Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/7OMzdmIXAp11qI1qZdV3NMB3PSM.roa
File:                     7OMzdmIXAp11qI1qZdV3NMB3PSM.roa (raw, json)
Hash identifier:          7p2E8DGs8bZcbyoWDqEBQ+WOWZ2XMzU/pu3iz40z3tI=
Subject key identifier:   EC:E3:33:76:62:17:02:9D:75:A8:8D:6A:65:D5:77:34:C0:77:3D:23
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       1B5FD8F3
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/7OMzdmIXAp11qI1qZdV3NMB3PSM.roa
Signing time:             Sat 01 Jan 2022 10:02:34 +0000
ROA not before:           Sat 01 Jan 2022 10:02:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24822
IP address blocks:        217.65.109.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 459266291 (0x1b5fd8f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  1 10:02:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ece333766217029d75a88d6a65d57734c0773d23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b8:4c:ba:7b:bb:1c:d1:eb:c3:d7:86:8c:e4:
                    bd:c7:d7:69:84:7c:1f:78:c1:0b:65:eb:88:fc:9f:
                    de:84:a9:93:08:b8:5c:77:cb:f3:61:12:14:34:75:
                    69:fa:9e:dd:54:39:89:32:90:a0:1b:8e:cc:83:b2:
                    90:ef:bc:59:80:ba:6f:aa:22:cb:a1:9d:74:28:fc:
                    c4:f6:37:6e:93:c8:18:a0:21:fd:c8:00:4a:b4:65:
                    c6:4f:39:9b:ad:0d:b5:40:e8:a9:c6:2e:8e:57:94:
                    33:2d:c4:e5:4e:cd:40:d6:2f:bb:df:86:94:3d:3e:
                    12:a1:2e:2f:64:65:f2:c9:a6:f0:ef:8c:f5:7c:b5:
                    f9:95:d5:60:3b:fd:ac:bf:dd:7f:8f:8f:e7:69:16:
                    8b:e4:0d:0e:59:a1:86:8b:50:e1:dc:1e:a3:56:87:
                    eb:f9:a2:a0:a4:04:c8:a7:09:d4:bc:ff:c4:79:c1:
                    56:24:24:e3:67:db:c3:5d:68:21:8d:e5:2c:bd:6c:
                    34:89:b7:66:1a:df:3f:26:e2:af:d3:80:60:65:18:
                    0d:11:72:9a:2e:1b:90:8c:24:82:dd:e1:22:5b:17:
                    a4:7a:2a:c1:4d:4e:24:eb:70:55:e0:f0:39:ae:69:
                    2c:83:7b:7b:cd:96:19:1a:c5:4e:55:19:a4:2c:f4:
                    5e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:E3:33:76:62:17:02:9D:75:A8:8D:6A:65:D5:77:34:C0:77:3D:23
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/7OMzdmIXAp11qI1qZdV3NMB3PSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.65.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:b9:29:78:84:3b:2d:31:66:69:18:2a:9d:3d:39:32:46:d0:
         47:d2:4c:bc:94:c5:7f:27:7d:6a:cf:bd:bc:61:32:16:91:1e:
         32:69:2e:93:9e:77:bc:c7:9f:5b:d0:a8:4d:ce:67:bf:ff:30:
         7f:c6:7d:26:65:25:e5:50:eb:b6:ce:fc:b3:e3:77:7c:d5:04:
         36:7f:81:d5:36:f9:da:75:f4:44:d1:68:2c:87:df:be:4f:61:
         96:79:88:ef:a3:3a:15:7f:c4:1a:4a:4f:72:35:87:f9:34:01:
         de:6a:93:cd:9a:64:62:3f:e0:30:2f:6a:cf:12:88:4f:26:e0:
         88:12:47:74:bc:24:98:05:d2:a9:5c:00:3d:66:c2:e1:61:ee:
         54:32:4a:94:b0:1a:2c:37:32:01:73:6b:77:5a:86:3a:d2:26:
         90:d7:05:29:a6:e2:e4:56:ec:28:ac:14:a6:9e:3c:89:b2:69:
         fb:4c:b8:37:50:90:d1:68:4c:a6:7b:e3:96:92:ec:50:ff:4c:
         9f:25:22:55:af:ba:22:db:66:fc:4e:d2:9f:e7:a8:b0:20:52:
         6f:34:87:e6:b7:9b:cf:4c:c7:f0:80:35:37:bc:58:c4:05:f6:
         d5:86:b3:1c:16:42:b3:e0:d6:9f:c7:df:78:61:b7:3f:7f:25:
         83:74:10:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG1/Y8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNlMzMzNzY2MjE3
MDI5ZDc1YTg4ZDZhNjVkNTc3MzRjMDc3M2QyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC4TLp7uxzR68PXhozkvcfXaYR8H3jBC2XriPyf3oSpkwi4
XHfL82ESFDR1afqe3VQ5iTKQoBuOzIOykO+8WYC6b6oiy6GddCj8xPY3bpPIGKAh
/cgASrRlxk85m60NtUDoqcYujleUMy3E5U7NQNYvu9+GlD0+EqEuL2Rl8smm8O+M
9Xy1+ZXVYDv9rL/df4+P52kWi+QNDlmhhotQ4dweo1aH6/mioKQEyKcJ1Lz/xHnB
ViQk42fbw11oIY3lLL1sNIm3ZhrfPybir9OAYGUYDRFymi4bkIwkgt3hIlsXpHoq
wU1OJOtwVeDwOa5pLIN7e82WGRrFTlUZpCz0XhsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTs4zN2YhcCnXWojWpl1Xc0wHc9IzAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
LzdPTXpkbUlYQXAxMXFJMXFaZFYzTk1CM1BTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANlBbTANBgkqhkiG9w0BAQsFAAOC
AQEAcbkpeIQ7LTFmaRgqnT05MkbQR9JMvJTFfyd9as+9vGEyFpEeMmkuk553vMef
W9CoTc5nv/8wf8Z9JmUl5VDrts78s+N3fNUENn+B1Tb52nX0RNFoLIffvk9hlnmI
76M6FX/EGkpPcjWH+TQB3mqTzZpkYj/gMC9qzxKITybgiBJHdLwkmAXSqVwAPWbC
4WHuVDJKlLAaLDcyAXNrd1qGOtImkNcFKabi5FbsKKwUpp48ibJp+0y4N1CQ0WhM
pnvjlpLsUP9MnyUiVa+6Ittm/E7Sn+eosCBSbzSH5rebz0zH8IA1N7xYxAX21Yaz
HBZCs+DWn8ffeGG3P38lg3QQKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org