Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/YELZRPcsRA9yuTj0FBvEyiUDpAM.roa
File:                     YELZRPcsRA9yuTj0FBvEyiUDpAM.roa (raw, json)
Hash identifier:          qPE/DY215hry7hsbBZ6SqmRO1WYcCe2ZyA1iDolEdHA=
Subject key identifier:   60:42:D9:44:F7:2C:44:0F:72:B9:38:F4:14:1B:C4:CA:25:03:A4:03
Certificate issuer:       /CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Certificate serial:       018535C39F2043EF526FC495DCBDED99A628
Authority key identifier: 87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/YELZRPcsRA9yuTj0FBvEyiUDpAM.roa
Signing time:             Wed 21 Dec 2022 17:38:10 +0000
ROA not before:           Wed 21 Dec 2022 17:38:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42346
IP address blocks:        185.59.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:35:c3:9f:20:43:ef:52:6f:c4:95:dc:bd:ed:99:a6:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
        Validity
            Not Before: Dec 21 17:38:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6042d944f72c440f72b938f4141bc4ca2503a403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:73:3b:5c:6e:33:db:c7:71:76:a7:08:0c:8b:
                    62:85:74:15:1b:ba:07:7e:b8:11:b9:e6:1f:fb:ff:
                    7e:5c:f6:f6:cd:d6:0e:44:1b:78:d7:13:62:64:6a:
                    f9:53:f3:2e:81:3a:e2:df:80:d3:3e:b2:28:8b:6d:
                    8d:45:e2:5f:7b:98:42:b6:83:3c:60:57:99:45:ce:
                    8d:f3:72:5e:a4:6b:46:a9:c2:7f:d8:fe:f9:57:e9:
                    26:31:85:82:70:cf:6c:67:c9:1a:4a:a8:c1:b9:5b:
                    0a:24:9c:1d:41:2d:d8:c6:87:3c:6d:cb:97:a4:f4:
                    31:66:72:03:83:32:b5:03:fb:3b:c4:b0:08:87:f4:
                    3b:60:94:b3:02:e3:6c:89:19:c7:a0:f2:b6:c4:dc:
                    13:4d:96:67:be:3e:70:6f:24:3f:cb:c0:a3:d0:ee:
                    c7:9c:9b:7d:25:47:a7:fa:a4:12:92:f2:ca:15:1d:
                    cf:76:92:80:30:2c:7b:57:19:70:b9:12:2d:03:04:
                    33:e5:d8:e3:17:b0:c6:84:f2:fa:af:e2:7b:44:12:
                    ec:9a:1f:75:99:92:dc:c7:3d:33:11:41:14:fb:ce:
                    48:9d:a2:6c:ce:9c:7d:69:c8:fe:37:a1:d5:99:c2:
                    e2:cc:c2:da:61:97:27:0f:48:e3:e8:51:fd:cd:75:
                    18:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:42:D9:44:F7:2C:44:0F:72:B9:38:F4:14:1B:C4:CA:25:03:A4:03
            X509v3 Authority Key Identifier:
                keyid:87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/YELZRPcsRA9yuTj0FBvEyiUDpAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/h8N9A12V_vuh1H-Yuf9Jc_F99s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.59.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:23:5d:43:c4:f2:fb:51:4e:c9:b3:c3:93:22:d4:e6:19:2f:
         f7:47:d8:25:8a:70:c2:2d:8c:44:19:97:c5:fe:27:04:8e:cd:
         ac:f7:be:55:48:ab:a8:8e:93:a2:5d:5a:17:48:85:90:c2:e5:
         a6:2a:4f:46:9f:5a:fb:b8:40:c9:fe:d0:35:a4:77:cd:bc:fd:
         ae:80:1f:dd:f2:b2:dc:ac:01:a0:e3:37:20:54:85:48:73:5e:
         17:ce:16:ff:47:b8:7b:ae:f1:e9:2d:c5:6f:65:ca:ff:7a:7d:
         e4:53:a3:3f:8c:59:6b:5f:a1:9f:a7:e8:22:fe:b1:5b:58:b3:
         81:66:2a:91:69:8a:9c:a2:92:22:34:7b:62:ea:79:e0:69:d3:
         82:71:c4:76:f4:68:7e:65:00:46:52:fb:c7:15:93:75:33:82:
         4f:4d:9f:e5:7d:ef:6b:19:19:ce:80:01:6d:ea:77:d4:77:fb:
         9b:38:f1:55:4f:28:fe:82:89:ed:07:03:0e:43:b0:cc:69:6a:
         45:fe:f8:50:ae:0b:4d:e2:16:0e:55:45:12:63:85:c0:05:96:
         c7:c4:50:15:a2:f3:e7:7d:97:bc:e8:90:3d:12:62:f3:45:54:
         84:90:f2:78:ef:ae:71:1c:73:df:bf:04:36:65:bd:71:1e:6b:
         79:fe:37:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU1w58gQ+9Sb8SV3L3tmaYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzM3ZDAzNWQ5NWZlZmJhMWQ0N2Y5OGI5ZmY0OTczZjE3
ZGY2Y2QwHhcNMjIxMjIxMTczODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQyZDk0NGY3MmM0NDBmNzJiOTM4ZjQxNDFiYzRjYTI1MDNhNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinM7XG4z28dxdqcIDItihXQVG7oH
frgRueYf+/9+XPb2zdYORBt41xNiZGr5U/MugTri34DTPrIoi22NReJfe5hCtoM8
YFeZRc6N83JepGtGqcJ/2P75V+kmMYWCcM9sZ8kaSqjBuVsKJJwdQS3Yxoc8bcuX
pPQxZnIDgzK1A/s7xLAIh/Q7YJSzAuNsiRnHoPK2xNwTTZZnvj5wbyQ/y8Cj0O7H
nJt9JUen+qQSkvLKFR3PdpKAMCx7VxlwuRItAwQz5djjF7DGhPL6r+J7RBLsmh91
mZLcxz0zEUEU+85InaJszpx9acj+N6HVmcLizMLaYZcnD0jj6FH9zXUY7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBC2UT3LEQPcrk49BQbxMolA6QDMB8GA1UdIwQY
MBaAFIfDfQNdlf77odR/mLn/SXPxffbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTIt
ZTFiN2M3NjQ5ZmEzLzEvWUVMWlJQY3NSQTl5dVRqMEZCdkV5aVVEcEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTItZTFiN2M3NjQ5ZmEz
LzEvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTs0MA0G
CSqGSIb3DQEBCwUAA4IBAQBLI11DxPL7UU7Js8OTItTmGS/3R9glinDCLYxEGZfF
/icEjs2s975VSKuojpOiXVoXSIWQwuWmKk9Gn1r7uEDJ/tA1pHfNvP2ugB/d8rLc
rAGg4zcgVIVIc14Xzhb/R7h7rvHpLcVvZcr/en3kU6M/jFlrX6Gfp+gi/rFbWLOB
ZiqRaYqcopIiNHti6nngadOCccR29Gh+ZQBGUvvHFZN1M4JPTZ/lfe9rGRnOgAFt
6nfUd/ubOPFVTyj+gontBwMOQ7DMaWpF/vhQrgtN4hYOVUUSY4XABZbHxFAVovPn
fZe86JA9EmLzRVSEkPJ4765xHHPfvwQ2Zb1xHmt5/jf6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:53 2024 by rpki-client on console-fra.rpki-client.org