Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/17sSMoJUo5K97SCFClrKV20ofDA.roa
File:                     17sSMoJUo5K97SCFClrKV20ofDA.roa (raw, json)
Hash identifier:          4kc27cIAmFwch75P/VUQU+aMEhlkGcAUETDVFo5T5zw=
Subject key identifier:   D7:BB:12:32:82:54:A3:92:BD:ED:20:85:0A:5A:CA:57:6D:28:7C:30
Certificate issuer:       /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial:       01853D9B6F57D5DF9DF26135A1E59AF89D5D
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/17sSMoJUo5K97SCFClrKV20ofDA.roa
Signing time:             Fri 23 Dec 2022 06:11:14 +0000
ROA not before:           Fri 23 Dec 2022 06:11:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34549
IP address blocks:        185.131.52.0/24 maxlen: 24
                          89.37.101.0/24 maxlen: 24
                          89.47.58.0/24 maxlen: 24
                          188.241.187.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3d:9b:6f:57:d5:df:9d:f2:61:35:a1:e5:9a:f8:9d:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
        Validity
            Not Before: Dec 23 06:11:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7bb12328254a392bded20850a5aca576d287c30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:84:82:54:0b:f6:76:9f:3f:c2:9e:e4:da:ad:
                    b9:0d:fb:ae:ae:ed:54:19:be:b3:06:d6:15:0d:41:
                    bc:28:55:ff:b9:c3:03:83:e4:1e:41:ff:fe:a3:c3:
                    b2:ce:56:91:69:95:2f:b6:27:2d:52:b8:cb:8b:80:
                    01:4b:bc:27:cb:42:01:f1:9a:b4:a7:66:05:d0:f2:
                    e2:40:1c:e9:7c:9e:0b:d0:fa:bb:6f:31:cc:c2:ee:
                    68:8f:a8:67:b3:cb:df:c8:ca:e7:5b:19:4b:ba:8a:
                    ae:ec:8e:f9:aa:5d:31:12:f4:a4:8f:40:f6:40:af:
                    30:8a:94:f9:8f:aa:e3:78:1b:e9:c8:e0:a7:08:50:
                    f0:d4:8e:9f:89:c4:56:5f:90:48:8d:d3:ec:0d:d7:
                    89:81:97:72:39:0a:f2:3a:2e:c7:a5:c6:db:42:0a:
                    3f:12:6c:61:44:e3:b1:65:76:82:3f:01:27:07:5f:
                    c2:64:50:c9:d9:70:ae:bb:c7:2b:06:fc:63:f3:11:
                    fa:f5:0c:e5:ea:27:9e:31:44:f3:e9:18:b5:81:12:
                    80:6f:c1:37:22:bd:d3:1a:92:0c:86:ca:eb:6b:ab:
                    c1:7e:a6:f4:c2:20:dc:da:00:92:27:82:5a:da:60:
                    72:f6:e7:3b:56:cf:b1:83:ad:9d:27:1c:fa:68:af:
                    2d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:BB:12:32:82:54:A3:92:BD:ED:20:85:0A:5A:CA:57:6D:28:7C:30
            X509v3 Authority Key Identifier:
                keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/17sSMoJUo5K97SCFClrKV20ofDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.37.101.0/24
                  89.47.58.0/24
                  185.131.52.0/24
                  188.241.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:1c:0f:66:a7:d2:07:9c:e5:1e:20:6b:e5:64:f3:bd:e4:c5:
         b0:9c:be:92:b8:26:36:96:48:81:75:6d:73:2e:f8:2b:ea:07:
         f5:c7:0f:81:b2:01:ea:5b:fa:5f:f8:11:90:9b:ba:36:67:93:
         74:02:eb:ff:f6:99:8e:04:86:b1:d2:61:df:0c:6d:61:8c:f3:
         54:4a:d6:ee:e3:ed:3a:4c:1d:d4:4a:81:36:48:c2:5f:d3:be:
         93:84:0f:05:c5:20:28:38:56:f8:b4:fe:62:1b:8f:c6:c1:aa:
         a1:ed:32:b1:77:b3:47:8e:75:fc:ca:fc:16:d4:94:d1:5e:72:
         08:ee:f4:dc:c6:f2:f2:2a:bd:02:5a:c3:d0:71:d2:96:53:32:
         e8:c4:92:ce:4d:06:ae:ac:ff:2e:fb:57:bf:4d:95:ab:0d:87:
         01:4c:c5:d4:c8:ee:57:6b:b9:80:03:6c:77:a4:d9:60:cf:f5:
         ae:c0:8f:7a:c8:b4:92:f1:b9:c1:9a:57:8d:0a:02:a6:04:fc:
         69:7b:ac:a1:2a:9f:87:d4:29:18:ea:34:66:24:41:d5:2c:3a:
         cb:9d:42:6a:be:a6:46:de:67:da:a2:08:95:06:28:43:28:07:
         bb:b5:7e:bd:8d:2a:ea:d0:aa:f6:63:55:69:8e:94:7e:64:c7:
         a7:e2:90:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYU9m29X1d+d8mE1oeWa+J1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjIxMjIzMDYxMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JiMTIzMjgyNTRhMzkyYmRlZDIwODUwYTVhY2E1NzZkMjg3YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiISCVAv2dp8/wp7k2q25Dfuuru1U
Gb6zBtYVDUG8KFX/ucMDg+QeQf/+o8OyzlaRaZUvtictUrjLi4ABS7wny0IB8Zq0
p2YF0PLiQBzpfJ4L0Pq7bzHMwu5oj6hns8vfyMrnWxlLuoqu7I75ql0xEvSkj0D2
QK8wipT5j6rjeBvpyOCnCFDw1I6ficRWX5BIjdPsDdeJgZdyOQryOi7HpcbbQgo/
EmxhROOxZXaCPwEnB1/CZFDJ2XCuu8crBvxj8xH69Qzl6ieeMUTz6Ri1gRKAb8E3
Ir3TGpIMhsrra6vBfqb0wiDc2gCSJ4Ja2mBy9uc7Vs+xg62dJxz6aK8trQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNe7EjKCVKOSve0ghQpayldtKHwwMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvMTdzU01vSlVvNUs5N1NDRkNscktWMjBvZkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSVlAwQA
WS86AwQAuYM0AwQAvPG7MA0GCSqGSIb3DQEBCwUAA4IBAQCUHA9mp9IHnOUeIGvl
ZPO95MWwnL6SuCY2lkiBdW1zLvgr6gf1xw+BsgHqW/pf+BGQm7o2Z5N0Auv/9pmO
BIax0mHfDG1hjPNUStbu4+06TB3USoE2SMJf076ThA8FxSAoOFb4tP5iG4/Gwaqh
7TKxd7NHjnX8yvwW1JTRXnII7vTcxvLyKr0CWsPQcdKWUzLoxJLOTQaurP8u+1e/
TZWrDYcBTMXUyO5Xa7mAA2x3pNlgz/WuwI96yLSS8bnBmleNCgKmBPxpe6yhKp+H
1CkY6jRmJEHVLDrLnUJqvqZG3mfaogiVBihDKAe7tX69jSrq0Kr2Y1VpjpR+ZMen
4pDd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org