Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/odMl_q3jY8SwuVYm_tSRTiVgJzs.roa
File:                     odMl_q3jY8SwuVYm_tSRTiVgJzs.roa (raw, json)
Hash identifier:          vFzFqY9ejYJkcTob08SNcr1l3TnHe+tMItx6Q/ShyRM=
Subject key identifier:   A1:D3:25:FE:AD:E3:63:C4:B0:B9:56:26:FE:D4:91:4E:25:60:27:3B
Certificate issuer:       /CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Certificate serial:       166E0711
Authority key identifier: D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/odMl_q3jY8SwuVYm_tSRTiVgJzs.roa
Signing time:             Sat 01 Jan 2022 09:06:14 +0000
ROA not before:           Sat 01 Jan 2022 09:06:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201077
IP address blocks:        185.86.196.0/22 maxlen: 24
                          2a05:bb40::/29 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 376309521 (0x166e0711)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d777943b341188e9cd2e93de288b33ffe041c7d2
        Validity
            Not Before: Jan  1 09:06:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a1d325feade363c4b0b95626fed4914e2560273b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fd:d1:48:be:27:00:98:b7:78:ab:d5:5f:60:
                    f0:b7:51:76:ad:c3:6d:57:63:79:fa:f8:0b:2c:b3:
                    16:dc:29:65:5c:e6:97:18:fc:62:af:23:a4:4a:bc:
                    31:71:64:dd:f0:9b:2c:41:ae:a6:32:70:e3:de:de:
                    0a:41:8c:af:12:03:bf:32:cd:0f:3c:07:fa:77:ca:
                    f9:51:7c:24:ee:fa:ec:f0:30:fa:5c:aa:f2:28:d2:
                    64:81:9e:31:a5:31:03:1d:1d:f8:0e:ec:06:13:5f:
                    08:56:3c:33:66:0b:5d:91:a7:30:bd:a8:1d:08:82:
                    0a:b1:6e:84:8f:1e:26:4a:90:cf:27:d8:9e:3e:a6:
                    89:39:68:34:6c:d5:66:d7:15:e6:33:48:f8:c3:1e:
                    7b:50:4f:f3:e6:0f:d6:d6:02:b5:cc:7b:b3:2d:e2:
                    e3:58:f5:6f:9e:df:3c:a8:6f:dc:2d:ce:12:4b:71:
                    d3:28:dc:11:3a:2c:1f:44:57:e7:2f:09:44:28:2c:
                    e6:94:d4:ac:a9:f1:7a:5b:31:e3:06:26:7b:ad:9a:
                    e5:5d:2b:ea:43:0e:d4:23:3d:b0:6d:fa:6b:cb:b6:
                    44:a6:08:b4:20:98:42:c9:08:25:b6:41:d8:0f:31:
                    95:57:2a:b3:37:64:d3:80:84:5e:1a:6c:79:97:19:
                    2b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:D3:25:FE:AD:E3:63:C4:B0:B9:56:26:FE:D4:91:4E:25:60:27:3B
            X509v3 Authority Key Identifier:
                keyid:D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/odMl_q3jY8SwuVYm_tSRTiVgJzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.86.196.0/22
                IPv6:
                  2a05:bb40::/29

