Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b08eef-a34a-4572-a9f8-690a88586870/1/sESLOOZt-7Jbqtjk3lJEXUlQVUA.roa
File:                     sESLOOZt-7Jbqtjk3lJEXUlQVUA.roa (raw, json)
Hash identifier:          cFQyGQilIr7v7t3fcgLOOBOwujxzjWIJmJbv4rFyD3Q=
Subject key identifier:   B0:44:8B:38:E6:6D:FB:B2:5B:AA:D8:E4:DE:52:44:5D:49:50:55:40
Certificate issuer:       /CN=d9601efb3f0cfdaa2295187d2b0456494110e157
Certificate serial:       0C3C2C0B
Authority key identifier: D9:60:1E:FB:3F:0C:FD:AA:22:95:18:7D:2B:04:56:49:41:10:E1:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2WAe-z8M_aoilRh9KwRWSUEQ4Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b08eef-a34a-4572-a9f8-690a88586870/1/sESLOOZt-7Jbqtjk3lJEXUlQVUA.roa
Signing time:             Sat 01 Jan 2022 12:05:21 +0000
ROA not before:           Sat 01 Jan 2022 12:05:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50304
IP address blocks:        185.12.72.0/22 maxlen: 24
                          2a02:e340::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 205270027 (0xc3c2c0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9601efb3f0cfdaa2295187d2b0456494110e157
        Validity
            Not Before: Jan  1 12:05:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0448b38e66dfbb25baad8e4de52445d49505540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7f:d8:bb:76:ae:1a:c9:82:c3:08:34:be:ac:
                    87:c4:81:19:8b:4b:6b:e7:f4:26:ff:4d:99:dc:4e:
                    73:b7:86:54:1b:2f:6e:c1:b2:67:3c:5c:8d:29:ff:
                    9f:58:fd:eb:0d:54:c6:b5:a1:7c:26:d5:13:75:76:
                    90:81:a4:4c:f9:4e:1f:bf:4b:b8:ff:4b:c5:e2:a5:
                    7a:9f:8d:bf:64:71:b9:b9:df:86:74:ae:88:0d:d0:
                    fb:c2:74:01:11:4d:ad:74:84:8f:41:c7:26:16:be:
                    a0:42:c5:e2:77:43:09:63:c4:66:1b:00:ab:59:70:
                    6f:e1:54:73:f3:49:9b:7a:d8:9e:31:6e:21:8e:79:
                    ee:3b:3c:b8:ae:9b:49:f3:b2:3b:bd:41:f1:8c:cd:
                    f0:92:50:81:29:d3:b8:d3:dd:c5:55:88:43:c7:05:
                    79:28:65:03:6d:de:22:54:56:d7:7a:27:51:ff:aa:
                    2e:c1:3d:76:3f:65:7a:9d:0a:25:60:12:65:94:25:
                    e4:dc:c7:40:32:cb:5c:41:0f:10:f9:6b:f7:ab:e2:
                    40:40:b0:59:e8:af:59:09:68:9e:01:06:f9:0c:b5:
                    11:b5:12:eb:03:ea:39:47:35:8d:5d:3e:c7:b1:e9:
                    5c:b8:1e:24:8d:d4:8f:fe:a2:6b:5d:60:5d:8f:d4:
                    11:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:44:8B:38:E6:6D:FB:B2:5B:AA:D8:E4:DE:52:44:5D:49:50:55:40
            X509v3 Authority Key Identifier:
                keyid:D9:60:1E:FB:3F:0C:FD:AA:22:95:18:7D:2B:04:56:49:41:10:E1:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2WAe-z8M_aoilRh9KwRWSUEQ4Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b08eef-a34a-4572-a9f8-690a88586870/1/sESLOOZt-7Jbqtjk3lJEXUlQVUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b08eef-a34a-4572-a9f8-690a88586870/1/2WAe-z8M_aoilRh9KwRWSUEQ4Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.72.0/22
