Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/_0kh2LdtSNkMa9edMwNt_MGvSNY.roa
File:                     _0kh2LdtSNkMa9edMwNt_MGvSNY.roa (raw, json)
Hash identifier:          /807Smj3Jf+VhNYg69R0wjOTAXOSmBVpYhxCmz19rjU=
Subject key identifier:   FF:49:21:D8:B7:6D:48:D9:0C:6B:D7:9D:33:03:6D:FC:C1:AF:48:D6
Certificate issuer:       /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial:       0D0F7DEB
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/_0kh2LdtSNkMa9edMwNt_MGvSNY.roa
Signing time:             Sat 01 Jan 2022 11:03:56 +0000
ROA not before:           Sat 01 Jan 2022 11:03:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43545
IP address blocks:        185.182.70.0/24 maxlen: 24
                          185.182.68.0/24 maxlen: 24
                          185.182.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 219119083 (0xd0f7deb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
        Validity
            Not Before: Jan  1 11:03:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ff4921d8b76d48d90c6bd79d33036dfcc1af48d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:7e:e2:a2:d8:68:0c:f8:fa:1b:84:d4:00:96:
                    cb:bd:6c:78:3b:82:64:d7:28:6c:c1:d7:0e:04:a7:
                    d3:0a:f9:41:d2:6a:c8:b3:16:81:85:65:1e:1b:8b:
                    10:00:d6:e3:fd:fc:02:ef:eb:9c:d2:c5:dc:0e:f0:
                    76:4b:5f:d5:da:31:0a:44:4e:e5:54:05:5a:84:60:
                    a0:37:68:f9:c1:c6:22:73:76:b8:61:bf:10:10:fd:
                    08:2e:2b:00:6e:87:34:9a:34:7b:00:e6:3a:58:11:
                    07:d9:d0:da:8d:54:7b:16:8a:53:4a:74:99:e6:02:
                    6f:90:25:f7:90:1a:fc:5f:23:f3:61:e8:7f:a7:59:
                    b9:8e:37:9c:ba:cd:88:bd:bc:0b:f6:ef:25:1c:1d:
                    d3:33:03:04:f6:de:21:46:0d:cf:78:9f:8d:bb:e3:
                    7c:16:31:09:bd:29:c4:1b:b4:64:d8:66:4c:49:9f:
                    42:3e:4f:ac:04:97:f0:e6:fd:8f:74:7d:87:e5:78:
                    49:d4:f4:97:07:17:cf:a3:61:d5:eb:01:3d:dc:50:
                    4b:86:c0:48:06:6f:c7:ef:37:d6:cb:98:ee:ab:d8:
                    be:9a:c1:63:95:ad:06:1d:77:b1:b5:b5:8c:98:4b:
                    df:8b:67:34:e7:55:d2:ef:82:96:a5:6c:b8:12:a6:
                    43:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:49:21:D8:B7:6D:48:D9:0C:6B:D7:9D:33:03:6D:FC:C1:AF:48:D6
            X509v3 Authority Key Identifier:
                keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/_0kh2LdtSNkMa9edMwNt_MGvSNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.68.0-185.182.70.255

    Signature Algorithm: sha256WithRSAEncryption
