Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zNPBSKdyVsgv43yBPeD9jz7_zYk.roa
File:                     zNPBSKdyVsgv43yBPeD9jz7_zYk.roa (raw, json)
Hash identifier:          dNun5toQWXLFNlsyo6HtCvo5sLXrrNZmf9oFI4SCfjU=
Subject key identifier:   CC:D3:C1:48:A7:72:56:C8:2F:E3:7C:81:3D:E0:FD:8F:3E:FF:CD:89
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       01827C85DB39938D6ABB5FCB39AF1F19780C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zNPBSKdyVsgv43yBPeD9jz7_zYk.roa
Signing time:             Mon 08 Aug 2022 08:15:23 +0000
ROA not before:           Mon 08 Aug 2022 08:15:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6718
IP address blocks:        80.97.49.0/24 maxlen: 24
                          85.120.222.0/23 maxlen: 24
                          80.96.42.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7c:85:db:39:93:8d:6a:bb:5f:cb:39:af:1f:19:78:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Aug  8 08:15:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ccd3c148a77256c82fe37c813de0fd8f3effcd89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c6:28:a0:31:65:ee:6a:69:5f:f2:da:ba:39:
                    6b:fe:ae:53:88:b3:f9:73:cd:35:30:18:41:f8:8b:
                    09:22:58:0f:13:6d:bf:7f:fa:1a:44:0f:07:e6:c9:
                    63:46:23:31:27:95:8c:ca:85:3a:30:41:32:b2:e2:
                    76:ba:ac:f6:b7:8d:11:61:5b:2b:ef:6c:03:4b:e8:
                    f1:06:18:36:1b:7e:8c:fd:d5:25:36:65:37:42:31:
                    ab:7e:c0:41:9f:11:9b:bc:f2:1b:86:09:75:91:b4:
                    14:fc:c2:f1:1c:e5:51:f9:20:6a:7d:48:2c:63:49:
                    34:d4:a7:ed:d3:9b:50:e6:bf:bd:1c:47:dc:c1:c3:
                    4d:3f:0d:86:7b:dd:8f:bc:6f:5b:e2:f9:cc:45:6e:
                    d8:89:fa:f2:56:dc:cf:0b:3d:cb:5d:1b:6a:57:76:
                    40:83:af:a6:60:7e:35:38:81:ea:ac:fc:8d:8e:04:
                    22:68:5d:ad:da:0a:a1:a1:b6:2c:bd:93:9d:2e:e9:
                    ba:d1:8b:8d:38:f7:16:c2:d6:4f:fb:49:9f:bb:73:
                    cb:fc:c3:00:f9:f3:a8:6f:2e:fd:39:09:b5:27:17:
                    6e:cc:df:80:83:98:9b:72:55:35:2f:c4:b0:b8:46:
                    a8:3c:25:46:3c:07:91:e6:f1:ae:af:3a:22:7d:61:
                    b4:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:D3:C1:48:A7:72:56:C8:2F:E3:7C:81:3D:E0:FD:8F:3E:FF:CD:89
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/zNPBSKdyVsgv43yBPeD9jz7_zYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.42.0/24
                  80.97.49.0/24
                  85.120.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:07:59:ff:56:5d:df:10:21:46:7a:e7:74:b1:63:0c:15:61:
         b6:41:af:0a:33:59:0d:af:4e:74:fd:dc:aa:57:c3:46:4a:77:
         71:e8:cb:f3:4e:6a:fa:8c:03:35:37:35:95:a7:70:9f:74:80:
         d3:ee:2a:a8:cf:19:29:04:d1:f0:ca:9f:72:e8:f0:c3:8a:83:
         51:2a:59:b3:8d:e3:ad:7b:e0:a0:6c:92:25:d4:58:41:8d:ff:
         79:1c:58:45:4e:02:bb:aa:8c:15:7c:c5:c1:43:43:d2:08:cf:
         04:0c:02:af:1e:99:1b:ba:cb:34:ed:fc:db:63:23:b0:ec:e5:
         62:4b:dc:af:9b:15:16:66:cb:dc:c3:91:98:81:07:e2:20:7b:
         94:31:a2:a0:ab:8b:3d:97:11:5e:1f:1a:bb:69:31:56:b7:54:
         a0:d7:41:51:ef:bd:01:e0:b7:ae:a4:27:f5:a3:6f:56:f2:e1:
         5f:29:b7:89:65:64:03:94:f4:d4:05:43:a5:86:99:f6:53:95:
         a2:5c:6f:b3:e7:a3:c1:bb:d9:02:9b:b3:41:cd:f5:54:9e:52:
         bb:38:98:8c:43:c8:a2:4b:16:f5:13:c2:fc:c9:25:8a:44:44:
         bd:b5:3b:16:e7:16:2b:7a:79:56:00:81:75:b9:f5:87:da:1a:
         ae:f4:3f:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJ8hds5k41qu1/LOa8fGXgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIwODA4MDgxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QzYzE0OGE3NzI1NmM4MmZlMzdjODEzZGUwZmQ4ZjNlZmZjZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMYooDFl7mppX/Laujlr/q5TiLP5
c801MBhB+IsJIlgPE22/f/oaRA8H5sljRiMxJ5WMyoU6MEEysuJ2uqz2t40RYVsr
72wDS+jxBhg2G36M/dUlNmU3QjGrfsBBnxGbvPIbhgl1kbQU/MLxHOVR+SBqfUgs
Y0k01Kft05tQ5r+9HEfcwcNNPw2Ge92PvG9b4vnMRW7YifryVtzPCz3LXRtqV3ZA
g6+mYH41OIHqrPyNjgQiaF2t2gqhobYsvZOdLum60YuNOPcWwtZP+0mfu3PL/MMA
+fOoby79OQm1JxduzN+Ag5ibclU1L8SwuEaoPCVGPAeR5vGurzoifWG0dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMzTwUinclbIL+N8gT3g/Y8+/82JMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvek5QQlNLZHlWc2d2NDN5QlBlRDlqejdfellrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUGAqAwQA
UGExAwQBVXjeMA0GCSqGSIb3DQEBCwUAA4IBAQAlB1n/Vl3fECFGeud0sWMMFWG2
Qa8KM1kNr050/dyqV8NGSndx6MvzTmr6jAM1NzWVp3CfdIDT7iqozxkpBNHwyp9y
6PDDioNRKlmzjeOte+CgbJIl1FhBjf95HFhFTgK7qowVfMXBQ0PSCM8EDAKvHpkb
uss07fzbYyOw7OViS9yvmxUWZsvcw5GYgQfiIHuUMaKgq4s9lxFeHxq7aTFWt1Sg
10FR770B4LeupCf1o29W8uFfKbeJZWQDlPTUBUOlhpn2U5WiXG+z56PBu9kCm7NB
zfVUnlK7OJiMQ8iiSxb1E8L8ySWKRES9tTsW5xYrenlWAIF1ufWH2hqu9D8v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:06 2024 by rpki-client on console-ams.rpki-client.org