Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/3e2077-bc10-4621-ab0b-dba4c9b8706b/1/YfueCC7pUL_zuKeaRyUu1KEX5ng.roa
File:                     YfueCC7pUL_zuKeaRyUu1KEX5ng.roa (raw, json)
Hash identifier:          bNT0OUmUgbbAwM2T3EUvQAxOHtOMFSnzJRORr2igb3Q=
Subject key identifier:   61:FB:9E:08:2E:E9:50:BF:F3:B8:A7:9A:47:25:2E:D4:A1:17:E6:78
Certificate issuer:       /CN=89554780db25b243c0a2d361979b130a7f13c60d
Certificate serial:       01837669CACE5CAE38F89A62DB955EB70F50
Authority key identifier: 89:55:47:80:DB:25:B2:43:C0:A2:D3:61:97:9B:13:0A:7F:13:C6:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iVVHgNslskPAotNhl5sTCn8Txg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/3e2077-bc10-4621-ab0b-dba4c9b8706b/1/YfueCC7pUL_zuKeaRyUu1KEX5ng.roa
Signing time:             Sun 25 Sep 2022 20:49:48 +0000
ROA not before:           Sun 25 Sep 2022 20:49:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28878
IP address blocks:        185.75.156.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:76:69:ca:ce:5c:ae:38:f8:9a:62:db:95:5e:b7:0f:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89554780db25b243c0a2d361979b130a7f13c60d
        Validity
            Not Before: Sep 25 20:49:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61fb9e082ee950bff3b8a79a47252ed4a117e678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:10:15:7f:50:62:a4:dc:77:a1:aa:6a:c0:ce:
                    27:f5:28:0c:ab:72:e3:42:46:ec:39:0a:69:6c:22:
                    50:a6:9d:65:ab:8a:01:e5:cb:68:cd:94:f9:84:f8:
                    4e:0a:ea:26:19:8c:3b:e9:dc:2e:b5:13:17:9b:5a:
                    c7:be:e1:ac:f2:33:dc:f5:80:1a:e8:ff:36:74:95:
                    4c:f0:f7:f5:01:8f:74:24:d6:6d:91:4b:33:1b:39:
                    16:11:ee:d5:4d:3f:6d:f4:04:ae:af:48:b5:fa:37:
                    89:5c:0a:cd:2e:e4:d2:1c:cc:e9:3f:c2:13:d8:d1:
                    0f:cd:73:5f:8b:af:ee:a8:4b:df:eb:fc:93:30:9d:
                    1b:a3:95:08:c6:e1:4e:1c:c0:54:f2:65:b5:c9:39:
                    47:45:b9:ee:9a:e2:17:f4:82:fa:21:7e:f6:d6:0b:
                    b6:19:6b:dc:70:c9:b0:91:43:76:f4:3e:80:37:0d:
                    9c:bc:98:1c:6d:9c:0b:1b:e1:7d:67:5d:1e:ee:4b:
                    ea:b5:0e:3b:fe:a9:3e:2f:ed:10:ca:fa:18:40:a5:
                    0c:ad:cd:c7:ce:0e:c6:09:ee:b7:45:94:24:1c:e2:
                    24:2b:38:cb:5c:d4:ce:94:10:3e:be:25:c5:9a:a4:
                    fc:47:c5:20:fa:ad:b8:17:67:c2:f8:21:92:a5:eb:
                    50:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FB:9E:08:2E:E9:50:BF:F3:B8:A7:9A:47:25:2E:D4:A1:17:E6:78
            X509v3 Authority Key Identifier:
