Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/5835be-69e0-469b-bcba-00d14a203eb1/1/oBx9cO2s61RqitlJqew53kqIo4s.roa
File:                     oBx9cO2s61RqitlJqew53kqIo4s.roa (raw, json)
Hash identifier:          VZN+M6GNbdbuyBjb90LHhfe76G9/YiqC+MpL+fe1f70=
Subject key identifier:   A0:1C:7D:70:ED:AC:EB:54:6A:8A:D9:49:A9:EC:39:DE:4A:88:A3:8B
Certificate issuer:       /CN=0b6efda3edcb2f745cccabb45e20b79e79a9fc98
Certificate serial:       13040356
Authority key identifier: 0B:6E:FD:A3:ED:CB:2F:74:5C:CC:AB:B4:5E:20:B7:9E:79:A9:FC:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C279o-3LL3RczKu0XiC3nnmp_Jg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/5835be-69e0-469b-bcba-00d14a203eb1/1/oBx9cO2s61RqitlJqew53kqIo4s.roa
Signing time:             Sat 01 Jan 2022 16:11:05 +0000
ROA not before:           Sat 01 Jan 2022 16:11:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1754
IP address blocks:        141.34.0.0/16 maxlen: 16
                          192.76.172.0/24 maxlen: 24
                          131.169.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 319030102 (0x13040356)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b6efda3edcb2f745cccabb45e20b79e79a9fc98
        Validity
            Not Before: Jan  1 16:11:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a01c7d70edaceb546a8ad949a9ec39de4a88a38b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:2c:fb:12:23:c5:4d:70:92:7a:ca:cb:0b:ce:
                    1d:18:4f:71:df:32:58:04:79:74:8e:84:1f:f4:c3:
                    be:d9:9a:53:db:5a:ff:b7:74:f5:28:b7:83:d1:47:
                    47:a2:24:12:15:4f:5d:f6:24:76:cb:dd:cc:42:ce:
                    93:5f:03:f9:fa:c8:66:a0:7a:c8:50:be:97:45:fb:
                    77:ad:37:c4:ad:c9:be:e9:85:7b:f6:4f:44:5a:dd:
                    dc:39:7d:5f:c2:13:68:d7:89:55:bd:37:74:a6:ff:
                    93:f6:53:a2:d3:18:d5:f6:7d:d1:15:6a:81:0f:fc:
                    26:6f:4e:44:76:2d:ad:06:28:90:ac:40:ec:c5:a9:
                    23:ce:f1:d5:04:6c:01:1a:ab:0a:af:63:fe:c8:d9:
                    13:0c:ee:25:be:8c:6d:c8:d2:2b:35:40:1c:5e:3b:
                    e3:54:46:2f:a5:cc:89:cc:82:19:de:f4:8d:f2:80:
                    e0:35:0b:8b:69:da:46:71:20:fc:30:14:39:ae:dc:
                    4c:c8:0c:59:4e:c4:a0:51:69:43:00:4b:76:9a:99:
                    01:24:f1:63:1e:6a:dd:7f:9f:00:80:23:5f:ef:ce:
                    72:e5:db:d2:15:8f:fd:43:55:68:ee:71:f8:2c:8f:
                    81:b4:38:b8:f0:ac:00:4c:f4:cd:20:fe:42:bf:88:
                    e7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1C:7D:70:ED:AC:EB:54:6A:8A:D9:49:A9:EC:39:DE:4A:88:A3:8B
            X509v3 Authority Key Identifier:
                keyid:0B:6E:FD:A3:ED:CB:2F:74:5C:CC:AB:B4:5E:20:B7:9E:79:A9:FC:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C279o-3LL3RczKu0XiC3nnmp_Jg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/5835be-69e0-469b-bcba-00d14a203eb1/1/oBx9cO2s61RqitlJqew53kqIo4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/5835be-69e0-469b-bcba-00d14a203eb1/1/C279o-3LL3RczKu0XiC3nnmp_Jg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.169.0.0/16
