Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/doZqKbVR_RyLFILev0Q398QnVus.roa
File:                     doZqKbVR_RyLFILev0Q398QnVus.roa (raw, json)
Hash identifier:          AvEOTE+nkDkVsmVr9pIr7QOApPzlC9EwpjjXb9BX9Do=
Subject key identifier:   76:86:6A:29:B5:51:FD:1C:8B:14:82:DE:BF:44:37:F7:C4:27:56:EB
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       35996FB2
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/doZqKbVR_RyLFILev0Q398QnVus.roa
Signing time:             Fri 17 Jun 2022 09:37:46 +0000
ROA not before:           Fri 17 Jun 2022 09:37:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        81.31.244.0/22 maxlen: 24
                          81.31.242.0/23 maxlen: 24
                          81.31.252.0/22 maxlen: 24
                          185.84.160.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 899248050 (0x35996fb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jun 17 09:37:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76866a29b551fd1c8b1482debf4437f7c42756eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:90:cf:6d:dd:bc:0b:53:1e:31:bc:7d:4b:cc:
                    68:47:f5:e4:55:04:ce:83:9b:51:cb:c6:2d:95:9a:
                    e4:22:8e:2a:1e:72:af:30:03:e7:86:75:c6:bb:68:
                    6b:af:dd:1b:5a:3a:a9:07:e0:da:ed:f7:30:ca:be:
                    ed:1e:79:9f:57:bb:d3:b8:8e:4b:0e:08:3d:37:a3:
                    0c:10:90:83:e9:6d:b0:db:21:a6:91:94:ce:f5:be:
                    a7:cd:93:fe:8e:6f:80:cd:2c:01:09:7e:49:7b:fb:
                    49:89:06:66:a4:6b:7c:54:60:d3:42:6f:d1:9f:b9:
                    73:a8:e1:7e:3c:99:ad:17:86:36:54:37:9c:b0:11:
                    8b:9c:f7:6f:0d:44:7c:a8:4e:55:a9:86:a3:28:63:
                    f5:37:d6:4a:6c:ba:17:13:9b:9f:8a:2f:3e:5f:ce:
                    89:88:63:23:16:ca:12:14:1a:b2:65:7b:92:27:c0:
                    04:8f:46:e4:ac:f2:ac:f4:10:92:7d:b7:82:40:ef:
                    de:97:05:b0:36:e0:b9:18:94:62:31:67:ae:e7:9c:
                    b4:d9:64:c7:cb:72:d3:ad:ff:ab:8f:a7:79:1e:ad:
                    97:42:22:18:11:f0:b9:bb:c3:a8:9c:b1:e8:fc:78:
                    f2:1d:ea:da:7d:1c:47:de:a3:4c:06:2a:19:5a:23:
                    d2:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:86:6A:29:B5:51:FD:1C:8B:14:82:DE:BF:44:37:F7:C4:27:56:EB
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/doZqKbVR_RyLFILev0Q398QnVus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.242.0-81.31.247.255
                  81.31.252.0/22
                  185.84.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:6b:53:1c:52:c8:12:16:18:47:de:50:1c:15:76:fc:95:57:
         bf:6f:e5:92:74:58:81:a6:2c:09:fe:77:90:d6:22:b9:2c:3e:
         62:91:c9:a9:4e:9c:b7:6b:6b:f6:39:75:bd:67:ca:7f:10:36:
         e8:de:5d:d2:b6:04:56:7d:83:f4:89:e0:e5:1f:76:c1:62:33:
         2e:87:4e:80:77:36:dc:1e:e9:0c:d3:59:36:03:65:aa:7d:1e:
         76:a6:88:78:9a:15:9b:e3:bd:8f:b8:4c:d4:b4:de:76:69:db:
         44:69:3f:be:fd:fa:11:57:12:5e:0b:ae:2f:0b:00:87:e0:5e:
         ff:76:ac:32:98:a3:c7:56:e7:24:c3:bb:0d:2c:f9:2b:a2:ce:
         17:10:6d:22:26:07:b8:85:e3:93:92:4e:4c:04:71:10:ca:e9:
         05:1e:53:ac:e1:d0:3a:53:15:c9:a8:cd:3c:5b:63:8a:98:0d:
         d2:5e:17:9a:69:d1:ca:00:9f:5a:6b:23:77:fc:61:3b:ec:c4:
         d8:cf:93:aa:69:82:fa:0d:f1:41:8a:7a:fc:c8:1e:07:27:06:
         be:e2:e3:d9:c6:02:b9:78:da:5e:51:6b:62:28:73:3c:0a:92:
         8f:0f:8b:1b:fd:95:08:a1:9b:70:08:81:0c:49:36:11:d0:76:
         e2:87:d9:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIENZlvsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU2YmNkNDI2ZmQ4N2NkNmY0MTQ3ZTEzMzIxNmQwMzExMmIxODFiMB4XDTIyMDYx
NzA5Mzc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY4NjZhMjliNTUx
ZmQxYzhiMTQ4MmRlYmY0NDM3ZjdjNDI3NTZlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyQz23dvAtTHjG8fUvMaEf15FUEzoObUcvGLZWa5CKOKh5y
rzAD54Z1xrtoa6/dG1o6qQfg2u33MMq+7R55n1e707iOSw4IPTejDBCQg+ltsNsh
ppGUzvW+p82T/o5vgM0sAQl+SXv7SYkGZqRrfFRg00Jv0Z+5c6jhfjyZrReGNlQ3
nLARi5z3bw1EfKhOVamGoyhj9TfWSmy6FxObn4ovPl/OiYhjIxbKEhQasmV7kifA
BI9G5KzyrPQQkn23gkDv3pcFsDbguRiUYjFnruectNlkx8ty063/q4+neR6tl0Ii
GBHwubvDqJyx6Px48h3q2n0cR96jTAYqGVoj0ssCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR2hmoptVH9HIsUgt6/RDf3xCdW6zAfBgNVHSMEGDAWgBQQVrzUJv2HzW9B
R+EzIW0DESsYGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGYTgxQ2I5aDgxdlFVZmhNeUZ0QXhFckdCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8x
L2RvWnFLYlZSX1J5TEZJTGV2MFEzOThRblZ1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8xL0VGYTgxQ2I5aDgx
dlFVZmhNeUZ0QXhFckdCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQBUR/yAwQDUR/wAwQCUR/8AwQC
uVSgMA0GCSqGSIb3DQEBCwUAA4IBAQAxa1McUsgSFhhH3lAcFXb8lVe/b+WSdFiB
piwJ/neQ1iK5LD5ikcmpTpy3a2v2OXW9Z8p/EDbo3l3StgRWfYP0ieDlH3bBYjMu
h06AdzbcHukM01k2A2WqfR52poh4mhWb472PuEzUtN52adtEaT++/foRVxJeC64v
CwCH4F7/dqwymKPHVuckw7sNLPkros4XEG0iJge4heOTkk5MBHEQyukFHlOs4dA6
UxXJqM08W2OKmA3SXheaadHKAJ9aayN3/GE77MTYz5OqaYL6DfFBinr8yB4HJwa+
4uPZxgK5eNpeUWtiKHM8CpKPD4sb/ZUIoZtwCIEMSTYR0Hbih9l0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org