Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/O62wF-1uAe73q1R6g53WnIjsejo.roa
File:                     O62wF-1uAe73q1R6g53WnIjsejo.roa (raw, json)
Hash identifier:          obYyZT5RHnCHdWLi7awTZHAsZMIHV69Hqdzgz6TcRp0=
Subject key identifier:   3B:AD:B0:17:ED:6E:01:EE:F7:AB:54:7A:83:9D:D6:9C:88:EC:7A:3A
Certificate issuer:       /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial:       07826B6F
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/O62wF-1uAe73q1R6g53WnIjsejo.roa
Signing time:             Sat 01 Jan 2022 01:03:17 +0000
ROA not before:           Sat 01 Jan 2022 01:03:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201935
IP address blocks:        82.85.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125987695 (0x7826b6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
        Validity
            Not Before: Jan  1 01:03:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3badb017ed6e01eef7ab547a839dd69c88ec7a3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:67:7e:3b:41:eb:30:2b:f8:03:83:ad:3b:a2:
                    0c:e2:64:21:63:a7:e8:77:e0:c2:6c:9f:cf:e8:5b:
                    e1:77:0e:f7:6f:d5:b4:56:cd:77:b3:f3:8a:ab:9a:
                    69:08:05:a9:b7:e6:fc:60:65:d0:3f:41:9e:e5:eb:
                    b4:d5:c2:f8:c0:45:72:55:eb:0a:70:11:92:47:8b:
                    07:56:d7:f8:2f:33:79:15:09:1f:96:f5:a0:52:9b:
                    37:ef:d6:87:bc:4c:79:b2:54:8b:05:ea:8e:07:49:
                    8f:f4:4a:9a:1c:cb:b0:c0:de:8e:67:5d:76:8b:d8:
                    52:11:cb:b5:04:d8:f9:94:ae:3b:89:61:58:b9:2f:
                    39:c4:a8:84:b0:e8:fb:ff:8d:5e:ab:49:cd:6a:12:
                    74:73:a0:25:6c:5c:2b:ec:ec:6c:c8:61:4a:8c:bd:
                    1c:25:53:4d:43:78:01:db:10:e7:47:b9:7e:42:48:
                    d6:03:19:8f:ef:de:0d:ff:16:3c:13:37:a4:6e:fe:
                    ee:7a:e7:e1:04:a8:68:21:8d:fd:1a:88:5a:2d:12:
                    e9:0c:e3:57:8d:0f:1e:be:f5:16:cd:5a:3c:7e:65:
                    cf:7f:63:6a:6a:38:00:2c:d3:57:14:40:fb:69:2c:
                    30:4d:05:75:92:16:2f:c3:6d:1d:01:07:9f:a4:a2:
                    28:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:AD:B0:17:ED:6E:01:EE:F7:AB:54:7A:83:9D:D6:9C:88:EC:7A:3A
            X509v3 Authority Key Identifier:
                keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/O62wF-1uAe73q1R6g53WnIjsejo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.85.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:3b:b7:cb:f2:ed:63:45:1b:62:7b:62:1a:5e:c0:26:f3:dd:
         bf:2d:68:30:43:5e:90:ce:01:74:35:ba:16:a0:3d:e7:7c:7d:
         b8:24:f0:70:e1:bd:ac:53:5a:32:58:91:65:96:0c:1a:96:6c:
         71:ab:5b:91:f4:b5:f5:b1:4c:d1:ac:2d:d4:b6:03:46:51:32:
         a1:6d:cd:99:92:ea:7b:1b:74:d6:57:28:e1:ad:91:9f:a2:c4:
         b1:fe:49:fb:05:7c:35:c6:8b:b2:0f:14:14:ad:1d:6f:fb:e7:
         f2:9b:48:11:76:44:06:44:fd:37:75:39:73:b2:72:9b:de:bb:
         92:4b:84:95:68:83:8d:fb:4f:91:3e:6f:35:64:14:a9:cc:a2:
         35:70:2d:46:77:67:94:c3:f2:83:a8:7a:73:70:08:cc:3f:3a:
         6a:42:c3:5c:00:ee:fe:02:54:97:5d:82:1e:8b:1d:9b:b3:22:
         70:25:00:18:15:b1:8b:20:4b:70:cf:31:5a:09:a1:98:ad:76:
         56:a2:f0:be:1c:38:e1:d2:b3:3e:a6:4a:cd:00:8d:ea:25:a1:
         51:24:f0:2f:ca:db:b2:63:12:c2:da:0c:e3:68:12:bd:a8:97:
         ab:0a:a3:ba:e2:23:5b:e2:f1:7f:5c:b5:0c:63:49:84:3e:98:
         cd:89:1e:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB4JrbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MB4XDTIyMDEw
MTAxMDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JhZGIwMTdlZDZl
MDFlZWY3YWI1NDdhODM5ZGQ2OWM4OGVjN2EzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIlnfjtB6zAr+AODrTuiDOJkIWOn6Hfgwmyfz+hb4XcO92/V
tFbNd7PziquaaQgFqbfm/GBl0D9BnuXrtNXC+MBFclXrCnARkkeLB1bX+C8zeRUJ
H5b1oFKbN+/Wh7xMebJUiwXqjgdJj/RKmhzLsMDejmdddovYUhHLtQTY+ZSuO4lh
WLkvOcSohLDo+/+NXqtJzWoSdHOgJWxcK+zsbMhhSoy9HCVTTUN4AdsQ50e5fkJI
1gMZj+/eDf8WPBM3pG7+7nrn4QSoaCGN/RqIWi0S6QzjV40PHr71Fs1aPH5lz39j
amo4ACzTVxRA+2ksME0FdZIWL8NtHQEHn6SiKMMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7rbAX7W4B7verVHqDndaciOx6OjAfBgNVHSMEGDAWgBTOuGmDVHETNZut
4fPzgQQJHjpkOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pyaHBnMVJ4RXpXYnJlSHo4NEVFQ1I0NlpEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8x
L082MndGLTF1QWU3M3ExUjZnNTNXbklqc2Vqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
ZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpX
YnJlSHo4NEVFQ1I0NlpEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJVsDANBgkqhkiG9w0BAQsFAAOC
AQEAGDu3y/LtY0UbYntiGl7AJvPdvy1oMENekM4BdDW6FqA953x9uCTwcOG9rFNa
MliRZZYMGpZscatbkfS19bFM0awt1LYDRlEyoW3NmZLqext01lco4a2Rn6LEsf5J
+wV8NcaLsg8UFK0db/vn8ptIEXZEBkT9N3U5c7Jym967kkuElWiDjftPkT5vNWQU
qcyiNXAtRndnlMPyg6h6c3AIzD86akLDXADu/gJUl12CHosdm7MicCUAGBWxiyBL
cM8xWgmhmK12VqLwvhw44dKzPqZKzQCN6iWhUSTwL8rbsmMSwtoM42gSvaiXqwqj
uuIjW+Lxf1y1DGNJhD6YzYkeSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:45 2024 by rpki-client on console-fra.rpki-client.org