Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/8zgXoAqVhY4KuG-hdxXjX7amYo0.roa
File:                     8zgXoAqVhY4KuG-hdxXjX7amYo0.roa (raw, json)
Hash identifier:          To4BecKGlwqPkcRW96nPkzHvFzNk8+Q32iLv2PAjPZI=
Subject key identifier:   F3:38:17:A0:0A:95:85:8E:0A:B8:6F:A1:77:15:E3:5F:B6:A6:62:8D
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       0184BEDF621F8164EC82D4222B9DD81B086D
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/8zgXoAqVhY4KuG-hdxXjX7amYo0.roa
Signing time:             Mon 28 Nov 2022 15:33:41 +0000
ROA not before:           Mon 28 Nov 2022 15:33:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209260
IP address blocks:        185.232.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:be:df:62:1f:81:64:ec:82:d4:22:2b:9d:d8:1b:08:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: Nov 28 15:33:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f33817a00a95858e0ab86fa17715e35fb6a6628d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:25:19:e4:9d:92:b9:f7:cc:92:ab:b9:a4:35:
                    7d:88:10:56:97:e9:09:b2:0d:d1:70:43:af:eb:a6:
                    57:d4:db:11:53:d5:ca:1b:6f:c1:8d:b7:c2:74:7f:
                    45:33:63:57:c4:6a:84:6a:e2:0d:fb:55:69:8e:24:
                    01:64:e3:8d:5f:c3:a1:8f:7b:f9:8b:2d:2b:8e:88:
                    bc:a1:0d:7f:41:58:8f:92:9b:3b:29:d4:1e:73:11:
                    a2:05:bf:61:1f:8f:7a:96:d1:32:89:ad:95:ea:97:
                    38:24:63:ae:88:43:4f:3b:0a:b5:2c:17:d0:ff:d4:
                    38:b5:1a:46:7e:28:a2:68:1b:0a:91:c6:1c:50:2c:
                    21:59:3b:a4:c8:1d:76:78:d0:1a:5a:fe:3c:2b:24:
                    6f:31:8b:75:99:d9:c4:e4:81:c7:47:2e:56:59:b7:
                    a8:cb:bc:a6:41:4e:d6:e6:16:ca:82:2f:1d:44:1f:
                    22:b1:62:a6:8a:b3:b1:3e:1e:39:e7:89:de:4e:28:
                    28:8a:cf:75:95:79:7d:73:8b:48:0e:03:62:49:8e:
                    20:1a:31:6f:fd:2b:c7:86:97:da:fd:a2:ec:b5:0c:
                    1b:59:52:13:22:a5:49:e1:dc:3a:39:c6:bb:d8:a1:
                    1c:72:e7:91:ce:20:9b:a3:64:25:1b:63:5a:cd:79:
                    10:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:38:17:A0:0A:95:85:8E:0A:B8:6F:A1:77:15:E3:5F:B6:A6:62:8D
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/8zgXoAqVhY4KuG-hdxXjX7amYo0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:65:e6:10:a2:21:d3:66:91:f1:c4:dc:8c:23:c8:14:dc:73:
         93:4e:a2:8e:4e:61:93:b1:1e:11:6f:71:6e:6c:27:d1:aa:1c:
         19:16:74:ca:5c:d5:9e:59:d3:6c:34:86:63:78:2c:2e:93:6d:
         a6:be:64:20:28:66:79:7c:4a:62:04:e0:26:c8:5a:55:c0:4e:
         f9:e5:3f:d4:be:92:87:34:b9:0d:ae:7b:aa:b3:11:d5:05:1f:
         b7:09:b8:2c:ac:b5:bd:1c:28:8d:53:85:c1:fc:0d:cb:96:79:
         51:02:cf:4d:c9:62:8d:32:d6:20:4a:95:61:4d:b3:84:fb:b1:
         99:a2:86:7a:b3:d4:3f:3c:50:5a:27:44:56:17:01:04:0d:3f:
         61:66:84:fb:9a:34:81:cf:09:ce:1e:41:ab:16:a0:1c:b0:f0:
         f8:96:87:b6:50:52:d2:7a:bf:5f:38:72:8a:97:a5:5f:5c:05:
         7e:3c:78:49:d1:5c:c7:29:a0:43:7e:ae:b9:eb:2d:93:2e:65:
         3d:ef:ce:9e:ae:aa:f0:f6:e0:c4:37:71:1d:03:f4:6d:6e:e4:
         f8:0f:c2:42:78:e7:44:95:91:f0:80:7d:b3:21:fe:be:0b:d2:
         e6:e0:c4:40:ec:7a:23:84:87:3c:b3:05:71:bc:88:e9:9c:4f:
         cb:a2:f7:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+32IfgWTsgtQiK53YGwhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjIxMTI4MTUzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM4MTdhMDBhOTU4NThlMGFiODZmYTE3NzE1ZTM1ZmI2YTY2MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSUZ5J2SuffMkqu5pDV9iBBWl+kJ
sg3RcEOv66ZX1NsRU9XKG2/BjbfCdH9FM2NXxGqEauIN+1VpjiQBZOONX8Ohj3v5
iy0rjoi8oQ1/QViPkps7KdQecxGiBb9hH496ltEyia2V6pc4JGOuiENPOwq1LBfQ
/9Q4tRpGfiiiaBsKkcYcUCwhWTukyB12eNAaWv48KyRvMYt1mdnE5IHHRy5WWbeo
y7ymQU7W5hbKgi8dRB8isWKmirOxPh4554neTigois91lXl9c4tIDgNiSY4gGjFv
/SvHhpfa/aLstQwbWVITIqVJ4dw6Oca72KEccueRziCbo2QlG2NazXkQVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPM4F6AKlYWOCrhvoXcV41+2pmKNMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEvOHpnWG9BcVZoWTRLdUctaGR4WGpYN2FtWW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejOMA0G
CSqGSIb3DQEBCwUAA4IBAQCtZeYQoiHTZpHxxNyMI8gU3HOTTqKOTmGTsR4Rb3Fu
bCfRqhwZFnTKXNWeWdNsNIZjeCwuk22mvmQgKGZ5fEpiBOAmyFpVwE755T/UvpKH
NLkNrnuqsxHVBR+3CbgsrLW9HCiNU4XB/A3LlnlRAs9NyWKNMtYgSpVhTbOE+7GZ
ooZ6s9Q/PFBaJ0RWFwEEDT9hZoT7mjSBzwnOHkGrFqAcsPD4loe2UFLSer9fOHKK
l6VfXAV+PHhJ0VzHKaBDfq656y2TLmU9786erqrw9uDEN3EdA/RtbuT4D8JCeOdE
lZHwgH2zIf6+C9Lm4MRA7HojhIc8swVxvIjpnE/LovfB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org