Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/00e8e1-c235-49a9-9f92-63831ae951ef/1/ohMzuPRH8wASUczCc37HLYOdbSc.roa
File:                     ohMzuPRH8wASUczCc37HLYOdbSc.roa (raw, json)
Hash identifier:          OZfQRVNeDVc24/E6OShENjEyomP/FN3o5h5xFED6AxM=
Subject key identifier:   A2:13:33:B8:F4:47:F3:00:12:51:CC:C2:73:7E:C7:2D:83:9D:6D:27
Certificate issuer:       /CN=1f5cf6d120e28138b0aa2fc83cba9b0e96796c36
Certificate serial:       0BE1BB84
Authority key identifier: 1F:5C:F6:D1:20:E2:81:38:B0:AA:2F:C8:3C:BA:9B:0E:96:79:6C:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H1z20SDigTiwqi_IPLqbDpZ5bDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/00e8e1-c235-49a9-9f92-63831ae951ef/1/ohMzuPRH8wASUczCc37HLYOdbSc.roa
Signing time:             Sat 01 Jan 2022 14:03:47 +0000
ROA not before:           Sat 01 Jan 2022 14:03:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202506
IP address blocks:        185.247.160.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199342980 (0xbe1bb84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f5cf6d120e28138b0aa2fc83cba9b0e96796c36
        Validity
            Not Before: Jan  1 14:03:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a21333b8f447f3001251ccc2737ec72d839d6d27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2e:2e:33:7f:9b:91:cd:fa:94:43:76:05:09:
                    a5:df:c7:fd:3e:70:b9:df:e0:ef:0d:c9:8d:43:92:
                    43:d7:4a:10:48:2d:7b:9a:85:1b:6a:b3:70:78:67:
                    c2:b4:9e:52:ca:b4:55:12:b5:93:a8:76:2a:39:92:
                    23:f0:21:fa:55:c1:1c:bb:01:e9:cd:7e:46:25:74:
                    28:3a:ed:c5:88:bf:0d:0f:9d:3f:36:d3:5d:84:eb:
                    e5:6a:be:b3:25:b2:0f:29:93:80:39:1b:40:d6:61:
                    b4:13:0f:40:21:af:a6:71:f6:5f:41:1b:b4:ca:9a:
                    77:3b:e8:22:5a:6d:9d:7e:f6:a3:ec:c6:ee:1e:e2:
                    a5:17:ea:d5:ea:a3:3f:b9:ed:37:df:58:69:f7:50:
                    c9:c8:66:e5:01:d4:61:aa:6a:bf:86:10:c4:48:3d:
                    a1:70:25:a9:c5:a9:6b:2c:6d:a1:e4:ed:d5:ef:f4:
                    8b:ca:0e:3d:32:19:27:0f:a7:ca:fd:b2:4e:15:67:
                    ee:3b:6d:2d:66:af:8e:e8:26:e9:72:37:da:53:5d:
                    9a:9b:44:3c:61:3f:1b:54:05:73:a5:9d:bd:63:93:
                    b3:95:0b:76:7b:87:ea:bd:7a:ee:26:fd:d9:3e:2a:
                    2e:a0:31:ef:41:da:2c:7e:90:7a:37:5b:36:7d:5a:
                    be:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:13:33:B8:F4:47:F3:00:12:51:CC:C2:73:7E:C7:2D:83:9D:6D:27
            X509v3 Authority Key Identifier:
                keyid:1F:5C:F6:D1:20:E2:81:38:B0:AA:2F:C8:3C:BA:9B:0E:96:79:6C:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1z20SDigTiwqi_IPLqbDpZ5bDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/00e8e1-c235-49a9-9f92-63831ae951ef/1/ohMzuPRH8wASUczCc37HLYOdbSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/00e8e1-c235-49a9-9f92-63831ae951ef/1/H1z20SDigTiwqi_IPLqbDpZ5bDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.247.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:ee:05:5a:f3:a6:c9:74:64:65:aa:7f:b2:c0:a4:1a:e3:ee:
         21:cf:8f:3b:89:a6:cf:86:ce:2c:b0:1e:c9:e8:52:a2:92:ea:
         8c:54:ea:c3:a7:c0:86:67:78:b4:98:31:bb:03:4d:d4:8d:60:
         c9:4d:ee:b1:7d:12:10:b0:ef:52:7c:f8:ec:14:9f:96:6e:3d:
         53:3e:41:73:5f:6b:09:52:95:46:cc:97:82:db:59:86:42:ed:
         5e:36:39:dd:44:8d:9a:c4:82:d1:e0:7f:5d:9f:2e:49:bc:10:
         11:7d:56:67:15:23:3e:97:57:2d:7a:c8:a4:3e:0e:4d:9b:88:
         ee:67:a6:3b:c9:ee:6d:98:6f:d9:08:0d:61:59:30:c2:b0:8d:
         75:14:01:20:4c:7d:28:9e:1b:76:ab:58:e8:b9:3d:36:63:17:
         76:19:86:89:dd:00:5e:75:3d:50:bb:8e:1c:8a:ee:24:ca:10:
         9f:b0:9f:e1:62:35:a6:d3:51:15:0e:82:a1:42:60:a7:46:8e:
         fe:ae:ba:ce:ce:0a:bf:9f:bf:f3:dd:49:23:eb:18:ee:1c:00:
         3d:3c:b1:ce:85:b7:a1:51:7d:24:64:77:37:b5:4d:d7:11:7a:
         8f:5f:ee:d2:3a:ea:e6:a7:ad:2f:5b:96:ee:d5:e6:7c:10:cc:
         8b:8e:7c:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC+G7hDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjVjZjZkMTIwZTI4MTM4YjBhYTJmYzgzY2JhOWIwZTk2Nzk2YzM2MB4XDTIyMDEw
MTE0MDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIxMzMzYjhmNDQ3
ZjMwMDEyNTFjY2MyNzM3ZWM3MmQ4MzlkNmQyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQuLjN/m5HN+pRDdgUJpd/H/T5wud/g7w3JjUOSQ9dKEEgt
e5qFG2qzcHhnwrSeUsq0VRK1k6h2KjmSI/Ah+lXBHLsB6c1+RiV0KDrtxYi/DQ+d
PzbTXYTr5Wq+syWyDymTgDkbQNZhtBMPQCGvpnH2X0EbtMqadzvoIlptnX72o+zG
7h7ipRfq1eqjP7ntN99YafdQychm5QHUYapqv4YQxEg9oXAlqcWpayxtoeTt1e/0
i8oOPTIZJw+nyv2yThVn7jttLWavjugm6XI32lNdmptEPGE/G1QFc6WdvWOTs5UL
dnuH6r167ib92T4qLqAx70HaLH6QejdbNn1avvMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiEzO49EfzABJRzMJzfsctg51tJzAfBgNVHSMEGDAWgBQfXPbRIOKBOLCq
L8g8upsOlnlsNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gxejIwU0RpZ1Rpd3FpX0lQTHFiRHBaNWJEWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMDBlOGUxLWMyMzUtNDlhOS05ZjkyLTYzODMxYWU5NTFlZi8x
L29oTXp1UFJIOHdBU1VjekNjMzdITFlPZGJTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MDBlOGUxLWMyMzUtNDlhOS05ZjkyLTYzODMxYWU5NTFlZi8xL0gxejIwU0RpZ1Rp
d3FpX0lQTHFiRHBaNWJEWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn3oDANBgkqhkiG9w0BAQsFAAOC
AQEAOu4FWvOmyXRkZap/ssCkGuPuIc+PO4mmz4bOLLAeyehSopLqjFTqw6fAhmd4
tJgxuwNN1I1gyU3usX0SELDvUnz47BSflm49Uz5Bc19rCVKVRsyXgttZhkLtXjY5
3USNmsSC0eB/XZ8uSbwQEX1WZxUjPpdXLXrIpD4OTZuI7memO8nubZhv2QgNYVkw
wrCNdRQBIEx9KJ4bdqtY6Lk9NmMXdhmGid0AXnU9ULuOHIruJMoQn7Cf4WI1ptNR
FQ6CoUJgp0aO/q66zs4Kv5+/891JI+sY7hwAPTyxzoW3oVF9JGR3N7VN1xF6j1/u
0jrq5qetL1uW7tXmfBDMi458Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:08 2024 by rpki-client on console-fra.rpki-client.org