Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/OVLFTNfHF6l2roDCcvA0KUiZ56w.roa
File:                     OVLFTNfHF6l2roDCcvA0KUiZ56w.roa (raw, json)
Hash identifier:          7vDYOze+nOiyCgdoTSL+xbK18xu3ek64Ub5tyM7rGUU=
Subject key identifier:   39:52:C5:4C:D7:C7:17:A9:76:AE:80:C2:72:F0:34:29:48:99:E7:AC
Certificate issuer:       /CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Certificate serial:       38511213
Authority key identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/OVLFTNfHF6l2roDCcvA0KUiZ56w.roa
Signing time:             Sat 01 Jan 2022 05:02:04 +0000
ROA not before:           Sat 01 Jan 2022 05:02:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8426
IP address blocks:        80.67.96.0/20 maxlen: 20
                          92.54.0.0/18 maxlen: 18
                          2a02:a0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 944837139 (0x38511213)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca053dfe7712ee63dbff640fae07308d66ce748
        Validity
            Not Before: Jan  1 05:02:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3952c54cd7c717a976ae80c272f034294899e7ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:06:ba:4a:05:57:b2:40:b0:48:a4:19:39:1e:
                    08:cb:a7:f4:9e:11:cd:ce:6e:19:95:7c:3d:f5:71:
                    09:ee:04:e9:c2:e0:9e:ea:d6:90:73:d1:dc:73:5b:
                    05:81:d5:c2:19:8b:e2:aa:e4:e6:60:c6:d5:02:41:
                    57:93:37:94:14:51:29:b1:8c:17:70:2e:10:70:c0:
                    e5:0b:fa:71:82:e6:f3:01:76:12:a9:77:9d:f9:94:
                    f7:7b:37:c1:84:ae:b8:0f:56:d6:18:9d:4a:66:96:
                    f5:b7:61:bc:f4:30:5c:85:8b:48:63:4d:6e:eb:bf:
                    a9:5a:2d:f8:0b:b0:04:16:e3:c5:d7:d8:8f:fe:1b:
                    8c:2b:e2:4a:ad:7d:14:1c:95:8f:a1:2d:fc:65:4c:
                    18:3f:12:93:6e:d0:48:92:c0:01:90:74:cd:be:4c:
                    40:d3:99:37:0a:34:ed:fa:c0:e8:e0:a0:b8:ba:f4:
                    a2:3b:2b:7b:e4:2d:1b:e7:3a:32:91:da:fa:fd:aa:
                    0f:a2:66:8e:37:11:24:78:1d:92:84:4f:71:9a:96:
                    ee:b5:b1:aa:ac:45:06:ae:f3:8e:c6:bd:5e:c3:50:
                    52:4d:2d:ca:f5:f9:d0:a9:58:ab:07:3c:4b:fb:e7:
                    15:5b:bf:3e:3f:6e:d1:53:26:63:7a:93:54:5c:98:
                    5f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:52:C5:4C:D7:C7:17:A9:76:AE:80:C2:72:F0:34:29:48:99:E7:AC
            X509v3 Authority Key Identifier:
                keyid:5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/OVLFTNfHF6l2roDCcvA0KUiZ56w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.67.96.0/20
                  92.54.0.0/18
                IPv6:
                  2a02:a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:8f:4f:e2:bf:37:47:e9:81:8f:f4:da:e2:e8:47:e2:d4:f0:
         96:f5:68:05:d5:5a:6c:2e:66:64:4b:2a:58:a2:35:77:fd:e1:
         ec:ef:dc:7f:63:21:b7:e9:23:65:b7:fc:4b:3d:f5:1c:e9:31:
         e0:85:25:ed:48:a2:b8:b6:e7:af:e7:16:e1:9c:5e:9d:21:1a:
         7b:35:a3:07:51:78:36:94:f2:86:4d:bd:20:88:02:85:a5:a3:
         d2:ae:31:b5:08:80:bf:67:57:83:9f:89:59:58:54:33:f6:1b:
         ea:0f:70:fd:45:98:8f:9f:3b:1c:b0:43:f2:69:73:43:07:1a:
         e5:c2:02:b4:81:52:cf:84:4a:66:19:88:44:c6:8a:1d:e6:f1:
         10:35:9f:c1:2a:84:48:e8:36:8c:8b:3d:be:eb:da:04:d1:09:
         a3:6e:02:25:6c:c8:25:97:35:c2:f8:ec:11:48:0a:10:99:f0:
         9f:5a:d5:10:d8:c4:ac:89:69:5e:e3:6a:c5:24:b6:f2:1d:d0:
         e5:30:e5:dc:7a:fd:e4:95:cd:ce:5e:0a:c6:d7:58:c9:fe:5c:
         8b:4e:be:33:f5:2a:0b:15:45:51:83:e4:72:5a:f3:e0:27:59:
         12:85:cd:b7:fb:da:31:38:35:23:41:7b:ee:58:00:c6:ed:1d:
         20:98:49:1c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEOFESEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2EwNTNkZmU3NzEyZWU2M2RiZmY2NDBmYWUwNzMwOGQ2NmNlNzQ4MB4XDTIyMDEw
MTA1MDIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk1MmM1NGNkN2M3
MTdhOTc2YWU4MGMyNzJmMDM0Mjk0ODk5ZTdhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQGukoFV7JAsEikGTkeCMun9J4Rzc5uGZV8PfVxCe4E6cLg
nurWkHPR3HNbBYHVwhmL4qrk5mDG1QJBV5M3lBRRKbGMF3AuEHDA5Qv6cYLm8wF2
Eql3nfmU93s3wYSuuA9W1hidSmaW9bdhvPQwXIWLSGNNbuu/qVot+AuwBBbjxdfY
j/4bjCviSq19FByVj6Et/GVMGD8Sk27QSJLAAZB0zb5MQNOZNwo07frA6OCguLr0
ojsre+QtG+c6MpHa+v2qD6JmjjcRJHgdkoRPcZqW7rWxqqxFBq7zjsa9XsNQUk0t
yvX50KlYqwc8S/vnFVu/Pj9u0VMmY3qTVFyYX/0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ5UsVM18cXqXaugMJy8DQpSJnnrDAfBgNVHSMEGDAWgBRcoFPf53Eu5j2/
9kD64HMI1mznSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hLQlQzLWR4THVZOXZfWkEtdUJ6Q05aczUwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZWJiZDJjLWJmNWEtNDZkYS04NmZiLTgwYzNlYTRmZDAwMC8x
L09WTEZUTmZIRjZsMnJvRENjdkEwS1VpWjU2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZWJiZDJjLWJmNWEtNDZkYS04NmZiLTgwYzNlYTRmZDAwMC8xL1hLQlQzLWR4THVZ
OXZfWkEtdUJ6Q05aczUwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBDYAMEBlw2ADANBAIAAjAHAwUA
KgIAoDANBgkqhkiG9w0BAQsFAAOCAQEAZI9P4r83R+mBj/Ta4uhH4tTwlvVoBdVa
bC5mZEsqWKI1d/3h7O/cf2Mht+kjZbf8Sz31HOkx4IUl7UiiuLbnr+cW4ZxenSEa
ezWjB1F4NpTyhk29IIgChaWj0q4xtQiAv2dXg5+JWVhUM/Yb6g9w/UWYj587HLBD
8mlzQwca5cICtIFSz4RKZhmIRMaKHebxEDWfwSqESOg2jIs9vuvaBNEJo24CJWzI
JZc1wvjsEUgKEJnwn1rVENjErIlpXuNqxSS28h3Q5TDl3Hr95JXNzl4KxtdYyf5c
i06+M/UqCxVFUYPkclrz4CdZEoXNt/vaMTg1I0F77lgAxu0dIJhJHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:53 2024 by rpki-client on console-fra.rpki-client.org