Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/mo-1HIx5tALkk1gHrz9rCYnxTyw.roa
File:                     mo-1HIx5tALkk1gHrz9rCYnxTyw.roa (raw, json)
Hash identifier:          dWpal89J7YyHDaTZm6yjdPlCNdqtP+f8LtgfxA+q21w=
Subject key identifier:   9A:8F:B5:1C:8C:79:B4:02:E4:93:58:07:AF:3F:6B:09:89:F1:4F:2C
Certificate issuer:       /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial:       A8DF06
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/mo-1HIx5tALkk1gHrz9rCYnxTyw.roa
Signing time:             Sat 01 Jan 2022 02:59:46 +0000
ROA not before:           Sat 01 Jan 2022 02:59:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43056
IP address blocks:        185.38.28.0/22 maxlen: 24
                          185.95.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11067142 (0xa8df06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
        Validity
            Not Before: Jan  1 02:59:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9a8fb51c8c79b402e4935807af3f6b0989f14f2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e1:d9:3d:1c:0d:fc:73:c1:e3:1b:ab:99:68:
                    43:a5:84:42:49:52:83:fc:6d:fe:dd:d7:62:50:d0:
                    f3:1b:9c:c2:be:e5:14:59:18:b4:84:09:fe:b8:7c:
                    7a:e1:2f:50:26:d6:36:29:a1:1f:79:a6:a3:d2:73:
                    49:ae:b4:1a:cb:e4:f1:ab:22:dd:e8:a8:22:d0:33:
                    e8:f7:ca:cc:55:06:9a:0b:43:81:6e:4e:31:cc:e1:
                    12:32:e4:75:d8:e2:0a:2c:26:63:a9:dd:19:5c:21:
                    ad:4b:f3:d1:05:c5:e5:4b:60:96:d0:70:f1:60:3b:
                    a1:b4:79:42:69:8f:cb:38:48:69:c4:51:f4:43:3a:
                    26:da:89:66:a8:2f:b6:4c:f2:d4:98:51:3d:27:f3:
                    40:60:bd:22:ea:d6:e0:5b:9a:a2:b8:f4:1c:f5:60:
                    78:f7:0e:52:88:2a:4a:0d:d6:cc:a0:b6:2b:b9:33:
                    fe:53:4f:c5:c9:2e:55:dc:88:03:31:b1:ad:6e:6a:
                    b4:ad:fc:ab:d8:7b:c9:2b:4c:d4:aa:41:02:8f:ac:
                    8d:37:cf:15:17:f7:bd:b0:51:24:a8:ae:f0:d8:79:
                    3f:77:87:5b:db:1a:19:10:a9:bc:68:f6:50:78:dc:
                    38:e5:0c:7f:27:52:98:1b:bc:9f:88:b0:a9:87:e7:
                    3f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:8F:B5:1C:8C:79:B4:02:E4:93:58:07:AF:3F:6B:09:89:F1:4F:2C
            X509v3 Authority Key Identifier:
                keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/mo-1HIx5tALkk1gHrz9rCYnxTyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.28.0/22
                  185.95.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:96:68:d9:d3:36:7f:18:f6:1a:79:35:c2:45:31:bc:6e:b0:
         be:a0:e0:64:0f:44:1b:fd:e3:98:52:cf:9c:ec:17:6d:b5:0c:
         50:31:86:51:22:a3:cd:2c:7b:04:83:2b:79:0e:f5:a3:86:83:
         1f:d5:22:77:88:2b:bc:27:d2:f6:b8:b0:b7:40:d7:80:b9:d2:
         cb:f9:0c:71:fe:a8:18:74:62:c2:15:38:df:3c:4d:bd:5a:42:
         bf:15:e2:78:05:a4:06:2c:e8:b6:00:36:8b:ac:a5:1c:96:33:
         08:1f:d7:1c:ca:fe:db:73:4d:b9:a8:bb:99:d6:69:04:3e:9b:
         7a:0f:35:fa:50:4e:c6:f7:11:d8:ef:68:64:82:e1:4d:ac:c1:
         ec:3c:06:77:1f:1c:8d:e9:62:f2:e3:40:ff:5a:de:69:55:d3:
         b2:ad:c4:3a:0d:5e:4c:78:44:33:1f:3f:d1:d0:70:2e:18:3f:
         6a:38:34:d6:ff:c5:c2:3b:d7:7d:11:91:c8:a7:3f:9b:d1:61:
         07:38:47:8e:1e:a8:13:74:e2:29:d7:e8:2c:26:1c:70:f5:51:
         5f:90:e0:3d:58:7c:3c:2b:cd:6f:a0:f0:f4:9b:fd:fa:26:a0:
         80:51:94:e8:f9:d1:cc:a7:21:b7:53:79:89:d3:b9:7b:90:7a:
         93:f9:e7:f7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKjfBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE4ZmI1MWM4Yzc5
YjQwMmU0OTM1ODA3YWYzZjZiMDk4OWYxNGYyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLh2T0cDfxzweMbq5loQ6WEQklSg/xt/t3XYlDQ8xucwr7l
FFkYtIQJ/rh8euEvUCbWNimhH3mmo9JzSa60Gsvk8asi3eioItAz6PfKzFUGmgtD
gW5OMczhEjLkddjiCiwmY6ndGVwhrUvz0QXF5UtgltBw8WA7obR5QmmPyzhIacRR
9EM6JtqJZqgvtkzy1JhRPSfzQGC9IurW4Fuaorj0HPVgePcOUogqSg3WzKC2K7kz
/lNPxckuVdyIAzGxrW5qtK38q9h7yStM1KpBAo+sjTfPFRf3vbBRJKiu8Nh5P3eH
W9saGRCpvGj2UHjcOOUMfydSmBu8n4iwqYfnP+0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSaj7UcjHm0AuSTWAevP2sJifFPLDAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L21vLTFISXg1dEFMa2sxZ0hyejlyQ1lueFR5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAT5Zo2dM2fxj2Gnk1wkUxvG6wvqDgZA9EG/3jmFLPnOwXbbUMUDGG
USKjzSx7BIMreQ71o4aDH9Uid4grvCfS9riwt0DXgLnSy/kMcf6oGHRiwhU43zxN
vVpCvxXieAWkBizotgA2i6ylHJYzCB/XHMr+23NNuai7mdZpBD6beg81+lBOxvcR
2O9oZILhTazB7DwGdx8cjeli8uNA/1reaVXTsq3EOg1eTHhEMx8/0dBwLhg/ajg0
1v/FwjvXfRGRyKc/m9FhBzhHjh6oE3TiKdfoLCYccPVRX5DgPVh8PCvNb6Dw9Jv9
+iaggFGU6PnRzKcht1N5idO5e5B6k/nn9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org