Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa
File:                     5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa (raw, json)
Hash identifier:          hvjpG0j0nfVwTHhnSfXieshcfc0zmX69zGFxjqrVyZc=
Subject key identifier:   E5:78:79:CA:83:44:5D:92:5C:77:D3:66:CA:56:6C:B9:3F:32:41:F1
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       0184A9C58C349E519EFB3A38CC2F9AB0BAE7
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa
Signing time:             Thu 24 Nov 2022 13:13:26 +0000
ROA not before:           Thu 24 Nov 2022 13:13:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        185.191.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a9:c5:8c:34:9e:51:9e:fb:3a:38:cc:2f:9a:b0:ba:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Nov 24 13:13:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e57879ca83445d925c77d366ca566cb93f3241f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:62:2b:c1:9c:83:86:b5:b5:63:f4:fb:b4:e1:
                    ec:c4:a1:cb:5a:77:57:a4:53:b9:e4:c0:f8:8d:64:
                    56:10:b0:9f:2b:ff:8b:93:1e:c2:82:b5:03:55:79:
                    5d:74:13:52:9d:dc:7d:17:93:94:62:9e:5d:a0:30:
                    43:dc:92:9d:69:88:4a:29:fe:49:d6:eb:34:cc:a5:
                    03:08:57:ab:ed:27:c2:1d:45:18:4b:3a:0e:ed:3f:
                    ab:80:1e:e2:16:69:53:ec:96:12:52:04:87:29:92:
                    af:16:30:42:22:92:fc:81:0d:07:00:d7:3f:e2:10:
                    c0:9c:4f:9a:62:44:63:a8:88:2e:71:25:8a:2c:77:
                    06:80:13:92:73:69:75:ff:5e:1c:83:85:84:b4:38:
                    0c:89:b4:c0:72:41:d0:6a:b7:55:e1:42:20:49:10:
                    55:4d:dd:27:0a:57:23:ad:3d:2f:79:77:24:10:43:
                    d7:18:de:19:d8:ec:de:12:4c:96:19:63:86:97:5c:
                    9c:98:28:1b:06:22:79:e2:23:13:c0:3e:80:ee:bf:
                    6c:fc:63:47:40:99:c7:be:bd:a7:9e:4b:07:d2:a1:
                    a7:b0:be:68:de:fd:ce:de:dd:64:9a:b7:0a:10:9f:
                    fe:ca:de:43:dc:5b:b9:60:57:0c:3d:88:7b:5f:25:
                    cc:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:78:79:CA:83:44:5D:92:5C:77:D3:66:CA:56:6C:B9:3F:32:41:F1
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/5Xh5yoNEXZJcd9NmylZsuT8yQfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:88:72:fa:74:eb:1b:82:38:86:1a:11:e5:47:8a:d5:1c:7b:
         68:d6:02:0b:7c:44:d9:6b:08:3f:3c:fe:5c:2e:fb:78:79:11:
         fa:74:dc:5a:bf:45:50:a5:dc:8d:85:7d:29:dd:c1:fd:f1:12:
         28:96:95:f4:f1:28:3d:5e:e7:13:59:4c:97:bd:bb:93:97:6b:
         7c:2e:39:15:1f:85:e5:71:dd:9f:12:d5:5c:f9:7a:6a:0b:e8:
         50:8e:10:c7:16:42:ff:2c:80:46:87:51:90:39:1a:f8:76:33:
         04:9e:da:be:37:32:54:9d:f6:a2:cc:ff:1f:a3:c5:54:fb:8b:
         b6:c8:cf:52:e4:0c:85:65:d5:d4:84:5d:ef:c9:1d:b2:81:39:
         bf:c5:31:20:4f:cf:e2:9d:0b:6c:2a:23:b5:ad:ff:b9:5a:a7:
         75:5b:aa:6d:f2:72:c9:ea:76:f7:41:70:5e:f9:d8:c9:1a:bf:
         86:af:e4:41:e6:b6:aa:5d:a4:f4:17:c2:cd:99:cb:23:dc:82:
         18:70:9e:15:72:14:2a:be:1c:b8:83:25:d1:aa:db:8e:ea:97:
         4a:e6:83:44:41:5e:65:d3:95:4c:ef:d6:f4:e6:24:2f:2e:12:
         82:ee:0b:42:04:ff:0e:81:b8:52:be:23:8f:cb:0e:8a:bf:24:
         b3:81:3d:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpxYw0nlGe+zo4zC+asLrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMTI0MTMxMzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc4NzljYTgzNDQ1ZDkyNWM3N2QzNjZjYTU2NmNiOTNmMzI0MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWIrwZyDhrW1Y/T7tOHsxKHLWndX
pFO55MD4jWRWELCfK/+Lkx7CgrUDVXlddBNSndx9F5OUYp5doDBD3JKdaYhKKf5J
1us0zKUDCFer7SfCHUUYSzoO7T+rgB7iFmlT7JYSUgSHKZKvFjBCIpL8gQ0HANc/
4hDAnE+aYkRjqIgucSWKLHcGgBOSc2l1/14cg4WEtDgMibTAckHQardV4UIgSRBV
Td0nClcjrT0veXckEEPXGN4Z2OzeEkyWGWOGl1ycmCgbBiJ54iMTwD6A7r9s/GNH
QJnHvr2nnksH0qGnsL5o3v3O3t1kmrcKEJ/+yt5D3Fu5YFcMPYh7XyXMWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOV4ecqDRF2SXHfTZspWbLk/MkHxMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvNVhoNXlvTkVYWkpjZDlObXlsWnN1VDh5UWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+TMA0G
CSqGSIb3DQEBCwUAA4IBAQDSiHL6dOsbgjiGGhHlR4rVHHto1gILfETZawg/PP5c
Lvt4eRH6dNxav0VQpdyNhX0p3cH98RIolpX08Sg9XucTWUyXvbuTl2t8LjkVH4Xl
cd2fEtVc+XpqC+hQjhDHFkL/LIBGh1GQORr4djMEntq+NzJUnfaizP8fo8VU+4u2
yM9S5AyFZdXUhF3vyR2ygTm/xTEgT8/inQtsKiO1rf+5Wqd1W6pt8nLJ6nb3QXBe
+djJGr+Gr+RB5raqXaT0F8LNmcsj3IIYcJ4VchQqvhy4gyXRqtuO6pdK5oNEQV5l
05VM79b05iQvLhKC7gtCBP8OgbhSviOPyw6KvySzgT05
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org