Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/MdzdKQSAr0hP8RxHNSACYq5Rawk.roa
File:                     MdzdKQSAr0hP8RxHNSACYq5Rawk.roa (raw, json)
Hash identifier:          XxwqYJY8TJ5ax3ngK2nXq5/YpeDNPTxVH7HWeG+Q6BQ=
Subject key identifier:   31:DC:DD:29:04:80:AF:48:4F:F1:1C:47:35:20:02:62:AE:51:6B:09
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0185676EEFC17C3742EA3EC3F6256013B218
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/MdzdKQSAr0hP8RxHNSACYq5Rawk.roa
Signing time:             Sat 31 Dec 2022 09:06:41 +0000
ROA not before:           Sat 31 Dec 2022 09:06:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12400
IP address blocks:        83.229.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:67:6e:ef:c1:7c:37:42:ea:3e:c3:f6:25:60:13:b2:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Dec 31 09:06:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31dcdd290480af484ff11c4735200262ae516b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:81:f4:54:16:88:5d:ab:d2:a4:3e:4e:90:ca:
                    2d:67:06:ab:12:c1:bf:26:bb:0b:9c:51:02:63:c9:
                    7f:24:43:7b:ab:a8:1a:75:50:04:e8:fc:bb:e1:24:
                    bf:62:02:e8:b9:ef:33:23:b5:77:30:be:24:3d:ca:
                    f9:d1:10:0b:66:06:be:fc:36:35:37:eb:14:34:7f:
                    a2:ce:af:e3:e3:f5:bd:07:e5:5b:15:da:f0:90:17:
                    df:37:f9:9d:47:b1:31:f4:3a:ae:63:d4:19:46:00:
                    01:48:64:3a:3d:f5:81:e9:ae:41:b9:bd:cb:92:bc:
                    04:f7:c8:09:06:1c:83:3b:c5:d1:51:22:4d:4b:92:
                    44:2a:48:40:0d:ec:7c:3b:df:56:2b:8e:b7:3a:be:
                    40:5c:dc:6e:fd:81:79:9c:e3:ef:68:c7:31:ff:7b:
                    27:43:68:b9:d2:85:ac:fb:12:1c:bb:50:65:ce:ba:
                    19:e7:7f:7f:07:a0:18:11:74:1b:89:af:d8:cf:75:
                    3f:e5:3a:50:46:61:46:7f:c1:12:a3:21:1b:28:c4:
                    2c:11:eb:1e:9b:f6:74:55:f8:a5:df:fc:14:87:d1:
                    d7:92:34:83:b7:0c:28:b9:0c:1c:0a:90:9e:f3:3c:
                    65:af:19:70:74:76:8e:2d:42:c4:1f:d4:29:94:42:
                    44:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:DC:DD:29:04:80:AF:48:4F:F1:1C:47:35:20:02:62:AE:51:6B:09
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/MdzdKQSAr0hP8RxHNSACYq5Rawk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.229.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:ed:75:d2:6f:4d:56:20:1d:b6:22:b2:e2:c8:c5:07:bd:b2:
         1d:6b:84:0f:91:9a:79:6c:24:dc:e1:91:80:0c:73:7a:9a:00:
         50:29:23:1e:96:48:6c:ad:8a:b8:26:69:4b:42:c0:17:51:3a:
         3a:d2:98:ff:63:41:32:b7:0a:61:e7:ec:95:5e:70:a9:27:69:
         33:ff:8c:a3:08:ce:5e:6e:04:3c:a4:e1:0e:ef:e3:40:75:0c:
         39:57:57:70:52:20:39:91:03:6e:ef:78:64:66:f8:3e:98:49:
         8b:76:4d:c5:9f:81:b9:e8:9f:35:f7:cd:a8:75:7d:19:5b:d9:
         d6:64:a6:54:1d:82:55:b9:6f:d6:83:d6:a0:92:04:f7:70:61:
         88:8c:0e:10:d5:11:09:5f:05:0c:00:22:9f:be:ce:bd:43:44:
         a4:fd:49:a3:e3:94:c7:8e:e0:11:15:55:0c:ae:3e:9e:5f:ba:
         0d:f3:f2:0a:cb:7b:c2:ac:fc:60:3d:79:97:2d:bf:65:60:41:
         b2:74:70:7f:22:27:a9:d8:c9:57:f6:81:71:60:54:74:08:e7:
         09:5d:9a:41:e5:ea:ce:c8:af:e0:72:cd:4e:9a:c5:74:92:2d:
         c2:7c:01:b2:52:d0:3f:19:20:81:38:63:f3:4f:72:17:f8:7a:
         ba:6c:2c:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVnbu/BfDdC6j7D9iVgE7IYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIxMjMxMDkwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWRjZGQyOTA0ODBhZjQ4NGZmMTFjNDczNTIwMDI2MmFlNTE2YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoH0VBaIXavSpD5OkMotZwarEsG/
JrsLnFECY8l/JEN7q6gadVAE6Py74SS/YgLoue8zI7V3ML4kPcr50RALZga+/DY1
N+sUNH+izq/j4/W9B+VbFdrwkBffN/mdR7Ex9DquY9QZRgABSGQ6PfWB6a5Bub3L
krwE98gJBhyDO8XRUSJNS5JEKkhADex8O99WK463Or5AXNxu/YF5nOPvaMcx/3sn
Q2i50oWs+xIcu1BlzroZ539/B6AYEXQbia/Yz3U/5TpQRmFGf8ESoyEbKMQsEese
m/Z0Vfil3/wUh9HXkjSDtwwouQwcCpCe8zxlrxlwdHaOLULEH9QplEJEvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHc3SkEgK9IT/EcRzUgAmKuUWsJMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvTWR6ZEtRU0FyMGhQOFJ4SE5TQUNZcTVSYXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU+VKMA0G
CSqGSIb3DQEBCwUAA4IBAQAz7XXSb01WIB22IrLiyMUHvbIda4QPkZp5bCTc4ZGA
DHN6mgBQKSMelkhsrYq4JmlLQsAXUTo60pj/Y0Eytwph5+yVXnCpJ2kz/4yjCM5e
bgQ8pOEO7+NAdQw5V1dwUiA5kQNu73hkZvg+mEmLdk3Fn4G56J81982odX0ZW9nW
ZKZUHYJVuW/Wg9agkgT3cGGIjA4Q1REJXwUMACKfvs69Q0Sk/Umj45THjuARFVUM
rj6eX7oN8/IKy3vCrPxgPXmXLb9lYEGydHB/Iiep2MlX9oFxYFR0COcJXZpB5erO
yK/gcs1OmsV0ki3CfAGyUtA/GSCBOGPzT3IX+Hq6bCwE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:32 2024 by rpki-client on console-fra.rpki-client.org