Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/9WyFGfBnQrf8nWjXT6_ZQpKysJ4.roa
File:                     9WyFGfBnQrf8nWjXT6_ZQpKysJ4.roa (raw, json)
Hash identifier:          U5j7anXPd6lEKvkY/CT3cmlsQkJODB/2yCpXpWKQS5I=
Subject key identifier:   F5:6C:85:19:F0:67:42:B7:FC:9D:68:D7:4F:AF:D9:42:92:B2:B0:9E
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       01842FA1E6A8228CEADE992DCE07AF6A015F
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/9WyFGfBnQrf8nWjXT6_ZQpKysJ4.roa
Signing time:             Mon 31 Oct 2022 20:00:50 +0000
ROA not before:           Mon 31 Oct 2022 20:00:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208911
IP address blocks:        185.232.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2f:a1:e6:a8:22:8c:ea:de:99:2d:ce:07:af:6a:01:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: Oct 31 20:00:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f56c8519f06742b7fc9d68d74fafd94292b2b09e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a8:15:2d:97:40:13:fc:1e:dc:f3:80:da:dd:
                    c2:83:44:f6:d4:01:43:5f:44:99:b6:a4:44:32:f5:
                    a7:11:d2:a9:66:e5:74:12:7b:11:e1:60:bb:31:c3:
                    5d:8c:23:94:e5:ff:75:86:d0:b9:ce:8e:1e:4e:f7:
                    b1:32:bb:b7:a7:ac:bf:76:63:0c:03:ff:0e:49:d0:
                    41:0b:4b:7b:6f:f4:a9:7b:bc:bd:db:9f:25:c9:8c:
                    99:2e:b3:8e:ca:6a:17:d8:54:41:98:b6:45:54:30:
                    e1:cb:7b:ca:3d:e4:44:d3:04:ae:27:83:04:33:a8:
                    b3:41:6d:7e:2e:4f:e0:31:c9:b4:55:57:58:7c:ac:
                    87:df:54:fd:56:ee:80:b4:4c:d4:e9:56:c6:bf:dc:
                    2b:3a:b8:be:f9:c1:92:76:24:8c:7d:8f:ba:d1:e6:
                    76:74:6b:af:9a:f4:9c:bf:2b:ed:a2:7a:73:3a:5a:
                    b9:72:01:59:f8:cb:7f:f2:e4:b7:56:c0:4f:88:18:
                    42:7b:ff:a0:d3:33:97:d5:5a:7d:5e:00:0f:5b:5a:
                    be:38:3d:c3:02:78:58:9c:ec:3b:59:c8:f5:f3:35:
                    7e:0d:cf:82:1c:e1:56:79:4d:2e:15:20:fd:de:7d:
                    51:fd:81:fe:0f:a9:36:ab:3f:8a:32:75:61:39:71:
                    d5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:6C:85:19:F0:67:42:B7:FC:9D:68:D7:4F:AF:D9:42:92:B2:B0:9E
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/9WyFGfBnQrf8nWjXT6_ZQpKysJ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:f6:3f:26:ce:98:76:74:5f:f3:9a:4e:f8:29:54:e4:1d:ef:
         e2:23:32:f6:26:9b:34:50:23:07:66:76:6b:51:3a:37:73:ba:
         c1:09:ba:75:5b:b0:c9:4c:a8:05:1e:73:49:8d:6f:ed:8a:e5:
         de:9a:44:03:66:15:5e:8e:5c:10:58:44:14:77:79:d1:81:76:
         4f:40:23:6d:6a:17:0c:6b:e9:7f:05:c0:c7:ad:90:69:94:97:
         44:b0:26:59:52:df:08:1f:08:8f:63:cd:a7:fe:61:73:3c:d2:
         08:c2:d8:8a:3c:2b:4d:77:87:15:da:1f:86:28:49:f5:53:72:
         2a:3e:5c:0e:3f:9a:30:b1:5a:6b:c4:c1:85:7b:24:a8:7f:99:
         1c:24:86:2b:09:cc:6a:0f:ed:dc:ab:b6:94:dc:6d:2c:ca:f3:
         2d:b7:4c:1e:d9:a1:e6:df:81:6b:23:82:13:da:d8:a3:fa:eb:
         86:c4:0f:f0:c0:ad:a5:3f:da:ac:c5:08:85:16:b2:8b:7d:25:
         71:13:c4:05:1c:34:39:3d:d3:55:80:b3:59:2e:da:61:87:2e:
         4c:44:f8:06:ac:85:ae:40:c9:94:fb:e5:13:20:a6:0b:68:63:
         20:4b:f0:6c:86:ca:cb:14:3d:81:c6:d5:47:75:d9:36:e1:32:
         06:4c:7c:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQvoeaoIozq3pktzgevagFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjIxMDMxMjAwMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTZjODUxOWYwNjc0MmI3ZmM5ZDY4ZDc0ZmFmZDk0MjkyYjJiMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKgVLZdAE/we3POA2t3Cg0T21AFD
X0SZtqREMvWnEdKpZuV0EnsR4WC7McNdjCOU5f91htC5zo4eTvexMru3p6y/dmMM
A/8OSdBBC0t7b/Spe7y9258lyYyZLrOOymoX2FRBmLZFVDDhy3vKPeRE0wSuJ4ME
M6izQW1+Lk/gMcm0VVdYfKyH31T9Vu6AtEzU6VbGv9wrOri++cGSdiSMfY+60eZ2
dGuvmvScvyvtonpzOlq5cgFZ+Mt/8uS3VsBPiBhCe/+g0zOX1Vp9XgAPW1q+OD3D
AnhYnOw7Wcj18zV+Dc+CHOFWeU0uFSD93n1R/YH+D6k2qz+KMnVhOXHVXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVshRnwZ0K3/J1o10+v2UKSsrCeMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEvOVd5RkdmQm5RcmY4bldqWFQ2X1pRcEt5c0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejPMA0G
CSqGSIb3DQEBCwUAA4IBAQBm9j8mzph2dF/zmk74KVTkHe/iIzL2Jps0UCMHZnZr
UTo3c7rBCbp1W7DJTKgFHnNJjW/tiuXemkQDZhVejlwQWEQUd3nRgXZPQCNtahcM
a+l/BcDHrZBplJdEsCZZUt8IHwiPY82n/mFzPNIIwtiKPCtNd4cV2h+GKEn1U3Iq
PlwOP5owsVprxMGFeySof5kcJIYrCcxqD+3cq7aU3G0syvMtt0we2aHm34FrI4IT
2tij+uuGxA/wwK2lP9qsxQiFFrKLfSVxE8QFHDQ5PdNVgLNZLtphhy5MRPgGrIWu
QMmU++UTIKYLaGMgS/BshsrLFD2BxtVHddk24TIGTHxj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:54 2024 by rpki-client on console-fra.rpki-client.org