Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dYJOAebiaILx4QW2IlVw8PY_7mk.roa
File:                     dYJOAebiaILx4QW2IlVw8PY_7mk.roa (raw, json)
Hash identifier:          Uvpd30kWr4wS7UHlcqxZFRHGVjc8vwC/H3hmSThSUs4=
Subject key identifier:   75:82:4E:01:E6:E2:68:82:F1:E1:05:B6:22:55:70:F0:F6:3F:EE:69
Certificate issuer:       /CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Certificate serial:       07FC7AF0
Authority key identifier: 7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dYJOAebiaILx4QW2IlVw8PY_7mk.roa
Signing time:             Sat 01 Jan 2022 01:52:44 +0000
ROA not before:           Sat 01 Jan 2022 01:52:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35369
IP address blocks:        83.164.128.0/17 maxlen: 32
                          185.121.40.0/22 maxlen: 24
                          2a00:1860::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133987056 (0x7fc7af0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
        Validity
            Not Before: Jan  1 01:52:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75824e01e6e26882f1e105b6225570f0f63fee69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9d:71:83:14:4e:3c:e7:a6:57:bf:5c:12:43:
                    28:da:d3:be:ce:a1:4b:06:45:9c:4a:13:10:70:4f:
                    8e:6e:fe:06:b3:bf:cc:47:35:55:8d:01:32:16:d5:
                    69:34:c8:d1:3e:1d:12:53:be:5c:c3:1e:f2:1c:82:
                    cb:1a:9b:20:66:97:9c:c5:47:7c:3f:20:e2:9b:97:
                    2d:87:c6:43:f1:ef:3d:c9:d7:2c:6e:c5:d3:ba:61:
                    7b:fb:67:4c:2b:42:3a:a0:52:7e:ca:b4:f3:86:50:
                    23:83:38:04:94:1a:66:7c:70:e6:53:e3:ac:d7:af:
                    b1:29:71:00:36:62:5e:c5:6c:ab:54:9f:d5:71:3b:
                    aa:aa:1d:f8:8b:6c:f5:05:75:f4:54:4b:f6:3d:a9:
                    15:f7:67:7a:0e:e8:74:d1:7a:0d:32:53:f7:d0:95:
                    df:c2:b9:fd:b2:4e:ee:86:7b:80:26:8b:cd:50:60:
                    e6:e1:c0:2f:93:57:50:53:c6:48:c9:d0:5a:b7:5f:
                    9a:99:d3:4f:f9:36:f8:1a:e5:51:43:cb:36:4a:96:
                    17:7f:d4:39:94:11:e0:ea:76:bd:02:2b:0e:0d:00:
                    da:d3:0f:94:e8:91:23:10:55:99:46:7a:01:d1:cd:
                    81:76:d6:07:76:ae:17:c6:38:88:14:28:b3:17:94:
                    96:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:82:4E:01:E6:E2:68:82:F1:E1:05:B6:22:55:70:F0:F6:3F:EE:69
            X509v3 Authority Key Identifier:
                keyid:7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dYJOAebiaILx4QW2IlVw8PY_7mk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.164.128.0/17
                  185.121.40.0/22
                IPv6:
