Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/mLOlzQdOdkNU0dlaN2caGYqnGMs.roa
File:                     mLOlzQdOdkNU0dlaN2caGYqnGMs.roa (raw, json)
Hash identifier:          rPg5fvw0JWCiMFNKn7iEIkRnrT+zkaimXwPXXK0KXgA=
Subject key identifier:   98:B3:A5:CD:07:4E:76:43:54:D1:D9:5A:37:67:1A:19:8A:A7:18:CB
Certificate issuer:       /CN=da7148d75bdc39ce9dd2e3bdaa75847b17b34ecb
Certificate serial:       179140BE
Authority key identifier: DA:71:48:D7:5B:DC:39:CE:9D:D2:E3:BD:AA:75:84:7B:17:B3:4E:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nFI11vcOc6d0uO9qnWEexezTss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/mLOlzQdOdkNU0dlaN2caGYqnGMs.roa
Signing time:             Wed 27 Apr 2022 06:42:34 +0000
ROA not before:           Wed 27 Apr 2022 06:42:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48441
IP address blocks:        185.33.236.0/22 maxlen: 22
                          94.247.56.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395395262 (0x179140be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7148d75bdc39ce9dd2e3bdaa75847b17b34ecb
        Validity
            Not Before: Apr 27 06:42:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98b3a5cd074e764354d1d95a37671a198aa718cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fe:a7:bd:d9:e8:dd:b6:b5:ad:8e:ca:31:8f:
                    1d:b8:fc:0d:ff:74:b5:15:d7:5d:21:42:98:0a:4c:
                    eb:ec:b4:a3:79:da:d0:d4:54:97:1d:21:19:12:66:
                    97:8b:54:71:51:68:67:0e:2d:18:c0:66:d3:03:21:
                    63:54:b3:3a:27:31:13:6a:ce:66:47:cf:2c:b0:98:
                    70:24:41:41:f7:f9:0a:94:c5:8c:2a:da:98:93:84:
                    56:90:4d:99:56:f3:78:e3:bc:6c:2c:f3:3d:7b:67:
                    59:63:22:cf:6d:18:14:ef:f4:9e:dc:59:61:00:c6:
                    63:c4:87:da:f1:40:9a:46:13:f2:df:85:62:ff:36:
                    1f:e7:d8:b8:31:05:a8:4a:0c:d7:75:cf:d5:59:b7:
                    30:82:d3:92:f7:ba:76:b8:3f:c5:ec:93:5e:31:f0:
                    41:26:f5:ce:e3:a5:9b:d1:81:6e:34:90:3b:e8:5c:
                    a7:1c:75:cb:08:2c:2d:c9:55:75:88:01:85:72:a5:
                    2f:12:85:ef:50:18:b7:81:1c:ce:e8:04:2e:88:79:
                    9c:a7:c1:0a:fe:fe:7b:cf:60:f7:dc:2a:e0:28:95:
                    d3:41:8c:18:43:96:8a:20:6b:8a:4d:ae:d1:8b:91:
                    7a:1d:b5:b6:a2:f8:3b:99:24:99:91:4d:d3:85:b6:
                    20:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:B3:A5:CD:07:4E:76:43:54:D1:D9:5A:37:67:1A:19:8A:A7:18:CB
            X509v3 Authority Key Identifier:
                keyid:DA:71:48:D7:5B:DC:39:CE:9D:D2:E3:BD:AA:75:84:7B:17:B3:4E:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nFI11vcOc6d0uO9qnWEexezTss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/mLOlzQdOdkNU0dlaN2caGYqnGMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/2nFI11vcOc6d0uO9qnWEexezTss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.247.56.0/21
