Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/pm_95W1nvL35n-7UqcJ6_GzoeZo.roa
File:                     pm_95W1nvL35n-7UqcJ6_GzoeZo.roa (raw, json)
Hash identifier:          5/FY+k/+7VA4RVtDh+6AfQJx0tV5JFhhkW44PkaDC6s=
Subject key identifier:   A6:6F:FD:E5:6D:67:BC:BD:F9:9F:EE:D4:A9:C2:7A:FC:6C:E8:79:9A
Certificate issuer:       /CN=613d23f2121327d917d708d8fe153382455959a8
Certificate serial:       02E038B7
Authority key identifier: 61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/pm_95W1nvL35n-7UqcJ6_GzoeZo.roa
Signing time:             Sat 01 Jan 2022 04:04:04 +0000
ROA not before:           Sat 01 Jan 2022 04:04:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        185.209.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48249015 (0x2e038b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=613d23f2121327d917d708d8fe153382455959a8
        Validity
            Not Before: Jan  1 04:04:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a66ffde56d67bcbdf99feed4a9c27afc6ce8799a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a8:6c:97:76:b2:66:c6:b0:88:27:59:19:a8:
                    e6:67:fb:04:28:a4:1c:1f:62:38:f6:8e:fe:3d:04:
                    50:86:ba:23:ec:8b:bd:66:54:14:b8:4b:64:63:96:
                    2e:26:5d:9e:e2:2a:34:66:b3:0e:6f:16:b0:2f:14:
                    a6:e3:97:e9:40:6e:dc:06:af:34:ab:02:2d:3a:af:
                    da:cd:c9:2c:d5:39:10:33:22:7b:1f:1a:80:19:ee:
                    ae:0c:97:f4:8b:a5:a4:a7:86:51:92:8f:0a:a7:83:
                    4e:37:d8:01:64:d6:b9:78:35:b2:42:05:8d:a1:ac:
                    d0:a7:cb:ec:5a:62:62:99:98:c4:b5:1c:c5:38:52:
                    24:99:c9:2e:2d:06:29:74:72:48:bb:36:41:8f:34:
                    47:a4:45:56:ec:c6:29:0d:47:4f:dd:1e:e5:dc:37:
                    92:7b:15:9c:bc:c9:01:c8:9e:ea:25:b8:d6:fd:bf:
                    aa:ad:e2:84:13:af:f7:63:e3:8e:d6:06:32:d0:9f:
                    83:ba:d0:8d:0f:2e:86:0f:64:62:fb:5c:2e:fa:14:
                    65:30:59:33:22:e7:60:85:54:a3:1f:38:d9:41:bd:
                    c9:a4:37:5a:81:3f:5e:7d:6e:2b:35:82:4c:74:8f:
                    10:16:e9:f9:62:b8:d4:d8:99:e2:e8:c9:33:52:63:
                    ca:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:6F:FD:E5:6D:67:BC:BD:F9:9F:EE:D4:A9:C2:7A:FC:6C:E8:79:9A
            X509v3 Authority Key Identifier:
                keyid:61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/pm_95W1nvL35n-7UqcJ6_GzoeZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/YT0j8hITJ9kX1wjY_hUzgkVZWag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.209.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:f5:0b:e0:7b:e9:78:0b:d1:55:eb:8e:86:63:52:31:2b:79:
         33:7a:f0:15:88:e4:f4:13:1d:f6:7f:79:23:92:45:f6:ee:63:
         82:c8:d9:6b:27:89:ab:13:40:25:82:d0:9a:5b:2e:c5:eb:32:
         4e:44:0b:1c:c2:16:db:3b:a3:24:83:25:14:47:83:f4:1c:5b:
         53:46:11:1d:bc:18:9f:df:97:69:c2:d3:a9:8f:e8:b8:a6:d4:
         89:49:8c:e3:4d:05:1d:ad:32:af:69:e2:fb:65:dc:76:00:f6:
         eb:17:a0:1d:67:e8:71:e5:b2:dc:4d:db:c9:a6:bb:f5:b2:eb:
         06:3a:f9:e4:1f:aa:86:28:c8:47:26:58:e1:40:f2:f4:cb:16:
         97:a4:b3:b7:f4:98:26:5d:55:20:6a:4f:f4:5c:3e:af:eb:e6:
         48:17:5c:61:61:41:a2:46:d7:d6:08:d2:d2:19:97:9e:5a:d3:
         b9:a8:0b:0b:62:c3:e5:f1:eb:95:6e:79:be:3c:5a:ae:e4:37:
         52:60:33:94:ab:e1:fc:36:d7:7c:e8:02:f1:2e:ed:3f:aa:36:
         b3:1b:ab:0a:9f:da:f0:58:af:e0:28:dd:40:4e:48:12:bd:c9:
         de:e2:26:d2:60:96:11:e7:d3:48:32:0d:36:b4:fc:94:56:19:
         c1:35:4e:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuA4tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTNkMjNmMjEyMTMyN2Q5MTdkNzA4ZDhmZTE1MzM4MjQ1NTk1OWE4MB4XDTIyMDEw
MTA0MDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY2ZmZkZTU2ZDY3
YmNiZGY5OWZlZWQ0YTljMjdhZmM2Y2U4Nzk5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWobJd2smbGsIgnWRmo5mf7BCikHB9iOPaO/j0EUIa6I+yL
vWZUFLhLZGOWLiZdnuIqNGazDm8WsC8UpuOX6UBu3AavNKsCLTqv2s3JLNU5EDMi
ex8agBnurgyX9IulpKeGUZKPCqeDTjfYAWTWuXg1skIFjaGs0KfL7FpiYpmYxLUc
xThSJJnJLi0GKXRySLs2QY80R6RFVuzGKQ1HT90e5dw3knsVnLzJAcie6iW41v2/
qq3ihBOv92PjjtYGMtCfg7rQjQ8uhg9kYvtcLvoUZTBZMyLnYIVUox842UG9yaQ3
WoE/Xn1uKzWCTHSPEBbp+WK41NiZ4ujJM1JjyvkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmb/3lbWe8vfmf7tSpwnr8bOh5mjAfBgNVHSMEGDAWgBRhPSPyEhMn2RfX
CNj+FTOCRVlZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lUMGo4aElUSjlrWDF3allfaFV6Z2tWWldhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvZmNlNmJlLTA4OTYtNDQ4Ny1hYTM0LTdhNjA1YmE0MGMxZS8x
L3BtXzk1VzFudkwzNW4tN1VxY0o2X0d6b2Vaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
ZmNlNmJlLTA4OTYtNDQ4Ny1hYTM0LTdhNjA1YmE0MGMxZS8xL1lUMGo4aElUSjlr
WDF3allfaFV6Z2tWWldhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnR0TANBgkqhkiG9w0BAQsFAAOC
AQEA1vUL4HvpeAvRVeuOhmNSMSt5M3rwFYjk9BMd9n95I5JF9u5jgsjZayeJqxNA
JYLQmlsuxesyTkQLHMIW2zujJIMlFEeD9BxbU0YRHbwYn9+XacLTqY/ouKbUiUmM
400FHa0yr2ni+2XcdgD26xegHWfoceWy3E3byaa79bLrBjr55B+qhijIRyZY4UDy
9MsWl6Szt/SYJl1VIGpP9Fw+r+vmSBdcYWFBokbX1gjS0hmXnlrTuagLC2LD5fHr
lW55vjxaruQ3UmAzlKvh/DbXfOgC8S7tP6o2sxurCp/a8Fiv4CjdQE5IEr3J3uIm
0mCWEefTSDINNrT8lFYZwTVO7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org