    Signature Algorithm: sha256WithRSAEncryption
         3a:ab:80:7e:0a:ba:e6:6e:da:95:5a:e4:56:20:a7:9a:9c:cd:
         3e:93:f0:3c:3a:0c:33:94:6c:ca:44:3b:2d:bb:27:09:54:93:
         40:43:06:f4:90:fc:0a:74:75:61:63:04:1b:4c:e6:8d:a3:e9:
         e2:04:47:a1:8a:04:d9:5a:c6:58:14:5f:5f:71:00:e9:f4:50:
         b6:65:a9:98:0a:d8:f0:29:4f:f5:6a:f1:ef:30:7b:00:16:ab:
         68:e4:2a:7e:04:dc:78:8f:65:54:98:99:2d:05:e8:fb:2a:14:
         05:3d:04:16:e5:4a:5e:02:b4:63:c0:71:c5:b3:84:16:2a:8c:
         88:0b:03:a8:16:4a:34:cd:97:38:70:bb:8a:bd:70:3b:a2:9c:
         34:ce:af:9c:b0:3e:cd:5e:4f:20:6d:84:97:92:30:b5:27:61:
         2d:45:32:7c:f9:88:38:95:b5:93:d0:91:ce:98:7d:f4:e1:75:
         92:7f:12:46:e8:65:03:08:68:d5:78:85:84:34:5f:27:8e:81:
         d5:63:18:41:8c:91:16:23:a1:44:7e:e2:39:00:28:06:7e:4c:
         01:3a:8f:1c:ba:68:aa:2b:94:7e:f9:14:95:45:3b:38:26:9f:
         50:6e:0b:5b:0e:53:ab:67:e9:c4:58:99:55:54:40:62:bb:1b:
         32:65:34:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFm4HETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Nzc3OTQzYjM0MTE4OGU5Y2QyZTkzZGUyODhiMzNmZmUwNDFjN2QyMB4XDTIyMDEw
MTA5MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFkMzI1ZmVhZGUz
NjNjNGIwYjk1NjI2ZmVkNDkxNGUyNTYwMjczYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMj90Ui+JwCYt3ir1V9g8LdRdq3DbVdjefr4CyyzFtwpZVzm
lxj8Yq8jpEq8MXFk3fCbLEGupjJw497eCkGMrxIDvzLNDzwH+nfK+VF8JO767PAw
+lyq8ijSZIGeMaUxAx0d+A7sBhNfCFY8M2YLXZGnML2oHQiCCrFuhI8eJkqQzyfY
nj6miTloNGzVZtcV5jNI+MMee1BP8+YP1tYCtcx7sy3i41j1b57fPKhv3C3OEktx
0yjcETosH0RX5y8JRCgs5pTUrKnxelsx4wYme62a5V0r6kMO1CM9sG36a8u2RKYI
tCCYQskIJbZB2A8xlVcqszdk04CEXhpseZcZKy0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSh0yX+reNjxLC5Vib+1JFOJWAnOzAfBgNVHSMEGDAWgBTXd5Q7NBGI6c0u
k94oizP/4EHH0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEzZVVPelFSaU9uTkxwUGVLSXN6Xy1CQng5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMzViMWRmLTc4Y2YtNDgxOC1iMzNhLWNkYTdmYzdlYjA5Mi8x
L29kTWxfcTNqWThTd3VWWW1fdFNSVGlWZ0p6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MzViMWRmLTc4Y2YtNDgxOC1iMzNhLWNkYTdmYzdlYjA5Mi8xLzEzZVVPelFSaU9u
TkxwUGVLSXN6Xy1CQng5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlWxDANBAIAAjAHAwUDKgW7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAOquAfgq65m7alVrkViCnmpzNPpPwPDoMM5RsykQ7
LbsnCVSTQEMG9JD8CnR1YWMEG0zmjaPp4gRHoYoE2VrGWBRfX3EA6fRQtmWpmArY
8ClP9Wrx7zB7ABaraOQqfgTceI9lVJiZLQXo+yoUBT0EFuVKXgK0Y8BxxbOEFiqM
iAsDqBZKNM2XOHC7ir1wO6KcNM6vnLA+zV5PIG2El5IwtSdhLUUyfPmIOJW1k9CR
zph99OF1kn8SRuhlAwho1XiFhDRfJ46B1WMYQYyRFiOhRH7iOQAoBn5MATqPHLpo
qiuUfvkUlUU7OCafUG4LWw5Tq2fpxFiZVVRAYrsbMmU0ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:59 2024 by rpki-client on console-fra.rpki-client.org