Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Dem8Ap3X0snaRZFJWQDMkPxF3OE.roa
File:                     Dem8Ap3X0snaRZFJWQDMkPxF3OE.roa (raw, json)
Hash identifier:          /xU8MOTSXv3T9EDLabKHFFIWflhmowN4w3LM+OXqyIc=
Subject key identifier:   0D:E9:BC:02:9D:D7:D2:C9:DA:45:91:49:59:00:CC:90:FC:45:DC:E1
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       01822BF3058E595185AA664BCC978293DC7B
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Dem8Ap3X0snaRZFJWQDMkPxF3OE.roa
Signing time:             Sat 23 Jul 2022 16:45:23 +0000
ROA not before:           Sat 23 Jul 2022 16:45:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7118
IP address blocks:        81.31.231.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:2b:f3:05:8e:59:51:85:aa:66:4b:cc:97:82:93:dc:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jul 23 16:45:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0de9bc029dd7d2c9da4591495900cc90fc45dce1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:76:48:a6:d3:b1:00:31:fa:a1:11:b4:e5:c6:
                    a2:18:4e:37:2d:44:fd:48:67:1a:c6:d2:b6:75:90:
                    df:df:f7:34:ff:87:eb:17:91:9c:89:52:aa:86:81:
                    77:41:17:69:00:b1:08:3a:24:74:f6:62:92:bb:01:
                    b4:0b:8c:25:51:2b:b6:b8:42:8a:a9:8c:0a:6c:22:
                    b9:27:89:eb:e7:cd:3e:30:e1:08:f8:bd:46:49:a9:
                    d4:ee:83:a9:38:ed:1d:0c:a9:1c:04:90:f1:41:b7:
                    b2:d3:91:0f:b5:4a:93:08:c3:38:5e:c7:49:d8:4a:
                    f8:c7:e9:97:83:83:de:68:35:98:ae:a6:89:de:89:
                    3d:6b:74:6b:9c:e3:63:82:00:19:9d:24:7f:47:ad:
                    2b:ca:31:c6:f2:4f:d6:9b:80:20:d2:3d:ae:84:7d:
                    c3:1c:05:13:b6:fa:61:f3:c8:06:79:6a:4a:03:29:
                    87:d6:c3:fb:71:08:14:ff:a5:20:45:f6:de:3d:fb:
                    5c:c2:66:03:ae:72:a3:2a:d2:95:20:28:06:dd:60:
                    b1:c9:74:08:1f:18:68:78:26:db:2c:2e:58:f0:bb:
                    92:d8:96:4b:d9:9a:50:b2:f7:1d:87:ba:9f:30:de:
                    c6:7d:f4:b3:2a:82:ad:50:57:d0:67:45:50:81:66:
                    76:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E9:BC:02:9D:D7:D2:C9:DA:45:91:49:59:00:CC:90:FC:45:DC:E1
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/Dem8Ap3X0snaRZFJWQDMkPxF3OE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:bb:49:84:28:c4:9c:ff:0c:55:f5:e0:8b:ea:c0:a1:fc:2b:
         7f:de:cb:71:4d:60:7b:06:04:9d:4d:20:25:7a:4e:73:bb:89:
         8a:1b:41:2c:19:23:79:49:15:8a:2c:f2:b1:59:d4:78:d3:92:
         83:50:de:0d:1b:72:3c:9c:3c:9c:ce:05:aa:a5:fa:e9:e4:fd:
         74:ef:6c:87:ce:9b:0a:a2:0c:ac:44:67:40:b6:da:a7:3a:dd:
         21:78:33:bf:75:bb:22:dc:b5:4f:f4:47:19:4f:11:e2:e3:72:
         b7:7e:0b:dd:52:1b:08:c6:40:f8:a8:f7:0d:88:ff:3b:b7:c1:
         d0:bf:41:e9:b2:a7:af:f9:cd:79:d6:6a:a0:a0:5e:0c:fa:0c:
         bf:95:8b:27:0b:87:cf:27:60:e9:2b:79:52:25:02:25:29:e3:
         cd:1c:ac:f2:24:04:47:26:e1:35:c7:cf:0d:e2:37:18:a6:fa:
         a5:a6:3f:a1:bb:d4:c0:6f:3d:bb:ea:59:54:6a:06:ae:da:bd:
         7a:ea:69:fb:8d:16:23:cf:99:ef:dc:49:7c:a8:e4:d9:cf:55:
         8c:f5:eb:ab:2a:a3:6e:84:9d:a3:d6:e6:e5:da:a7:79:1a:2f:
         0e:65:19:be:bd:80:e8:a1:6b:71:28:8a:eb:04:45:0e:c7:89:
         b8:c3:15:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIr8wWOWVGFqmZLzJeCk9x7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIwNzIzMTY0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGU5YmMwMjlkZDdkMmM5ZGE0NTkxNDk1OTAwY2M5MGZjNDVkY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXZIptOxADH6oRG05caiGE43LUT9
SGcaxtK2dZDf3/c0/4frF5GciVKqhoF3QRdpALEIOiR09mKSuwG0C4wlUSu2uEKK
qYwKbCK5J4nr580+MOEI+L1GSanU7oOpOO0dDKkcBJDxQbey05EPtUqTCMM4XsdJ
2Er4x+mXg4PeaDWYrqaJ3ok9a3RrnONjggAZnSR/R60ryjHG8k/Wm4Ag0j2uhH3D
HAUTtvph88gGeWpKAymH1sP7cQgU/6UgRfbePftcwmYDrnKjKtKVICgG3WCxyXQI
HxhoeCbbLC5Y8LuS2JZL2ZpQsvcdh7qfMN7GffSzKoKtUFfQZ0VQgWZ2DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3pvAKd19LJ2kWRSVkAzJD8RdzhMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvRGVtOEFwM1gwc25hUlpGSldRRE1rUHhGM09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/nMA0G
CSqGSIb3DQEBCwUAA4IBAQC0u0mEKMSc/wxV9eCL6sCh/Ct/3stxTWB7BgSdTSAl
ek5zu4mKG0EsGSN5SRWKLPKxWdR405KDUN4NG3I8nDyczgWqpfrp5P1072yHzpsK
ogysRGdAttqnOt0heDO/dbsi3LVP9EcZTxHi43K3fgvdUhsIxkD4qPcNiP87t8HQ
v0Hpsqev+c151mqgoF4M+gy/lYsnC4fPJ2DpK3lSJQIlKePNHKzyJARHJuE1x88N
4jcYpvqlpj+hu9TAbz276llUagau2r166mn7jRYjz5nv3El8qOTZz1WM9eurKqNu
hJ2j1ubl2qd5Gi8OZRm+vYDooWtxKIrrBEUOx4m4wxUS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org