Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/eUHA4c8OZjh9WdCrzbm6NHxAuhw.roa
File:                     eUHA4c8OZjh9WdCrzbm6NHxAuhw.roa (raw, json)
Hash identifier:          EhKcBWSDPs81KSGafSoYIfQlz+P90/s7jqPsrZE4hPI=
Subject key identifier:   79:41:C0:E1:CF:0E:66:38:7D:59:D0:AB:CD:B9:BA:34:7C:40:BA:1C
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       0183661CD295F31F1151C941C03B8D3E3E07
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/eUHA4c8OZjh9WdCrzbm6NHxAuhw.roa
Signing time:             Thu 22 Sep 2022 16:51:48 +0000
ROA not before:           Thu 22 Sep 2022 16:51:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210876
IP address blocks:        185.236.24.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:66:1c:d2:95:f3:1f:11:51:c9:41:c0:3b:8d:3e:3e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: Sep 22 16:51:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7941c0e1cf0e66387d59d0abcdb9ba347c40ba1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:22:14:99:8f:92:41:3f:21:cb:96:36:35:71:
                    f3:60:92:13:64:ea:56:ef:23:29:e7:8e:6f:70:d6:
                    47:3b:0d:f1:84:34:b4:e4:93:72:36:48:7e:a8:af:
                    ea:5c:8f:82:42:93:fa:f4:b9:cd:47:c6:3c:20:6e:
                    ad:56:7b:c8:ec:9c:33:55:64:3d:a0:d3:a0:2e:bd:
                    2b:b3:2c:0b:8b:14:08:f7:2a:96:2b:65:3d:7d:98:
                    3d:e7:4f:b6:73:c3:e3:42:41:44:4b:4c:e6:f9:03:
                    9b:e0:b9:7b:2c:05:45:b2:47:0e:b7:5c:8a:2c:0e:
                    ba:81:d1:d6:67:18:2e:68:02:14:93:6f:8f:2a:96:
                    26:7c:08:bf:ef:58:1c:59:61:cd:9a:61:63:3c:95:
                    7d:d1:36:4a:99:5e:bb:18:54:de:db:b4:82:3b:23:
                    30:43:33:b2:9a:58:da:b4:f7:65:24:ee:fe:eb:1b:
                    77:af:0c:8f:29:c0:07:1f:cb:4f:71:f6:6a:cb:5c:
                    d3:2c:fd:92:d7:71:4f:ed:34:06:06:eb:c7:d9:c1:
                    0a:dd:7a:75:c4:ed:a1:9e:2a:53:45:95:21:d9:d4:
                    a9:fc:09:92:67:20:f4:1e:ba:92:5b:40:08:e2:53:
                    0c:b3:81:2a:05:50:43:52:ce:d5:8c:03:11:77:21:
                    8e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:41:C0:E1:CF:0E:66:38:7D:59:D0:AB:CD:B9:BA:34:7C:40:BA:1C
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/eUHA4c8OZjh9WdCrzbm6NHxAuhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:f3:df:f7:11:86:b1:3b:c0:e0:bc:c6:d6:ed:4f:0c:e4:5a:
         7d:1e:e0:54:12:a2:0c:93:33:8d:1f:1c:5c:10:34:cb:a4:31:
         2b:b5:2a:52:c1:90:49:74:49:8f:01:63:dd:5a:af:c5:1b:52:
         bf:17:f5:39:15:0f:e5:2b:57:55:84:d8:ce:bc:e0:e2:e7:aa:
         1f:da:a0:77:bf:a8:3b:bd:4a:88:34:41:29:4f:23:46:ca:e4:
         9a:c2:a4:b9:df:25:71:1e:08:da:1c:ce:88:3e:57:75:fb:20:
         47:01:ea:bc:dd:6c:2b:ac:7c:66:e2:bb:db:85:a7:73:25:5b:
         c6:bc:6e:e3:3c:70:52:92:0a:0f:a1:c6:bb:d9:e9:ba:66:38:
         da:0e:6e:5c:a1:6a:28:fb:79:1b:f2:b4:19:3f:19:6b:a2:60:
         70:98:61:df:3d:fc:5a:c2:60:e5:0b:30:be:86:83:e5:ec:c7:
         84:a2:f3:ed:82:a7:c4:83:fb:76:19:7d:d2:2e:5f:e0:81:14:
         f1:e0:99:46:ff:5e:12:61:03:d0:57:d0:4e:e1:b3:32:e9:7b:
         c1:71:fc:02:11:c7:14:64:a7:69:76:15:6c:9f:fb:48:b6:22:
         5f:1a:92:49:26:77:d7:92:30:40:38:bc:8d:47:3d:dd:0b:44:
         ed:4d:0f:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNmHNKV8x8RUclBwDuNPj4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjIwOTIyMTY1MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQxYzBlMWNmMGU2NjM4N2Q1OWQwYWJjZGI5YmEzNDdjNDBiYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiIUmY+SQT8hy5Y2NXHzYJITZOpW
7yMp545vcNZHOw3xhDS05JNyNkh+qK/qXI+CQpP69LnNR8Y8IG6tVnvI7JwzVWQ9
oNOgLr0rsywLixQI9yqWK2U9fZg950+2c8PjQkFES0zm+QOb4Ll7LAVFskcOt1yK
LA66gdHWZxguaAIUk2+PKpYmfAi/71gcWWHNmmFjPJV90TZKmV67GFTe27SCOyMw
QzOymljatPdlJO7+6xt3rwyPKcAHH8tPcfZqy1zTLP2S13FP7TQGBuvH2cEK3Xp1
xO2hnipTRZUh2dSp/AmSZyD0HrqSW0AI4lMMs4EqBVBDUs7VjAMRdyGOcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlBwOHPDmY4fVnQq825ujR8QLocMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEvZVVIQTRjOE9aamg5V2RDcnpibTZOSHhBdWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuewYMA0G
CSqGSIb3DQEBCwUAA4IBAQBX89/3EYaxO8DgvMbW7U8M5Fp9HuBUEqIMkzONHxxc
EDTLpDErtSpSwZBJdEmPAWPdWq/FG1K/F/U5FQ/lK1dVhNjOvODi56of2qB3v6g7
vUqINEEpTyNGyuSawqS53yVxHgjaHM6IPld1+yBHAeq83WwrrHxm4rvbhadzJVvG
vG7jPHBSkgoPoca72em6ZjjaDm5coWoo+3kb8rQZPxlromBwmGHfPfxawmDlCzC+
hoPl7MeEovPtgqfEg/t2GX3SLl/ggRTx4JlG/14SYQPQV9BO4bMy6XvBcfwCEccU
ZKdpdhVsn/tItiJfGpJJJnfXkjBAOLyNRz3dC0TtTQ/m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org