Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o0CuXsxCKIt2t0gW0QiQkn4NoNI.roa
File:                     o0CuXsxCKIt2t0gW0QiQkn4NoNI.roa (raw, json)
Hash identifier:          QqIfdKKX2J4to02mLYHShRpnyGCboeDVjJj0Jk/bJSw=
Subject key identifier:   A3:40:AE:5E:CC:42:28:8B:76:B7:48:16:D1:08:90:92:7E:0D:A0:D2
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       35C39DE0
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o0CuXsxCKIt2t0gW0QiQkn4NoNI.roa
Signing time:             Mon 04 Jul 2022 20:31:25 +0000
ROA not before:           Mon 04 Jul 2022 20:31:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137443
IP address blocks:        185.84.162.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 902012384 (0x35c39de0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jul  4 20:31:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a340ae5ecc42288b76b74816d10890927e0da0d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9e:ee:27:90:6a:f8:38:e4:76:21:1e:49:62:
                    57:20:b8:28:25:ec:a4:b0:5f:a1:d2:be:1a:ed:e0:
                    26:b6:ed:c4:5b:98:a5:28:82:30:9b:af:cb:3e:1f:
                    55:8d:21:3d:97:3d:12:6d:ca:38:32:e6:83:bb:e4:
                    bf:54:86:2e:23:e0:d1:2e:63:0d:9c:c4:6c:5e:3d:
                    6c:de:bf:f6:89:88:93:54:4e:23:cb:9a:f2:0b:ca:
                    9d:2e:0b:b6:9d:3f:c9:3c:0d:d6:30:75:db:ea:d4:
                    b8:16:7d:1b:35:a5:d6:3e:a2:ae:7f:78:98:ce:bf:
                    12:1b:0f:94:c2:49:fc:90:62:07:ee:d8:48:41:6f:
                    13:f6:ee:1a:df:ab:27:8c:29:f5:6a:68:e2:b9:87:
                    49:5a:1a:dc:27:16:95:d4:fb:24:ea:9e:d0:ef:92:
                    91:63:83:f8:b7:c1:c2:8f:fb:ea:34:32:08:d4:4c:
                    6d:aa:32:40:50:90:6f:ec:78:a8:a0:47:40:73:f1:
                    57:fa:ed:ae:a2:b6:e0:72:d2:65:e6:3c:15:2f:eb:
                    25:45:6b:99:f5:a6:4d:e8:94:70:ed:10:03:8f:42:
                    0b:8c:05:b3:f1:2c:de:b4:c3:93:0b:02:f2:2e:7f:
                    ab:91:43:dd:89:7f:3a:19:34:7f:82:1d:53:08:39:
                    a1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:40:AE:5E:CC:42:28:8B:76:B7:48:16:D1:08:90:92:7E:0D:A0:D2
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/o0CuXsxCKIt2t0gW0QiQkn4NoNI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e3:0f:83:91:b3:96:9c:30:9d:4f:35:d3:95:ec:af:7a:d3:b0:
         2d:a1:80:0a:1c:4a:96:2f:a5:14:29:f5:56:d8:ac:f5:93:52:
         a6:63:c5:8b:2f:7b:f9:54:85:de:67:81:6f:7b:76:d3:63:3e:
         52:f8:25:38:62:0b:19:5a:3d:5e:50:48:85:1f:73:82:75:64:
         98:b2:bc:5f:86:5d:a2:06:05:c2:64:45:0a:30:75:69:c9:5f:
         4d:bf:5b:ae:64:00:2f:24:48:61:5e:85:de:2a:2d:79:6f:78:
         98:ec:d3:d0:1f:4d:c7:22:37:1e:d7:ca:8c:a6:d7:2e:7a:95:
         ef:aa:f4:5a:50:4b:a1:22:4e:52:b8:e5:91:1c:24:33:d3:52:
         cd:c9:d0:12:dd:85:ba:8a:a0:62:f2:20:60:7e:96:11:b9:f7:
         07:31:1e:95:8a:ae:7f:eb:30:cd:d7:16:6e:99:73:98:64:ff:
         3e:62:10:7d:57:fb:a8:ca:46:8e:a7:ab:2e:79:2c:3b:ed:a6:
         39:13:7e:87:8a:16:87:79:fc:2c:49:43:cc:48:8f:42:63:0d:
         90:c4:ad:92:96:5f:c5:3f:48:ac:bf:01:a4:60:32:81:80:5f:
         4e:af:24:98:fe:1d:94:3b:20:d6:f5:47:3b:4a:57:bb:5f:4f:
         22:1f:b7:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENcOd4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU2YmNkNDI2ZmQ4N2NkNmY0MTQ3ZTEzMzIxNmQwMzExMmIxODFiMB4XDTIyMDcw
NDIwMzEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM0MGFlNWVjYzQy
Mjg4Yjc2Yjc0ODE2ZDEwODkwOTI3ZTBkYTBkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2e7ieQavg45HYhHkliVyC4KCXspLBfodK+Gu3gJrbtxFuY
pSiCMJuvyz4fVY0hPZc9Em3KODLmg7vkv1SGLiPg0S5jDZzEbF49bN6/9omIk1RO
I8ua8gvKnS4Ltp0/yTwN1jB12+rUuBZ9GzWl1j6irn94mM6/EhsPlMJJ/JBiB+7Y
SEFvE/buGt+rJ4wp9Wpo4rmHSVoa3CcWldT7JOqe0O+SkWOD+LfBwo/76jQyCNRM
baoyQFCQb+x4qKBHQHPxV/rtrqK24HLSZeY8FS/rJUVrmfWmTeiUcO0QA49CC4wF
s/Es3rTDkwsC8i5/q5FD3Yl/Ohk0f4IdUwg5oSMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjQK5ezEIoi3a3SBbRCJCSfg2g0jAfBgNVHSMEGDAWgBQQVrzUJv2HzW9B
R+EzIW0DESsYGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGYTgxQ2I5aDgxdlFVZmhNeUZ0QXhFckdCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8x
L28wQ3VYc3hDS0l0MnQwZ1cwUWlRa240Tm9OSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8xL0VGYTgxQ2I5aDgx
dlFVZmhNeUZ0QXhFckdCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblUojANBgkqhkiG9w0BAQsFAAOC
AQEA4w+DkbOWnDCdTzXTleyvetOwLaGAChxKli+lFCn1Vtis9ZNSpmPFiy97+VSF
3meBb3t202M+UvglOGILGVo9XlBIhR9zgnVkmLK8X4ZdogYFwmRFCjB1aclfTb9b
rmQALyRIYV6F3ioteW94mOzT0B9NxyI3HtfKjKbXLnqV76r0WlBLoSJOUrjlkRwk
M9NSzcnQEt2FuoqgYvIgYH6WEbn3BzEelYquf+swzdcWbplzmGT/PmIQfVf7qMpG
jqerLnksO+2mORN+h4oWh3n8LElDzEiPQmMNkMStkpZfxT9IrL8BpGAygYBfTq8k
mP4dlDsg1vVHO0pXu19PIh+3IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org