                keyid:89:55:47:80:DB:25:B2:43:C0:A2:D3:61:97:9B:13:0A:7F:13:C6:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iVVHgNslskPAotNhl5sTCn8Txg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3e2077-bc10-4621-ab0b-dba4c9b8706b/1/YfueCC7pUL_zuKeaRyUu1KEX5ng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/3e2077-bc10-4621-ab0b-dba4c9b8706b/1/iVVHgNslskPAotNhl5sTCn8Txg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7e:ff:58:2d:ec:1b:47:fb:d2:d7:d1:4a:24:ea:5a:cc:8d:f0:
         23:b0:11:21:7e:55:6e:71:cf:42:87:19:a9:c5:3d:74:13:53:
         8b:13:57:a0:91:f3:07:79:ee:4c:de:ec:08:ce:d8:de:42:aa:
         ef:71:ea:a2:1f:91:ec:06:e8:12:1b:6f:d3:e8:13:a3:b6:f7:
         1d:5d:37:01:0a:02:84:ef:d5:05:8b:41:de:a0:21:8f:53:e3:
         a8:47:a9:41:eb:76:c3:66:01:b5:03:94:ff:85:18:d1:9e:82:
         ff:da:cc:78:a8:9e:b5:f2:59:31:54:31:09:40:00:f8:18:ad:
         b5:1f:93:96:5a:28:55:2d:62:ec:f3:3f:30:90:8d:5e:7e:1e:
         74:bc:23:c2:4b:64:39:ce:cf:d3:ff:36:a5:46:d6:5f:9a:7f:
         4d:72:62:75:72:b0:da:ab:66:4b:c6:8a:37:e8:ca:83:23:5a:
         95:ee:e3:82:a0:5c:82:52:55:b6:03:28:80:33:03:81:73:e8:
         4d:cb:f0:29:57:e9:01:52:3d:34:ea:01:f2:8a:35:58:f6:19:
         08:9a:0a:51:2e:b7:c3:f9:05:04:a0:34:64:d8:05:cb:2f:b8:
         da:33:f0:30:0d:ab:d4:93:26:1f:6c:f6:a7:03:8a:cb:8e:5d:
         e9:8d:f5:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN2acrOXK44+Jpi25Vetw9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NTU0NzgwZGIyNWIyNDNjMGEyZDM2MTk3OWIxMzBhN2Yx
M2M2MGQwHhcNMjIwOTI1MjA0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZiOWUwODJlZTk1MGJmZjNiOGE3OWE0NzI1MmVkNGExMTdlNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRAVf1BipNx3oapqwM4n9SgMq3Lj
QkbsOQppbCJQpp1lq4oB5ctozZT5hPhOCuomGYw76dwutRMXm1rHvuGs8jPc9YAa
6P82dJVM8Pf1AY90JNZtkUszGzkWEe7VTT9t9ASur0i1+jeJXArNLuTSHMzpP8IT
2NEPzXNfi6/uqEvf6/yTMJ0bo5UIxuFOHMBU8mW1yTlHRbnumuIX9IL6IX721gu2
GWvccMmwkUN29D6ANw2cvJgcbZwLG+F9Z10e7kvqtQ47/qk+L+0QyvoYQKUMrc3H
zg7GCe63RZQkHOIkKzjLXNTOlBA+viXFmqT8R8Ug+q24F2fC+CGSpetQLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGH7nggu6VC/87inmkclLtShF+Z4MB8GA1UdIwQY
MBaAFIlVR4DbJbJDwKLTYZebEwp/E8YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVZWSGdOc2xza1BBb3ROaGw1c1RDbjhUeGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zZTIwNzctYmMxMC00NjIxLWFiMGIt
ZGJhNGM5Yjg3MDZiLzEvWWZ1ZUNDN3BVTF96dUtlYVJ5VXUxS0VYNW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zZTIwNzctYmMxMC00NjIxLWFiMGItZGJhNGM5Yjg3MDZi
LzEvaVZWSGdOc2xza1BBb3ROaGw1c1RDbjhUeGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUucMA0G
CSqGSIb3DQEBCwUAA4IBAQB+/1gt7BtH+9LX0Uok6lrMjfAjsBEhflVucc9Chxmp
xT10E1OLE1egkfMHee5M3uwIztjeQqrvceqiH5HsBugSG2/T6BOjtvcdXTcBCgKE
79UFi0HeoCGPU+OoR6lB63bDZgG1A5T/hRjRnoL/2sx4qJ618lkxVDEJQAD4GK21
H5OWWihVLWLs8z8wkI1efh50vCPCS2Q5zs/T/zalRtZfmn9NcmJ1crDaq2ZLxoo3
6MqDI1qV7uOCoFyCUlW2AyiAMwOBc+hNy/ApV+kBUj006gHyijVY9hkImgpRLrfD
+QUEoDRk2AXLL7jaM/AwDavUkyYfbPanA4rLjl3pjfXi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:19 2024 by rpki-client on console-fra.rpki-client.org