Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/eZ8jJSnteP71osDEVUozLd1N_c4.roa
File:                     eZ8jJSnteP71osDEVUozLd1N_c4.roa (raw, json)
Hash identifier:          Amg0RzmlrVVS0KUp40KdMf5vpJJDWigusM+00OsEFrw=
Subject key identifier:   79:9F:23:25:29:ED:78:FE:F5:A2:C0:C4:55:4A:33:2D:DD:4D:FD:CE
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2B0F76F4
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/eZ8jJSnteP71osDEVUozLd1N_c4.roa
Signing time:             Sat 01 Jan 2022 13:58:07 +0000
ROA not before:           Sat 01 Jan 2022 13:58:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202385
IP address blocks:        85.31.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 722433780 (0x2b0f76f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:58:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=799f232529ed78fef5a2c0c4554a332ddd4dfdce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:db:57:2a:9d:99:ff:5c:5a:a2:ad:ca:99:0d:
                    29:85:fa:f4:7f:df:51:b1:45:9e:73:ce:91:6d:8c:
                    a4:51:f5:92:18:3d:b4:07:b1:b3:ed:85:12:4c:99:
                    ae:f4:bc:68:e8:a3:fa:c4:3f:e9:2f:95:f0:9a:e5:
                    46:71:b2:3a:22:a8:9f:ec:49:ea:5f:58:7c:cc:11:
                    79:79:33:dc:5b:84:68:3b:df:19:ba:2f:bd:a1:72:
                    ee:24:0d:98:85:db:01:2f:ed:b0:53:37:bb:ee:4c:
                    ad:2a:1d:3f:1f:dc:4b:51:95:3f:c7:34:77:1f:66:
                    69:90:1c:c5:8d:be:f2:a9:be:c9:ca:c2:c6:e0:d7:
                    0f:5a:7b:b7:03:3c:b2:5b:8e:11:88:cd:ed:78:64:
                    4f:eb:a2:4d:91:71:db:30:e1:25:51:2b:c0:69:1f:
                    d7:42:1a:8c:ff:0c:8b:15:d1:bf:4d:7e:e2:a8:a4:
                    9f:b6:5c:88:97:24:a6:f0:b4:fc:a0:71:72:5b:5f:
                    9d:b2:fb:4b:a0:ea:5d:42:41:97:a0:dc:95:7e:4c:
                    de:79:c9:a5:05:33:2a:71:e0:33:92:f6:bb:d1:48:
                    5d:95:da:cd:8d:b7:05:f4:3d:15:d3:e0:ce:bd:cb:
                    0f:57:6c:de:57:dc:dd:e2:f4:7f:d7:2d:3e:19:81:
                    06:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:9F:23:25:29:ED:78:FE:F5:A2:C0:C4:55:4A:33:2D:DD:4D:FD:CE
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/eZ8jJSnteP71osDEVUozLd1N_c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.31.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:61:d0:75:dd:bc:85:50:15:c0:be:67:42:e9:52:c7:7e:15:
         d3:a8:b1:52:7f:79:03:be:a4:79:a0:4d:f9:c2:8a:4c:6c:e5:
         01:43:c5:71:5f:53:d7:da:3b:c9:41:91:6f:f2:c8:b1:68:7e:
         63:90:c6:41:39:4a:a4:12:4c:a7:a3:1a:fc:99:da:1f:14:fa:
         18:cb:db:4a:f1:3f:35:b6:8a:5e:59:ea:37:63:7a:c0:49:8c:
         43:a8:e0:d4:7b:f7:37:27:fe:18:13:61:40:2f:50:03:32:b0:
         47:eb:46:68:e4:7c:f0:ec:e0:dc:d8:75:4b:cd:eb:99:5f:b2:
         d8:81:7e:67:b0:6b:2a:fe:75:2f:13:8e:24:db:c3:a4:03:e3:
         66:98:d9:40:f4:12:44:0f:14:e0:fb:49:6e:d8:89:71:07:52:
         8c:5a:5c:ff:78:49:9f:bc:54:02:3f:f6:16:d0:fc:57:74:43:
         c8:f5:1e:e6:68:fc:0a:56:07:14:d2:58:6e:44:2e:ec:6c:3d:
         bc:b1:34:17:2c:2a:a9:e4:bc:95:23:2b:c5:bc:51:94:2c:85:
         ea:15:95:33:4c:6c:23:05:d6:a1:6a:83:b2:57:5c:d1:0d:a3:
         af:41:8a:cc:25:49:5d:f1:06:fc:7e:e6:a9:87:d6:e4:00:cc:
         5c:9a:5e:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKw929DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk5ZjIzMjUyOWVk
NzhmZWY1YTJjMGM0NTU0YTMzMmRkZDRkZmRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrbVyqdmf9cWqKtypkNKYX69H/fUbFFnnPOkW2MpFH1khg9
tAexs+2FEkyZrvS8aOij+sQ/6S+V8JrlRnGyOiKon+xJ6l9YfMwReXkz3FuEaDvf
GbovvaFy7iQNmIXbAS/tsFM3u+5MrSodPx/cS1GVP8c0dx9maZAcxY2+8qm+ycrC
xuDXD1p7twM8sluOEYjN7XhkT+uiTZFx2zDhJVErwGkf10IajP8MixXRv01+4qik
n7ZciJckpvC0/KBxcltfnbL7S6DqXUJBl6DclX5M3nnJpQUzKnHgM5L2u9FIXZXa
zY23BfQ9FdPgzr3LD1ds3lfc3eL0f9ctPhmBBr8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5nyMlKe14/vWiwMRVSjMt3U39zjAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L2VaOGpKU250ZVA3MW9zREVWVW96TGQxTl9jNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFUf8DANBgkqhkiG9w0BAQsFAAOC
AQEAPWHQdd28hVAVwL5nQulSx34V06ixUn95A76keaBN+cKKTGzlAUPFcV9T19o7
yUGRb/LIsWh+Y5DGQTlKpBJMp6Ma/JnaHxT6GMvbSvE/NbaKXlnqN2N6wEmMQ6jg
1Hv3Nyf+GBNhQC9QAzKwR+tGaOR88Ozg3Nh1S83rmV+y2IF+Z7BrKv51LxOOJNvD
pAPjZpjZQPQSRA8U4PtJbtiJcQdSjFpc/3hJn7xUAj/2FtD8V3RDyPUe5mj8ClYH
FNJYbkQu7Gw9vLE0FywqqeS8lSMrxbxRlCyF6hWVM0xsIwXWoWqDsldc0Q2jr0GK
zCVJXfEG/H7mqYfW5ADMXJpeZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org