                  2a00:1860::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:ca:e9:c5:f5:f2:6f:a7:68:4b:49:99:11:a0:aa:99:1a:8a:
         36:4a:80:8c:44:27:42:03:ad:5d:b3:eb:38:25:6e:7a:24:7c:
         91:16:b5:9e:db:c6:d1:b7:7b:9c:e3:2f:d2:31:28:0e:80:04:
         84:4f:49:85:ab:cf:5d:f7:71:d0:06:c1:ad:67:2d:56:c4:71:
         06:fa:90:05:f8:92:b8:21:05:6c:a2:18:ea:a8:33:d1:a5:76:
         ea:59:a6:d5:56:ad:76:a2:37:07:90:e9:04:e9:c7:b9:f0:9f:
         a9:db:27:bd:66:3c:5c:b9:2d:9b:30:09:c3:d9:49:2a:31:5e:
         f1:ef:21:88:40:d5:c8:d3:12:eb:2a:a2:40:7e:60:7e:18:c1:
         ae:98:5b:5b:5b:4e:23:4a:42:45:cd:6f:82:59:c1:c6:fd:c6:
         39:12:2f:9c:63:d7:5f:ea:fa:48:a0:cb:50:a5:65:06:c0:a6:
         c5:b9:75:fd:63:cb:52:01:ea:16:2b:b8:d1:fd:be:35:cf:d0:
         55:09:f9:85:be:16:8f:68:f2:32:9f:4c:b5:14:3a:7e:29:6e:
         af:f9:1b:81:23:b1:47:3a:8d:b9:19:96:c5:49:bd:1e:13:3a:
         54:44:5d:dc:d3:af:47:3d:4a:f5:ff:a5:55:28:ac:e6:b3:6b:
         03:39:cf:6b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB/x68DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDY0NWU1ODRmMWVmOWE4ODFmMWZiYmM0ZDI3YTM0MjNkZTNkZmYxMB4XDTIyMDEw
MTAxNTI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU4MjRlMDFlNmUy
Njg4MmYxZTEwNWI2MjI1NTcwZjBmNjNmZWU2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2dcYMUTjznple/XBJDKNrTvs6hSwZFnEoTEHBPjm7+BrO/
zEc1VY0BMhbVaTTI0T4dElO+XMMe8hyCyxqbIGaXnMVHfD8g4puXLYfGQ/HvPcnX
LG7F07phe/tnTCtCOqBSfsq084ZQI4M4BJQaZnxw5lPjrNevsSlxADZiXsVsq1Sf
1XE7qqod+Its9QV19FRL9j2pFfdneg7odNF6DTJT99CV38K5/bJO7oZ7gCaLzVBg
5uHAL5NXUFPGSMnQWrdfmpnTT/k2+BrlUUPLNkqWF3/UOZQR4Op2vQIrDg0A2tMP
lOiRIxBVmUZ6AdHNgXbWB3auF8Y4iBQosxeUliUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR1gk4B5uJogvHhBbYiVXDw9j/uaTAfBgNVHSMEGDAWgBR9ZF5YTx75qIHx
+7xNJ6NCPePf8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZXUmVXRThlLWFpQjhmdThUU2VqUWozajNfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMGQxYzMzLTkxMTctNGExMS1iYmZlLWRiODFhMThlMjQyZS8x
L2RZSk9BZWJpYUlMeDRRVzJJbFZ3OFBZXzdtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MGQxYzMzLTkxMTctNGExMS1iYmZlLWRiODFhMThlMjQyZS8xL2ZXUmVXRThlLWFp
QjhmdThUU2VqUWozajNfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEB1OkgAMEArl5KDANBAIAAjAHAwUA
KgAYYDANBgkqhkiG9w0BAQsFAAOCAQEAJsrpxfXyb6doS0mZEaCqmRqKNkqAjEQn
QgOtXbPrOCVueiR8kRa1ntvG0bd7nOMv0jEoDoAEhE9JhavPXfdx0AbBrWctVsRx
BvqQBfiSuCEFbKIY6qgz0aV26lmm1VatdqI3B5DpBOnHufCfqdsnvWY8XLktmzAJ
w9lJKjFe8e8hiEDVyNMS6yqiQH5gfhjBrphbW1tOI0pCRc1vglnBxv3GORIvnGPX
X+r6SKDLUKVlBsCmxbl1/WPLUgHqFiu40f2+Nc/QVQn5hb4Wj2jyMp9MtRQ6filu
r/kbgSOxRzqNuRmWxUm9HhM6VERd3NOvRz1K9f+lVSis5rNrAznPaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org