Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/9O7f_yDBQ6Sd5dzZO_zliHR_JjM.roa
File:                     9O7f_yDBQ6Sd5dzZO_zliHR_JjM.roa (raw, json)
Hash identifier:          6VPbssl4Ldnq97YP6zOaW9Ad1WwJySXihMg/wVPQ2C8=
Subject key identifier:   F4:EE:DF:FF:20:C1:43:A4:9D:E5:DC:D9:3B:FC:E5:88:74:7F:26:33
Certificate issuer:       /CN=613d23f2121327d917d708d8fe153382455959a8
Certificate serial:       03FAD818
Authority key identifier: 61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/9O7f_yDBQ6Sd5dzZO_zliHR_JjM.roa
Signing time:             Mon 09 May 2022 15:15:43 +0000
ROA not before:           Mon 09 May 2022 15:15:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        185.209.208.0/24 maxlen: 24
                          185.209.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66770968 (0x3fad818)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=613d23f2121327d917d708d8fe153382455959a8
        Validity
            Not Before: May  9 15:15:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4eedfff20c143a49de5dcd93bfce588747f2633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9e:05:2a:be:df:60:4e:a5:a7:65:cd:3d:ef:
                    d7:57:fa:67:d4:55:5f:f2:ce:db:5c:cd:05:7f:a3:
                    48:bc:03:99:60:a8:d8:d9:40:59:9b:4a:a0:c9:69:
                    5f:b9:51:4a:8c:35:0f:e7:af:74:14:a7:40:68:5e:
                    1e:30:e2:5e:48:d8:ea:41:14:b1:53:18:2c:22:78:
                    e0:e9:cb:3a:3e:66:8b:4e:8a:fc:3f:38:b8:dd:10:
                    45:4e:7e:00:b9:51:09:08:f3:32:91:9c:2f:8f:66:
                    81:e5:96:4d:4a:46:fb:ed:5b:be:07:2f:d2:59:99:
                    38:9e:e2:cc:ff:b3:e6:9a:6b:c5:68:5a:4f:71:17:
                    37:8d:1e:35:4b:a5:d0:a5:17:79:dd:f1:66:52:c2:
                    d9:17:69:3d:af:4e:02:6a:b3:ce:53:7f:f0:29:17:
                    e9:a2:1d:ac:d0:50:fc:29:49:ad:70:c8:a1:0c:c9:
                    59:4f:3c:4c:fb:a8:da:aa:7e:b0:58:7a:e5:fe:04:
                    df:76:97:36:8b:54:5b:3c:ba:fc:53:4f:16:2c:ea:
                    38:4d:7b:53:56:3c:cf:6e:12:63:29:e5:43:ef:7f:
                    91:ad:88:6a:62:db:63:1e:33:24:fc:35:cb:01:4a:
                    3e:c7:8c:55:f2:64:bd:7a:d8:0f:b6:2b:b9:eb:1a:
                    88:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:EE:DF:FF:20:C1:43:A4:9D:E5:DC:D9:3B:FC:E5:88:74:7F:26:33
            X509v3 Authority Key Identifier:
                keyid:61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/9O7f_yDBQ6Sd5dzZO_zliHR_JjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/YT0j8hITJ9kX1wjY_hUzgkVZWag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.209.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:17:c2:42:09:9a:76:b5:f4:3d:0e:7a:6a:8c:b1:a7:a6:3b:
         c5:96:9e:f1:61:f2:b1:e9:71:0b:ad:cf:58:9f:1c:d8:5d:d2:
         93:83:88:4a:05:ba:93:8a:da:56:b8:3c:3b:d4:da:c3:f3:03:
         e6:b2:4e:94:65:7b:0e:5f:76:c6:ce:e6:eb:a1:46:67:a5:09:
         95:7a:45:c1:8e:ba:ec:76:f0:75:d0:a7:21:6a:0b:11:eb:7b:
         08:d2:25:92:b0:7d:42:e5:ea:21:4a:57:d3:38:05:87:e0:fe:
         94:0f:b3:83:d8:1b:7b:68:97:58:9d:6e:b0:63:35:73:e3:2a:
         33:e5:c1:6d:78:8e:f3:77:51:5d:29:17:30:a2:3e:12:5f:f7:
         9c:2d:0e:c8:4e:33:c2:ed:1c:fc:29:7d:d0:df:3c:5f:37:0d:
         e9:cd:74:fc:c1:39:98:ca:61:b3:33:b7:7c:d4:90:76:5e:b9:
         95:94:a8:a4:1f:66:5f:d4:89:01:b7:8a:24:d2:89:f2:6a:34:
         b0:fc:d8:f7:a3:ee:2b:3c:50:51:a7:2a:74:06:8a:e2:fe:7c:
         a4:00:48:d8:b7:c7:8b:92:43:53:0c:38:50:fd:5f:15:7e:79:
         fe:66:e9:d0:d8:15:ca:ff:47:33:02:01:d3:2e:af:86:05:51:
         e4:e8:6a:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/rYGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTNkMjNmMjEyMTMyN2Q5MTdkNzA4ZDhmZTE1MzM4MjQ1NTk1OWE4MB4XDTIyMDUw
OTE1MTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRlZWRmZmYyMGMx
NDNhNDlkZTVkY2Q5M2JmY2U1ODg3NDdmMjYzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKeBSq+32BOpadlzT3v11f6Z9RVX/LO21zNBX+jSLwDmWCo
2NlAWZtKoMlpX7lRSow1D+evdBSnQGheHjDiXkjY6kEUsVMYLCJ44OnLOj5mi06K
/D84uN0QRU5+ALlRCQjzMpGcL49mgeWWTUpG++1bvgcv0lmZOJ7izP+z5pprxWha
T3EXN40eNUul0KUXed3xZlLC2RdpPa9OAmqzzlN/8CkX6aIdrNBQ/ClJrXDIoQzJ
WU88TPuo2qp+sFh65f4E33aXNotUWzy6/FNPFizqOE17U1Y8z24SYynlQ+9/ka2I
amLbYx4zJPw1ywFKPseMVfJkvXrYD7YruesaiMMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT07t//IMFDpJ3l3Nk7/OWIdH8mMzAfBgNVHSMEGDAWgBRhPSPyEhMn2RfX
CNj+FTOCRVlZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lUMGo4aElUSjlrWDF3allfaFV6Z2tWWldhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvZmNlNmJlLTA4OTYtNDQ4Ny1hYTM0LTdhNjA1YmE0MGMxZS8x
LzlPN2ZfeURCUTZTZDVkelpPX3psaUhSX0pqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
ZmNlNmJlLTA4OTYtNDQ4Ny1hYTM0LTdhNjA1YmE0MGMxZS8xL1lUMGo4aElUSjlr
WDF3allfaFV6Z2tWWldhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnR0DANBgkqhkiG9w0BAQsFAAOC
AQEAshfCQgmadrX0PQ56aoyxp6Y7xZae8WHyselxC63PWJ8c2F3Sk4OISgW6k4ra
Vrg8O9Taw/MD5rJOlGV7Dl92xs7m66FGZ6UJlXpFwY667HbwddCnIWoLEet7CNIl
krB9QuXqIUpX0zgFh+D+lA+zg9gbe2iXWJ1usGM1c+MqM+XBbXiO83dRXSkXMKI+
El/3nC0OyE4zwu0c/Cl90N88XzcN6c10/ME5mMphszO3fNSQdl65lZSopB9mX9SJ
AbeKJNKJ8mo0sPzY96PuKzxQUacqdAaK4v58pABI2LfHi5JDUww4UP1fFX55/mbp
0NgVyv9HMwIB0y6vhgVR5OhqBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org