Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xnwLozAiDMfSAv9L3FmiEKTYjhc.roa
File:                     xnwLozAiDMfSAv9L3FmiEKTYjhc.roa (raw, json)
Hash identifier:          yGrtZjG2v0EOCMpqLmQq3qTX5AfG4nC/I+MFAxIpTOc=
Subject key identifier:   C6:7C:0B:A3:30:22:0C:C7:D2:02:FF:4B:DC:59:A2:10:A4:D8:8E:17
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1A4929F5
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xnwLozAiDMfSAv9L3FmiEKTYjhc.roa
Signing time:             Tue 15 Mar 2022 08:30:47 +0000
ROA not before:           Tue 15 Mar 2022 08:30:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49852
IP address blocks:        85.121.150.0/24 maxlen: 24
                          85.121.218.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 441002485 (0x1a4929f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Mar 15 08:30:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c67c0ba330220cc7d202ff4bdc59a210a4d88e17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d1:2e:f0:e1:9a:58:dd:6e:2a:c8:8c:51:04:
                    ab:70:28:13:f0:dc:01:21:6a:ab:2c:5b:cd:7d:76:
                    3d:28:58:a8:d6:17:4c:b1:62:50:72:4b:14:32:7f:
                    ac:9c:b6:08:a8:96:22:49:b8:b9:87:83:ca:ad:2d:
                    bc:8a:88:e7:9e:d1:91:67:fc:97:29:50:3f:84:f3:
                    29:81:3b:30:37:93:ba:a7:0d:6d:b6:47:dd:8e:0a:
                    7d:5e:0c:09:59:b1:43:81:b3:df:a2:c9:39:c9:58:
                    5f:6a:47:b0:01:39:82:a0:c4:06:3b:52:87:c3:83:
                    32:dc:4a:74:17:96:f1:14:05:82:4d:58:2a:02:2d:
                    66:2d:91:6d:08:be:0a:3b:9c:8d:dc:46:e7:2d:41:
                    21:44:ed:1b:2f:a2:d2:91:31:62:c9:6a:77:1e:51:
                    12:d2:f7:38:66:59:58:ba:9d:98:97:15:08:68:ea:
                    c7:5b:f6:65:f9:aa:b5:93:62:99:8b:cb:69:d8:1e:
                    f7:55:59:b4:dd:ff:91:3b:e8:ce:74:cd:48:d4:b6:
                    0e:99:2c:bb:3a:e5:8f:1d:07:26:7a:2e:05:c2:09:
                    c9:e9:0f:f4:9f:1f:79:eb:06:75:fb:68:93:ca:c7:
                    2d:c1:41:13:60:67:41:37:4b:de:b3:ed:ec:20:2e:
                    3a:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:7C:0B:A3:30:22:0C:C7:D2:02:FF:4B:DC:59:A2:10:A4:D8:8E:17
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xnwLozAiDMfSAv9L3FmiEKTYjhc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.121.150.0/24
                  85.121.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:56:78:9a:f6:a8:e5:a8:63:8f:45:7d:2f:c6:5b:95:2d:dd:
         16:91:4c:4e:46:4f:6e:d9:45:92:c8:d1:a8:f9:07:2a:c2:46:
         e7:66:e6:a7:bd:8a:c3:5e:55:44:71:94:8b:d0:07:28:4b:d8:
         03:0e:7d:b7:7c:30:d9:c4:3e:c8:86:d7:cb:58:99:3a:38:82:
         40:48:40:82:be:14:5c:57:8a:42:2e:59:14:d1:32:b7:c7:aa:
         43:03:6a:13:b3:eb:c5:8a:3b:55:7b:25:3c:a5:42:7d:a9:30:
         78:bc:80:fc:fc:4c:b4:a0:b1:72:89:4e:9b:96:a8:df:fa:40:
         e3:67:61:3a:33:63:97:b8:1e:d8:bf:c0:0d:50:41:78:f3:da:
         72:46:bd:77:f4:d4:c2:7e:b3:a3:da:18:bf:b1:38:56:ee:28:
         fb:ba:a1:c0:66:7d:24:d3:af:34:95:65:e7:02:a8:94:3b:be:
         44:26:1e:a7:6f:79:05:0c:c4:c7:ed:45:43:9c:3f:93:24:fb:
         43:12:00:eb:4e:3d:82:dc:e3:cf:79:d0:48:62:2f:6f:37:81:
         48:47:c0:ac:da:55:5a:3c:a9:8d:b5:47:3d:a4:1f:82:24:65:
         8c:f2:79:50:62:56:30:59:ba:51:45:6a:35:d2:d1:5e:2f:a9:
         8c:5f:5c:90
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGkkp9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDMx
NTA4MzA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3YzBiYTMzMDIy
MGNjN2QyMDJmZjRiZGM1OWEyMTBhNGQ4OGUxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvRLvDhmljdbirIjFEEq3AoE/DcASFqqyxbzX12PShYqNYX
TLFiUHJLFDJ/rJy2CKiWIkm4uYeDyq0tvIqI557RkWf8lylQP4TzKYE7MDeTuqcN
bbZH3Y4KfV4MCVmxQ4Gz36LJOclYX2pHsAE5gqDEBjtSh8ODMtxKdBeW8RQFgk1Y
KgItZi2RbQi+CjucjdxG5y1BIUTtGy+i0pExYslqdx5REtL3OGZZWLqdmJcVCGjq
x1v2ZfmqtZNimYvLadge91VZtN3/kTvoznTNSNS2Dpksuzrljx0HJnouBcIJyekP
9J8feesGdftok8rHLcFBE2BnQTdL3rPt7CAuOtUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTGfAujMCIMx9IC/0vcWaIQpNiOFzAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L3hud0xvekFpRE1mU0F2OUwzRm1pRUtUWWpoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFV5lgMEAFV52jANBgkqhkiG9w0B
AQsFAAOCAQEAilZ4mvao5ahjj0V9L8ZblS3dFpFMTkZPbtlFksjRqPkHKsJG52bm
p72Kw15VRHGUi9AHKEvYAw59t3ww2cQ+yIbXy1iZOjiCQEhAgr4UXFeKQi5ZFNEy
t8eqQwNqE7PrxYo7VXslPKVCfakweLyA/PxMtKCxcolOm5ao3/pA42dhOjNjl7ge
2L/ADVBBePPacka9d/TUwn6zo9oYv7E4Vu4o+7qhwGZ9JNOvNJVl5wKolDu+RCYe
p295BQzEx+1FQ5w/kyT7QxIA6049gtzjz3nQSGIvbzeBSEfArNpVWjypjbVHPaQf
giRljPJ5UGJWMFm6UUVqNdLRXi+pjF9ckA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org