Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/lZOYPwnEfLsOBNk7TzUHvi-y_dY.roa
File:                     lZOYPwnEfLsOBNk7TzUHvi-y_dY.roa (raw, json)
Hash identifier:          glcPcBVkbliKvAVtXz30rRPKOzxFdkBEgkG1eyd0K3c=
Subject key identifier:   95:93:98:3F:09:C4:7C:BB:0E:04:D9:3B:4F:35:07:BE:2F:B2:FD:D6
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0183A7E25C78672AF8BC568EC36C0A4FFFDE
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/lZOYPwnEfLsOBNk7TzUHvi-y_dY.roa
Signing time:             Wed 05 Oct 2022 11:22:53 +0000
ROA not before:           Wed 05 Oct 2022 11:22:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        81.31.231.0/24 maxlen: 24
                          81.31.232.0/24 maxlen: 24
                          81.31.244.0/22 maxlen: 24
                          81.31.242.0/23 maxlen: 24
                          81.31.252.0/22 maxlen: 24
                          185.84.162.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a7:e2:5c:78:67:2a:f8:bc:56:8e:c3:6c:0a:4f:ff:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Oct  5 11:22:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9593983f09c47cbb0e04d93b4f3507be2fb2fdd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e5:0a:9d:6b:b3:cf:78:04:6e:e4:b7:7a:b8:
                    35:ec:55:7e:e8:95:92:1f:ae:32:db:03:3b:a6:73:
                    8d:85:e6:25:be:65:9c:89:b7:e7:28:74:17:78:88:
                    ed:28:71:c3:d8:30:df:16:5c:13:ca:49:5c:19:41:
                    55:3f:a0:7c:47:74:f0:f1:2a:98:74:d9:d7:c8:4d:
                    2a:4a:9b:d2:b6:42:fb:c5:79:53:9d:fb:93:fe:20:
                    cd:8c:4c:fb:c3:43:e7:9b:fc:49:a5:f3:c6:70:1a:
                    15:c4:d3:f0:df:17:bf:3a:f0:ee:b3:9e:c6:bd:63:
                    e8:ee:a0:b0:a9:e7:53:68:64:bd:e2:91:60:cf:96:
                    29:34:cf:f5:ee:97:c3:c6:a5:70:07:9c:79:8e:01:
                    aa:1b:a6:bf:1c:fd:68:71:01:f8:6b:4b:25:f1:7c:
                    22:84:6d:a3:eb:5a:f0:19:36:07:b5:1a:59:45:1e:
                    73:ce:09:91:88:a2:7e:f9:85:a2:12:75:2d:f6:a7:
                    3d:87:a0:e9:4d:8a:0e:ba:ef:bc:33:a2:c7:49:4a:
                    25:80:d0:6c:56:6a:71:5a:43:4d:ff:17:fb:d8:60:
                    f5:20:09:7a:54:9b:8d:d3:ce:f4:e0:3c:2e:86:9f:
                    42:69:07:41:4d:a4:92:f8:dd:10:b6:cc:92:84:c9:
                    51:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:93:98:3F:09:C4:7C:BB:0E:04:D9:3B:4F:35:07:BE:2F:B2:FD:D6
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/lZOYPwnEfLsOBNk7TzUHvi-y_dY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.231.0-81.31.232.255
                  81.31.242.0-81.31.247.255
                  81.31.252.0/22
                  185.84.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:00:9c:cb:79:cb:bf:71:8d:de:6d:2b:0f:7c:0e:39:16:b6:
         09:29:3e:21:27:00:72:5e:4f:f3:d9:a0:5d:9d:44:85:17:f9:
         63:72:7a:c2:4b:9f:c6:ae:38:ae:31:77:62:76:b5:a2:49:ef:
         9c:20:93:ea:b8:1a:e5:49:c1:0e:90:99:06:85:98:df:b2:82:
         1b:4a:b0:12:8d:5b:b6:0f:7e:e3:f8:f6:c6:67:ec:46:ab:4d:
         89:d0:e8:92:c9:d2:14:b0:c8:de:e7:56:c5:44:87:b1:cc:c2:
         20:13:b6:b4:fe:5f:85:18:a0:46:b0:cc:30:e8:e5:0e:b3:dd:
         d8:a3:a6:26:40:e6:04:d3:74:ba:1e:ff:5a:51:76:8d:4a:b3:
         fc:fc:e6:40:64:c0:81:a0:ea:55:e3:95:08:8f:23:eb:be:8e:
         ed:f4:5e:95:28:36:c0:10:ea:7c:f5:31:d0:9b:20:ad:d9:d9:
         c6:79:e9:79:cd:ad:91:04:ec:9a:eb:7c:af:02:a8:e0:52:98:
         19:7e:03:9b:09:65:c6:ff:71:7d:1a:e4:11:dc:33:5e:97:37:
         8c:66:3c:ad:3b:cd:ff:30:29:23:27:74:58:66:75:a1:ce:a4:
         20:f3:17:93:5c:af:a4:71:54:e9:5c:03:d8:2b:8e:2c:31:17:
         eb:c1:20:34
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYOn4lx4Zyr4vFaOw2wKT//eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMDA1MTEyMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkzOTgzZjA5YzQ3Y2JiMGUwNGQ5M2I0ZjM1MDdiZTJmYjJmZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OUKnWuzz3gEbuS3erg17FV+6JWS
H64y2wM7pnONheYlvmWcibfnKHQXeIjtKHHD2DDfFlwTyklcGUFVP6B8R3Tw8SqY
dNnXyE0qSpvStkL7xXlTnfuT/iDNjEz7w0Pnm/xJpfPGcBoVxNPw3xe/OvDus57G
vWPo7qCwqedTaGS94pFgz5YpNM/17pfDxqVwB5x5jgGqG6a/HP1ocQH4a0sl8Xwi
hG2j61rwGTYHtRpZRR5zzgmRiKJ++YWiEnUt9qc9h6DpTYoOuu+8M6LHSUolgNBs
VmpxWkNN/xf72GD1IAl6VJuN08704Dwuhp9CaQdBTaSS+N0QtsyShMlR9QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJWTmD8JxHy7DgTZO081B74vsv3WMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvbFpPWVB3bkVmTHNPQk5rN1R6VUh2aS15X2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABRH+cD
BABRH+gwDAMEAVEf8gMEA1Ef8AMEAlEf/AMEAblUojANBgkqhkiG9w0BAQsFAAOC
AQEALQCcy3nLv3GN3m0rD3wOORa2CSk+IScAcl5P89mgXZ1EhRf5Y3J6wkufxq44
rjF3Yna1oknvnCCT6rga5UnBDpCZBoWY37KCG0qwEo1btg9+4/j2xmfsRqtNidDo
ksnSFLDI3udWxUSHsczCIBO2tP5fhRigRrDMMOjlDrPd2KOmJkDmBNN0uh7/WlF2
jUqz/PzmQGTAgaDqVeOVCI8j676O7fRelSg2wBDqfPUx0JsgrdnZxnnpec2tkQTs
mut8rwKo4FKYGX4Dmwllxv9xfRrkEdwzXpc3jGY8rTvN/zApIyd0WGZ1oc6kIPMX
k1yvpHFU6VwD2CuOLDEX68EgNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org