Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/rEkJ68txoZxRPR9O6zMz1OPGPQ8.roa
File:                     rEkJ68txoZxRPR9O6zMz1OPGPQ8.roa (raw, json)
Hash identifier:          I/+doV7RZCELYdMIKRnErYFoq6F2fB084w96Epzg4lo=
Subject key identifier:   AC:49:09:EB:CB:71:A1:9C:51:3D:1F:4E:EB:33:33:D4:E3:C6:3D:0F
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1A091B51
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/rEkJ68txoZxRPR9O6zMz1OPGPQ8.roa
Signing time:             Mon 28 Feb 2022 10:27:29 +0000
ROA not before:           Mon 28 Feb 2022 10:27:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56951
IP address blocks:        85.120.31.0/24 maxlen: 24
                          85.120.32.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 436804433 (0x1a091b51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Feb 28 10:27:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac4909ebcb71a19c513d1f4eeb3333d4e3c63d0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:92:c6:f5:05:ca:4f:ce:a7:23:f8:c4:2a:af:
                    bf:a4:c4:8f:b9:7c:e2:10:7e:9d:6c:89:15:d2:48:
                    8f:05:7a:e4:fe:ee:15:f9:3b:44:30:16:ec:58:7e:
                    bc:e7:b0:8b:6a:24:89:62:06:94:ef:c5:ff:df:ec:
                    54:44:cb:54:5a:6d:ba:d9:52:b1:41:57:41:6d:68:
                    d5:63:6c:8d:8c:3e:02:f2:23:18:1e:47:ce:33:6a:
                    c9:c4:c0:51:d1:04:14:0d:88:cd:da:e8:29:34:bc:
                    83:c9:89:48:14:86:5c:61:ed:5c:20:56:b2:45:34:
                    12:36:67:9d:22:bf:05:31:4a:9b:cf:7e:5c:46:cb:
                    f5:77:7d:f5:07:47:8e:9d:e4:b6:c6:97:8a:ce:f8:
                    e5:05:5a:d1:0c:e4:20:de:ad:d2:19:ae:18:71:00:
                    fa:59:6d:70:68:d3:b4:06:37:71:c2:07:47:b8:f7:
                    44:14:10:fc:89:7b:7b:b7:4e:47:ca:27:9b:72:2d:
                    79:68:9b:cb:0d:5c:70:12:c6:74:ee:cb:0b:f9:75:
                    fc:bf:ac:7e:ff:98:4d:50:e6:97:c5:e1:d5:a7:d8:
                    f9:c9:b2:7d:ec:a4:d4:78:ec:8b:f7:54:1f:e9:23:
                    2a:2e:45:d3:dc:0d:63:7a:32:3f:fa:92:ac:3c:ff:
                    da:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:49:09:EB:CB:71:A1:9C:51:3D:1F:4E:EB:33:33:D4:E3:C6:3D:0F
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/rEkJ68txoZxRPR9O6zMz1OPGPQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.120.31.0-85.120.32.255

    Signature Algorithm: sha256WithRSAEncryption
         5d:0b:39:5c:fd:ef:b9:59:00:db:48:8b:1a:77:64:22:6f:3b:
         49:d3:2e:fc:e6:fb:2e:e1:03:0c:2a:e1:11:3d:b8:04:97:3c:
         bf:f4:fa:ae:ca:23:e1:40:60:f7:55:1a:26:ef:e5:dc:c1:a6:
         25:cc:67:34:9e:ac:9a:35:4c:96:25:46:24:97:d8:42:51:c2:
         cc:21:05:51:0d:9a:99:66:0e:ff:0c:85:df:78:2f:4a:a9:e0:
         69:0e:79:ad:d9:1b:6a:29:df:ae:09:ab:ed:ed:9e:be:46:bd:
         aa:4b:17:6d:7b:ef:be:2b:fb:c7:0a:eb:31:08:ea:2e:1d:c8:
         ff:05:4f:e1:a3:da:46:d9:75:ab:3c:7d:7a:97:30:1c:f7:a3:
         1c:c0:35:9c:6a:85:1f:0c:08:a1:84:22:2d:e0:3a:3c:55:d0:
         ab:59:87:9b:58:27:5c:95:fd:47:0f:f2:79:33:5c:38:ec:6d:
         94:cd:6b:97:7e:8e:46:e2:51:f9:0d:f5:64:07:5d:48:4b:55:
         99:62:db:fb:90:74:d3:2e:ec:99:94:06:7c:c1:36:0a:6e:db:
         88:c6:2c:d2:33:ab:cd:2a:f6:2e:0a:e8:a3:c8:bd:55:d1:08:
         4d:f9:1e:a8:73:13:4d:87:58:d7:5d:02:5e:d4:f6:b3:8e:b0:
         1e:8a:91:bd
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGgkbUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDIy
ODEwMjcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM0OTA5ZWJjYjcx
YTE5YzUxM2QxZjRlZWIzMzMzZDRlM2M2M2QwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOSxvUFyk/OpyP4xCqvv6TEj7l84hB+nWyJFdJIjwV65P7u
Ffk7RDAW7Fh+vOewi2okiWIGlO/F/9/sVETLVFptutlSsUFXQW1o1WNsjYw+AvIj
GB5HzjNqycTAUdEEFA2IzdroKTS8g8mJSBSGXGHtXCBWskU0EjZnnSK/BTFKm89+
XEbL9Xd99QdHjp3ktsaXis745QVa0QzkIN6t0hmuGHEA+lltcGjTtAY3ccIHR7j3
RBQQ/Il7e7dOR8onm3IteWibyw1ccBLGdO7LC/l1/L+sfv+YTVDml8Xh1afY+cmy
feyk1Hjsi/dUH+kjKi5F09wNY3oyP/qSrDz/2rMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSsSQnry3GhnFE9H07rMzPU48Y9DzAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L3JFa0o2OHR4b1p4UlBSOU82ek16MU9QR1BROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVXgfAwQAVXggMA0GCSqGSIb3
DQEBCwUAA4IBAQBdCzlc/e+5WQDbSIsad2QibztJ0y785vsu4QMMKuERPbgElzy/
9PquyiPhQGD3VRom7+XcwaYlzGc0nqyaNUyWJUYkl9hCUcLMIQVRDZqZZg7/DIXf
eC9KqeBpDnmt2RtqKd+uCavt7Z6+Rr2qSxdte+++K/vHCusxCOouHcj/BU/ho9pG
2XWrPH16lzAc96McwDWcaoUfDAihhCIt4Do8VdCrWYebWCdclf1HD/J5M1w47G2U
zWuXfo5G4lH5DfVkB11IS1WZYtv7kHTTLuyZlAZ8wTYKbtuIxizSM6vNKvYuCuij
yL1V0QhN+R6ocxNNh1jXXQJe1PazjrAeipG9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org