Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa
File:                     NW2S5z-2-CMs77fpc4DKnoGRarc.roa (raw, json)
Hash identifier:          60FIhyqjzOEDLG/U6vlJWKKnS3Ni3ETSVIzSL2CUH8Y=
Subject key identifier:   35:6D:92:E7:3F:B6:F8:23:2C:EF:B7:E9:73:80:CA:9E:81:91:6A:B7
Certificate issuer:       /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial:       01837DB30CD01E5D32F65FDE265C339445C0
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa
Signing time:             Tue 27 Sep 2022 06:47:09 +0000
ROA not before:           Tue 27 Sep 2022 06:47:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.174.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7d:b3:0c:d0:1e:5d:32:f6:5f:de:26:5c:33:94:45:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
        Validity
            Not Before: Sep 27 06:47:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=356d92e73fb6f8232cefb7e97380ca9e81916ab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:69:17:ad:88:3a:05:53:39:6b:dc:ca:ca:f0:
                    af:88:58:3d:60:6a:84:58:58:ae:5c:37:0a:d7:1d:
                    1a:23:db:3e:20:6e:ae:e0:cd:9f:3f:64:ef:e5:a5:
                    63:5c:42:b0:63:ce:20:19:f5:49:2e:5d:49:81:30:
                    7d:c2:2c:bd:33:e4:7f:ee:4d:e6:10:d2:97:ee:d5:
                    f8:e2:fb:d8:da:b5:d1:4b:63:6c:1f:7f:e6:36:9d:
                    fa:34:a6:31:f3:2c:af:06:fc:40:98:a5:dc:e7:f4:
                    7a:c7:0a:12:b4:69:e8:30:d7:75:88:42:ae:fb:13:
                    0d:13:6e:ce:f6:e8:ba:ef:30:c7:3b:0d:67:85:39:
                    44:37:79:1f:f0:2f:9e:6f:a5:6e:9f:0b:af:74:90:
                    87:b6:17:79:fe:3c:e7:e4:2c:8c:6b:f6:52:b0:fe:
                    3a:2e:bd:1f:ee:2a:db:f8:f4:59:90:c0:5f:67:05:
                    8b:dd:9f:76:7a:53:3a:b9:13:ac:ab:da:95:20:cb:
                    de:81:cc:0b:9e:d1:8c:6d:cc:b5:e3:9f:bc:23:ed:
                    56:2c:40:78:70:6c:7d:22:42:a3:51:f6:9e:81:49:
                    1d:4d:6c:53:51:ab:bb:72:43:15:83:51:a2:70:79:
                    02:cd:da:dc:de:7e:a2:ef:ae:0a:91:b7:43:74:56:
                    4b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:6D:92:E7:3F:B6:F8:23:2C:EF:B7:E9:73:80:CA:9E:81:91:6A:B7
            X509v3 Authority Key Identifier:
                keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.174.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:d6:e0:86:c9:85:42:90:ff:a4:c8:2b:c2:76:f8:6b:fa:05:
         fc:12:3c:63:b4:44:de:1f:34:7d:70:db:ce:f3:e0:f5:3a:e1:
         2f:0b:26:67:d9:39:aa:52:22:82:4a:ba:bd:ac:78:db:ed:50:
         0a:27:68:3d:8f:52:52:36:fc:cd:d2:92:c8:90:89:d7:e4:6b:
         ce:76:1c:0a:0f:de:e8:6d:11:28:ad:b0:36:f9:8a:76:d4:ea:
         1b:ca:63:08:97:ce:2d:f7:06:43:d9:ad:78:92:86:44:0c:90:
         e5:df:57:a7:4c:f8:f0:eb:2d:e7:ef:3a:a4:aa:3e:bc:ad:f2:
         cc:69:3f:6c:e6:05:c9:10:db:ba:f9:b5:87:7e:aa:ee:d4:6d:
         6f:bb:33:cc:09:2a:4f:58:d9:44:bb:6b:1d:00:c2:19:3e:6b:
         92:2a:08:1f:77:dc:08:67:c1:ad:91:ad:52:32:a5:6b:a7:e0:
         57:63:4e:f1:6c:64:dc:7b:26:ec:16:91:ac:52:c8:d0:3b:9d:
         d0:58:7b:d7:c3:d2:d5:ea:6c:04:63:15:37:83:38:28:0b:e5:
         b3:3c:8b:9f:c7:68:ac:ec:8a:17:38:13:7e:62:bf:6d:4c:8d:
         63:07:a0:7a:b6:16:58:f1:c8:db:24:9d:77:44:3e:20:3f:2b:
         45:18:58:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN9swzQHl0y9l/eJlwzlEXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjIwOTI3MDY0NzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZkOTJlNzNmYjZmODIzMmNlZmI3ZTk3MzgwY2E5ZTgxOTE2YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmkXrYg6BVM5a9zKyvCviFg9YGqE
WFiuXDcK1x0aI9s+IG6u4M2fP2Tv5aVjXEKwY84gGfVJLl1JgTB9wiy9M+R/7k3m
ENKX7tX44vvY2rXRS2NsH3/mNp36NKYx8yyvBvxAmKXc5/R6xwoStGnoMNd1iEKu
+xMNE27O9ui67zDHOw1nhTlEN3kf8C+eb6VunwuvdJCHthd5/jzn5CyMa/ZSsP46
Lr0f7irb+PRZkMBfZwWL3Z92elM6uROsq9qVIMvegcwLntGMbcy145+8I+1WLEB4
cGx9IkKjUfaegUkdTWxTUau7ckMVg1GicHkCzdrc3n6i764KkbdDdFZLzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVtkuc/tvgjLO+36XOAyp6BkWq3MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvTlcyUzV6LTItQ01zNzdmcGM0REtub0dSYXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4pMA0G
CSqGSIb3DQEBCwUAA4IBAQBz1uCGyYVCkP+kyCvCdvhr+gX8EjxjtETeHzR9cNvO
8+D1OuEvCyZn2TmqUiKCSrq9rHjb7VAKJ2g9j1JSNvzN0pLIkInX5GvOdhwKD97o
bREorbA2+Yp21OobymMIl84t9wZD2a14koZEDJDl31enTPjw6y3n7zqkqj68rfLM
aT9s5gXJENu6+bWHfqru1G1vuzPMCSpPWNlEu2sdAMIZPmuSKggfd9wIZ8Gtka1S
MqVrp+BXY07xbGTceybsFpGsUsjQO53QWHvXw9LV6mwEYxU3gzgoC+WzPIufx2is
7IoXOBN+Yr9tTI1jB6B6thZY8cjbJJ13RD4gPytFGFjo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:27 2024 by rpki-client on console-fra.rpki-client.org