Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/oCMUnbN_1GQDDwV--c4eCAZNISk.roa
File:                     oCMUnbN_1GQDDwV--c4eCAZNISk.roa (raw, json)
Hash identifier:          TCky+guD7uM+17V3uY9z5grMEtS/x8hMCikGJsRHgoc=
Subject key identifier:   A0:23:14:9D:B3:7F:D4:64:03:0F:05:7E:F9:CE:1E:08:06:4D:21:29
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0D4042A1
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/oCMUnbN_1GQDDwV--c4eCAZNISk.roa
Signing time:             Tue 28 Jun 2022 17:19:58 +0000
ROA not before:           Tue 28 Jun 2022 17:19:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12695
IP address blocks:        85.204.78.0/24 maxlen: 24
                          93.113.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 222315169 (0xd4042a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jun 28 17:19:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a023149db37fd464030f057ef9ce1e08064d2129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:59:76:48:03:dd:f4:53:0d:b4:74:65:45:ef:
                    71:32:f4:80:39:64:bb:a4:ec:67:ef:90:7a:50:ff:
                    6b:78:1b:2c:31:3d:9e:0a:a8:c6:3f:d7:2a:fe:de:
                    44:38:ba:44:86:ed:17:c5:ba:4d:09:8b:27:bc:9c:
                    3d:1f:ff:3c:34:cd:f8:d7:37:d8:c8:23:ed:75:ae:
                    8f:95:cc:52:e5:6a:60:0b:0c:1b:2e:5a:9a:c7:4c:
                    39:7b:58:d4:13:55:8c:90:ec:a6:ee:5c:7c:2d:f7:
                    98:7b:50:22:9d:5b:69:c6:e5:ac:83:4e:52:2c:fd:
                    39:45:7e:7c:e7:ad:94:09:0f:c0:09:49:81:64:34:
                    20:92:6c:9a:0f:ac:a4:4e:23:2b:69:81:66:8e:06:
                    a9:6d:fa:43:56:ef:0e:91:68:a2:2d:bc:95:3c:2f:
                    8e:b8:f5:79:c2:e3:e3:9d:75:c3:ce:3a:56:cd:17:
                    44:3e:d0:f1:59:74:bf:a1:a0:4c:a5:bb:da:bd:9e:
                    c3:fd:ec:0b:e7:4b:c3:24:58:a5:1a:07:c1:af:2f:
                    5f:a4:1a:75:cb:b4:18:99:f1:69:b6:6d:ef:88:7a:
                    a1:d8:64:fe:22:31:24:54:41:ac:59:50:11:f3:a4:
                    ec:65:49:e6:7e:cf:cf:9d:e1:7a:88:50:d4:37:60:
                    e7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:23:14:9D:B3:7F:D4:64:03:0F:05:7E:F9:CE:1E:08:06:4D:21:29
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/oCMUnbN_1GQDDwV--c4eCAZNISk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.78.0/24
                  93.113.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:47:a6:cd:78:d4:72:9b:47:13:3d:a8:36:58:65:26:5f:c3:
         a0:20:4e:b3:2c:55:f2:8a:77:3a:93:88:05:c6:aa:50:12:bf:
         a4:45:3b:c7:53:e6:c8:c8:4c:8e:bb:32:65:7b:05:8f:38:6c:
         7b:b6:29:33:dd:2c:e7:4f:dd:95:0d:59:71:44:3d:a9:5a:02:
         b8:91:2c:3d:47:21:10:8f:e5:45:42:87:2d:08:71:2a:03:01:
         1d:c2:29:f4:9c:b8:0c:0a:af:c7:91:91:b6:c3:60:0a:1d:06:
         98:fb:8d:50:5e:93:98:07:61:cb:08:a6:92:71:6f:6e:78:d5:
         83:dc:9c:f9:cd:6c:a6:09:0c:fb:8a:24:b1:e2:a3:dd:2f:fe:
         8e:5d:f3:49:e5:74:fe:a8:00:5d:a7:53:6c:48:23:99:d0:15:
         3f:10:35:c4:1a:dc:a5:64:c1:2b:e6:87:fa:c7:b4:03:07:5f:
         a8:de:3c:0c:d7:0c:bd:0a:93:e3:f2:d9:07:07:05:1f:d3:1c:
         ba:cc:2b:63:57:dd:60:26:0b:10:31:03:2f:9e:fe:68:a0:4e:
         5e:5a:f3:8b:40:ae:d1:cf:44:7b:3f:b2:a2:f7:c3:4a:d6:b8:
         8e:3d:c0:58:58:3e:78:c0:10:74:e3:a2:f5:16:69:38:6a:33:
         87:bb:c2:f5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDUBCoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDYy
ODE3MTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAyMzE0OWRiMzdm
ZDQ2NDAzMGYwNTdlZjljZTFlMDgwNjRkMjEyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1ZdkgD3fRTDbR0ZUXvcTL0gDlku6TsZ++QelD/a3gbLDE9
ngqoxj/XKv7eRDi6RIbtF8W6TQmLJ7ycPR//PDTN+Nc32Mgj7XWuj5XMUuVqYAsM
Gy5amsdMOXtY1BNVjJDspu5cfC33mHtQIp1bacblrINOUiz9OUV+fOetlAkPwAlJ
gWQ0IJJsmg+spE4jK2mBZo4GqW36Q1bvDpFooi28lTwvjrj1ecLj4511w846Vs0X
RD7Q8Vl0v6GgTKW72r2ew/3sC+dLwyRYpRoHwa8vX6Qadcu0GJnxabZt74h6odhk
/iIxJFRBrFlQEfOk7GVJ5n7Pz53heohQ1Ddg5zMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSgIxSds3/UZAMPBX75zh4IBk0hKTAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L29DTVVuYk5fMUdRRER3Vi0tYzRlQ0FaTklTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFXMTgMEAF1xyzANBgkqhkiG9w0B
AQsFAAOCAQEAb0emzXjUcptHEz2oNlhlJl/DoCBOsyxV8op3OpOIBcaqUBK/pEU7
x1PmyMhMjrsyZXsFjzhse7YpM90s50/dlQ1ZcUQ9qVoCuJEsPUchEI/lRUKHLQhx
KgMBHcIp9Jy4DAqvx5GRtsNgCh0GmPuNUF6TmAdhywimknFvbnjVg9yc+c1spgkM
+4okseKj3S/+jl3zSeV0/qgAXadTbEgjmdAVPxA1xBrcpWTBK+aH+se0AwdfqN48
DNcMvQqT4/LZBwcFH9McuswrY1fdYCYLEDEDL57+aKBOXlrzi0Cu0c9Eez+yovfD
Sta4jj3AWFg+eMAQdOOi9RZpOGozh7vC9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org