Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/sgyPppVMxUiJwHVBC1GE--JiWcQ.roa
File:                     sgyPppVMxUiJwHVBC1GE--JiWcQ.roa (raw, json)
Hash identifier:          OTk/iqXy9RwQ3wc8uOnFh+yaLrbwVfrI3xvYpsDZFzg=
Subject key identifier:   B2:0C:8F:A6:95:4C:C5:48:89:C0:75:41:0B:51:84:FB:E2:62:59:C4
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0182438F5CE4D366C2D2F27BCC39363A6C48
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/sgyPppVMxUiJwHVBC1GE--JiWcQ.roa
Signing time:             Thu 28 Jul 2022 06:47:24 +0000
ROA not before:           Thu 28 Jul 2022 06:47:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397423
IP address blocks:        185.53.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:43:8f:5c:e4:d3:66:c2:d2:f2:7b:cc:39:36:3a:6c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Jul 28 06:47:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b20c8fa6954cc54889c075410b5184fbe26259c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ac:b1:ef:09:ad:7e:e7:ce:e8:3c:ac:b8:49:
                    5b:64:df:ee:d1:19:71:c9:6b:3f:83:80:9c:55:76:
                    55:18:0e:ed:93:45:05:c7:d3:ee:71:06:59:fa:c3:
                    20:92:0a:07:c4:24:d3:04:a2:21:4c:9e:c2:36:f8:
                    58:44:ec:67:54:b0:e1:28:5a:14:af:72:09:a4:c9:
                    b7:d8:6e:60:d3:ac:32:b4:d5:36:40:56:04:8a:23:
                    3e:70:55:9b:49:f8:fa:d1:f3:d2:56:8f:62:97:62:
                    2c:27:2a:b0:f0:97:c6:41:be:e0:c8:b6:f5:0d:91:
                    cc:eb:71:e2:31:57:e8:f0:e7:2a:83:7b:a9:1e:1c:
                    2a:85:87:1e:3f:8a:cc:5e:45:e2:24:fd:61:5e:64:
                    48:bb:f8:cb:ee:4c:e0:26:3d:b8:8f:e3:34:33:c6:
                    4b:3c:31:08:1b:f0:a4:07:77:fd:af:83:40:91:1c:
                    16:a7:7f:f2:65:58:83:10:11:46:cb:69:dd:53:e6:
                    36:6f:e0:12:69:aa:dd:b0:5d:3b:48:d0:0d:33:4f:
                    40:f1:af:ef:c4:ca:c4:58:a1:26:3e:03:d1:a6:b9:
                    46:e6:a3:e0:e4:de:18:1c:29:58:6d:08:92:6f:a3:
                    ea:12:fe:57:5a:64:08:b8:c8:e7:cd:ad:d7:13:21:
                    0a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:0C:8F:A6:95:4C:C5:48:89:C0:75:41:0B:51:84:FB:E2:62:59:C4
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/sgyPppVMxUiJwHVBC1GE--JiWcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.53.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:5b:bf:51:0e:91:c2:62:4b:9a:53:8a:36:2c:5d:7b:4c:ed:
         a6:c1:43:c3:47:ac:59:24:9e:d3:ce:27:4c:cd:e7:35:16:27:
         cd:d2:73:98:26:7d:5d:75:c7:61:de:30:e2:0c:3b:f4:55:40:
         78:1e:bc:11:1d:13:7a:63:56:df:03:33:ad:37:a5:87:5c:2a:
         6d:01:5f:56:c3:81:a3:4b:29:7a:ee:34:ee:16:34:33:eb:e5:
         3b:75:e5:74:e9:84:81:4f:bc:01:fd:69:95:d1:91:c9:cb:05:
         f8:64:10:c6:c3:2c:97:9c:20:d1:8c:76:a3:2d:d2:8e:cf:93:
         ca:e8:5a:f4:8e:25:e9:9e:21:88:b6:a8:81:19:6d:ad:2a:84:
         78:56:e0:c8:54:2e:1f:9d:98:9d:67:bf:00:1d:89:b9:32:7e:
         2d:0c:8d:97:d2:47:fa:38:40:29:e3:00:6c:70:36:87:2a:a1:
         1b:bf:9a:49:f0:fc:a5:da:6f:65:92:4b:8d:0e:14:de:f7:3c:
         2d:7b:76:f0:67:fb:cd:85:be:a8:1c:ae:97:77:8a:31:93:e3:
         2b:e2:c6:7d:ba:c6:db:e6:2b:a6:1d:33:12:3a:7e:76:b4:95:
         be:56:d7:70:05:c6:83:45:44:e1:f2:0d:c9:dc:9a:2a:ce:5e:
         3c:3f:9f:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJDj1zk02bC0vJ7zDk2OmxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIwNzI4MDY0NzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBjOGZhNjk1NGNjNTQ4ODljMDc1NDEwYjUxODRmYmUyNjI1OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuayx7wmtfufO6DysuElbZN/u0Rlx
yWs/g4CcVXZVGA7tk0UFx9PucQZZ+sMgkgoHxCTTBKIhTJ7CNvhYROxnVLDhKFoU
r3IJpMm32G5g06wytNU2QFYEiiM+cFWbSfj60fPSVo9il2IsJyqw8JfGQb7gyLb1
DZHM63HiMVfo8Ocqg3upHhwqhYceP4rMXkXiJP1hXmRIu/jL7kzgJj24j+M0M8ZL
PDEIG/CkB3f9r4NAkRwWp3/yZViDEBFGy2ndU+Y2b+ASaardsF07SNANM09A8a/v
xMrEWKEmPgPRprlG5qPg5N4YHClYbQiSb6PqEv5XWmQIuMjnza3XEyEK6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIMj6aVTMVIicB1QQtRhPviYlnEMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvc2d5UHBwVk14VWlKd0hWQkMxR0UtLUppV2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTXRMA0G
CSqGSIb3DQEBCwUAA4IBAQDXW79RDpHCYkuaU4o2LF17TO2mwUPDR6xZJJ7TzidM
zec1FifN0nOYJn1ddcdh3jDiDDv0VUB4HrwRHRN6Y1bfAzOtN6WHXCptAV9Ww4Gj
Syl67jTuFjQz6+U7deV06YSBT7wB/WmV0ZHJywX4ZBDGwyyXnCDRjHajLdKOz5PK
6Fr0jiXpniGItqiBGW2tKoR4VuDIVC4fnZidZ78AHYm5Mn4tDI2X0kf6OEAp4wBs
cDaHKqEbv5pJ8Pyl2m9lkkuNDhTe9zwte3bwZ/vNhb6oHK6Xd4oxk+Mr4sZ9usbb
5iumHTMSOn52tJW+VtdwBcaDRUTh8g3J3Joqzl48P5+n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org