Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/yl4qjAZ5afs4ItSd3RIuWuDxQLg.roa
File:                     yl4qjAZ5afs4ItSd3RIuWuDxQLg.roa (raw, json)
Hash identifier:          hmvv54jQXXyI8BQQ4O239xQOHb3AuXmzB6xt+G68H6U=
Subject key identifier:   CA:5E:2A:8C:06:79:69:FB:38:22:D4:9D:DD:12:2E:5A:E0:F1:40:B8
Certificate issuer:       /CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Certificate serial:       01843D2AA3F995312D03A72508773855FC0F
Authority key identifier: 4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/yl4qjAZ5afs4ItSd3RIuWuDxQLg.roa
Signing time:             Thu 03 Nov 2022 11:05:15 +0000
ROA not before:           Thu 03 Nov 2022 11:05:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213128
IP address blocks:        185.204.138.0/24 maxlen: 24
                          185.204.137.0/24 maxlen: 24
                          185.204.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3d:2a:a3:f9:95:31:2d:03:a7:25:08:77:38:55:fc:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
        Validity
            Not Before: Nov  3 11:05:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ca5e2a8c067969fb3822d49ddd122e5ae0f140b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:37:74:da:c7:c8:47:a2:09:b9:32:c3:ff:c1:
                    04:19:5e:58:26:b4:ec:f8:12:c6:64:4b:4e:68:e1:
                    c7:63:97:24:87:17:6a:40:df:01:9d:7c:45:18:27:
                    9e:9b:6b:bb:5d:1e:47:47:04:57:be:ec:71:24:c3:
                    f8:bc:64:21:49:32:73:a1:67:c6:e4:1f:e9:be:15:
                    19:3c:f3:e8:6f:66:94:a8:28:76:09:e3:b8:46:71:
                    41:5e:85:9f:25:36:e3:63:4d:ce:b2:88:06:27:f8:
                    2d:0c:50:f7:c8:11:a6:68:62:5e:d1:b6:29:e3:0d:
                    67:33:c3:99:f3:2c:7d:d6:24:4a:6c:49:52:47:a7:
                    77:78:d3:b9:83:80:58:34:d9:b9:15:8e:3a:e1:55:
                    e5:6a:05:e3:3f:05:5d:e4:fe:b5:bf:06:34:76:df:
                    8b:43:8b:8e:7c:2f:f6:4e:05:dc:97:44:17:d2:92:
                    ed:62:32:16:80:88:30:83:20:b8:16:e8:d0:71:4c:
                    6a:6e:10:ca:21:97:90:fc:b3:e6:c7:3e:f7:76:d8:
                    00:e4:59:1e:46:91:f6:dd:a8:7f:3d:29:22:ee:6f:
                    1e:15:88:36:ec:f0:2c:10:ad:f3:0f:76:e2:22:a7:
                    d0:0c:ae:c4:0e:f8:74:fc:fc:da:68:14:98:6c:08:
                    4f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:5E:2A:8C:06:79:69:FB:38:22:D4:9D:DD:12:2E:5A:E0:F1:40:B8
            X509v3 Authority Key Identifier:
                keyid:4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/yl4qjAZ5afs4ItSd3RIuWuDxQLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.204.137.0-185.204.139.255

    Signature Algorithm: sha256WithRSAEncryption
         51:9b:5a:b2:27:68:a0:d5:35:f0:64:0a:32:99:ad:4e:0c:25:
         f6:81:d1:7c:ba:3d:a5:be:d7:47:ea:77:20:cc:73:c1:f7:f0:
         a8:ec:df:c9:25:4e:20:8a:db:82:98:a3:98:4a:e6:97:f8:30:
         6f:7e:34:48:59:64:1d:f4:5f:38:db:f1:99:d4:de:7a:3d:0f:
         b1:73:99:09:4d:bf:9b:30:c7:61:11:0d:4c:09:c2:ab:fd:2f:
         c1:0b:e4:31:40:cb:ee:fe:47:0d:09:b6:e6:8e:44:42:ea:d7:
         0c:b7:1f:fc:7e:20:f4:0b:5a:58:fb:16:48:7b:9e:da:5a:96:
         bb:25:14:03:34:e1:56:f7:75:5d:5d:d2:6a:5a:40:e0:9b:90:
         82:1a:d6:92:af:ea:3d:9b:ed:73:26:71:a0:3f:46:b1:76:7a:
         ac:8a:05:8c:b9:cd:cc:0b:b7:42:fa:c2:ce:0f:a9:3c:6a:37:
         1d:70:63:8e:38:3b:36:da:9b:d2:b8:76:2c:f1:82:c5:75:da:
         2b:12:13:67:d9:9a:81:60:13:65:bb:4e:a3:0c:ee:de:69:bb:
         0c:c9:15:33:1d:60:97:33:e0:d1:4e:b0:4a:b0:20:d4:f5:87:
         86:b1:15:ad:33:c0:60:9a:e3:4c:11:b5:74:d8:88:e1:09:d8:
         60:ea:72:17
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYQ9KqP5lTEtA6clCHc4VfwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjNlMmVkYjMyMWUxYThhNWNlOWVlM2UyZDk1YWE0MGYw
ZGU4YTAwHhcNMjIxMTAzMTEwNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVlMmE4YzA2Nzk2OWZiMzgyMmQ0OWRkZDEyMmU1YWUwZjE0MGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDd02sfIR6IJuTLD/8EEGV5YJrTs
+BLGZEtOaOHHY5ckhxdqQN8BnXxFGCeem2u7XR5HRwRXvuxxJMP4vGQhSTJzoWfG
5B/pvhUZPPPob2aUqCh2CeO4RnFBXoWfJTbjY03OsogGJ/gtDFD3yBGmaGJe0bYp
4w1nM8OZ8yx91iRKbElSR6d3eNO5g4BYNNm5FY464VXlagXjPwVd5P61vwY0dt+L
Q4uOfC/2TgXcl0QX0pLtYjIWgIgwgyC4FujQcUxqbhDKIZeQ/LPmxz73dtgA5Fke
RpH23ah/PSki7m8eFYg27PAsEK3zD3biIqfQDK7EDvh0/PzaaBSYbAhPIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMpeKowGeWn7OCLUnd0SLlrg8UC4MB8GA1UdIwQY
MBaAFE0j4u2zIeGopc6e4+LZWqQPDeigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEt
NTM4NTA5ZjNhNzg5LzEveWw0cWpBWjVhZnM0SXRTZDNSSXVXdUR4UUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEtNTM4NTA5ZjNhNzg5
LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5zIkD
BAK5zIgwDQYJKoZIhvcNAQELBQADggEBAFGbWrInaKDVNfBkCjKZrU4MJfaB0Xy6
PaW+10fqdyDMc8H38Kjs38klTiCK24KYo5hK5pf4MG9+NEhZZB30Xzjb8ZnU3no9
D7FzmQlNv5swx2ERDUwJwqv9L8EL5DFAy+7+Rw0JtuaORELq1wy3H/x+IPQLWlj7
Fkh7ntpalrslFAM04Vb3dV1d0mpaQOCbkIIa1pKv6j2b7XMmcaA/RrF2eqyKBYy5
zcwLt0L6ws4PqTxqNx1wY444Ozbam9K4dizxgsV12isSE2fZmoFgE2W7TqMM7t5p
uwzJFTMdYJcz4NFOsEqwINT1h4axFa0zwGCa40wRtXTYiOEJ2GDqchc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org