Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/OXJRpLUB_u9auf8gX2qlMHqdbpA.roa
File:                     OXJRpLUB_u9auf8gX2qlMHqdbpA.roa (raw, json)
Hash identifier:          OyGQsY8YM8IdsDA+a9dSGKsd9LE0HXJ0fFMAz6cQHhk=
Subject key identifier:   39:72:51:A4:B5:01:FE:EF:5A:B9:FF:20:5F:6A:A5:30:7A:9D:6E:90
Certificate issuer:       /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial:       10CDE7F1
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/OXJRpLUB_u9auf8gX2qlMHqdbpA.roa
Signing time:             Sat 01 Jan 2022 04:56:58 +0000
ROA not before:           Sat 01 Jan 2022 04:56:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34762
IP address blocks:        185.116.72.0/22 maxlen: 24
                          2a0d:5040::/32 maxlen: 32
                          2a0d:5041::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 281929713 (0x10cde7f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
        Validity
            Not Before: Jan  1 04:56:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=397251a4b501feef5ab9ff205f6aa5307a9d6e90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:38:7a:ae:11:d1:bf:5b:c0:9f:80:45:8b:db:
                    d9:c3:ab:4a:2f:9a:1f:84:f4:4c:25:cf:fc:cb:88:
                    93:9a:f7:59:00:80:07:ec:d0:f7:ec:b2:8b:93:d0:
                    7d:d5:e5:65:f1:ca:a7:f8:47:cf:61:56:18:d5:7b:
                    05:aa:76:5e:3f:71:9a:9c:3d:39:be:66:b2:c3:c1:
                    2d:ce:58:20:5d:cf:6f:e4:f8:47:de:79:cb:05:7f:
                    fb:de:1d:df:15:6f:4e:1c:5d:66:71:4b:1c:5b:95:
                    8f:14:07:b5:b4:a4:44:ce:f0:36:2e:98:79:51:34:
                    b9:40:58:45:4f:da:b6:de:9a:d8:fc:17:88:3b:65:
                    63:c1:15:69:c0:eb:f1:3c:cf:7b:a7:bd:d8:a2:64:
                    3a:0a:93:c0:62:04:fd:62:00:ca:ba:db:5c:c3:03:
                    1a:81:4f:cc:fb:89:13:3e:d4:de:84:8a:0e:b4:73:
                    89:43:41:e5:1a:4d:2a:f6:bd:ca:af:e6:21:08:80:
                    bd:f3:2a:9c:33:2e:07:f4:ff:fd:47:4c:6d:a8:88:
                    67:67:bd:76:19:13:b3:f1:39:b7:53:d9:7e:5e:ed:
                    85:4a:d3:01:3a:57:3c:4c:54:2f:ec:45:a8:de:a3:
                    0e:08:27:4d:6c:ba:fa:c1:9e:71:37:1d:cc:20:43:
                    c6:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:72:51:A4:B5:01:FE:EF:5A:B9:FF:20:5F:6A:A5:30:7A:9D:6E:90
            X509v3 Authority Key Identifier:
                keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/OXJRpLUB_u9auf8gX2qlMHqdbpA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.116.72.0/22
                IPv6:
                  2a0d:5040::/31

    Signature Algorithm: sha256WithRSAEncryption