                  185.33.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:41:ab:a0:e3:16:1b:ac:81:a2:c0:b4:19:07:9c:5e:93:06:
         51:25:98:b0:34:fb:14:0d:3c:4e:8c:ff:9f:d6:56:cd:a8:a5:
         29:73:91:a0:33:27:af:03:5a:10:c1:41:48:bd:03:c9:a9:9c:
         ed:9b:6c:7a:ff:78:c2:f4:db:bb:26:eb:2b:f8:14:da:b1:7f:
         94:0d:41:14:57:27:ed:ec:c8:f2:17:b9:57:8f:ef:fc:85:ae:
         ed:10:22:d6:98:ba:11:6f:82:76:80:30:06:d0:6c:61:b0:9b:
         b7:4a:0f:b4:5c:08:33:82:0f:de:26:c2:4d:e5:98:4c:95:68:
         f7:e6:12:93:2e:4c:51:86:0b:2a:cc:1f:c2:f1:ad:e5:db:b4:
         ab:cb:98:85:af:43:99:a7:66:ed:25:b9:39:e6:8f:8a:ba:26:
         17:bd:40:f0:42:75:e8:1d:ed:2a:df:e4:c7:28:ea:d6:33:24:
         28:4c:48:c9:95:9c:53:2e:ef:0f:f4:04:66:f3:92:55:83:1f:
         92:01:41:1d:00:bf:90:05:ca:db:e5:5f:4f:fe:fa:11:74:aa:
         83:75:70:fb:f4:02:5c:4c:45:8c:ee:30:4f:56:00:06:32:a3:
         d3:80:d8:c8:2c:3e:fa:cf:69:ff:04:f0:74:e8:84:0e:cb:c3:
         30:71:37:61
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF5FAvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTcxNDhkNzViZGMzOWNlOWRkMmUzYmRhYTc1ODQ3YjE3YjM0ZWNiMB4XDTIyMDQy
NzA2NDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThiM2E1Y2QwNzRl
NzY0MzU0ZDFkOTVhMzc2NzFhMTk4YWE3MThjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKr+p73Z6N22ta2OyjGPHbj8Df90tRXXXSFCmApM6+y0o3na
0NRUlx0hGRJml4tUcVFoZw4tGMBm0wMhY1SzOicxE2rOZkfPLLCYcCRBQff5CpTF
jCramJOEVpBNmVbzeOO8bCzzPXtnWWMiz20YFO/0ntxZYQDGY8SH2vFAmkYT8t+F
Yv82H+fYuDEFqEoM13XP1Vm3MILTkve6drg/xeyTXjHwQSb1zuOlm9GBbjSQO+hc
pxx1ywgsLclVdYgBhXKlLxKF71AYt4EczugELoh5nKfBCv7+e89g99wq4CiV00GM
GEOWiiBrik2u0YuReh21tqL4O5kkmZFN04W2IMMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSYs6XNB052Q1TR2Vo3ZxoZiqcYyzAfBgNVHSMEGDAWgBTacUjXW9w5zp3S
472qdYR7F7NOyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJuRkkxMXZjT2M2ZDB1TzlxbldFZXhlelRzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvMDc3YTUzLTMxNGItNDAwNC04ZjFlLWRlZjBjYzM0ZTAwOC8x
L21MT2x6UWRPZGtOVTBkbGFOMmNhR1lxbkdNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
MDc3YTUzLTMxNGItNDAwNC04ZjFlLWRlZjBjYzM0ZTAwOC8xLzJuRkkxMXZjT2M2
ZDB1TzlxbldFZXhlelRzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA173OAMEArkh7DANBgkqhkiG9w0B
AQsFAAOCAQEAjUGroOMWG6yBosC0GQecXpMGUSWYsDT7FA08Toz/n9ZWzailKXOR
oDMnrwNaEMFBSL0Dyamc7Ztsev94wvTbuybrK/gU2rF/lA1BFFcn7ezI8he5V4/v
/IWu7RAi1pi6EW+CdoAwBtBsYbCbt0oPtFwIM4IP3ibCTeWYTJVo9+YSky5MUYYL
KswfwvGt5du0q8uYha9Dmadm7SW5OeaPiromF71A8EJ16B3tKt/kxyjq1jMkKExI
yZWcUy7vD/QEZvOSVYMfkgFBHQC/kAXK2+VfT/76EXSqg3Vw+/QCXExFjO4wT1YA
BjKj04DYyCw++s9p/wTwdOiEDsvDMHE3YQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:56 2024 by rpki-client on console-ams.rpki-client.org