Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/OaoBDn5F6pr-bXwLoTXeeMm0bfI.roa
File:                     OaoBDn5F6pr-bXwLoTXeeMm0bfI.roa (raw, json)
Hash identifier:          7R6kllPYSja10pZ1hgAbyNkaaQcGKLe7w/GdDlnv374=
Subject key identifier:   39:AA:01:0E:7E:45:EA:9A:FE:6D:7C:0B:A1:35:DE:78:C9:B4:6D:F2
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       0184EC21B2C3EAEB5939C1BA2BED4D84869D
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/OaoBDn5F6pr-bXwLoTXeeMm0bfI.roa
Signing time:             Wed 07 Dec 2022 10:29:02 +0000
ROA not before:           Wed 07 Dec 2022 10:29:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24693
IP address blocks:        85.95.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ec:21:b2:c3:ea:eb:59:39:c1:ba:2b:ed:4d:84:86:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Dec  7 10:29:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39aa010e7e45ea9afe6d7c0ba135de78c9b46df2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3b:80:7f:e4:d3:4b:ae:4b:65:e8:f6:f5:b0:
                    47:36:f3:19:cf:9a:42:74:a5:26:a0:79:3f:6c:85:
                    99:1c:75:56:ec:6e:47:6a:ba:9b:92:10:01:fc:02:
                    49:09:65:54:6f:ab:3e:bd:82:9b:99:b4:41:9d:87:
                    a7:28:ef:b6:4f:d9:c9:a3:69:1d:8b:4a:00:90:a8:
                    12:1c:8e:22:ca:ab:af:a3:af:a8:bf:ac:72:bd:7a:
                    e2:d4:21:36:ff:cb:c7:14:fc:41:8e:9e:e7:2c:74:
                    d6:b6:d7:ce:f8:bc:59:89:a1:31:2f:13:a8:7d:3a:
                    b0:d7:8f:37:29:37:18:83:e9:27:d1:90:c5:03:d3:
                    b0:2e:31:8d:0c:85:59:cc:8b:0a:3e:9a:96:52:78:
                    e1:39:11:e3:4f:c5:ff:c7:e1:6b:8a:5a:55:ad:ff:
                    fb:40:d7:0c:80:e3:38:a9:06:f2:b6:c4:ec:23:c8:
                    a4:3f:9a:37:cc:67:48:ee:f5:c4:29:08:54:ea:46:
                    98:c9:5a:02:2d:e1:da:02:61:b3:1d:1b:4f:5d:df:
                    a8:7a:b9:8b:7e:a4:29:d4:27:d5:45:49:bf:f8:bf:
                    3a:00:3a:61:37:cd:2e:e6:0c:2f:0f:60:d1:db:7d:
                    a6:98:94:c2:0d:0e:89:9c:95:d6:7e:80:7d:c3:79:
                    6a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:AA:01:0E:7E:45:EA:9A:FE:6D:7C:0B:A1:35:DE:78:C9:B4:6D:F2
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/OaoBDn5F6pr-bXwLoTXeeMm0bfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.95.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:c9:bf:fc:0e:9b:f9:a6:41:0e:a7:bd:94:93:e0:d2:e4:7b:
         6d:1e:41:5e:98:7b:00:99:99:fd:f4:fe:dd:96:34:0e:62:11:
         d5:bc:3d:da:34:1f:6e:15:4c:26:46:86:37:68:8f:0a:84:ae:
         1b:83:67:c7:6c:3b:78:37:ec:cd:36:d1:ef:39:3a:a6:d6:0c:
         a2:e6:22:26:1e:9f:42:67:3d:fb:96:ac:04:d6:b0:a1:6c:75:
         ea:79:8a:7d:90:b2:69:3e:d4:05:12:65:33:fc:b7:3a:d1:87:
         fb:fb:af:0c:c2:74:8a:a2:f1:22:80:c4:82:24:67:11:91:f4:
         02:b8:51:55:8a:88:ca:01:08:99:c9:5a:cf:56:f2:dc:51:62:
         3d:39:88:9f:eb:14:72:85:5a:b6:53:a5:66:7b:57:ae:05:53:
         22:2d:32:82:08:0b:7e:28:83:53:f2:7d:d2:eb:6e:1e:13:da:
         b3:76:62:4b:b6:de:59:b4:2e:f8:d2:ee:c0:c4:14:c1:b9:1f:
         58:bc:d5:84:30:6a:12:84:0d:df:f8:a7:7c:73:d7:5b:cb:c4:
         25:00:29:15:aa:9b:cb:ee:55:15:fe:39:cc:e3:d4:64:df:1f:
         2d:ae:a4:33:c4:a3:f1:98:4e:d6:bc:77:7f:bd:93:52:b8:33:
         0b:31:79:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTsIbLD6utZOcG6K+1NhIadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjIxMjA3MTAyOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFhMDEwZTdlNDVlYTlhZmU2ZDdjMGJhMTM1ZGU3OGM5YjQ2ZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDuAf+TTS65LZej29bBHNvMZz5pC
dKUmoHk/bIWZHHVW7G5HarqbkhAB/AJJCWVUb6s+vYKbmbRBnYenKO+2T9nJo2kd
i0oAkKgSHI4iyquvo6+ov6xyvXri1CE2/8vHFPxBjp7nLHTWttfO+LxZiaExLxOo
fTqw1483KTcYg+kn0ZDFA9OwLjGNDIVZzIsKPpqWUnjhORHjT8X/x+FrilpVrf/7
QNcMgOM4qQbytsTsI8ikP5o3zGdI7vXEKQhU6kaYyVoCLeHaAmGzHRtPXd+oermL
fqQp1CfVRUm/+L86ADphN80u5gwvD2DR232mmJTCDQ6JnJXWfoB9w3lqFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmqAQ5+Reqa/m18C6E13njJtG3yMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvT2FvQkRuNUY2cHItYlh3TG9UWGVlTW0wYmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVV9QMA0G
CSqGSIb3DQEBCwUAA4IBAQAoyb/8Dpv5pkEOp72Uk+DS5HttHkFemHsAmZn99P7d
ljQOYhHVvD3aNB9uFUwmRoY3aI8KhK4bg2fHbDt4N+zNNtHvOTqm1gyi5iImHp9C
Zz37lqwE1rChbHXqeYp9kLJpPtQFEmUz/Lc60Yf7+68MwnSKovEigMSCJGcRkfQC
uFFViojKAQiZyVrPVvLcUWI9OYif6xRyhVq2U6Vme1euBVMiLTKCCAt+KINT8n3S
624eE9qzdmJLtt5ZtC740u7AxBTBuR9YvNWEMGoShA3f+Kd8c9dby8QlACkVqpvL
7lUV/jnM49Rk3x8trqQzxKPxmE7WvHd/vZNSuDMLMXni
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org