Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0ZDt3UZVw_NeEfwqLwP_u-fv6MM.roa
File:                     0ZDt3UZVw_NeEfwqLwP_u-fv6MM.roa (raw, json)
Hash identifier:          T4Kc8t5UJ/c4u9TykYiQnGhHaFdxrJWweEwYUeRGFEg=
Subject key identifier:   D1:90:ED:DD:46:55:C3:F3:5E:11:FC:2A:2F:03:FF:BB:E7:EF:E8:C3
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       389DB7B5
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0ZDt3UZVw_NeEfwqLwP_u-fv6MM.roa
Signing time:             Tue 17 May 2022 05:21:32 +0000
ROA not before:           Tue 17 May 2022 05:21:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41782
IP address blocks:        85.196.169.0/24 maxlen: 24
                          85.196.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949860277 (0x389db7b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:21:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d190eddd4655c3f35e11fc2a2f03ffbbe7efe8c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:75:5e:1a:30:52:b8:37:a8:bd:38:71:7b:a3:
                    7a:07:6f:fb:ea:87:c7:bb:cc:93:35:31:59:d8:a1:
                    e3:fa:da:d5:70:39:88:0a:21:3a:41:f9:b6:c2:fe:
                    31:18:03:04:dc:f2:e4:50:3c:5d:0c:94:f8:05:e9:
                    25:3b:15:d0:74:93:35:43:af:09:a9:d8:c8:f2:9d:
                    66:3e:34:cc:2f:5a:1a:6a:b7:95:ad:f2:6e:ca:cd:
                    e6:28:04:f1:f2:de:10:fd:cb:a7:1d:5f:be:37:3d:
                    f6:95:2e:01:a6:0e:81:07:42:b6:33:6e:96:03:e5:
                    38:3d:a2:98:c6:9d:d7:49:66:99:e0:ac:04:7c:83:
                    24:b8:8c:67:65:10:05:e0:cf:d4:bd:ca:02:6a:bc:
                    62:ed:f9:b0:99:0e:66:73:32:32:49:cf:35:c7:13:
                    a8:04:0f:ca:67:b2:65:5e:7b:36:22:36:e2:33:0a:
                    12:bc:98:3d:5c:9a:94:57:c0:57:11:2c:f3:35:1d:
                    a9:c0:ab:ba:75:c6:f5:c7:3f:6b:9c:c2:2b:4c:64:
                    ca:65:cc:c8:9e:62:f4:fd:87:60:ff:6b:bf:af:fd:
                    98:cc:b7:1a:91:ff:6a:68:75:af:b8:54:1b:54:79:
                    4b:2d:b1:90:27:5b:c4:cf:35:a4:bd:6d:a3:22:96:
                    13:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:90:ED:DD:46:55:C3:F3:5E:11:FC:2A:2F:03:FF:BB:E7:EF:E8:C3
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0ZDt3UZVw_NeEfwqLwP_u-fv6MM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.196.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:4e:5d:0d:27:52:08:6a:9f:e3:d1:e8:78:96:53:51:9d:93:
         22:6c:31:ef:4f:56:46:f0:15:a0:2e:1e:28:53:06:14:46:f3:
         4e:d0:e6:2e:03:4e:c7:4f:00:e3:95:76:be:dd:01:78:cc:49:
         62:e1:29:9c:b5:2c:01:26:f8:1e:92:cd:b5:ec:82:3a:92:78:
         c6:57:b1:a1:4f:83:0a:12:8f:17:7e:26:7b:50:52:e2:51:5c:
         f7:b3:9f:46:92:f8:85:57:30:2d:f3:e0:41:a3:a9:b9:73:0e:
         11:2a:f4:1a:37:67:b5:8e:c6:bf:d7:6a:a6:08:bd:fd:15:34:
         41:3b:d2:05:47:fd:82:09:21:d2:08:1d:44:85:67:5b:a0:8c:
         d4:e5:97:c0:fe:14:5a:22:c4:76:83:f6:fe:33:1d:ee:36:25:
         69:32:12:b1:8e:8b:98:5d:6d:f9:29:43:e9:9d:dc:c9:ac:52:
         b1:eb:d0:6e:8e:09:9f:e6:70:21:97:5e:1b:50:3b:47:bd:50:
         b4:09:19:fa:b9:23:c3:7a:0c:f6:70:24:a7:c2:6f:d5:66:2f:
         b2:33:bf:0b:7e:86:62:b8:63:a6:03:6c:ec:02:27:6f:bd:81:
         57:06:b6:ec:24:b8:d9:01:d1:b6:bc:47:89:48:49:24:85:ac:
         79:0f:87:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJ23tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MjEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE5MGVkZGQ0NjU1
YzNmMzVlMTFmYzJhMmYwM2ZmYmJlN2VmZThjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR1XhowUrg3qL04cXujegdv++qHx7vMkzUxWdih4/ra1XA5
iAohOkH5tsL+MRgDBNzy5FA8XQyU+AXpJTsV0HSTNUOvCanYyPKdZj40zC9aGmq3
la3ybsrN5igE8fLeEP3Lpx1fvjc99pUuAaYOgQdCtjNulgPlOD2imMad10lmmeCs
BHyDJLiMZ2UQBeDP1L3KAmq8Yu35sJkOZnMyMknPNccTqAQPymeyZV57NiI24jMK
EryYPVyalFfAVxEs8zUdqcCrunXG9cc/a5zCK0xkymXMyJ5i9P2HYP9rv6/9mMy3
GpH/amh1r7hUG1R5Sy2xkCdbxM81pL1toyKWE9sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRkO3dRlXD814R/CovA/+75+/owzAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
LzBaRHQzVVpWd19OZUVmd3FMd1BfdS1mdjZNTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVXEqDANBgkqhkiG9w0BAQsFAAOC
AQEAHE5dDSdSCGqf49HoeJZTUZ2TImwx709WRvAVoC4eKFMGFEbzTtDmLgNOx08A
45V2vt0BeMxJYuEpnLUsASb4HpLNteyCOpJ4xlexoU+DChKPF34me1BS4lFc97Of
RpL4hVcwLfPgQaOpuXMOESr0GjdntY7Gv9dqpgi9/RU0QTvSBUf9ggkh0ggdRIVn
W6CM1OWXwP4UWiLEdoP2/jMd7jYlaTISsY6LmF1t+SlD6Z3cyaxSsevQbo4Jn+Zw
IZdeG1A7R71QtAkZ+rkjw3oM9nAkp8Jv1WYvsjO/C36GYrhjpgNs7AInb72BVwa2
7CS42QHRtrxHiUhJJIWseQ+HpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:51 2024 by rpki-client on console-ams.rpki-client.org