Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/om0vpqLuzpR6OVooKd-W8ykuZmQ.roa
File:                     om0vpqLuzpR6OVooKd-W8ykuZmQ.roa (raw, json)
Hash identifier:          H8NxykoVsYkoddjVIt0zzp8kiqq9I4J+x+1kp+/HBns=
Subject key identifier:   A2:6D:2F:A6:A2:EE:CE:94:7A:39:5A:28:29:DF:96:F3:29:2E:66:64
Certificate issuer:       /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial:       1C70C4F2
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/om0vpqLuzpR6OVooKd-W8ykuZmQ.roa
Signing time:             Sat 01 Jan 2022 15:03:43 +0000
ROA not before:           Sat 01 Jan 2022 15:03:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34994
IP address blocks:        82.193.95.0/24 maxlen: 32
                          82.193.94.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 477152498 (0x1c70c4f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
        Validity
            Not Before: Jan  1 15:03:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a26d2fa6a2eece947a395a2829df96f3292e6664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ff:78:01:f9:01:1c:c8:ee:ba:62:38:d7:85:
                    eb:11:d6:4a:67:09:fd:3d:f5:b4:84:2b:60:5d:e7:
                    aa:9f:85:5c:21:16:1b:4c:d7:ed:c4:79:e1:4e:36:
                    c2:bc:55:68:c9:c6:ba:67:0f:60:b4:21:69:7f:7c:
                    a5:da:82:1e:d8:59:26:96:c7:c8:51:dd:d3:d5:a3:
                    ae:c7:78:00:6a:7c:e4:1e:60:bd:95:ce:4c:1d:63:
                    74:ee:38:18:fd:71:ad:ff:a3:53:99:3a:d1:1a:8d:
                    73:75:c8:2e:09:d2:aa:e0:bd:12:fc:a8:f0:8a:8d:
                    4c:4c:69:cf:fd:64:60:88:ee:1a:29:4f:12:0b:e8:
                    f0:59:45:c1:f6:69:25:0b:f3:32:d9:98:43:c3:97:
                    15:d9:a7:71:23:38:d2:d8:cb:fa:50:0b:47:09:24:
                    e3:cc:4a:d0:cf:85:f9:06:ff:c3:03:60:a8:e3:60:
                    83:d5:0d:15:b8:0a:e2:d2:35:40:25:56:1d:1c:ca:
                    8c:1f:52:71:66:09:87:a0:28:b8:f9:ea:4c:33:4c:
                    f4:48:23:9e:6c:ff:81:ce:4e:e2:bd:72:31:6c:48:
                    5a:38:6c:26:fb:55:dc:00:dc:2b:0a:fc:5f:a1:d4:
                    da:48:4d:2f:c7:8e:44:ca:be:83:60:bd:7b:a4:13:
                    6a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:6D:2F:A6:A2:EE:CE:94:7A:39:5A:28:29:DF:96:F3:29:2E:66:64
            X509v3 Authority Key Identifier:
                keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/om0vpqLuzpR6OVooKd-W8ykuZmQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.193.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0d:78:86:11:f1:91:c8:5a:79:ed:59:60:93:13:27:4c:f1:b5:
         af:8b:7b:f1:fc:9c:50:68:6f:0b:77:c6:0b:fa:ae:ec:22:a4:
         0b:78:ce:c9:1f:2e:eb:36:07:45:f7:11:b5:5a:e1:fb:1e:cb:
         0e:46:29:2b:09:83:32:9d:41:59:c9:25:ec:63:e6:32:7b:d8:
         65:d7:0e:1c:d6:f2:c0:40:22:89:6e:cd:95:17:a6:6d:2b:a6:
         bf:a3:96:72:60:09:ab:68:79:da:75:92:ba:3d:c3:bb:18:28:
         28:23:fb:47:39:f5:52:5c:48:bd:61:37:9e:db:be:b9:a8:8d:
         93:7c:b5:04:d7:92:8d:aa:db:36:6d:4c:fb:af:fc:93:64:34:
         77:fc:95:39:ff:0e:4c:28:1b:9f:46:53:ac:07:a2:f9:50:ee:
         9f:ab:2e:6e:8a:ca:ab:95:36:ea:87:13:c6:e0:ce:fb:d0:9c:
         6e:89:81:04:43:4d:3b:7c:d0:ee:f8:9f:5a:88:71:69:b1:fb:
         ab:0d:9f:d8:34:db:fc:dd:61:9e:9e:47:d3:ea:dc:81:81:c8:
         5d:ec:0f:2d:1e:ad:09:86:2a:5d:6f:c6:0b:4d:04:d1:ba:2f:
         53:b0:af:05:76:ba:2b:fe:13:77:4e:43:e7:b3:7d:56:0a:ab:
         94:69:c4:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHHDE8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWExYjM2NTUyZjlkYWNjYjkyYWM1YzNiNDRiNDI2ZDY0Mzc0OWUyMB4XDTIyMDEw
MTE1MDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI2ZDJmYTZhMmVl
Y2U5NDdhMzk1YTI4MjlkZjk2ZjMyOTJlNjY2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv/eAH5ARzI7rpiONeF6xHWSmcJ/T31tIQrYF3nqp+FXCEW
G0zX7cR54U42wrxVaMnGumcPYLQhaX98pdqCHthZJpbHyFHd09Wjrsd4AGp85B5g
vZXOTB1jdO44GP1xrf+jU5k60RqNc3XILgnSquC9Evyo8IqNTExpz/1kYIjuGilP
Egvo8FlFwfZpJQvzMtmYQ8OXFdmncSM40tjL+lALRwkk48xK0M+F+Qb/wwNgqONg
g9UNFbgK4tI1QCVWHRzKjB9ScWYJh6AouPnqTDNM9Egjnmz/gc5O4r1yMWxIWjhs
JvtV3ADcKwr8X6HU2khNL8eORMq+g2C9e6QTasUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSibS+mou7OlHo5Wigp35bzKS5mZDAfBgNVHSMEGDAWgBTlobNlUvnazLkq
xcO0S0JtZDdJ4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhR3paVkw1MnN5NUtzWER0RXRDYldRM1NlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8x
L29tMHZwcUx1enBSNk9Wb29LZC1XOHlrdVptUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8xLzVhR3paVkw1MnN5
NUtzWER0RXRDYldRM1NlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVLBXjANBgkqhkiG9w0BAQsFAAOC
AQEADXiGEfGRyFp57VlgkxMnTPG1r4t78fycUGhvC3fGC/qu7CKkC3jOyR8u6zYH
RfcRtVrh+x7LDkYpKwmDMp1BWckl7GPmMnvYZdcOHNbywEAiiW7NlRembSumv6OW
cmAJq2h52nWSuj3DuxgoKCP7Rzn1UlxIvWE3ntu+uaiNk3y1BNeSjarbNm1M+6/8
k2Q0d/yVOf8OTCgbn0ZTrAei+VDun6suborKq5U26ocTxuDO+9CcbomBBENNO3zQ
7vifWohxabH7qw2f2DTb/N1hnp5H0+rcgYHIXewPLR6tCYYqXW/GC00E0bovU7Cv
BXa6K/4Td05D57N9VgqrlGnEDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org