         80:0e:4c:44:21:dd:7a:0e:61:77:29:36:8a:35:5f:d0:9a:d1:
         aa:ff:4b:02:94:c0:88:f3:33:82:2b:de:3f:90:02:dc:bd:ec:
         98:4a:04:c7:e4:05:23:f5:b2:e6:e9:b0:03:1d:91:f5:fa:0f:
         b6:a7:57:b8:9e:16:89:a4:f6:d9:96:94:f1:d7:23:01:a4:d9:
         6b:fa:18:8e:ff:d7:ef:5e:80:25:bc:aa:a3:d3:e1:55:8d:ba:
         4f:2f:c5:a3:ff:6a:76:4c:49:cc:fe:b0:dc:ee:c7:f1:ad:31:
         90:30:03:84:e8:79:ce:c0:57:a4:98:e9:b7:12:7c:d2:88:42:
         39:e3:39:10:db:76:8f:b8:ff:ba:d9:32:e5:53:b7:28:ff:bc:
         3b:de:b9:d5:34:33:aa:e9:9f:0c:04:b4:a3:e0:21:b4:75:c6:
         b5:9b:8a:5a:69:e7:5b:af:27:e7:31:09:b4:6f:fd:0f:18:79:
         9d:2b:99:3d:d1:cd:90:e0:31:0b:47:24:f0:07:be:f4:ae:c8:
         8c:e0:bf:52:83:25:aa:19:19:54:38:d6:8d:e6:af:e1:e9:e1:
         2b:6b:28:6a:47:f8:ac:23:e7:16:3b:86:7b:75:91:9c:04:23:
         42:ba:61:ed:62:18:a9:65:4e:1e:d3:32:d1:12:10:a3:6e:c4:
         d3:d2:dd:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEM3n8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmM5NTAwOTg0MzYyODFjZWU1NDJhMWU3NDU0NjU1MWUxZTU1MjgzMB4XDTIyMDEw
MTA0NTY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk3MjUxYTRiNTAx
ZmVlZjVhYjlmZjIwNWY2YWE1MzA3YTlkNmU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY4eq4R0b9bwJ+ARYvb2cOrSi+aH4T0TCXP/MuIk5r3WQCA
B+zQ9+yyi5PQfdXlZfHKp/hHz2FWGNV7Bap2Xj9xmpw9Ob5mssPBLc5YIF3Pb+T4
R955ywV/+94d3xVvThxdZnFLHFuVjxQHtbSkRM7wNi6YeVE0uUBYRU/att6a2PwX
iDtlY8EVacDr8TzPe6e92KJkOgqTwGIE/WIAyrrbXMMDGoFPzPuJEz7U3oSKDrRz
iUNB5RpNKva9yq/mIQiAvfMqnDMuB/T//UdMbaiIZ2e9dhkTs/E5t1PZfl7thUrT
ATpXPExUL+xFqN6jDggnTWy6+sGecTcdzCBDxrECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ5clGktQH+71q5/yBfaqUwep1ukDAfBgNVHSMEGDAWgBTbyVAJhDYoHO5U
Kh50VGVR4eVSgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI4bFFDWVEyS0J6dVZDb2VkRlJsVWVIbFVvTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNWFhNDQ4LTY0M2YtNGFlZS05MGQ5LWY0N2UxNjkyNjZjMi8x
L09YSlJwTFVCX3U5YXVmOGdYMnFsTUhxZGJwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
NWFhNDQ4LTY0M2YtNGFlZS05MGQ5LWY0N2UxNjkyNjZjMi8xLzI4bFFDWVEyS0J6
dVZDb2VkRlJsVWVIbFVvTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl0SDANBAIAAjAHAwUBKg1QQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgA5MRCHdeg5hdyk2ijVf0JrRqv9LApTAiPMzgive
P5AC3L3smEoEx+QFI/Wy5umwAx2R9foPtqdXuJ4WiaT22ZaU8dcjAaTZa/oYjv/X
716AJbyqo9PhVY26Ty/Fo/9qdkxJzP6w3O7H8a0xkDADhOh5zsBXpJjptxJ80ohC
OeM5ENt2j7j/utky5VO3KP+8O9651TQzqumfDAS0o+AhtHXGtZuKWmnnW68n5zEJ
tG/9Dxh5nSuZPdHNkOAxC0ck8Ae+9K7IjOC/UoMlqhkZVDjWjeav4enhK2soakf4
rCPnFjuGe3WRnAQjQrph7WIYqWVOHtMy0RIQo27E09LdUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:44 2024 by rpki-client on console-fra.rpki-client.org