Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa
File:                     yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa (raw, json)
Hash identifier:          Pk37ItECyAaL5DQd33spf2oTWwwjfyo8th8AzNIYF1U=
Subject key identifier:   C9:2D:32:07:47:09:DA:17:42:61:C5:66:51:1B:65:11:83:92:3F:23
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       01828399F6F8109B83C68A790136B3324DC4
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa
Signing time:             Tue 09 Aug 2022 17:14:41 +0000
ROA not before:           Tue 09 Aug 2022 17:14:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        185.191.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:83:99:f6:f8:10:9b:83:c6:8a:79:01:36:b3:32:4d:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Aug  9 17:14:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c92d32074709da174261c566511b651183923f23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d9:74:36:c5:ab:75:5c:ea:e0:eb:68:f9:32:
                    75:c0:22:99:34:d8:b0:8f:86:f6:d7:49:97:be:79:
                    94:da:c8:ea:0a:5a:04:02:42:95:37:3e:11:58:e1:
                    d0:00:c1:64:dc:4e:b7:c9:5f:4d:10:71:43:d6:d5:
                    71:9b:16:b4:b9:b1:7d:13:72:22:34:60:d8:9e:4e:
                    2e:84:b0:3b:18:d7:4a:d3:50:60:65:60:5d:f1:df:
                    58:f5:4d:1a:1e:69:76:6f:88:77:53:b9:7d:56:7a:
                    a4:ea:c7:d4:d2:24:e7:13:b8:58:99:82:af:6b:24:
                    c8:5b:76:81:13:a6:0d:b7:04:01:ac:42:98:d2:90:
                    dc:bd:9f:f8:c5:be:8d:1d:d3:39:b3:f4:65:fa:4e:
                    65:5e:39:e4:89:9a:73:2d:d4:4b:65:d5:a5:4a:ab:
                    38:31:d8:1f:b9:e7:c6:20:df:d7:b5:4c:2b:67:b4:
                    e6:b3:43:3d:da:02:61:7c:f0:b9:60:1a:f6:23:20:
                    80:5b:e5:59:23:45:cc:40:bd:57:f5:fc:4a:8a:b8:
                    46:db:c0:71:b2:86:53:5f:9c:ca:1b:bf:46:ef:f1:
                    aa:d0:5d:4f:be:46:96:0a:a7:b4:6f:a4:f2:b9:f9:
                    51:95:d8:e8:98:c0:90:8d:39:36:27:ee:c9:22:fd:
                    83:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2D:32:07:47:09:DA:17:42:61:C5:66:51:1B:65:11:83:92:3F:23
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/yS0yB0cJ2hdCYcVmURtlEYOSPyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:63:ec:b8:e8:9b:49:69:08:fb:ab:b6:b8:c3:94:dd:71:c0:
         ac:2d:45:d5:60:c1:0c:c7:66:a1:73:bc:63:70:29:31:59:56:
         dc:22:6c:4a:16:4b:6c:ca:60:2f:3d:1d:ea:0b:d7:8f:95:e4:
         3b:47:81:c7:c1:35:32:ac:3b:3c:f9:f7:05:d5:82:40:cd:0a:
         8a:de:8c:29:74:45:fb:0f:71:d5:c2:69:38:98:8a:88:8c:bc:
         13:09:2d:fd:c1:c7:72:e6:f3:d2:ce:d6:fe:eb:6d:06:c3:61:
         08:c5:a8:b1:29:93:4e:70:ab:18:f1:f9:c5:83:2b:09:72:aa:
         57:30:f7:65:29:23:1b:fc:13:35:f3:86:5b:82:e8:10:9e:2a:
         c4:49:16:38:d5:b7:4d:6f:9a:fa:f4:cb:48:f1:1b:a0:80:fe:
         a5:c6:81:24:52:ac:aa:db:71:40:14:42:1e:2a:9d:0d:16:10:
         bf:eb:28:e7:5c:73:8c:37:e6:c0:f5:16:ce:4e:15:31:52:e7:
         7c:d3:22:e5:48:d3:84:21:41:b9:11:ba:25:c1:7b:81:42:c1:
         a0:08:93:5c:4a:5d:29:e9:ac:51:9b:8b:d1:8a:d6:be:5b:c4:
         dd:1f:62:f7:60:36:b4:19:a5:7c:1d:a6:91:a3:ab:70:70:5e:
         aa:33:63:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKDmfb4EJuDxop5ATazMk3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIwODA5MTcxNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkMzIwNzQ3MDlkYTE3NDI2MWM1NjY1MTFiNjUxMTgzOTIzZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNl0NsWrdVzq4Oto+TJ1wCKZNNiw
j4b210mXvnmU2sjqCloEAkKVNz4RWOHQAMFk3E63yV9NEHFD1tVxmxa0ubF9E3Ii
NGDYnk4uhLA7GNdK01BgZWBd8d9Y9U0aHml2b4h3U7l9Vnqk6sfU0iTnE7hYmYKv
ayTIW3aBE6YNtwQBrEKY0pDcvZ/4xb6NHdM5s/Rl+k5lXjnkiZpzLdRLZdWlSqs4
MdgfuefGIN/XtUwrZ7Tms0M92gJhfPC5YBr2IyCAW+VZI0XMQL1X9fxKirhG28Bx
soZTX5zKG79G7/Gq0F1PvkaWCqe0b6TyuflRldjomMCQjTk2J+7JIv2D7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMktMgdHCdoXQmHFZlEbZRGDkj8jMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEveVMweUIwY0oyaGRDWWNWbVVSdGxFWU9TUHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQA0Y+y46JtJaQj7q7a4w5TdccCsLUXVYMEMx2ahc7xj
cCkxWVbcImxKFktsymAvPR3qC9ePleQ7R4HHwTUyrDs8+fcF1YJAzQqK3owpdEX7
D3HVwmk4mIqIjLwTCS39wcdy5vPSztb+620Gw2EIxaixKZNOcKsY8fnFgysJcqpX
MPdlKSMb/BM184ZbgugQnirESRY41bdNb5r69MtI8RuggP6lxoEkUqyq23FAFEIe
Kp0NFhC/6yjnXHOMN+bA9RbOThUxUud80yLlSNOEIUG5EbolwXuBQsGgCJNcSl0p
6axRm4vRita+W8TdH2L3YDa0GaV8HaaRo6twcF6qM2NI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org