Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/bsuyZQZDuPwUJEhPhWGeOHD4wZY.roa
File:                     bsuyZQZDuPwUJEhPhWGeOHD4wZY.roa (raw, json)
Hash identifier:          c06xYiPLElVEB7+eG8Oms4iQazkskA0PZ6E+9cKtq5c=
Subject key identifier:   6E:CB:B2:65:06:43:B8:FC:14:24:48:4F:85:61:9E:38:70:F8:C1:96
Certificate issuer:       /CN=d14f747f42d6f2606f808f8829f43c90dd48ca0b
Certificate serial:       01828CC7398BD80A612D9CDB80ED3471A424
Authority key identifier: D1:4F:74:7F:42:D6:F2:60:6F:80:8F:88:29:F4:3C:90:DD:48:CA:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0U90f0LW8mBvgI-IKfQ8kN1Iygs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/bsuyZQZDuPwUJEhPhWGeOHD4wZY.roa
Signing time:             Thu 11 Aug 2022 12:00:42 +0000
ROA not before:           Thu 11 Aug 2022 12:00:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        185.238.142.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8c:c7:39:8b:d8:0a:61:2d:9c:db:80:ed:34:71:a4:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14f747f42d6f2606f808f8829f43c90dd48ca0b
        Validity
            Not Before: Aug 11 12:00:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ecbb2650643b8fc1424484f85619e3870f8c196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c0:cd:24:7c:30:00:ef:e5:35:6a:67:e9:69:
                    13:3a:4d:f1:6f:07:6c:29:85:4e:30:fe:6c:ca:3a:
                    9a:31:7f:d1:fb:a1:d6:cf:f5:8b:b2:74:de:d5:63:
                    85:83:6f:2f:28:df:41:09:13:5a:ef:42:ae:b3:6c:
                    65:86:fd:b8:95:f1:03:16:ba:d9:cf:80:e2:6d:4d:
                    da:ad:8a:f0:6a:b2:e5:bb:37:4b:7e:e0:96:ec:a9:
                    6b:78:f4:e7:aa:f3:f3:52:71:f4:bf:76:2c:9f:18:
                    a3:fd:25:b6:d4:bd:d1:36:dc:b7:13:8c:98:77:9d:
                    03:b0:4a:da:b6:bf:b5:35:72:63:75:62:67:42:4e:
                    c1:82:77:41:d6:32:e6:75:87:c8:79:fc:e3:35:83:
                    d6:ff:4f:2c:76:88:ab:f2:ea:ef:a7:42:13:c8:f7:
                    fc:12:fc:b7:dd:da:98:8d:20:a6:f5:a8:57:3f:4d:
                    b0:ce:32:8a:cf:39:80:23:7a:eb:16:72:61:20:a9:
                    45:d8:bd:95:45:48:c4:3c:5c:53:30:d7:14:de:6b:
                    7c:f6:42:76:94:61:fa:38:07:cc:8a:f1:30:1a:e9:
                    5f:0f:ec:37:8f:70:e8:d0:af:fc:bc:47:1c:11:13:
                    0e:33:b7:18:91:f3:47:9b:00:bf:ca:0e:2c:d7:87:
                    82:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:CB:B2:65:06:43:B8:FC:14:24:48:4F:85:61:9E:38:70:F8:C1:96
            X509v3 Authority Key Identifier:
                keyid:D1:4F:74:7F:42:D6:F2:60:6F:80:8F:88:29:F4:3C:90:DD:48:CA:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0U90f0LW8mBvgI-IKfQ8kN1Iygs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/bsuyZQZDuPwUJEhPhWGeOHD4wZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7029b3-2ca8-4ba1-aa92-e6d472d3a825/1/0U90f0LW8mBvgI-IKfQ8kN1Iygs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:96:87:1f:eb:f0:9e:59:fd:fe:d4:3d:b4:07:ae:1c:b7:e9:
         4e:95:08:b7:f7:6a:12:89:ee:14:1b:f5:8b:1a:9c:da:19:9c:
         c5:80:24:31:80:bc:42:69:9c:f2:84:c2:cf:a1:8e:60:e1:98:
         98:1a:e1:e6:fd:54:30:31:48:8a:be:f8:19:66:a6:e7:81:ff:
         cc:e3:b1:e8:6b:03:ca:0e:be:a1:ab:f0:ab:0b:59:c9:3d:a6:
         01:3a:47:66:50:af:e2:7e:3a:ee:f9:cb:fe:46:a4:bb:fc:91:
         87:c4:b1:73:76:4b:18:52:37:ea:92:89:8b:b2:54:c4:91:75:
         29:ba:2f:5c:14:df:8c:1e:5c:d7:a4:62:2f:7e:50:e5:2f:fa:
         12:dd:78:9b:0c:c5:99:ad:f6:a7:15:39:aa:33:b4:ae:db:79:
         01:89:97:db:52:3a:e8:10:f3:7d:17:42:ca:71:08:23:cd:bd:
         7e:1d:90:13:26:7a:d4:53:a2:b0:d4:f1:d5:4b:96:73:c6:38:
         58:76:87:9f:28:5e:3e:ed:88:8a:56:15:d1:f0:6b:8b:a0:d3:
         5a:15:ee:d8:58:8a:3f:28:07:71:0f:27:0d:b4:ee:ab:3f:12:
         93:ab:1b:e0:2f:7c:e1:e5:da:af:2b:fe:77:76:60:76:2c:9f:
         36:68:f4:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKMxzmL2AphLZzbgO00caQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNGY3NDdmNDJkNmYyNjA2ZjgwOGY4ODI5ZjQzYzkwZGQ0
OGNhMGIwHhcNMjIwODExMTIwMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNiYjI2NTA2NDNiOGZjMTQyNDQ4NGY4NTYxOWUzODcwZjhjMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMDNJHwwAO/lNWpn6WkTOk3xbwds
KYVOMP5syjqaMX/R+6HWz/WLsnTe1WOFg28vKN9BCRNa70Kus2xlhv24lfEDFrrZ
z4DibU3arYrwarLluzdLfuCW7KlrePTnqvPzUnH0v3Ysnxij/SW21L3RNty3E4yY
d50DsEratr+1NXJjdWJnQk7BgndB1jLmdYfIefzjNYPW/08sdoir8urvp0ITyPf8
Evy33dqYjSCm9ahXP02wzjKKzzmAI3rrFnJhIKlF2L2VRUjEPFxTMNcU3mt89kJ2
lGH6OAfMivEwGulfD+w3j3Do0K/8vEccERMOM7cYkfNHmwC/yg4s14eCEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7LsmUGQ7j8FCRIT4Vhnjhw+MGWMB8GA1UdIwQY
MBaAFNFPdH9C1vJgb4CPiCn0PJDdSMoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFU5MGYwTFc4bUJ2Z0ktSUtmUThrTjFJeWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83MDI5YjMtMmNhOC00YmExLWFhOTIt
ZTZkNDcyZDNhODI1LzEvYnN1eVpRWkR1UHdVSkVoUGhXR2VPSEQ0d1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83MDI5YjMtMmNhOC00YmExLWFhOTItZTZkNDcyZDNhODI1
LzEvMFU5MGYwTFc4bUJ2Z0ktSUtmUThrTjFJeWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6OMA0G
CSqGSIb3DQEBCwUAA4IBAQA0locf6/CeWf3+1D20B64ct+lOlQi392oSie4UG/WL
GpzaGZzFgCQxgLxCaZzyhMLPoY5g4ZiYGuHm/VQwMUiKvvgZZqbngf/M47HoawPK
Dr6hq/CrC1nJPaYBOkdmUK/ifjru+cv+RqS7/JGHxLFzdksYUjfqkomLslTEkXUp
ui9cFN+MHlzXpGIvflDlL/oS3XibDMWZrfanFTmqM7Su23kBiZfbUjroEPN9F0LK
cQgjzb1+HZATJnrUU6Kw1PHVS5ZzxjhYdoefKF4+7YiKVhXR8GuLoNNaFe7YWIo/
KAdxDycNtO6rPxKTqxvgL3zh5dqvK/53dmB2LJ82aPRx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:11 2024 by rpki-client on console-ams.rpki-client.org