Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/VLl-3SyFIa_SE5VIxc0kwhPFzto.roa
File:                     VLl-3SyFIa_SE5VIxc0kwhPFzto.roa (raw, json)
Hash identifier:          yj7g/FSqKIY+AmfKo/TMDnNqvgjgP0tzGNBC0FLUO4o=
Subject key identifier:   54:B9:7E:DD:2C:85:21:AF:D2:13:95:48:C5:CD:24:C2:13:C5:CE:DA
Certificate issuer:       /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial:       0184BD0A2BDCBF31393FEADEC8DA58AED7B4
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/VLl-3SyFIa_SE5VIxc0kwhPFzto.roa
Signing time:             Mon 28 Nov 2022 07:01:11 +0000
ROA not before:           Mon 28 Nov 2022 07:01:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206376
IP address blocks:        185.106.240.0/24 maxlen: 24
                          185.106.242.0/24 maxlen: 24
                          2a06:4100::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:0a:2b:dc:bf:31:39:3f:ea:de:c8:da:58:ae:d7:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
        Validity
            Not Before: Nov 28 07:01:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54b97edd2c8521afd2139548c5cd24c213c5ceda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:94:53:e1:63:21:f2:bc:69:71:91:a5:76:4e:
                    ad:c1:56:40:1e:10:ff:fb:93:55:f2:99:57:49:86:
                    9b:da:54:7a:8b:fd:d1:bf:1d:ed:ec:4c:f4:81:29:
                    49:05:bc:c6:3c:ce:be:12:d3:25:8a:ef:b0:50:31:
                    45:71:7b:76:18:ff:b9:2c:07:d8:9d:24:48:08:95:
                    0a:47:e7:f1:1c:18:4c:a3:bd:9e:e4:43:60:75:3b:
                    c0:3d:d7:43:70:a1:b2:e3:e7:a3:55:73:22:95:c1:
                    44:aa:f0:95:ac:b8:65:b2:5c:d2:ec:98:88:a3:68:
                    4f:ea:f3:91:a3:ee:61:a8:ea:6e:26:7b:bf:42:60:
                    2b:e2:c8:b0:38:77:f9:8f:ac:fb:71:6a:8f:bc:85:
                    95:7f:be:4a:e7:14:8a:a4:26:fa:11:0d:b4:37:72:
                    07:bb:3e:8e:25:08:b1:8a:17:c6:3a:36:78:ae:a4:
                    38:66:ff:f9:c6:ec:f6:b7:ec:94:a0:00:1b:d6:d1:
                    2e:24:6d:ba:93:94:53:5e:da:6a:eb:58:7a:7a:96:
                    91:61:de:a9:47:45:b3:4a:d9:b4:d6:02:59:de:1d:
                    91:98:21:42:71:d4:5c:56:88:06:06:7b:5e:da:c6:
                    94:42:6b:12:01:a0:24:60:36:ca:e8:b1:21:7e:1c:
                    52:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:B9:7E:DD:2C:85:21:AF:D2:13:95:48:C5:CD:24:C2:13:C5:CE:DA
            X509v3 Authority Key Identifier:
                keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/VLl-3SyFIa_SE5VIxc0kwhPFzto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.106.240.0/24
                  185.106.242.0/24
                IPv6:
                  2a06:4100::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:86:ef:22:e3:17:7b:7f:c7:16:19:7c:b3:e9:e0:9d:fc:be:
         d6:99:50:c9:a1:23:5f:2d:8b:19:7b:dc:42:ce:90:a6:03:6b:
         c4:ab:54:a7:c7:7c:b8:43:dd:cf:76:31:34:61:cd:c5:82:d9:
         d5:dd:7e:e7:1a:38:00:42:08:af:7e:ee:47:8f:7f:4e:0e:5e:
         c9:cc:cb:b9:35:50:0d:56:3b:45:78:c2:78:96:23:b3:76:d8:
         31:af:6a:54:b2:b3:50:07:7c:39:44:06:9f:2d:63:42:5c:b0:
         26:b3:db:cf:ca:56:d5:a0:46:b6:60:84:fd:c7:1d:39:29:ba:
         58:f7:22:51:67:85:22:97:59:8d:bf:a3:a0:dd:1c:52:f7:70:
         21:69:3d:b8:15:7f:c4:c8:20:d9:d1:a4:09:cf:90:0e:31:1a:
         0e:3b:8c:da:53:98:34:a4:ae:12:7a:7e:5a:ec:8e:a8:e5:78:
         81:5c:1f:32:c4:c1:22:3a:d4:e5:97:a6:c8:75:7f:88:5b:c0:
         91:e4:2d:00:c5:84:12:bd:c4:22:5c:6c:b9:4d:3a:a7:35:06:
         bc:58:00:30:1f:72:53:05:d3:d9:b9:aa:dd:1d:fa:1b:64:e5:
         7e:e7:64:35:7a:9d:02:bd:d8:2e:92:b4:b3:e5:dd:1c:ca:cb:
         3b:0b:d9:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS9CivcvzE5P+reyNpYrte0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjIxMTI4MDcwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI5N2VkZDJjODUyMWFmZDIxMzk1NDhjNWNkMjRjMjEzYzVjZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJRT4WMh8rxpcZGldk6twVZAHhD/
+5NV8plXSYab2lR6i/3Rvx3t7Ez0gSlJBbzGPM6+EtMliu+wUDFFcXt2GP+5LAfY
nSRICJUKR+fxHBhMo72e5ENgdTvAPddDcKGy4+ejVXMilcFEqvCVrLhlslzS7JiI
o2hP6vORo+5hqOpuJnu/QmAr4siwOHf5j6z7cWqPvIWVf75K5xSKpCb6EQ20N3IH
uz6OJQixihfGOjZ4rqQ4Zv/5xuz2t+yUoAAb1tEuJG26k5RTXtpq61h6epaRYd6p
R0WzStm01gJZ3h2RmCFCcdRcVogGBnte2saUQmsSAaAkYDbK6LEhfhxShQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFS5ft0shSGv0hOVSMXNJMITxc7aMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvVkxsLTNTeUZJYV9TRTVWSXhjMGt3aFBGenRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWrwAwQA
uWryMA0EAgACMAcDBQAqBkEAMA0GCSqGSIb3DQEBCwUAA4IBAQA4hu8i4xd7f8cW
GXyz6eCd/L7WmVDJoSNfLYsZe9xCzpCmA2vEq1Snx3y4Q93PdjE0Yc3FgtnV3X7n
GjgAQgivfu5Hj39ODl7JzMu5NVANVjtFeMJ4liOzdtgxr2pUsrNQB3w5RAafLWNC
XLAms9vPylbVoEa2YIT9xx05KbpY9yJRZ4Uil1mNv6Og3RxS93AhaT24FX/EyCDZ
0aQJz5AOMRoOO4zaU5g0pK4Sen5a7I6o5XiBXB8yxMEiOtTll6bIdX+IW8CR5C0A
xYQSvcQiXGy5TTqnNQa8WAAwH3JTBdPZuardHfobZOV+52Q1ep0CvdgukrSz5d0c
yss7C9l1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:36 2024 by rpki-client on console-fra.rpki-client.org