Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa
File:                     BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa (raw, json)
Hash identifier:          0OfgCY60CSk47cPKJKHAGIxgzgdjZIf4XTXv+5zg1lI=
Subject key identifier:   05:8F:1B:F9:BE:51:96:FD:11:40:98:9F:38:42:99:98:99:17:77:19
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       018424EEA8214B467CCAF3F1FEFD05D8D6D5
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa
Signing time:             Sat 29 Oct 2022 18:08:51 +0000
ROA not before:           Sat 29 Oct 2022 18:08:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        185.191.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:24:ee:a8:21:4b:46:7c:ca:f3:f1:fe:fd:05:d8:d6:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Oct 29 18:08:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=058f1bf9be5196fd1140989f3842999899177719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2d:9c:f3:39:c8:d1:6e:7a:6a:e9:66:15:44:
                    e5:fb:20:e7:58:a0:cf:bf:d3:6b:fe:67:c4:8d:1f:
                    ae:d1:c9:87:e1:59:67:4e:72:68:8c:7e:e2:37:c2:
                    45:35:8a:a6:4d:c5:5f:f5:1e:01:73:5e:56:5c:44:
                    a5:10:9a:96:2b:6d:3c:57:e5:f6:0d:43:a5:55:75:
                    99:01:34:16:a5:c2:d9:07:e3:dc:68:61:cc:1e:37:
                    87:39:60:22:97:50:b1:37:a8:2c:24:eb:76:a6:65:
                    53:15:1f:01:30:f9:e6:80:1d:c8:ec:97:b2:8d:a8:
                    4f:ed:e4:c1:fb:13:1f:16:d0:79:1e:6e:d0:a5:de:
                    7e:a7:47:62:88:a3:c5:1d:0b:98:ca:42:ae:b6:45:
                    a0:01:5e:53:76:b0:10:d4:a9:16:43:57:60:28:ca:
                    81:0a:53:ba:64:9b:e6:af:0b:8e:8a:ec:37:84:2f:
                    de:92:7a:05:11:fe:46:a9:b6:4e:5c:59:be:6f:5d:
                    fa:41:ae:f7:20:1c:2f:24:7c:e1:5f:59:a4:7d:cd:
                    c5:6e:00:c2:66:f9:fc:3a:9a:57:0e:55:26:95:44:
                    df:1f:65:b2:6c:dc:cc:b8:e7:86:b4:5d:03:59:f5:
                    e4:dc:de:56:d6:75:06:56:1b:51:c3:01:70:50:bf:
                    ba:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:8F:1B:F9:BE:51:96:FD:11:40:98:9F:38:42:99:98:99:17:77:19
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:9a:59:37:90:64:42:ba:ab:8f:bb:39:5c:ba:26:31:9c:54:
         5c:e6:2c:14:f5:2b:b8:b2:21:7e:71:75:21:fb:21:c3:6e:fa:
         09:75:7b:c0:f8:ff:0d:3e:67:82:a0:d2:b6:31:38:67:bb:fb:
         bb:fd:57:e2:04:3a:0d:19:98:64:f6:1d:1d:e8:49:a1:1c:d1:
         6e:89:5f:0b:8b:c8:26:ee:40:97:72:58:8e:43:45:48:81:52:
         3f:8d:d6:02:73:f2:76:51:9f:25:db:36:e9:ad:ee:d2:e0:68:
         88:6d:85:f7:0a:ca:6b:91:a3:56:e5:77:d2:8e:30:c8:bc:08:
         97:3d:00:b7:b2:b5:24:64:e6:c9:4d:7d:23:8b:e8:47:09:ab:
         9d:15:71:2b:70:1a:9e:37:21:3e:f4:a6:15:08:fc:38:a3:8c:
         ed:df:58:ea:0c:9d:3b:7b:eb:7b:54:a7:48:38:85:c0:14:34:
         14:17:a7:f2:59:66:92:4d:44:c4:21:d5:3f:b6:6e:14:f5:25:
         d0:91:b2:57:69:b2:46:e6:16:5f:13:0b:b5:54:42:52:5d:91:
         8b:50:25:51:6f:00:d8:8f:d0:cc:ea:0b:ef:19:bf:a2:59:0f:
         a2:0a:1f:8e:27:f8:a8:9a:31:3f:51:be:0b:53:6f:ab:53:c8:
         f0:e3:27:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQk7qghS0Z8yvPx/v0F2NbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMDI5MTgwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThmMWJmOWJlNTE5NmZkMTE0MDk4OWYzODQyOTk5ODk5MTc3NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi2c8znI0W56aulmFUTl+yDnWKDP
v9Nr/mfEjR+u0cmH4VlnTnJojH7iN8JFNYqmTcVf9R4Bc15WXESlEJqWK208V+X2
DUOlVXWZATQWpcLZB+PcaGHMHjeHOWAil1CxN6gsJOt2pmVTFR8BMPnmgB3I7Jey
jahP7eTB+xMfFtB5Hm7Qpd5+p0diiKPFHQuYykKutkWgAV5TdrAQ1KkWQ1dgKMqB
ClO6ZJvmrwuOiuw3hC/eknoFEf5GqbZOXFm+b136Qa73IBwvJHzhX1mkfc3FbgDC
Zvn8OppXDlUmlUTfH2WybNzMuOeGtF0DWfXk3N5W1nUGVhtRwwFwUL+6pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWPG/m+UZb9EUCYnzhCmZiZF3cZMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvQlk4Yi1iNVJsdjBSUUppZk9FS1ptSmtYZHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQDTmlk3kGRCuquPuzlcuiYxnFRc5iwU9Su4siF+cXUh
+yHDbvoJdXvA+P8NPmeCoNK2MThnu/u7/VfiBDoNGZhk9h0d6EmhHNFuiV8Li8gm
7kCXcliOQ0VIgVI/jdYCc/J2UZ8l2zbpre7S4GiIbYX3CsprkaNW5XfSjjDIvAiX
PQC3srUkZObJTX0ji+hHCaudFXErcBqeNyE+9KYVCPw4o4zt31jqDJ07e+t7VKdI
OIXAFDQUF6fyWWaSTUTEIdU/tm4U9SXQkbJXabJG5hZfEwu1VEJSXZGLUCVRbwDY
j9DM6gvvGb+iWQ+iCh+OJ/iomjE/Ub4LU2+rU8jw4ydS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org