Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/MdHC4jGytBKZNFUfWxZXpx6zrlc.roa
File:                     MdHC4jGytBKZNFUfWxZXpx6zrlc.roa (raw, json)
Hash identifier:          IA7rravmQsTRHVcOmAr3XtKQnKn5yGdyWDAH1/RPqFY=
Subject key identifier:   31:D1:C2:E2:31:B2:B4:12:99:34:55:1F:5B:16:57:A7:1E:B3:AE:57
Certificate issuer:       /CN=8fa9aeb426c28a34808776f9568935d3b9ec9e08
Certificate serial:       01BE67D3
Authority key identifier: 8F:A9:AE:B4:26:C2:8A:34:80:87:76:F9:56:89:35:D3:B9:EC:9E:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j6mutCbCijSAh3b5Vok107nsngg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/MdHC4jGytBKZNFUfWxZXpx6zrlc.roa
Signing time:             Sat 01 Jan 2022 15:59:12 +0000
ROA not before:           Sat 01 Jan 2022 15:59:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48951
IP address blocks:        185.225.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29255635 (0x1be67d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fa9aeb426c28a34808776f9568935d3b9ec9e08
        Validity
            Not Before: Jan  1 15:59:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31d1c2e231b2b4129934551f5b1657a71eb3ae57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:cc:28:2a:f7:09:6c:1b:0d:4f:26:d0:87:08:
                    e6:10:80:e1:32:45:c6:f8:63:59:ae:31:99:29:13:
                    a6:65:96:a1:5a:56:a3:78:26:99:52:87:dc:c5:79:
                    09:bc:18:1c:99:24:eb:8b:d5:26:b8:52:e0:2f:5f:
                    b6:48:82:c8:71:e4:46:46:bc:02:a2:7f:6f:46:b0:
                    4b:ba:c2:9e:32:b6:d3:23:34:b0:2b:2d:a4:76:4f:
                    84:33:3f:37:94:78:1f:8f:ce:7a:ce:64:8c:66:45:
                    41:ee:1d:07:98:3a:17:ce:ba:82:72:17:0c:67:c0:
                    ca:a6:f2:bc:65:36:33:d4:5f:50:6a:9e:ac:7e:77:
                    7b:36:bf:0c:1f:ce:19:7a:33:1c:b1:97:68:1f:3d:
                    b3:f0:1c:73:1b:75:e0:b9:4f:6c:79:1e:c9:99:a6:
                    78:df:7d:f7:6c:c2:ee:c7:9a:95:bb:54:2d:a2:8a:
                    60:57:c3:62:4e:2b:7e:75:06:50:66:27:67:f4:f0:
                    b5:c7:0f:23:13:2f:2d:dd:5f:ed:51:50:4c:18:1e:
                    87:8d:83:b4:87:9c:91:3f:46:d1:cc:1f:ff:f8:f0:
                    13:03:07:3f:cb:88:9d:87:5e:04:33:c2:87:51:a5:
                    2b:7f:7f:54:5f:40:7c:fc:93:f4:2b:0d:e3:92:58:
                    a0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:D1:C2:E2:31:B2:B4:12:99:34:55:1F:5B:16:57:A7:1E:B3:AE:57
            X509v3 Authority Key Identifier:
                keyid:8F:A9:AE:B4:26:C2:8A:34:80:87:76:F9:56:89:35:D3:B9:EC:9E:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6mutCbCijSAh3b5Vok107nsngg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/MdHC4jGytBKZNFUfWxZXpx6zrlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/j6mutCbCijSAh3b5Vok107nsngg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:e9:d2:c2:6a:ec:34:44:94:06:74:c4:41:f2:9b:cb:ce:6d:
