Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/oWPH68xIhxCmhGVAIFLwzA7hmSM.roa
File:                     oWPH68xIhxCmhGVAIFLwzA7hmSM.roa (raw, json)
Hash identifier:          VG9cnInob50FzQ5MEmax0Ts4jRuvNxO/oWFddrbEAHE=
Subject key identifier:   A1:63:C7:EB:CC:48:87:10:A6:84:65:40:20:52:F0:CC:0E:E1:99:23
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1A3644EC
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/oWPH68xIhxCmhGVAIFLwzA7hmSM.roa
Signing time:             Thu 10 Mar 2022 08:20:00 +0000
ROA not before:           Thu 10 Mar 2022 08:20:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        85.120.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 439764204 (0x1a3644ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Mar 10 08:20:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a163c7ebcc488710a68465402052f0cc0ee19923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e1:48:81:8f:50:45:c6:fd:93:65:3d:04:4d:
                    a6:83:b5:57:42:4b:4d:a2:9d:bf:7e:ac:01:36:39:
                    17:8c:2d:c6:a5:30:69:a4:a7:a9:16:fb:d4:7e:4a:
                    89:f8:3b:7e:26:ea:5b:5f:eb:d1:2a:61:01:f5:08:
                    73:14:6b:2a:c5:7b:4a:45:fb:5d:f1:fb:1f:27:2a:
                    8c:24:5c:98:03:a9:04:8b:67:d9:95:59:da:ca:6d:
                    f1:0f:39:03:a7:67:38:20:2f:e7:4f:b6:e1:dd:14:
                    b8:79:da:93:2d:6b:ea:a9:71:ca:11:97:58:01:c1:
                    b9:d9:4f:7a:d2:f8:02:8b:8c:f9:c8:31:1e:96:d1:
                    dd:a4:d1:0f:bb:79:2b:c5:91:11:b7:26:bb:bb:f8:
                    a5:95:fa:a7:33:58:b7:34:54:db:d8:a0:fc:be:86:
                    a2:70:06:7e:57:d1:bf:4b:ad:26:ac:f1:e3:0c:da:
                    90:00:1f:73:07:f8:fc:ea:09:aa:c7:37:4b:af:9e:
                    3c:af:5a:ba:e6:df:93:78:62:18:6a:55:9f:d4:cb:
                    f5:2e:3d:14:c8:7f:16:96:9c:9e:e0:7d:7a:a4:16:
                    c6:2f:45:96:45:b2:97:f0:42:25:27:d5:07:d6:f3:
                    3c:81:ba:d8:fe:fd:b7:66:37:b8:6b:06:8e:18:3f:
                    30:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:63:C7:EB:CC:48:87:10:A6:84:65:40:20:52:F0:CC:0E:E1:99:23
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/oWPH68xIhxCmhGVAIFLwzA7hmSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.120.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:1a:d5:ba:a3:b6:94:9b:d9:80:a7:db:c4:1b:be:22:23:75:
         d4:19:ae:c0:99:6a:62:ad:d3:c3:94:12:2d:af:01:fa:89:84:
         d5:1a:e9:6e:14:51:0d:4f:02:31:85:59:0c:73:48:86:7d:a7:
         6f:0d:bf:da:c0:dd:9f:b9:6d:7c:0f:0d:94:c0:74:01:58:7d:
         ae:c8:6d:8c:bb:61:21:01:54:3c:84:fe:fc:b1:ca:99:f2:ea:
         ba:89:1c:60:af:f3:2c:c2:45:41:8c:44:d7:86:7b:99:cd:2e:
         db:3c:cc:c6:b0:ce:fb:3f:b7:c1:24:d7:54:6a:06:6c:4f:4b:
         fb:3c:10:50:7c:e0:ad:62:44:e0:0e:41:3c:cb:fe:de:52:10:
         6e:98:f5:51:a0:d9:1c:f0:51:31:fb:0c:32:8e:c5:db:d9:11:
         d1:6e:1d:02:1f:1b:10:4d:2f:60:d0:9c:aa:34:2f:e0:35:81:
         ff:27:36:9e:f6:23:bf:1f:d6:d7:4a:9c:94:f9:2b:44:f4:93:
         9d:05:be:49:c1:1c:27:af:be:c7:8d:ef:9c:a1:ac:66:4c:c6:
         ea:bf:dc:38:68:e0:e4:ef:03:d7:e0:8a:46:b0:f6:e8:f9:8e:
         26:b2:9d:71:36:2e:93:7f:09:77:90:03:a4:8e:06:de:1a:93:
         c2:2d:0e:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGjZE7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDMx
MDA4MjAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE2M2M3ZWJjYzQ4
ODcxMGE2ODQ2NTQwMjA1MmYwY2MwZWUxOTkyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbhSIGPUEXG/ZNlPQRNpoO1V0JLTaKdv36sATY5F4wtxqUw
aaSnqRb71H5Kifg7fibqW1/r0SphAfUIcxRrKsV7SkX7XfH7HycqjCRcmAOpBItn
2ZVZ2spt8Q85A6dnOCAv50+24d0UuHnaky1r6qlxyhGXWAHBudlPetL4AouM+cgx
HpbR3aTRD7t5K8WREbcmu7v4pZX6pzNYtzRU29ig/L6GonAGflfRv0utJqzx4wza
kAAfcwf4/OoJqsc3S6+ePK9auubfk3hiGGpVn9TL9S49FMh/FpacnuB9eqQWxi9F
lkWyl/BCJSfVB9bzPIG62P79t2Y3uGsGjhg/MFECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShY8frzEiHEKaEZUAgUvDMDuGZIzAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L29XUEg2OHhJaHhDbWhHVkFJRkx3ekE3aG1TTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFV4kDANBgkqhkiG9w0BAQsFAAOC
AQEANhrVuqO2lJvZgKfbxBu+IiN11BmuwJlqYq3Tw5QSLa8B+omE1RrpbhRRDU8C
MYVZDHNIhn2nbw2/2sDdn7ltfA8NlMB0AVh9rshtjLthIQFUPIT+/LHKmfLquokc
YK/zLMJFQYxE14Z7mc0u2zzMxrDO+z+3wSTXVGoGbE9L+zwQUHzgrWJE4A5BPMv+
3lIQbpj1UaDZHPBRMfsMMo7F29kR0W4dAh8bEE0vYNCcqjQv4DWB/yc2nvYjvx/W
10qclPkrRPSTnQW+ScEcJ6++x43vnKGsZkzG6r/cOGjg5O8D1+CKRrD26PmOJrKd
cTYuk38Jd5ADpI4G3hqTwi0Oog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org