         54:b8:d1:25:69:4c:5c:26:53:82:7b:ad:fd:9a:1e:1f:08:1c:
         d0:10:89:8a:d6:51:01:ce:d8:9e:4d:f9:2e:1b:25:05:ef:a9:
         a2:3c:a2:7a:e4:f1:91:f5:96:3d:9a:a2:87:c3:7e:0b:d2:f9:
         70:48:41:54:ea:75:84:8e:3e:5e:1f:3d:39:f5:17:99:72:d8:
         e8:e7:5c:3c:bf:1c:16:03:ad:66:34:88:97:57:13:4a:9a:47:
         51:a6:9e:40:87:d5:61:12:13:15:8d:20:a2:25:f3:aa:ef:dc:
         ed:5b:d6:8a:6f:b1:19:cd:7f:4d:87:30:52:8d:a4:2b:b0:6d:
         bd:39:5e:f9:4e:80:7d:e6:18:c6:eb:3e:92:17:88:9d:c9:ea:
         63:65:6e:d8:0e:dd:50:ec:13:8b:ae:49:ac:97:3e:aa:c7:fb:
         f3:a1:0f:11:a9:3d:45:15:c4:87:ab:32:1c:3a:e3:b2:9c:93:
         8c:1a:2c:d8:fe:c7:62:0f:b3:a1:17:35:7f:b4:ba:a1:f2:55:
         d5:3b:4f:64:88:5d:27:e6:5c:8e:97:b1:53:29:1c:8f:f6:6e:
         ca:72:58:d1:52:f6:54:d2:85:f5:ea:80:41:97:e0:59:7f:19:
         d1:4e:80:49:7f:8d:04:36:6c:61:ba:cb:93:c7:df:ed:06:5f:
         6b:ab:92:64
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDQ996zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODAzOGQ0Y2FjYmQ0MTkxOTk1MmViMzcwOWMxNjUzMzgzODkwMGUzMB4XDTIyMDEw
MTExMDM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY0OTIxZDhiNzZk
NDhkOTBjNmJkNzlkMzMwMzZkZmNjMWFmNDhkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKx+4qLYaAz4+huE1ACWy71seDuCZNcobMHXDgSn0wr5QdJq
yLMWgYVlHhuLEADW4/38Au/rnNLF3A7wdktf1doxCkRO5VQFWoRgoDdo+cHGInN2
uGG/EBD9CC4rAG6HNJo0ewDmOlgRB9nQ2o1UexaKU0p0meYCb5Al95Aa/F8j82Ho
f6dZuY43nLrNiL28C/bvJRwd0zMDBPbeIUYNz3ifjbvjfBYxCb0pxBu0ZNhmTEmf
Qj5PrASX8Ob9j3R9h+V4SdT0lwcXz6Nh1esBPdxQS4bASAZvx+831suY7qvYvprB
Y5WtBh13sbW1jJhL34tnNOdV0u+ClqVsuBKmQzECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBT/SSHYt21I2Qxr150zA238wa9I1jAfBgNVHSMEGDAWgBRoA41MrL1BkZlS
6zcJwWUzg4kA4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FBT05US3k5UVpHWlV1czNDY0ZsTTRPSkFPTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjA3MTY3LWQ1NTEtNDFiYS04NmE4LTJmNTBlYTI3MjEzYy8x
L18wa2gyTGR0U05rTWE5ZWRNd050X01HdlNOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjA3MTY3LWQ1NTEtNDFiYS04NmE4LTJmNTBlYTI3MjEzYy8xL2FBT05US3k5UVpH
WlV1czNDY0ZsTTRPSkFPTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCubZEAwQAubZGMA0GCSqGSIb3
DQEBCwUAA4IBAQBUuNElaUxcJlOCe639mh4fCBzQEImK1lEBztieTfkuGyUF76mi
PKJ65PGR9ZY9mqKHw34L0vlwSEFU6nWEjj5eHz059ReZctjo51w8vxwWA61mNIiX
VxNKmkdRpp5Ah9VhEhMVjSCiJfOq79ztW9aKb7EZzX9NhzBSjaQrsG29OV75ToB9
5hjG6z6SF4idyepjZW7YDt1Q7BOLrkmslz6qx/vzoQ8RqT1FFcSHqzIcOuOynJOM
GizY/sdiD7OhFzV/tLqh8lXVO09kiF0n5lyOl7FTKRyP9m7KcljRUvZU0oX16oBB
l+BZfxnRToBJf40ENmxhusuTx9/tBl9rq5Jk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:37 2024 by rpki-client on console-ams.rpki-client.org