         c2:58:c0:d6:bd:5b:af:15:6d:33:52:5d:b6:6d:d6:1f:52:0b:
         c0:64:8b:93:c1:0f:7f:9a:03:d6:4a:2e:c4:e4:23:3c:85:d4:
         60:c8:b7:d5:f7:b7:f4:73:de:1c:bb:e0:8f:90:04:5b:a0:47:
         51:2c:7a:a2:5f:6a:5e:b7:85:be:33:3c:2c:56:f1:12:ec:2a:
         3f:6c:18:d2:a1:e2:6c:2b:fb:8a:da:2f:d0:34:d6:c6:d1:33:
         0d:d1:d9:71:2c:68:51:49:1d:42:de:3f:2f:35:ca:c6:e6:6f:
         6d:4a:13:3f:bc:31:00:e1:5c:6e:ec:77:df:b0:54:7e:4e:69:
         59:9f:a5:ae:18:ed:e4:b0:79:9e:02:56:39:39:75:9f:da:62:
         cb:4d:ab:5e:7f:cc:d2:58:59:3c:c0:39:c3:94:f5:0d:80:bf:
         df:5f:ca:11:46:a1:d7:ab:ee:39:5a:18:69:d4:7a:26:42:00:
         a0:a3:65:c0:57:bd:27:50:c8:30:09:48:07:e0:47:d6:f2:aa:
         dc:da:7d:1f:cc:6e:b2:2b:d6:b4:28:dd:98:ed:af:ea:73:c7:
         ec:7a:68:75:38:c1:14:0b:0a:58:32:ba:64:e2:9f:7b:45:e6:
         33:fd:08:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAb5n0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmE5YWViNDI2YzI4YTM0ODA4Nzc2Zjk1Njg5MzVkM2I5ZWM5ZTA4MB4XDTIyMDEw
MTE1NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFkMWMyZTIzMWIy
YjQxMjk5MzQ1NTFmNWIxNjU3YTcxZWIzYWU1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHMKCr3CWwbDU8m0IcI5hCA4TJFxvhjWa4xmSkTpmWWoVpW
o3gmmVKH3MV5CbwYHJkk64vVJrhS4C9ftkiCyHHkRka8AqJ/b0awS7rCnjK20yM0
sCstpHZPhDM/N5R4H4/Oes5kjGZFQe4dB5g6F866gnIXDGfAyqbyvGU2M9RfUGqe
rH53eza/DB/OGXozHLGXaB89s/Accxt14LlPbHkeyZmmeN9992zC7sealbtULaKK
YFfDYk4rfnUGUGYnZ/TwtccPIxMvLd1f7VFQTBgeh42DtIeckT9G0cwf//jwEwMH
P8uInYdeBDPCh1GlK39/VF9AfPyT9CsN45JYoCkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQx0cLiMbK0Epk0VR9bFlenHrOuVzAfBgNVHSMEGDAWgBSPqa60JsKKNICH
dvlWiTXTueyeCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o2bXV0Q2JDaWpTQWgzYjVWb2sxMDduc25nZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNzc3OTJiLWUyMGUtNGJmNy1iMTI2LTM1OWY3OTM2MWU5OS8x
L01kSEM0akd5dEJLWk5GVWZXeFpYcHg2enJsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
Nzc3OTJiLWUyMGUtNGJmNy1iMTI2LTM1OWY3OTM2MWU5OS8xL2o2bXV0Q2JDaWpT
QWgzYjVWb2sxMDduc25nZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnhCjANBgkqhkiG9w0BAQsFAAOC
AQEAienSwmrsNESUBnTEQfKby85twljA1r1brxVtM1Jdtm3WH1ILwGSLk8EPf5oD
1kouxOQjPIXUYMi31fe39HPeHLvgj5AEW6BHUSx6ol9qXreFvjM8LFbxEuwqP2wY
0qHibCv7itov0DTWxtEzDdHZcSxoUUkdQt4/LzXKxuZvbUoTP7wxAOFcbux337BU
fk5pWZ+lrhjt5LB5ngJWOTl1n9piy02rXn/M0lhZPMA5w5T1DYC/31/KEUah16vu
OVoYadR6JkIAoKNlwFe9J1DIMAlIB+BH1vKq3Np9H8xusivWtCjdmO2v6nPH7Hpo
dTjBFAsKWDK6ZOKfe0XmM/0Ilw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org