Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OOCRhyvNwUfH0gmy-2QdylV0VtI.roa
File:                     OOCRhyvNwUfH0gmy-2QdylV0VtI.roa (raw, json)
Hash identifier:          dPuCiLeWOz5BbymghYaRi7LlQRUGIpoh489oMDh9EFA=
Subject key identifier:   38:E0:91:87:2B:CD:C1:47:C7:D2:09:B2:FB:64:1D:CA:55:74:56:D2
Certificate issuer:       /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial:       A730A0
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OOCRhyvNwUfH0gmy-2QdylV0VtI.roa
Signing time:             Sat 01 Jan 2022 02:59:45 +0000
ROA not before:           Sat 01 Jan 2022 02:59:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15511
IP address blocks:        185.38.28.0/22 maxlen: 24
                          185.95.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10956960 (0xa730a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
        Validity
            Not Before: Jan  1 02:59:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=38e091872bcdc147c7d209b2fb641dca557456d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3f:e2:c3:1b:36:cd:be:ce:41:59:a8:f0:49:
                    db:6e:31:71:0e:e7:b9:73:98:cb:d5:03:f0:6e:49:
                    3e:04:3b:92:69:97:8f:20:8c:88:58:f2:5e:56:93:
                    c4:81:f3:20:66:d1:cc:5e:db:29:c2:77:55:3c:2f:
                    de:56:37:0a:7f:8c:b8:43:fd:9a:51:70:f4:92:5c:
                    e0:f4:62:c3:3e:60:07:2e:b1:45:bf:01:d5:62:65:
                    19:9e:27:82:93:14:28:4d:3e:60:dd:04:53:06:26:
                    4c:ce:f1:74:b5:1e:10:76:7f:20:46:2b:ab:68:06:
                    ac:4e:e4:fe:27:9c:40:3b:4f:22:03:46:cb:1a:4f:
                    6f:e5:a1:0a:fe:9c:8a:a9:cc:08:88:a7:e7:3d:4f:
                    6e:04:57:e2:99:de:8c:bf:88:37:4e:65:d4:6e:4c:
                    bf:09:e2:c2:a2:94:c1:45:e4:d7:5a:63:b9:f5:5b:
                    c8:86:1f:e7:3a:0a:77:80:85:dd:5f:61:9d:62:cd:
                    ff:ac:70:d0:11:0a:03:d8:25:a6:5c:2b:9f:2e:24:
                    57:0d:30:9e:2e:90:6c:ff:0c:7e:22:93:83:d5:07:
                    89:db:1e:43:c4:55:72:9c:3e:e7:8e:f2:1c:6c:49:
                    71:27:89:70:cf:ba:da:39:da:df:70:43:66:f5:e9:
                    1f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:E0:91:87:2B:CD:C1:47:C7:D2:09:B2:FB:64:1D:CA:55:74:56:D2
            X509v3 Authority Key Identifier:
                keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OOCRhyvNwUfH0gmy-2QdylV0VtI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.28.0/22
                  185.95.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:a9:c4:1c:d0:81:c1:01:cd:0c:20:63:4c:1e:7d:8e:76:27:
         6a:2d:70:3c:48:9d:f9:b6:16:d2:5d:10:83:b8:07:7d:ad:a3:
         6c:f3:cb:44:ac:7d:95:46:ef:9a:00:eb:79:d0:01:42:1c:0b:
         7b:ba:74:fc:b3:1b:57:b0:f0:d9:9a:51:9a:77:04:96:c6:f6:
         30:8f:ba:a1:5d:fc:14:8d:39:27:10:90:c6:08:6a:a9:2b:39:
         25:a4:12:94:f3:f5:89:8e:39:85:bc:2e:39:b1:8b:23:cf:19:
         72:cd:c6:42:60:a0:c2:56:3a:d2:79:0f:96:79:24:dd:ec:bd:
         97:63:39:04:d9:f1:4e:76:f2:3c:48:d1:6a:5e:85:46:53:5e:
         bd:dd:9d:f8:62:34:4a:61:c4:80:f2:22:96:4c:19:ef:11:ae:
         0f:8c:87:1a:8b:67:3d:c8:8f:2a:c7:b9:fa:e1:29:18:58:5a:
         00:92:07:89:09:4a:4e:af:60:38:c7:ac:27:fc:21:f5:57:10:
         e3:64:40:75:22:4b:1f:c9:56:64:0e:9b:eb:4e:35:21:86:51:
         f6:8e:b0:5e:80:10:56:92:34:f4:be:fb:5b:2f:4c:0c:17:b1:
         01:2c:40:aa:b8:5c:8b:e1:99:77:3b:b1:43:62:3e:fc:d4:f8:
         c7:3d:87:ac
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKcwoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhlMDkxODcyYmNk
YzE0N2M3ZDIwOWIyZmI2NDFkY2E1NTc0NTZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANA/4sMbNs2+zkFZqPBJ224xcQ7nuXOYy9UD8G5JPgQ7kmmX
jyCMiFjyXlaTxIHzIGbRzF7bKcJ3VTwv3lY3Cn+MuEP9mlFw9JJc4PRiwz5gBy6x
Rb8B1WJlGZ4ngpMUKE0+YN0EUwYmTM7xdLUeEHZ/IEYrq2gGrE7k/iecQDtPIgNG
yxpPb+WhCv6ciqnMCIin5z1PbgRX4pnejL+IN05l1G5MvwniwqKUwUXk11pjufVb
yIYf5zoKd4CF3V9hnWLN/6xw0BEKA9glplwrny4kVw0wni6QbP8MfiKTg9UHidse
Q8RVcpw+547yHGxJcSeJcM+62jna33BDZvXpH/UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ44JGHK83BR8fSCbL7ZB3KVXRW0jAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L09PQ1JoeXZOd1VmSDBnbXktMlFkeWxWMFZ0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAuqnEHNCBwQHNDCBjTB59jnYnai1wPEid+bYW0l0Qg7gHfa2jbPPL
RKx9lUbvmgDredABQhwLe7p0/LMbV7Dw2ZpRmncElsb2MI+6oV38FI05JxCQxghq
qSs5JaQSlPP1iY45hbwuObGLI88Zcs3GQmCgwlY60nkPlnkk3ey9l2M5BNnxTnby
PEjRal6FRlNevd2d+GI0SmHEgPIilkwZ7xGuD4yHGotnPciPKse5+uEpGFhaAJIH
iQlKTq9gOMesJ/wh9VcQ42RAdSJLH8lWZA6b6041IYZR9o6wXoAQVpI09L77Wy9M
DBexASxAqrhci+GZdzuxQ2I+/NT4xz2HrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:18 2024 by rpki-client on console-ams.rpki-client.org