                  141.34.0.0/16
                  192.76.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:f9:a3:80:2e:fd:44:99:9e:71:f0:e0:ef:8f:64:c1:79:43:
         ae:4d:be:4c:a6:28:b6:f5:63:1a:ad:47:2a:b3:19:54:df:bb:
         f9:3f:98:e9:b9:9e:e9:d5:e0:88:74:3a:73:b6:da:96:d0:28:
         b9:c3:4b:0b:d3:3a:ea:f3:77:7f:b3:a6:45:44:cb:13:75:d7:
         c1:6f:a6:0d:b6:20:8a:7e:5d:bc:65:dd:20:93:74:cf:68:dc:
         12:d2:7a:da:11:49:69:9a:f5:e1:e6:41:88:58:a9:58:93:2e:
         50:8d:23:85:9a:16:bb:90:77:e8:84:18:d3:8b:65:9d:27:61:
         e7:fe:9e:fd:7b:54:85:62:4a:c9:95:f2:d5:f2:d6:d4:94:2f:
         9d:ab:02:66:91:fe:e9:1e:7a:d2:b7:f7:4c:de:cd:cd:7f:46:
         c5:52:fa:19:3a:35:c9:ac:d1:e4:9d:d4:80:84:c1:d9:04:57:
         0d:e2:90:62:da:bd:68:e5:9c:cb:bd:12:f3:b2:87:c5:c6:49:
         13:49:69:2f:f6:07:8c:77:41:e2:71:0d:d8:d8:36:7d:46:8c:
         48:ed:30:57:01:d4:5b:99:cb:4b:67:11:67:e7:49:3f:2e:e6:
         96:25:3a:27:92:5b:aa:f5:1e:94:98:ce:1b:c1:b6:b5:cb:ea:
         c6:22:80:52
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEEwQDVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjZlZmRhM2VkY2IyZjc0NWNjY2FiYjQ1ZTIwYjc5ZTc5YTlmYzk4MB4XDTIyMDEw
MTE2MTEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAxYzdkNzBlZGFj
ZWI1NDZhOGFkOTQ5YTllYzM5ZGU0YTg4YTM4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgs+xIjxU1wknrKywvOHRhPcd8yWAR5dI6EH/TDvtmaU9ta
/7d09Si3g9FHR6IkEhVPXfYkdsvdzELOk18D+frIZqB6yFC+l0X7d603xK3JvumF
e/ZPRFrd3Dl9X8ITaNeJVb03dKb/k/ZTotMY1fZ90RVqgQ/8Jm9ORHYtrQYokKxA
7MWpI87x1QRsARqrCq9j/sjZEwzuJb6MbcjSKzVAHF4741RGL6XMicyCGd70jfKA
4DULi2naRnEg/DAUOa7cTMgMWU7EoFFpQwBLdpqZASTxYx5q3X+fAIAjX+/OcuXb
0hWP/UNVaO5x+CyPgbQ4uPCsAEz0zSD+Qr+I5zkCAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBSgHH1w7azrVGqK2Ump7DneSoijizAfBgNVHSMEGDAWgBQLbv2j7csvdFzM
q7ReILeeean8mDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MyNzlvLTNMTDNSY3pLdTBYaUMzbm5tcF9KZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvNTgzNWJlLTY5ZTAtNDY5Yi1iY2JhLTAwZDE0YTIwM2ViMS8x
L29CeDljTzJzNjFScWl0bEpxZXc1M2txSW80cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
NTgzNWJlLTY5ZTAtNDY5Yi1iY2JhLTAwZDE0YTIwM2ViMS8xL0MyNzlvLTNMTDNS
Y3pLdTBYaUMzbm5tcF9KZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAp
BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEAMDAIOpAwMAjSIDBADATKwwDQYJKoZI
hvcNAQELBQADggEBAFr5o4Au/USZnnHw4O+PZMF5Q65NvkymKLb1YxqtRyqzGVTf
u/k/mOm5nunV4Ih0OnO22pbQKLnDSwvTOurzd3+zpkVEyxN118Fvpg22IIp+Xbxl
3SCTdM9o3BLSetoRSWma9eHmQYhYqViTLlCNI4WaFruQd+iEGNOLZZ0nYef+nv17
VIViSsmV8tXy1tSUL52rAmaR/ukeetK390zezc1/RsVS+hk6Ncms0eSd1ICEwdkE
Vw3ikGLavWjlnMu9EvOyh8XGSRNJaS/2B4x3QeJxDdjYNn1GjEjtMFcB1FuZy0tn
EWfnST8u5pYlOieSW6r1HpSYzhvBtrXL6sYigFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:21 2024 by rpki-client on console-fra.rpki-client.org