Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/EhsgQf84ehwb7-kYAs-fghNrlsw.roa
File:                     EhsgQf84ehwb7-kYAs-fghNrlsw.roa (raw, json)
Hash identifier:          LhtcANu+jc9Jn2OZ5EDontq5/G90Joh0Lw0j/E/Z+K0=
Subject key identifier:   12:1B:20:41:FF:38:7A:1C:1B:EF:E9:18:02:CF:9F:82:13:6B:96:CC
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       0181D3A3FCC3CA732684FAB16340E3974CE5
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/EhsgQf84ehwb7-kYAs-fghNrlsw.roa
Signing time:             Wed 06 Jul 2022 13:12:28 +0000
ROA not before:           Wed 06 Jul 2022 13:12:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.155.233.0/24 maxlen: 24
                          185.155.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d3:a3:fc:c3:ca:73:26:84:fa:b1:63:40:e3:97:4c:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Jul  6 13:12:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=121b2041ff387a1c1befe91802cf9f82136b96cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:79:bd:e8:b3:ce:c4:e2:50:14:38:35:b7:ee:
                    57:08:bf:c7:b7:79:62:d0:13:b6:d6:1c:38:73:b0:
                    c4:1c:af:35:3f:71:bb:04:ff:7d:dc:95:3a:4f:2d:
                    c0:04:19:31:6e:52:37:a6:69:dd:54:d6:f3:24:c1:
                    44:5f:1d:2f:8d:a6:c4:e1:67:9d:e5:08:88:27:83:
                    dd:ca:b1:cb:f7:96:92:00:60:06:5e:17:d5:c5:81:
                    07:c9:2b:9c:0f:6e:f8:4f:8b:f4:be:e2:e7:d8:40:
                    b3:e1:74:dc:2c:84:f6:69:16:6c:7b:f6:d4:7c:c2:
                    45:e0:f2:0a:d5:35:2f:29:bc:5e:ee:9c:26:e4:d9:
                    6b:92:89:a0:a3:a5:67:38:4e:a4:1b:03:07:85:90:
                    66:fb:35:dd:18:e0:e2:0a:bc:19:10:a2:29:d0:53:
                    fc:07:7d:75:2e:d7:a3:ca:1b:4a:d3:1f:2d:4c:8e:
                    3f:9b:c2:f3:f1:85:ed:78:e8:cc:6c:8f:aa:e7:82:
                    bd:68:18:77:ce:f1:9e:6e:1e:3a:55:d2:83:c0:6a:
                    22:ee:46:1d:4f:e0:d8:af:61:12:42:5e:46:d8:e5:
                    f0:23:aa:fe:90:36:90:08:10:81:61:e2:41:b1:e8:
                    74:77:1a:86:c8:e1:ca:1d:ca:24:39:57:f6:08:10:
                    af:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1B:20:41:FF:38:7A:1C:1B:EF:E9:18:02:CF:9F:82:13:6B:96:CC
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/EhsgQf84ehwb7-kYAs-fghNrlsw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bb:73:44:8f:02:9f:7e:f9:8b:84:ad:59:40:89:41:c6:a9:3b:
         c6:d0:68:cf:b0:43:9a:87:ec:e5:af:58:74:be:09:c5:36:61:
         02:1c:dc:2e:b0:65:71:99:de:06:dc:e3:29:81:a9:35:06:07:
         f4:25:b5:6a:b9:20:8b:07:ef:ff:b8:b8:ae:96:a0:aa:1d:67:
         0c:94:ae:52:e4:9b:9a:b4:e0:a3:0c:a0:79:f7:d4:51:34:b2:
         6a:74:95:50:ec:8b:95:07:b3:37:4c:49:12:a2:65:c5:a7:c9:
         54:a1:7f:c5:d6:b9:2f:8a:0e:40:0c:79:4f:e7:2c:8d:95:cc:
         5e:54:5b:0f:8a:1a:9b:03:a5:2d:78:b9:ca:10:cb:1d:21:0f:
         d5:07:dd:20:31:56:86:84:1f:17:32:88:cc:e8:ae:41:67:78:
         68:7b:01:88:a7:89:c6:80:a7:ec:30:23:cb:36:44:9c:16:60:
         bc:97:5e:ae:f6:fb:90:5d:72:9d:44:64:9a:4b:1a:0c:45:eb:
         d6:0d:b2:64:ca:5c:fc:20:04:07:f7:63:e4:6b:bb:e8:0e:e8:
         95:16:6f:84:50:02:b6:03:58:d4:e4:c0:9d:70:cc:f3:cf:1f:
         ca:8d:92:7e:93:89:08:19:7d:df:c8:17:56:83:c0:35:80:e6:
         58:4f:81:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHTo/zDynMmhPqxY0Djl0zlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjIwNzA2MTMxMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFiMjA0MWZmMzg3YTFjMWJlZmU5MTgwMmNmOWY4MjEzNmI5NmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnm96LPOxOJQFDg1t+5XCL/Ht3li
0BO21hw4c7DEHK81P3G7BP993JU6Ty3ABBkxblI3pmndVNbzJMFEXx0vjabE4Wed
5QiIJ4PdyrHL95aSAGAGXhfVxYEHySucD274T4v0vuLn2ECz4XTcLIT2aRZse/bU
fMJF4PIK1TUvKbxe7pwm5Nlrkomgo6VnOE6kGwMHhZBm+zXdGODiCrwZEKIp0FP8
B311LtejyhtK0x8tTI4/m8Lz8YXteOjMbI+q54K9aBh3zvGebh46VdKDwGoi7kYd
T+DYr2ESQl5G2OXwI6r+kDaQCBCBYeJBseh0dxqGyOHKHcokOVf2CBCvpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIbIEH/OHocG+/pGALPn4ITa5bMMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvRWhzZ1FmODRlaHdiNy1rWUFzLWZnaE5ybHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZvoMA0G
CSqGSIb3DQEBCwUAA4IBAQC7c0SPAp9++YuErVlAiUHGqTvG0GjPsEOah+zlr1h0
vgnFNmECHNwusGVxmd4G3OMpgak1Bgf0JbVquSCLB+//uLiulqCqHWcMlK5S5Jua
tOCjDKB599RRNLJqdJVQ7IuVB7M3TEkSomXFp8lUoX/F1rkvig5ADHlP5yyNlcxe
VFsPihqbA6UteLnKEMsdIQ/VB90gMVaGhB8XMojM6K5BZ3hoewGIp4nGgKfsMCPL
NkScFmC8l16u9vuQXXKdRGSaSxoMRevWDbJkylz8IAQH92Pka7voDuiVFm+EUAK2
A1jU5MCdcMzzzx/KjZJ+k4kIGX3fyBdWg8A1gOZYT4FI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:51 2024 by rpki-client on console-fra.rpki-client.org