Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/SaT086vlD9Mi_t_1md1zq5Ylp54.roa
File:                     SaT086vlD9Mi_t_1md1zq5Ylp54.roa (raw, json)
Hash identifier:          ZDknMUU/GR4N8G/h+MvLQwB0XGTETUvillbfw10yJLI=
Subject key identifier:   49:A4:F4:F3:AB:E5:0F:D3:22:FE:DF:F5:99:DD:73:AB:96:25:A7:9E
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       0184B31557293142981C46DCF4E3E8708BC2
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/SaT086vlD9Mi_t_1md1zq5Ylp54.roa
Signing time:             Sat 26 Nov 2022 08:37:10 +0000
ROA not before:           Sat 26 Nov 2022 08:37:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.155.233.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:b3:15:57:29:31:42:98:1c:46:dc:f4:e3:e8:70:8b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Nov 26 08:37:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=49a4f4f3abe50fd322fedff599dd73ab9625a79e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:42:25:69:64:08:94:5f:66:4b:ed:6e:f9:87:
                    88:78:89:92:f8:bb:52:f1:c4:5b:aa:a9:7b:d5:db:
                    94:c1:7a:99:af:41:e8:12:b1:b7:17:bc:0c:b0:61:
                    10:2b:c3:1f:c6:97:14:b8:1f:c2:47:5c:6f:a7:21:
                    df:2b:f6:1a:56:ca:6f:3c:b1:b0:a5:26:8c:06:42:
                    50:03:c1:21:70:7a:32:08:9c:6e:bc:ac:1d:b5:df:
                    a1:c2:ba:e6:e3:28:38:bf:78:d8:50:81:72:d0:05:
                    71:7f:5d:de:6f:9b:f8:df:41:e1:73:fc:b8:e5:64:
                    c0:0a:01:5d:bf:57:6f:20:d5:2f:25:9e:4b:aa:c5:
                    46:30:30:e4:f2:ea:81:d3:b1:e0:43:58:81:e7:ee:
                    71:52:c6:44:37:7d:63:cb:9a:ed:65:f0:aa:43:7c:
                    14:97:eb:71:1b:9f:d2:33:38:a4:ce:66:ae:12:ae:
                    35:21:31:0f:81:9c:78:cf:35:07:d6:9d:1f:48:97:
                    05:e8:94:33:43:fe:4f:67:53:0a:f5:8f:96:a7:8f:
                    2a:91:41:33:7c:88:22:9a:84:87:6e:1f:91:04:cb:
                    b5:09:77:21:1f:e3:7a:46:2f:39:f9:a3:ca:4f:1c:
                    59:fe:26:1d:bb:b3:53:b6:d5:0a:ae:07:45:f3:55:
                    ad:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:A4:F4:F3:AB:E5:0F:D3:22:FE:DF:F5:99:DD:73:AB:96:25:A7:9E
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/SaT086vlD9Mi_t_1md1zq5Ylp54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:5d:a0:b2:58:02:83:9e:e1:f3:fa:2b:de:8d:52:d7:6a:b5:
         0d:5b:6a:95:23:42:02:1c:fb:9a:da:87:8f:f9:5c:e7:cc:13:
         13:49:ee:69:19:16:19:7b:a1:05:b7:41:de:df:c9:d5:ba:d7:
         43:aa:5b:5d:a6:9f:ca:5c:6e:55:9b:ae:c9:8c:fd:9b:07:32:
         9e:7e:61:02:54:5d:d6:8e:0e:fd:8f:a3:32:d9:f8:1f:7f:b6:
         ca:b9:95:bd:56:39:d1:3a:f0:37:8f:42:90:80:cb:65:62:fa:
         76:9e:96:39:53:11:56:a3:3b:ec:d9:a3:81:94:dc:f6:8e:ab:
         ba:30:a3:14:24:88:d0:f0:9f:94:4c:aa:44:26:b2:5c:84:29:
         da:4d:93:8e:26:21:47:29:a2:4c:9b:4e:64:38:15:5f:69:80:
         cd:3a:e8:3c:bd:1e:9d:b8:5a:4a:3a:70:ff:36:04:3d:22:59:
         43:d8:df:f7:1c:71:70:65:ed:70:2b:f9:8b:a8:09:1f:72:12:
         47:a0:fc:19:59:1a:14:55:7b:05:5f:a2:75:aa:63:cc:59:6a:
         e1:a8:a2:7c:4f:02:01:ba:5a:bb:f1:cb:63:ee:2f:3e:82:84:
         6e:98:cb:27:84:2a:e4:80:ff:38:01:80:85:d7:0e:68:54:f6:
         fb:be:52:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSzFVcpMUKYHEbc9OPocIvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjIxMTI2MDgzNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE0ZjRmM2FiZTUwZmQzMjJmZWRmZjU5OWRkNzNhYjk2MjVhNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEIlaWQIlF9mS+1u+YeIeImS+LtS
8cRbqql71duUwXqZr0HoErG3F7wMsGEQK8MfxpcUuB/CR1xvpyHfK/YaVspvPLGw
pSaMBkJQA8EhcHoyCJxuvKwdtd+hwrrm4yg4v3jYUIFy0AVxf13eb5v430Hhc/y4
5WTACgFdv1dvINUvJZ5LqsVGMDDk8uqB07HgQ1iB5+5xUsZEN31jy5rtZfCqQ3wU
l+txG5/SMzikzmauEq41ITEPgZx4zzUH1p0fSJcF6JQzQ/5PZ1MK9Y+Wp48qkUEz
fIgimoSHbh+RBMu1CXchH+N6Ri85+aPKTxxZ/iYdu7NTttUKrgdF81WtJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmk9POr5Q/TIv7f9Zndc6uWJaeeMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvU2FUMDg2dmxEOU1pX3RfMW1kMXpxNVlscDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvpMA0G
CSqGSIb3DQEBCwUAA4IBAQAUXaCyWAKDnuHz+ivejVLXarUNW2qVI0ICHPua2oeP
+VznzBMTSe5pGRYZe6EFt0He38nVutdDqltdpp/KXG5Vm67JjP2bBzKefmECVF3W
jg79j6My2fgff7bKuZW9VjnROvA3j0KQgMtlYvp2npY5UxFWozvs2aOBlNz2jqu6
MKMUJIjQ8J+UTKpEJrJchCnaTZOOJiFHKaJMm05kOBVfaYDNOug8vR6duFpKOnD/
NgQ9IllD2N/3HHFwZe1wK/mLqAkfchJHoPwZWRoUVXsFX6J1qmPMWWrhqKJ8TwIB
ulq78ctj7i8+goRumMsnhCrkgP84AYCF1w5oVPb7vlJf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org