Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/YJNlJxTsp2a66q_kxvX4ompbgng.roa
File:                     YJNlJxTsp2a66q_kxvX4ompbgng.roa (raw, json)
Hash identifier:          fCU7YmzeFl/Yzs7YHX65hNMBWivYyfEFBxy4IOpwr10=
Subject key identifier:   60:93:65:27:14:EC:A7:66:BA:EA:AF:E4:C6:F5:F8:A2:6A:5B:82:78
Certificate issuer:       /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial:       052492
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/YJNlJxTsp2a66q_kxvX4ompbgng.roa
Signing time:             Wed 26 Jan 2022 12:01:10 +0000
ROA not before:           Wed 26 Jan 2022 12:01:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.49.132.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 337042 (0x52492)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af935603e52e831537716d458b360192f99a3689
        Validity
            Not Before: Jan 26 12:01:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6093652714eca766baeaafe4c6f5f8a26a5b8278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:42:51:ab:e0:48:a2:f6:5f:17:bd:9e:4b:b5:
                    e9:e9:ef:7b:46:e2:07:f8:ec:24:22:58:7a:4b:9a:
                    eb:87:3d:7f:54:96:63:80:c3:51:38:3b:59:be:66:
                    8e:74:a0:09:c9:94:54:47:55:7e:d2:88:d5:7b:13:
                    db:24:51:ec:e5:d6:0a:3b:b6:eb:c2:68:8f:5e:f4:
                    4a:ff:a0:10:fb:8c:51:f8:81:e0:26:10:b2:43:7f:
                    7a:ba:51:f0:de:3a:01:fc:28:32:38:26:ab:4a:9e:
                    42:83:e5:67:d9:ae:e3:5f:1f:c3:24:e8:ea:20:60:
                    e5:fd:4b:0d:22:ac:60:89:a4:f8:4c:c6:36:51:85:
                    64:36:8e:c5:0b:c4:02:78:7e:a8:b0:b8:d1:46:61:
                    b8:0d:6e:3a:af:21:f4:97:20:52:16:df:7c:6a:16:
                    18:da:eb:f4:f4:de:71:03:cc:fa:5a:1d:ba:d1:4a:
                    f2:08:1f:ae:b4:1b:76:03:63:83:14:25:44:e1:a3:
                    97:94:4d:01:fa:1b:12:f9:3e:21:01:56:91:2b:ff:
                    db:3d:9c:c2:ac:c2:59:2e:c1:2f:6d:05:52:00:88:
                    fa:42:ad:09:e5:f4:0b:36:00:86:c8:c9:7f:ee:d8:
                    b0:7e:42:be:3b:d3:c2:f4:af:d5:86:d4:53:75:2e:
                    a9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:93:65:27:14:EC:A7:66:BA:EA:AF:E4:C6:F5:F8:A2:6A:5B:82:78
            X509v3 Authority Key Identifier:
                keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/YJNlJxTsp2a66q_kxvX4ompbgng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:37:d1:df:de:58:66:40:14:62:bf:62:2d:48:b5:02:75:77:
         c6:32:31:74:b9:2b:12:c9:5d:d8:ba:92:d4:40:a5:6c:10:6e:
         2c:a4:a5:b7:b2:77:03:73:7f:65:5b:83:19:f9:26:96:71:80:
         f4:e5:31:8c:57:10:a4:17:27:6d:47:ea:61:53:4e:93:68:7c:
         a7:bf:e3:5f:6f:31:2d:08:aa:06:00:b9:4b:73:d3:23:62:9e:
         63:52:47:d8:ef:a6:d8:d7:ce:64:25:f8:5f:6b:6e:38:22:cf:
         21:c2:d4:77:1b:36:ac:96:09:e0:56:b9:64:de:8a:a6:3b:08:
         98:29:64:d8:d3:6e:7c:7c:4b:7a:7d:b6:bc:c9:77:c4:6f:fc:
         5f:d8:65:64:33:fe:92:08:2b:13:28:80:f9:69:e1:2b:6f:6c:
         f9:80:ac:ad:b7:7d:82:cb:ba:0a:3c:f8:8f:29:94:39:c1:64:
         7a:83:2f:b3:6a:cc:93:c1:89:b6:22:af:fe:c3:51:c8:40:95:
         1e:d8:9f:4a:ac:6f:97:bc:86:10:51:a3:86:02:41:1c:2a:8f:
         a1:4f:8a:74:23:f8:45:91:5f:73:a2:1f:2c:10:01:c6:03:fd:
         b2:9e:f6:48:e5:2a:98:a4:db:9f:48:92:b2:f7:6c:08:92:00:
         2a:79:c4:24
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBSSSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFm
OTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5YTM2ODkwHhcNMjIwMTI2
MTIwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MDkzNjUyNzE0ZWNh
NzY2YmFlYWFmZTRjNmY1ZjhhMjZhNWI4Mjc4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl0JRq+BIovZfF72eS7Xp6e97RuIH+OwkIlh6S5rrhz1/VJZj
gMNRODtZvmaOdKAJyZRUR1V+0ojVexPbJFHs5dYKO7brwmiPXvRK/6AQ+4xR+IHg
JhCyQ396ulHw3joB/CgyOCarSp5Cg+Vn2a7jXx/DJOjqIGDl/UsNIqxgiaT4TMY2
UYVkNo7FC8QCeH6osLjRRmG4DW46ryH0lyBSFt98ahYY2uv09N5xA8z6Wh260Ury
CB+utBt2A2ODFCVE4aOXlE0B+hsS+T4hAVaRK//bPZzCrMJZLsEvbQVSAIj6Qq0J
5fQLNgCGyMl/7tiwfkK+O9PC9K/VhtRTdS6pIwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGCTZScU7Kdmuuqv5Mb1+KJqW4J4MB8GA1UdIwQYMBaAFK+TVgPlLoMVN3Ft
RYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZiLzEv
WUpObEp4VHNwMmE2NnFfa3h2WDRvbXBiZ25nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8z
MDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZiLzEvcjVOV0EtVXVneFUz
Y1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTGEMA0GCSqGSIb3DQEBCwUAA4IB
AQA/N9Hf3lhmQBRiv2ItSLUCdXfGMjF0uSsSyV3YupLUQKVsEG4spKW3sncDc39l
W4MZ+SaWcYD05TGMVxCkFydtR+phU06TaHynv+NfbzEtCKoGALlLc9MjYp5jUkfY
76bY185kJfhfa244Is8hwtR3GzaslgngVrlk3oqmOwiYKWTY0258fEt6fba8yXfE
b/xf2GVkM/6SCCsTKID5aeErb2z5gKytt32Cy7oKPPiPKZQ5wWR6gy+zasyTwYm2
Iq/+w1HIQJUe2J9KrG+XvIYQUaOGAkEcKo+hT4p0I/hFkV9zoh8sEAHGA/2ynvZI
5SqYpNufSJKy92wIkgAqecQk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:51 2023 by rpki-client on console-fra.rpki-client.org