Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/DTMMRradmtBfpAibXA6adFG6KAs.roa
File:                     DTMMRradmtBfpAibXA6adFG6KAs.roa (raw, json)
Hash identifier:          gKZ5+9VbFgq7O27nQxuzGz4yXVwsvkWK4WeYQhgoIhw=
Subject key identifier:   0D:33:0C:46:B6:9D:9A:D0:5F:A4:08:9B:5C:0E:9A:74:51:BA:28:0B
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       09E5475C
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/DTMMRradmtBfpAibXA6adFG6KAs.roa
Signing time:             Fri 22 Apr 2022 12:25:25 +0000
ROA not before:           Fri 22 Apr 2022 12:25:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.73.128.0/22 maxlen: 24
                          185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 166020956 (0x9e5475c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Apr 22 12:25:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d330c46b69d9ad05fa4089b5c0e9a7451ba280b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f7:d6:6b:00:4a:27:b2:bf:d5:60:92:2f:53:
                    2d:c8:2a:89:b6:80:ce:ee:0c:6d:a7:50:20:1a:ec:
                    65:8c:4b:cf:0d:5f:e3:98:80:a0:ee:e0:ba:f9:0b:
                    f0:fb:0e:6c:55:ee:57:48:ee:95:8c:6e:c4:f1:b8:
                    4d:ba:f7:21:32:a8:c9:4b:6b:59:0e:90:27:04:31:
                    ec:43:d2:a4:82:32:97:ff:39:90:37:95:b5:0e:b2:
                    3e:86:fe:3b:3d:a1:4c:6d:75:0d:ad:05:9e:67:6d:
                    6a:c0:4f:6c:3f:40:e8:2e:c7:0a:31:db:94:b8:71:
                    28:cc:c6:93:31:ab:57:88:31:74:0c:27:c2:91:18:
                    b4:71:83:65:aa:14:bf:a5:06:ff:de:3e:bb:78:43:
                    dc:7a:38:8c:7f:84:7a:6f:5a:14:64:34:cb:68:e8:
                    0a:57:c9:08:af:22:5b:ff:5b:51:4e:3d:42:ff:78:
                    d8:5a:4d:58:61:91:d1:37:49:c8:64:84:78:2c:b2:
                    5c:f9:e5:04:86:55:79:b2:79:e2:64:b2:fb:b1:14:
                    aa:8b:03:d7:aa:84:26:a3:5d:c9:5c:2c:35:db:6a:
                    cf:92:ef:16:3b:bb:12:fb:60:e8:a0:f5:16:3c:b7:
                    b9:c7:b5:01:07:9f:3e:82:f2:f7:83:51:8b:4a:7f:
                    3f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:33:0C:46:B6:9D:9A:D0:5F:A4:08:9B:5C:0E:9A:74:51:BA:28:0B
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/DTMMRradmtBfpAibXA6adFG6KAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.128.0/22
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:bf:70:bb:f1:a0:d0:cf:2a:87:ef:55:6e:34:f0:ff:b6:ac:
         8f:7d:d7:c1:cd:f0:35:84:2e:48:e4:e4:d3:6d:f3:36:08:25:
         78:7c:de:da:ed:10:e9:42:03:31:d0:51:18:27:e7:c2:b6:c1:
         0b:69:73:31:2c:d1:9f:fd:b9:13:89:fd:ac:30:56:af:bc:7e:
         87:53:2a:37:17:d3:cf:7c:bb:cf:e5:cf:e9:e2:84:2a:f1:63:
         05:79:02:92:0f:0c:b8:3f:cd:76:02:e8:7e:65:5a:cd:56:42:
         88:d1:47:1e:32:10:7c:4a:40:78:02:3b:c2:f5:62:64:21:a2:
         b3:3e:1d:22:11:8d:5e:bf:0c:a5:0e:35:9b:41:b3:8e:5d:69:
         8c:00:f9:24:ab:0e:fe:a5:ec:87:5d:c2:d7:1e:8f:e3:e0:2b:
         18:d6:70:ca:1e:10:4c:ca:10:f0:79:45:94:1a:df:5f:83:21:
         8d:24:3d:03:7e:09:fb:82:48:40:0e:f7:e4:14:6f:1f:2d:ea:
         e7:1e:b1:ff:75:78:2a:74:0e:5c:b5:2a:ee:09:59:72:e6:5b:
         18:c4:c3:ba:a3:02:1e:f1:c7:52:0c:cf:17:81:88:ff:e0:13:
         b3:c6:c2:2d:c4:b4:02:5d:c7:be:1c:59:c1:00:77:09:27:a1:
         c3:a2:19:c6
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECeVHXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDQy
MjEyMjUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQzMzBjNDZiNjlk
OWFkMDVmYTQwODliNWMwZTlhNzQ1MWJhMjgwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL331msASieyv9Vgki9TLcgqibaAzu4MbadQIBrsZYxLzw1f
45iAoO7guvkL8PsObFXuV0julYxuxPG4Tbr3ITKoyUtrWQ6QJwQx7EPSpIIyl/85
kDeVtQ6yPob+Oz2hTG11Da0FnmdtasBPbD9A6C7HCjHblLhxKMzGkzGrV4gxdAwn
wpEYtHGDZaoUv6UG/94+u3hD3Ho4jH+Eem9aFGQ0y2joClfJCK8iW/9bUU49Qv94
2FpNWGGR0TdJyGSEeCyyXPnlBIZVebJ54mSy+7EUqosD16qEJqNdyVwsNdtqz5Lv
Fju7Evtg6KD1Fjy3uce1AQefPoLy94NRi0p/PykCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQNMwxGtp2a0F+kCJtcDpp0UbooCzAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
L0RUTU1ScmFkbXRCZnBBaWJYQTZhZEZHNktBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEArlJgAMEALmJ1zAPBAIAAjAJAwcA
KgOloAABMA0GCSqGSIb3DQEBCwUAA4IBAQBYv3C78aDQzyqH71VuNPD/tqyPfdfB
zfA1hC5I5OTTbfM2CCV4fN7a7RDpQgMx0FEYJ+fCtsELaXMxLNGf/bkTif2sMFav
vH6HUyo3F9PPfLvP5c/p4oQq8WMFeQKSDwy4P812Auh+ZVrNVkKI0UceMhB8SkB4
AjvC9WJkIaKzPh0iEY1evwylDjWbQbOOXWmMAPkkqw7+peyHXcLXHo/j4CsY1nDK
HhBMyhDweUWUGt9fgyGNJD0Dfgn7gkhADvfkFG8fLernHrH/dXgqdA5ctSruCVly
5lsYxMO6owIe8cdSDM8XgYj/4BOzxsItxLQCXce+HFnBAHcJJ6HDohnG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org