Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/OGBKLTZNewejP6umZOHH-4Y1Wew.roa
File:                     OGBKLTZNewejP6umZOHH-4Y1Wew.roa (raw, json)
Hash identifier:          gCNAvBSKOj1F1mIdDsQdvx72nmkAmM70DaOL/yul8E4=
Subject key identifier:   38:60:4A:2D:36:4D:7B:07:A3:3F:AB:A6:64:E1:C7:FB:86:35:59:EC
Certificate issuer:       /CN=b9762db1282ffd084761232038f81f5d29e640d5
Certificate serial:       02FF47FD
Authority key identifier: B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/OGBKLTZNewejP6umZOHH-4Y1Wew.roa
Signing time:             Sat 01 Jan 2022 10:04:26 +0000
ROA not before:           Sat 01 Jan 2022 10:04:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.139.34.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50284541 (0x2ff47fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9762db1282ffd084761232038f81f5d29e640d5
        Validity
            Not Before: Jan  1 10:04:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=38604a2d364d7b07a33faba664e1c7fb863559ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a3:0f:2f:50:82:4f:22:e8:02:2e:99:ea:51:
                    21:97:a3:75:94:4e:17:55:7e:5a:7b:e7:71:12:29:
                    6a:6b:f6:86:82:59:ea:99:50:45:2d:96:fd:3c:b2:
                    0f:6c:4f:c0:32:db:be:bf:c7:ff:11:cb:0c:da:93:
                    fe:73:52:e5:04:ef:d2:0f:48:74:f9:8e:46:c7:39:
                    04:5c:b1:ec:36:ad:13:50:59:e7:94:0d:be:2a:c3:
                    f0:25:63:3c:2b:25:fc:fc:c7:24:fe:7f:32:73:0f:
                    cc:d3:7c:3a:89:ec:07:2b:f2:1c:d8:23:f8:b4:d1:
                    cc:d9:70:1d:f9:27:c5:37:78:4a:e1:dc:d1:04:34:
                    f0:d5:91:47:7f:03:3d:f2:88:eb:17:6a:b7:40:9c:
                    e1:b5:70:f7:0f:dd:4f:f8:89:07:38:0a:c1:64:d2:
                    6c:51:f4:2f:4b:d1:65:95:d4:e8:67:6d:00:f4:bd:
                    18:7f:05:a3:1c:52:d8:ed:39:47:1e:24:55:7a:63:
                    f8:42:b5:57:db:cc:b8:c8:ce:c5:8b:a9:c1:92:07:
                    18:7a:52:25:89:d5:06:c9:e3:d8:10:ca:5b:e1:b7:
                    3c:7e:3f:3f:e0:cd:c6:bf:e1:a8:0a:0e:fb:35:18:
                    10:c6:0d:b6:f2:02:2e:df:ea:42:58:41:76:0b:44:
                    61:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:60:4A:2D:36:4D:7B:07:A3:3F:AB:A6:64:E1:C7:FB:86:35:59:EC
            X509v3 Authority Key Identifier:
                keyid:B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/OGBKLTZNewejP6umZOHH-4Y1Wew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/uXYtsSgv_QhHYSMgOPgfXSnmQNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:f9:2b:ce:ac:70:10:3f:96:61:e5:88:bd:e8:fe:a6:4d:11:
         db:3e:13:ec:2c:48:0f:3a:00:71:05:d1:c5:4e:05:4d:2a:1e:
         99:28:21:89:c1:f1:b6:1b:47:43:57:b7:20:e9:27:15:e0:97:
         f2:1b:0a:e9:0e:09:d9:0e:79:42:58:1e:11:a9:09:34:6d:09:
         2c:40:05:cd:7b:ef:76:22:2f:b2:13:6b:8c:14:ec:2f:75:8c:
         21:1e:06:bb:fd:59:76:74:d1:b4:ae:2f:b6:16:6e:c6:00:a3:
         9c:87:2d:53:7a:89:93:b4:2b:e1:a0:72:b0:aa:98:9b:c9:8d:
         77:b1:4b:1a:6f:d5:be:83:13:97:f7:a1:68:2f:15:dc:20:aa:
         79:0e:7c:9c:86:95:db:52:44:a3:b4:4f:24:9f:86:b1:75:62:
         b5:ad:62:a0:f7:7a:b3:c8:b8:a6:02:3d:b0:cf:09:9a:6e:45:
         c5:aa:f0:84:b6:fb:b3:58:0f:88:c0:cc:99:5f:b5:14:1d:a5:
         81:23:34:f6:50:4a:9f:ad:2b:d5:98:0c:3e:01:15:1f:3e:10:
         0e:5d:09:c0:0b:12:17:2a:59:d4:aa:18:0c:4e:b5:3b:37:3b:
         07:1b:82:6b:09:69:1f:44:67:86:d9:3c:24:1f:f0:0b:80:30:
         56:6d:db:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAv9H/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTc2MmRiMTI4MmZmZDA4NDc2MTIzMjAzOGY4MWY1ZDI5ZTY0MGQ1MB4XDTIyMDEw
MTEwMDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg2MDRhMmQzNjRk
N2IwN2EzM2ZhYmE2NjRlMWM3ZmI4NjM1NTllYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqjDy9Qgk8i6AIumepRIZejdZROF1V+WnvncRIpamv2hoJZ
6plQRS2W/TyyD2xPwDLbvr/H/xHLDNqT/nNS5QTv0g9IdPmORsc5BFyx7DatE1BZ
55QNvirD8CVjPCsl/PzHJP5/MnMPzNN8OonsByvyHNgj+LTRzNlwHfknxTd4SuHc
0QQ08NWRR38DPfKI6xdqt0Cc4bVw9w/dT/iJBzgKwWTSbFH0L0vRZZXU6GdtAPS9
GH8FoxxS2O05Rx4kVXpj+EK1V9vMuMjOxYupwZIHGHpSJYnVBsnj2BDKW+G3PH4/
P+DNxr/hqAoO+zUYEMYNtvICLt/qQlhBdgtEYRMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4YEotNk17B6M/q6Zk4cf7hjVZ7DAfBgNVHSMEGDAWgBS5di2xKC/9CEdh
IyA4+B9dKeZA1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VYWXRzU2d2X1FoSFlTTWdPUGdmWFNubVFOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvZjgxOTE1LTQwNWUtNGI1NC05Y2I0LTcwYTU1NmJhOGExMS8x
L09HQktMVFpOZXdlalA2dW1aT0hILTRZMVdldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ZjgxOTE1LTQwNWUtNGI1NC05Y2I0LTcwYTU1NmJhOGExMS8xL3VYWXRzU2d2X1Fo
SFlTTWdPUGdmWFNubVFOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmLIjANBgkqhkiG9w0BAQsFAAOC
AQEAMfkrzqxwED+WYeWIvej+pk0R2z4T7CxIDzoAcQXRxU4FTSoemSghicHxthtH
Q1e3IOknFeCX8hsK6Q4J2Q55QlgeEakJNG0JLEAFzXvvdiIvshNrjBTsL3WMIR4G
u/1ZdnTRtK4vthZuxgCjnIctU3qJk7Qr4aBysKqYm8mNd7FLGm/VvoMTl/ehaC8V
3CCqeQ58nIaV21JEo7RPJJ+GsXVita1ioPd6s8i4pgI9sM8Jmm5FxarwhLb7s1gP
iMDMmV+1FB2lgSM09lBKn60r1ZgMPgEVHz4QDl0JwAsSFypZ1KoYDE61Ozc7BxuC
awlpH0Rnhtk8JB/wC4AwVm3b+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:47 2024 by rpki-client on console-ams.rpki-client.org