Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/SGELItKB8Q7DvANs70-Ab-wlzVs.roa
File:                     SGELItKB8Q7DvANs70-Ab-wlzVs.roa (raw, json)
Hash identifier:          tYMDQmAD0+EtXENxfnZtwxE9Fj9ee685m4mqLug2fxM=
Subject key identifier:   48:61:0B:22:D2:81:F1:0E:C3:BC:03:6C:EF:4F:80:6F:EC:25:CD:5B
Certificate issuer:       /CN=3b637ccf393f52e0b56fb58ee35af54411daf644
Certificate serial:       0183F9ED745C636CAA1EAB396F023EA14B4D
Authority key identifier: 3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/SGELItKB8Q7DvANs70-Ab-wlzVs.roa
Signing time:             Fri 21 Oct 2022 09:43:52 +0000
ROA not before:           Fri 21 Oct 2022 09:43:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39223
IP address blocks:        185.63.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f9:ed:74:5c:63:6c:aa:1e:ab:39:6f:02:3e:a1:4b:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b637ccf393f52e0b56fb58ee35af54411daf644
        Validity
            Not Before: Oct 21 09:43:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48610b22d281f10ec3bc036cef4f806fec25cd5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a3:ff:34:ea:11:16:12:af:1a:57:f5:9b:9d:
                    7f:d8:07:ba:5f:a8:d7:08:6f:de:69:f2:ce:f4:2d:
                    79:89:7f:3c:96:b4:57:72:15:6c:76:9c:e8:fe:0d:
                    e5:f6:d5:ed:25:10:9f:e8:0e:a8:ec:1f:7a:42:04:
                    21:e3:1e:c7:48:8a:27:82:09:a5:ea:ee:16:34:8d:
                    58:34:af:81:d8:b3:38:5f:70:b5:af:17:d7:d0:37:
                    58:dc:88:8e:2e:2b:2a:66:35:b5:21:17:ee:b3:d4:
                    e6:a1:1a:08:0b:dc:89:c3:ee:c3:c7:74:c3:2e:ac:
                    83:d2:65:79:16:9b:f4:29:25:90:14:7d:ab:54:f5:
                    41:9d:d4:91:2d:9e:0d:19:33:02:c4:56:db:7a:8c:
                    cf:5c:9c:8f:03:7d:3d:b7:2c:50:a6:55:e7:26:64:
                    5c:75:42:eb:60:f0:9d:70:ec:a7:89:e9:17:f6:d8:
                    44:ce:10:88:72:dc:37:b1:b7:ac:48:b2:e8:6d:49:
                    72:3d:07:2a:72:06:bf:90:8c:25:ff:c8:c9:c5:c4:
                    e6:e7:d0:6e:7a:55:c1:06:ef:60:19:f6:ee:46:db:
                    db:1a:82:e4:ad:7c:0c:2b:cc:7b:f4:67:55:af:2a:
                    2d:8c:ea:a0:52:19:66:55:d6:b3:40:8c:4c:12:a7:
                    41:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:61:0B:22:D2:81:F1:0E:C3:BC:03:6C:EF:4F:80:6F:EC:25:CD:5B
            X509v3 Authority Key Identifier:
                keyid:3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/SGELItKB8Q7DvANs70-Ab-wlzVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/O2N8zzk_UuC1b7WO41r1RBHa9kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:21:78:c5:98:0b:44:55:33:84:88:db:e1:ce:8f:d7:01:21:
         58:4d:36:c8:a2:71:e4:d1:92:77:57:da:24:db:4f:b8:a9:ab:
         a4:34:6e:2f:d7:72:ac:29:fe:e3:b3:b6:d3:b4:53:e0:86:e4:
         23:d5:d1:d7:61:36:fa:d3:9d:17:e1:f9:98:56:bb:98:f8:ee:
         52:33:67:04:c7:f8:72:dd:4d:c4:ec:00:2e:c9:d3:76:5a:a0:
         83:4b:94:df:44:f5:5c:64:18:96:b9:fb:cd:b0:5a:c4:bb:ce:
         94:d8:7f:43:0f:52:4f:44:06:f5:70:3f:66:1d:2f:ce:fb:d6:
         fa:b5:11:aa:18:f9:fe:fb:8a:3a:4e:3d:56:59:58:07:66:c9:
         87:de:13:89:ef:cd:da:b2:eb:5b:37:57:52:80:77:d4:bc:9c:
         8e:e6:e4:c5:0e:28:89:0f:f5:39:30:53:fd:09:32:98:5f:77:
         a9:9a:d5:f5:44:51:06:85:36:b5:ff:2e:bd:63:cd:77:44:c8:
         4e:29:0c:21:82:12:e9:36:66:90:8c:41:40:ec:50:6a:c0:37:
         db:8a:ee:f5:46:62:97:8a:50:c2:ce:42:7f:b7:3f:ac:00:dc:
         f4:f4:79:1d:a1:41:6d:0d:34:56:ca:76:5d:53:c7:e9:aa:3a:
         6e:dd:58:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP57XRcY2yqHqs5bwI+oUtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjM3Y2NmMzkzZjUyZTBiNTZmYjU4ZWUzNWFmNTQ0MTFk
YWY2NDQwHhcNMjIxMDIxMDk0MzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYxMGIyMmQyODFmMTBlYzNiYzAzNmNlZjRmODA2ZmVjMjVjZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aP/NOoRFhKvGlf1m51/2Ae6X6jX
CG/eafLO9C15iX88lrRXchVsdpzo/g3l9tXtJRCf6A6o7B96QgQh4x7HSIonggml
6u4WNI1YNK+B2LM4X3C1rxfX0DdY3IiOLisqZjW1IRfus9TmoRoIC9yJw+7Dx3TD
LqyD0mV5Fpv0KSWQFH2rVPVBndSRLZ4NGTMCxFbbeozPXJyPA309tyxQplXnJmRc
dULrYPCdcOyniekX9thEzhCIctw3sbesSLLobUlyPQcqcga/kIwl/8jJxcTm59Bu
elXBBu9gGfbuRtvbGoLkrXwMK8x79GdVryotjOqgUhlmVdazQIxMEqdB7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhhCyLSgfEOw7wDbO9PgG/sJc1bMB8GA1UdIwQY
MBaAFDtjfM85P1LgtW+1juNa9UQR2vZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYt
MzA3MzNkMzcwZGYzLzEvU0dFTEl0S0I4UTdEdkFOczcwLUFiLXdselZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYtMzA3MzNkMzcwZGYz
LzEvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT9JMA0G
CSqGSIb3DQEBCwUAA4IBAQB0IXjFmAtEVTOEiNvhzo/XASFYTTbIonHk0ZJ3V9ok
20+4qaukNG4v13KsKf7js7bTtFPghuQj1dHXYTb6050X4fmYVruY+O5SM2cEx/hy
3U3E7AAuydN2WqCDS5TfRPVcZBiWufvNsFrEu86U2H9DD1JPRAb1cD9mHS/O+9b6
tRGqGPn++4o6Tj1WWVgHZsmH3hOJ783asutbN1dSgHfUvJyO5uTFDiiJD/U5MFP9
CTKYX3epmtX1RFEGhTa1/y69Y813RMhOKQwhghLpNmaQjEFA7FBqwDfbiu71RmKX
ilDCzkJ/tz+sANz09HkdoUFtDTRWynZdU8fpqjpu3Vii
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org