Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObHv1ui66-vryPsw-Kin3yPbgaA.roa
File:                     ObHv1ui66-vryPsw-Kin3yPbgaA.roa (raw, json)
Hash identifier:          CxfXEyaMgznimzLITE5f/HaJdO1ggT9jVHJa5RWKdog=
Subject key identifier:   39:B1:EF:D6:E8:BA:EB:EB:EB:C8:FB:30:F8:A8:A7:DF:23:DB:81:A0
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C6843DB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObHv1ui66-vryPsw-Kin3yPbgaA.roa
Signing time:             Sat 01 Jan 2022 01:02:32 +0000
ROA not before:           Sat 01 Jan 2022 01:02:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44564
IP address blocks:        87.121.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 476595163 (0x1c6843db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39b1efd6e8baebebebc8fb30f8a8a7df23db81a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a2:d5:b3:c8:7e:85:97:e0:e5:44:e1:ea:7e:
                    cf:4c:04:34:13:c9:32:7e:e0:2f:cd:a4:1f:33:51:
                    74:20:f6:8c:a1:2d:cf:5f:5a:72:76:bd:ec:25:d7:
                    d9:24:98:19:be:64:d6:78:68:78:72:cd:31:ae:60:
                    28:1d:a9:61:1b:bb:08:45:c7:e2:ba:7f:65:e0:c1:
                    c6:91:bd:99:23:c8:37:03:9f:11:ee:e4:ee:29:02:
                    22:ba:ec:41:b3:15:35:f7:12:ed:94:6c:77:f4:5f:
                    65:3d:84:a1:4f:60:3c:19:76:05:de:05:a2:53:38:
                    e2:9a:b5:01:f7:e0:2a:2d:9d:ed:d0:4f:12:72:a2:
                    85:db:38:cc:2a:c0:10:32:5b:5d:7d:5b:e2:b2:ce:
                    73:7f:24:f8:f5:98:ae:ab:f3:ef:83:60:aa:56:98:
                    d0:52:9e:a0:80:72:06:73:01:ed:94:b2:3a:42:ca:
                    4c:5c:ab:25:1b:96:bf:ad:f0:1d:7a:ea:5d:28:57:
                    be:f9:da:09:45:9c:d1:f6:90:97:4e:41:60:62:2e:
                    ee:94:50:17:ff:94:fe:ba:09:19:1e:ed:bd:7c:f0:
                    6c:e2:49:5d:fe:9b:66:f4:f1:40:60:9b:ca:6a:f6:
                    0a:cb:24:50:a3:d5:a1:ef:69:15:42:1f:cc:84:a8:
                    03:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B1:EF:D6:E8:BA:EB:EB:EB:C8:FB:30:F8:A8:A7:DF:23:DB:81:A0
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObHv1ui66-vryPsw-Kin3yPbgaA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.121.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:c8:99:ae:08:df:ed:25:fb:0c:a9:3d:a5:60:21:dd:bd:62:
         9e:44:c5:69:20:4e:82:02:7b:8f:99:3a:f7:22:bd:3f:b3:64:
         07:26:62:e7:1c:bc:97:89:60:80:e1:53:b6:6c:b7:ca:57:94:
         6c:21:3c:aa:6b:c3:8d:5a:ff:d7:ea:8e:13:b2:76:bd:61:c8:
         03:eb:1d:a1:33:ad:2d:f4:3f:83:a0:c2:89:99:7b:8c:8c:46:
         c0:b1:21:58:8a:f9:62:9c:db:44:d0:b7:48:93:fd:b0:b2:7c:
         f4:c9:bd:94:63:7b:dd:ba:ee:53:66:8f:b2:92:7c:df:65:ef:
         d7:10:a6:9d:d8:70:8b:ff:5a:60:4b:5d:74:46:ed:43:df:90:
         51:8f:09:a4:1c:8b:32:74:65:9f:c6:3f:60:3a:60:51:e2:d4:
         18:4a:8e:2d:39:21:87:dd:8f:bf:ea:30:ad:25:e7:cd:09:70:
         7a:89:0a:4d:48:9e:00:f4:37:68:68:20:7e:9c:86:5c:62:c8:
         7e:a8:5f:6a:a9:a5:73:a1:1b:6e:9f:51:50:b7:96:5f:9e:0e:
         9a:cb:dd:9c:fb:17:eb:9e:78:94:3a:ec:b8:94:97:54:a5:f1:
         84:94:36:2b:ba:43:9b:8d:46:1c:4b:6b:ba:dc:dc:0d:94:e2:
         92:34:7c:47
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHGhD2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzliMWVmZDZlOGJh
ZWJlYmViYzhmYjMwZjhhOGE3ZGYyM2RiODFhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWi1bPIfoWX4OVE4ep+z0wENBPJMn7gL82kHzNRdCD2jKEt
z19acna97CXX2SSYGb5k1nhoeHLNMa5gKB2pYRu7CEXH4rp/ZeDBxpG9mSPINwOf
Ee7k7ikCIrrsQbMVNfcS7ZRsd/RfZT2EoU9gPBl2Bd4FolM44pq1AffgKi2d7dBP
EnKihds4zCrAEDJbXX1b4rLOc38k+PWYrqvz74NgqlaY0FKeoIByBnMB7ZSyOkLK
TFyrJRuWv63wHXrqXShXvvnaCUWc0faQl05BYGIu7pRQF/+U/roJGR7tvXzwbOJJ
Xf6bZvTxQGCbymr2CsskUKPVoe9pFUIfzISoA1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5se/W6Lrr6+vI+zD4qKffI9uBoDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L09iSHYxdWk2Ni12cnlQc3ctS2luM3lQYmdhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFd5oDANBgkqhkiG9w0BAQsFAAOC
AQEALsiZrgjf7SX7DKk9pWAh3b1inkTFaSBOggJ7j5k69yK9P7NkByZi5xy8l4lg
gOFTtmy3yleUbCE8qmvDjVr/1+qOE7J2vWHIA+sdoTOtLfQ/g6DCiZl7jIxGwLEh
WIr5YpzbRNC3SJP9sLJ89Mm9lGN73bruU2aPspJ832Xv1xCmndhwi/9aYEtddEbt
Q9+QUY8JpByLMnRln8Y/YDpgUeLUGEqOLTkhh92Pv+owrSXnzQlweokKTUieAPQ3
aGggfpyGXGLIfqhfaqmlc6Ebbp9RULeWX54OmsvdnPsX6554lDrsuJSXVKXxhJQ2
K7pDm41GHEtrutzcDZTikjR8Rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org