                IPv6:
                  2a02:e340::/29

    Signature Algorithm: sha256WithRSAEncryption
         3d:00:1a:6f:f9:e6:75:fa:95:cb:78:41:77:27:9d:ae:3f:b0:
         98:f2:3b:8b:39:64:1b:19:48:05:d6:9b:50:09:f7:c8:0e:d3:
         d0:dd:eb:2e:d8:79:29:0e:ce:d5:3f:8b:9e:55:e5:86:46:33:
         5d:31:2f:e8:f2:43:17:18:76:c4:e0:f7:62:e4:e1:40:32:d0:
         c5:2b:c0:bf:a5:64:45:25:c3:4f:73:35:4b:26:eb:ae:a9:18:
         c1:c4:c0:2e:19:12:f0:6b:5f:28:0f:b0:c9:c8:63:b6:cb:78:
         9b:13:5c:6f:de:1c:26:80:eb:d5:17:83:9d:c6:7f:4a:2e:f1:
         49:bf:dd:d7:a5:97:75:b4:58:ba:74:65:c6:78:b2:71:03:ae:
         59:6e:2f:66:1d:66:76:57:cf:d5:34:df:25:53:67:95:c1:3f:
         90:66:50:f9:df:e0:aa:4e:2b:33:8d:20:1b:32:a9:2f:68:e0:
         ff:d7:73:39:07:0c:ba:e4:26:f8:a0:2d:47:6e:eb:cc:dd:4f:
         d7:42:62:82:44:b9:fc:25:f1:77:ea:67:0d:87:db:37:85:4a:
         25:2d:18:11:ca:b6:90:16:a2:6a:9e:7e:01:b0:c6:bf:72:cc:
         6d:a9:66:7c:b3:b8:50:f5:4d:22:31:cf:d9:65:f4:22:32:4f:
         b0:e5:7c:cf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDDwsCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTYwMWVmYjNmMGNmZGFhMjI5NTE4N2QyYjA0NTY0OTQxMTBlMTU3MB4XDTIyMDEw
MTEyMDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjA0NDhiMzhlNjZk
ZmJiMjViYWFkOGU0ZGU1MjQ0NWQ0OTUwNTU0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9/2Lt2rhrJgsMINL6sh8SBGYtLa+f0Jv9NmdxOc7eGVBsv
bsGyZzxcjSn/n1j96w1UxrWhfCbVE3V2kIGkTPlOH79LuP9LxeKlep+Nv2Rxubnf
hnSuiA3Q+8J0ARFNrXSEj0HHJha+oELF4ndDCWPEZhsAq1lwb+FUc/NJm3rYnjFu
IY557js8uK6bSfOyO71B8YzN8JJQgSnTuNPdxVWIQ8cFeShlA23eIlRW13onUf+q
LsE9dj9lep0KJWASZZQl5NzHQDLLXEEPEPlr96viQECwWeivWQlongEG+Qy1EbUS
6wPqOUc1jV0+x7HpXLgeJI3Uj/6ia11gXY/UES0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSwRIs45m37sluq2OTeUkRdSVBVQDAfBgNVHSMEGDAWgBTZYB77Pwz9qiKV
GH0rBFZJQRDhVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJXQWUtejhNX2FvaWxSaDlLd1JXU1VFUTRWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYjA4ZWVmLWEzNGEtNDU3Mi1hOWY4LTY5MGE4ODU4Njg3MC8x
L3NFU0xPT1p0LTdKYnF0amszbEpFWFVsUVZVQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YjA4ZWVmLWEzNGEtNDU3Mi1hOWY4LTY5MGE4ODU4Njg3MC8xLzJXQWUtejhNX2Fv
aWxSaDlLd1JXU1VFUTRWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkMSDANBAIAAjAHAwUDKgLjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPQAab/nmdfqVy3hBdyedrj+wmPI7izlkGxlIBdab
UAn3yA7T0N3rLth5KQ7O1T+LnlXlhkYzXTEv6PJDFxh2xOD3YuThQDLQxSvAv6Vk
RSXDT3M1SybrrqkYwcTALhkS8GtfKA+wychjtst4mxNcb94cJoDr1ReDncZ/Si7x
Sb/d16WXdbRYunRlxniycQOuWW4vZh1mdlfP1TTfJVNnlcE/kGZQ+d/gqk4rM40g
GzKpL2jg/9dzOQcMuuQm+KAtR27rzN1P10JigkS5/CXxd+pnDYfbN4VKJS0YEcq2
kBaiap5+AbDGv3LMbalmfLO4UPVNIjHP2WX0IjJPsOV8zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org