:17:2b:a0:da:f3:97:61:b8:e2:e2:e4:87:91:
                    4c:4c:b3:0a:91:c6:9d:f0:b8:34:83:73:21:e6:d8:
                    9c:2d:47:c4:32:2a:73:7e:eb:72:16:0b:e1:fe:b7:
                    b2:1d:06:06:13:16:b4:39:84:0c:2a:6b:f8:29:97:
                    8d:c5:82:9a:ff:30:6c:bb:6e:66:8f:be:28:ab:c1:
                    cc:8d:6b:9f:05:df:bf:7b:89:35:69:cd:48:34:c4:
                    61:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:96:3A:78:DD:21:E5:31:51:F7:11:71:73:23:16:71:0B:D1:4C:B2
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/25Y6eN0h5TFR9xFxcyMWcQvRTLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:77:b1:35:fb:7e:db:95:0a:4a:33:b2:f8:3d:57:fa:be:b4:
         93:2b:77:28:ce:40:01:20:d0:e4:94:eb:79:b7:55:69:0c:ed:
         d5:e7:b5:93:1d:17:a2:84:5a:5d:93:17:e5:85:96:22:ca:b1:
         9c:e8:b4:0c:b0:57:af:a5:ff:14:f9:51:8d:52:78:d5:0c:1c:
         19:cc:a7:5e:7d:4d:e1:64:ee:a4:0f:3d:72:dc:7b:2a:b7:7d:
         29:62:ec:c2:28:b3:d1:bc:8a:ab:e0:d4:e9:01:90:7d:a6:36:
         52:18:b3:19:ad:5c:46:03:a3:7a:2d:56:4c:bc:4f:3f:ee:43:
         ed:fe:79:c0:ba:42:6b:ee:d3:9c:b7:14:f9:5b:93:65:1b:09:
         41:c2:7b:9c:ba:af:2f:33:6a:f3:88:7a:e0:99:f1:63:2e:27:
         4d:a3:f6:46:52:92:ff:9f:46:7b:64:00:95:5f:0f:74:ab:11:
         7e:48:41:2a:14:ae:c8:71:84:56:f0:ba:35:b5:3c:a6:25:04:
         b1:fe:a4:de:26:44:f9:83:bc:e3:61:72:f8:2c:0f:eb:95:0a:
         79:f9:5b:22:41:5f:88:20:ed:c8:aa:63:c8:87:33:c5:96:27:
         9f:43:0b:a9:9c:25:b8:82:20:14:74:ea:25:fa:74:5a:b8:62:
         1a:6b:18:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH5LDOu5GkwJjW5DzRFo4jLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjIwNzEzMjAwNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk2M2E3OGRkMjFlNTMxNTFmNzExNzE3MzIzMTY3MTBiZDE0Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfLQ3JgXijoztLluJDgfL6Id65Qr
0oXxmZaykdQLP/V4tjqlQv/MDgT8NQFJwmonX5ClG/08RlPyV1zbO+fM/f/CQoS2
cGyuUL6C7hsKZoFWK5ZxNGKShXCIg6cA2WkaeXG+7tmReNQh3CPM5xpU+owwXhVP
U/mTxvFMsLQ0yfGxQY6iMJSdxlDF2g9nY1sFtZXrZGS9/GnzUNGtEe+fx/fBOaAw
4BcroNrzl2G44uLkh5FMTLMKkcad8Lg0g3Mh5ticLUfEMipzfutyFgvh/reyHQYG
Exa0OYQMKmv4KZeNxYKa/zBsu25mj74oq8HMjWufBd+/e4k1ac1INMRh4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuWOnjdIeUxUfcRcXMjFnEL0UyyMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvMjVZNmVOMGg1VEZSOXhGeGN5TVdjUXZSVExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUnzMA0G
CSqGSIb3DQEBCwUAA4IBAQCzd7E1+37blQpKM7L4PVf6vrSTK3cozkABINDklOt5
t1VpDO3V57WTHReihFpdkxflhZYiyrGc6LQMsFevpf8U+VGNUnjVDBwZzKdefU3h
ZO6kDz1y3Hsqt30pYuzCKLPRvIqr4NTpAZB9pjZSGLMZrVxGA6N6LVZMvE8/7kPt
/nnAukJr7tOctxT5W5NlGwlBwnucuq8vM2rziHrgmfFjLidNo/ZGUpL/n0Z7ZACV
Xw90qxF+SEEqFK7IcYRW8Lo1tTymJQSx/qTeJkT5g7zjYXL4LA/rlQp5+VsiQV+I
IO3IqmPIhzPFliefQwupnCW4giAUdOol+nRauGIaaxjP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:59 2023 by rpki-client on console-ams.rpki-client.org