Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/65e218-d751-4176-81aa-b75b5f37db09/1/BmJmYyAV3WaYa86MoKXfBooJzUM.roa
File:                     BmJmYyAV3WaYa86MoKXfBooJzUM.roa (raw, json)
Hash identifier:          egwNOYtn0MiW8WQaoXpLHOiXVKRK7Z2Bx9sNNQp1AVM=
Subject key identifier:   06:62:66:63:20:15:DD:66:98:6B:CE:8C:A0:A5:DF:06:8A:09:CD:43
Certificate issuer:       /CN=54143bee7a7ccf47802f55eae557ba5fcf9f795e
Certificate serial:       03212745
Authority key identifier: 54:14:3B:EE:7A:7C:CF:47:80:2F:55:EA:E5:57:BA:5F:CF:9F:79:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VBQ77np8z0eAL1Xq5Ve6X8-feV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/65e218-d751-4176-81aa-b75b5f37db09/1/BmJmYyAV3WaYa86MoKXfBooJzUM.roa
Signing time:             Sat 01 Jan 2022 03:53:46 +0000
ROA not before:           Sat 01 Jan 2022 03:53:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212076
IP address blocks:        185.231.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52504389 (0x3212745)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54143bee7a7ccf47802f55eae557ba5fcf9f795e
        Validity
            Not Before: Jan  1 03:53:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=066266632015dd66986bce8ca0a5df068a09cd43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b6:10:08:53:01:8b:95:16:a4:ae:36:34:86:
                    a9:57:48:a3:fd:63:c3:31:d6:3c:e5:5c:23:a2:15:
                    cb:ca:1b:32:6d:13:de:9d:e6:84:e8:61:fd:d5:1a:
                    b8:ce:79:3d:b9:7c:90:98:15:7a:94:c1:c4:5e:2c:
                    1b:55:70:94:79:23:e8:d3:02:53:5f:d1:27:7b:d2:
                    8e:c0:b8:65:d2:ef:2c:20:07:67:9a:8c:c8:8d:57:
                    99:f4:4e:50:d0:3e:f5:da:7f:31:ac:7b:7c:76:91:
                    1b:5b:07:2a:c5:47:54:89:1b:33:a3:31:ee:bd:14:
                    59:9f:03:e0:c2:a7:4a:b0:a7:03:8e:07:3d:c3:42:
                    74:fb:2b:b6:6f:f4:b6:65:b1:56:07:1c:6e:a5:20:
                    cf:9f:b1:cf:6e:db:1a:3e:fb:ba:87:bb:dc:8d:91:
                    5c:92:74:94:f8:7c:4d:08:6e:07:8a:e1:5e:24:f0:
                    51:2e:46:b5:32:f4:2c:99:40:a2:9c:11:70:21:ba:
                    95:d4:58:14:7d:8e:d2:2b:28:4f:0e:5b:2c:28:1f:
                    2d:e7:82:a9:08:1a:a1:fb:b6:77:bb:e3:f8:da:b2:
                    1c:1b:ba:2d:1f:10:6f:9f:7d:c3:24:ec:09:60:70:
                    f4:69:b1:49:f0:8b:5a:f7:0c:1b:83:6f:c2:f2:8a:
                    ff:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:62:66:63:20:15:DD:66:98:6B:CE:8C:A0:A5:DF:06:8A:09:CD:43
            X509v3 Authority Key Identifier:
                keyid:54:14:3B:EE:7A:7C:CF:47:80:2F:55:EA:E5:57:BA:5F:CF:9F:79:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VBQ77np8z0eAL1Xq5Ve6X8-feV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/65e218-d751-4176-81aa-b75b5f37db09/1/BmJmYyAV3WaYa86MoKXfBooJzUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/65e218-d751-4176-81aa-b75b5f37db09/1/VBQ77np8z0eAL1Xq5Ve6X8-feV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.231.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:0c:29:34:d5:f9:24:45:83:4a:d6:ea:71:5f:57:74:eb:b9:
         bc:f2:10:94:89:b9:1a:8b:9b:ae:4e:1d:03:f0:db:e0:b1:97:
         53:be:58:30:c2:70:70:e3:6c:42:3a:9b:ee:40:6e:e2:5f:6f:
         80:da:a9:fc:3f:cb:f3:3e:30:e2:29:1c:39:d4:d5:2c:1b:22:
         bb:05:14:97:67:3f:58:05:ca:ad:8c:b7:55:bd:90:0d:7f:1e:
         ac:a3:83:66:4f:70:41:5e:20:81:d9:50:c1:a7:a3:ce:5c:97:
         07:07:c5:a7:4d:6f:d8:ee:e2:d3:ae:31:86:2f:84:e8:a5:d3:
         77:bf:27:b9:ca:52:1b:51:04:29:ab:6f:92:0f:4a:18:1f:f6:
         2d:c1:43:f9:c3:c4:9a:18:35:50:4b:7b:1f:ef:50:ac:41:c3:
         78:23:07:a9:92:c8:4b:1a:98:6c:bc:af:fb:ae:44:a6:fb:cd:
         c0:d9:e1:c7:9b:88:3f:d8:4d:e6:8d:7d:05:a8:bf:d2:94:e7:
         39:da:5a:f0:d2:8a:58:f5:a7:a0:9d:f7:7d:13:41:6d:06:c0:
         f6:96:68:18:ee:0d:19:d6:62:86:65:7b:39:41:0c:f2:09:35:
         15:b0:dc:ec:39:f2:cd:ce:02:b9:fe:bb:dd:a9:dd:2a:55:7b:
         11:2e:90:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyEnRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDE0M2JlZTdhN2NjZjQ3ODAyZjU1ZWFlNTU3YmE1ZmNmOWY3OTVlMB4XDTIyMDEw
MTAzNTM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY2MjY2NjMyMDE1
ZGQ2Njk4NmJjZThjYTBhNWRmMDY4YTA5Y2Q0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANK2EAhTAYuVFqSuNjSGqVdIo/1jwzHWPOVcI6IVy8obMm0T
3p3mhOhh/dUauM55Pbl8kJgVepTBxF4sG1VwlHkj6NMCU1/RJ3vSjsC4ZdLvLCAH
Z5qMyI1XmfROUNA+9dp/Max7fHaRG1sHKsVHVIkbM6Mx7r0UWZ8D4MKnSrCnA44H
PcNCdPsrtm/0tmWxVgccbqUgz5+xz27bGj77uoe73I2RXJJ0lPh8TQhuB4rhXiTw
US5GtTL0LJlAopwRcCG6ldRYFH2O0isoTw5bLCgfLeeCqQgaofu2d7vj+NqyHBu6
LR8Qb599wyTsCWBw9GmxSfCLWvcMG4NvwvKK/0UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGYmZjIBXdZphrzoygpd8GignNQzAfBgNVHSMEGDAWgBRUFDvuenzPR4Av
VerlV7pfz595XjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZCUTc3bnA4ejBlQUwxWHE1VmU2WDgtZmVWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNjVlMjE4LWQ3NTEtNDE3Ni04MWFhLWI3NWI1ZjM3ZGIwOS8x
L0JtSm1ZeUFWM1dhWWE4Nk1vS1hmQm9vSnpVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NjVlMjE4LWQ3NTEtNDE3Ni04MWFhLWI3NWI1ZjM3ZGIwOS8xL1ZCUTc3bnA4ejBl
QUwxWHE1VmU2WDgtZmVWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnnQTANBgkqhkiG9w0BAQsFAAOC
AQEAOQwpNNX5JEWDStbqcV9XdOu5vPIQlIm5Goubrk4dA/Db4LGXU75YMMJwcONs
Qjqb7kBu4l9vgNqp/D/L8z4w4ikcOdTVLBsiuwUUl2c/WAXKrYy3Vb2QDX8erKOD
Zk9wQV4ggdlQwaejzlyXBwfFp01v2O7i064xhi+E6KXTd78nucpSG1EEKatvkg9K
GB/2LcFD+cPEmhg1UEt7H+9QrEHDeCMHqZLISxqYbLyv+65EpvvNwNnhx5uIP9hN
5o19Bai/0pTnOdpa8NKKWPWnoJ33fRNBbQbA9pZoGO4NGdZihmV7OUEM8gk1FbDc
7Dnyzc4Cuf673andKlV7ES6QyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:54 2024 by rpki-client on console-fra.rpki-client.org