Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/36dAhuCop8vAcw1VE80v3VotDgs.roa
File:                     36dAhuCop8vAcw1VE80v3VotDgs.roa (raw, json)
Hash identifier:          I66FN0eQdNsNRonq495hYP3PJsjepA0SupiT5r21e60=
Subject key identifier:   DF:A7:40:86:E0:A8:A7:CB:C0:73:0D:55:13:CD:2F:DD:5A:2D:0E:0B
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       32FC222B
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/36dAhuCop8vAcw1VE80v3VotDgs.roa
Signing time:             Sat 01 Jan 2022 06:53:16 +0000
ROA not before:           Sat 01 Jan 2022 06:53:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        185.124.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855384619 (0x32fc222b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 06:53:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfa74086e0a8a7cbc0730d5513cd2fdd5a2d0e0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:90:85:8f:48:b4:fd:4b:c0:e2:4d:31:e1:11:
                    90:57:24:49:4c:62:55:0d:15:d0:0d:97:37:bc:aa:
                    e1:00:64:07:96:5b:d6:1f:91:b0:89:f8:3c:49:3e:
                    90:25:d9:ca:f3:1a:e1:3a:e8:1f:54:61:5a:02:e4:
                    fc:9a:26:bc:7d:f3:6e:c1:21:a0:fe:39:eb:b5:03:
                    2e:e5:d8:68:5e:de:fc:f9:b8:f7:38:9f:9d:f9:23:
                    f7:45:40:33:9c:d4:4e:22:9f:3d:df:4a:30:69:12:
                    bd:2f:0c:3c:74:18:a2:87:f5:22:98:d7:83:47:8c:
                    f0:0c:7f:ca:4e:5b:c7:d7:ab:d4:7c:d3:1c:e1:7c:
                    82:1f:0f:d2:ea:ec:14:7c:7d:20:b9:74:9b:32:3b:
                    8c:8b:89:8c:52:8c:47:28:f0:ff:17:f2:f9:69:81:
                    27:e9:ea:11:60:3c:9b:a4:9a:d1:5e:0d:e0:5e:09:
                    09:49:62:81:3f:3f:49:55:f9:13:70:5e:07:43:9b:
                    0c:37:8a:5f:0f:62:72:1f:bf:46:74:3b:ad:5b:f8:
                    f6:28:00:60:31:7f:4b:9d:b4:d0:41:53:06:3b:03:
                    e0:ac:98:f5:8e:d8:48:d6:bf:f9:1c:16:bf:c1:13:
                    03:b4:f1:bf:62:56:3a:ee:a3:07:5a:d9:ed:e6:34:
                    27:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A7:40:86:E0:A8:A7:CB:C0:73:0D:55:13:CD:2F:DD:5A:2D:0E:0B
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/36dAhuCop8vAcw1VE80v3VotDgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:fd:4f:22:c0:2b:42:18:57:69:3c:c1:1b:c0:ed:87:4c:34:
         52:28:8d:cb:77:74:39:cf:e1:5d:82:14:4a:09:f2:6f:4b:e4:
         7e:4b:b5:0c:88:1b:2d:c5:63:3c:0a:ce:dc:95:e2:b5:85:78:
         24:4d:3e:eb:61:5d:b0:df:5f:f9:ba:33:71:ec:5b:c6:59:49:
         ec:6a:8c:98:c4:78:fa:4b:0c:1b:0c:16:d6:7d:46:06:11:b5:
         e3:b0:75:ab:fd:72:92:49:a9:39:ae:8e:ce:0a:57:24:38:84:
         b4:5e:25:c2:75:4a:e5:b8:b3:c5:53:94:8e:33:2c:a1:8b:1b:
         c2:59:c9:ef:90:a5:75:58:bc:28:74:3e:76:7f:41:b1:28:2e:
         41:cf:a4:7c:e6:b9:65:ee:d6:96:d8:10:e2:b3:45:ae:dc:c3:
         27:68:e6:c8:9f:37:91:74:c7:64:fc:00:06:38:f2:40:fc:ec:
         8f:90:95:bd:ee:a9:91:88:b4:9e:ca:9e:a2:0e:b0:75:12:65:
         dd:21:3f:e9:ed:01:08:9c:e7:54:4b:65:c7:f7:1f:c3:6b:69:
         d9:68:23:a6:73:89:d6:2a:c4:d5:df:0f:23:bc:44:8a:c7:4e:
         a8:51:27:c4:c0:cb:c2:bf:69:f6:a8:2b:5a:cb:3a:1b:66:d8:
         d2:15:2c:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMvwiKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjA3NDMzOWJiMjE2Yjg1YmRjODNkNjE3Nzg4MjFhZGY5MTQ5ZDU2MB4XDTIyMDEw
MTA2NTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZhNzQwODZlMGE4
YTdjYmMwNzMwZDU1MTNjZDJmZGQ1YTJkMGUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6QhY9ItP1LwOJNMeERkFckSUxiVQ0V0A2XN7yq4QBkB5Zb
1h+RsIn4PEk+kCXZyvMa4TroH1RhWgLk/JomvH3zbsEhoP4567UDLuXYaF7e/Pm4
9zifnfkj90VAM5zUTiKfPd9KMGkSvS8MPHQYoof1IpjXg0eM8Ax/yk5bx9er1HzT
HOF8gh8P0ursFHx9ILl0mzI7jIuJjFKMRyjw/xfy+WmBJ+nqEWA8m6Sa0V4N4F4J
CUligT8/SVX5E3BeB0ObDDeKXw9ich+/RnQ7rVv49igAYDF/S5200EFTBjsD4KyY
9Y7YSNa/+RwWv8ETA7Txv2JWOu6jB1rZ7eY0J/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfp0CG4Kiny8BzDVUTzS/dWi0OCzAfBgNVHSMEGDAWgBSiB0M5uyFrhb3I
PWF3iCGt+RSdVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29nZERPYnNoYTRXOXlEMWhkNGdocmZrVW5WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8x
LzM2ZEFodUNvcDh2QWN3MVZFODB2M1ZvdERncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8xL29nZERPYnNoYTRX
OXlEMWhkNGdocmZrVW5WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALl8MDANBgkqhkiG9w0BAQsFAAOC
AQEAT/1PIsArQhhXaTzBG8Dth0w0UiiNy3d0Oc/hXYIUSgnyb0vkfku1DIgbLcVj
PArO3JXitYV4JE0+62FdsN9f+bozcexbxllJ7GqMmMR4+ksMGwwW1n1GBhG147B1
q/1ykkmpOa6OzgpXJDiEtF4lwnVK5bizxVOUjjMsoYsbwlnJ75CldVi8KHQ+dn9B
sSguQc+kfOa5Ze7WltgQ4rNFrtzDJ2jmyJ83kXTHZPwABjjyQPzsj5CVve6pkYi0
nsqeog6wdRJl3SE/6e0BCJznVEtlx/cfw2tp2WgjpnOJ1irE1d8PI7xEisdOqFEn
xMDLwr9p9qgrWss6G2bY0hUsFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org