Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/K9OA_Eo35ki2TyeAj0BjphBxwkA.roa
File:                     K9OA_Eo35ki2TyeAj0BjphBxwkA.roa (raw, json)
Hash identifier:          rYvIw8m0isyey5o1wwSYWstlKHJ2tY3aei9qcC/5dno=
Subject key identifier:   2B:D3:80:FC:4A:37:E6:48:B6:4F:27:80:8F:40:63:A6:10:71:C2:40
Certificate issuer:       /CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58
Certificate serial:       10A3AB54
Authority key identifier: 93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/K9OA_Eo35ki2TyeAj0BjphBxwkA.roa
Signing time:             Sat 01 Jan 2022 07:53:14 +0000
ROA not before:           Sat 01 Jan 2022 07:53:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.176.101.0/24 maxlen: 24
                          185.176.100.0/24 maxlen: 24
                          185.176.103.0/24 maxlen: 24
                          185.176.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 279161684 (0x10a3ab54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58
        Validity
            Not Before: Jan  1 07:53:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2bd380fc4a37e648b64f27808f4063a61071c240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0e:d6:e6:f9:b5:17:c9:15:1c:18:ff:4b:b1:
                    5b:01:30:17:3c:de:f9:d3:33:b2:92:0c:c6:18:de:
                    e5:fc:af:3a:8b:87:01:eb:20:0d:59:22:a3:b1:d8:
                    ae:1c:a9:11:39:44:72:a9:ac:ef:0f:4c:d1:3d:38:
                    74:2e:c7:53:18:73:2c:96:a7:d4:80:47:e4:e0:c1:
                    cc:5d:06:9c:bb:05:7b:61:6b:12:ca:ef:78:9a:1d:
                    46:4c:fd:d7:71:b4:56:af:4d:47:06:77:e4:2e:1c:
                    78:ee:1d:ae:8b:b7:f1:a2:3a:0a:62:17:6e:ed:cb:
                    91:3d:0b:33:2a:81:a0:04:9c:9b:07:2b:9f:32:14:
                    f3:b9:1b:32:3b:31:e4:89:41:56:aa:e3:d6:5a:4c:
                    d5:54:51:3e:c6:f7:72:9b:33:c5:80:80:c4:10:e2:
                    eb:4e:f8:31:1f:7f:f4:02:8a:6d:14:ea:db:dc:72:
                    64:9f:ab:c1:a2:cd:1b:fc:f6:13:fd:6e:a4:17:c1:
                    ee:77:68:8f:63:48:1f:c2:e6:12:15:0b:64:44:ae:
                    77:b5:33:a6:13:e3:5c:74:4c:39:76:d1:97:46:74:
                    61:06:99:2e:81:49:59:37:f9:a6:d3:bc:40:98:82:
                    0d:04:e5:a9:96:6d:4e:73:55:01:15:32:34:87:32:
                    0a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:D3:80:FC:4A:37:E6:48:B6:4F:27:80:8F:40:63:A6:10:71:C2:40
            X509v3 Authority Key Identifier:
                keyid:93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/K9OA_Eo35ki2TyeAj0BjphBxwkA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/kwHqBZY8l1byjuLpi488xHncn1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.176.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:cc:fb:19:34:08:97:65:00:19:03:15:c9:ea:73:6d:54:23:
         56:de:27:10:49:04:6b:4e:20:93:d2:15:43:e1:b3:b5:c6:48:
         7e:1a:23:77:23:bc:f9:50:7f:2e:a0:6b:9b:db:c3:89:d4:b5:
         ac:89:4d:a6:43:41:b5:ee:27:36:7e:70:66:ad:43:e5:24:d1:
         20:1e:5e:07:a2:af:03:e5:64:cd:9a:3a:3e:c7:58:e5:a5:03:
         3f:96:34:8e:ce:42:bf:9d:8a:29:c0:27:f0:7d:76:14:66:5c:
         15:2b:dd:28:b6:33:c4:3a:35:57:15:f8:42:95:2b:cb:d9:58:
         fe:ce:d7:64:09:24:d5:70:23:5f:13:8c:12:10:8d:b7:7f:a2:
         0a:2e:79:64:8a:a3:64:29:66:a4:52:27:a6:c5:fc:e3:7d:ca:
         f7:b0:3f:a2:f2:b0:9c:0c:dd:e2:1a:76:97:32:70:89:93:66:
         31:57:90:45:18:a2:eb:cc:46:9d:ae:b2:5f:20:34:29:d4:d7:
         22:6a:05:cb:6c:5d:85:06:a4:a9:6e:e4:99:b2:f3:c2:2a:6e:
         a5:87:35:8f:ef:22:a7:27:b1:8f:11:5b:1e:be:82:2f:2a:52:
         8a:0a:13:b1:f1:70:5b:29:49:c8:40:53:9e:3f:06:c1:58:bf:
         44:d9:21:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEKOrVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzAxZWEwNTk2M2M5NzU2ZjI4ZWUyZTk4YjhmM2NjNDc5ZGM5ZjU4MB4XDTIyMDEw
MTA3NTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJkMzgwZmM0YTM3
ZTY0OGI2NGYyNzgwOGY0MDYzYTYxMDcxYzI0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAO1ub5tRfJFRwY/0uxWwEwFzze+dMzspIMxhje5fyvOouH
AesgDVkio7HYrhypETlEcqms7w9M0T04dC7HUxhzLJan1IBH5ODBzF0GnLsFe2Fr
EsrveJodRkz913G0Vq9NRwZ35C4ceO4drou38aI6CmIXbu3LkT0LMyqBoAScmwcr
nzIU87kbMjsx5IlBVqrj1lpM1VRRPsb3cpszxYCAxBDi6074MR9/9AKKbRTq29xy
ZJ+rwaLNG/z2E/1upBfB7ndoj2NIH8LmEhULZESud7UzphPjXHRMOXbRl0Z0YQaZ
LoFJWTf5ptO8QJiCDQTlqZZtTnNVARUyNIcyCk8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQr04D8SjfmSLZPJ4CPQGOmEHHCQDAfBgNVHSMEGDAWgBSTAeoFljyXVvKO
4umLjzzEedyfWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t3SHFCWlk4bDFieWp1THBpNDg4eEhuY24xZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvZWJmNmNiLWE3NzktNDY0Zi04YmVlLThmMDhlMDI3MmRmOC8x
L0s5T0FfRW8zNWtpMlR5ZUFqMEJqcGhCeHdrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
ZWJmNmNiLWE3NzktNDY0Zi04YmVlLThmMDhlMDI3MmRmOC8xL2t3SHFCWlk4bDFi
eWp1THBpNDg4eEhuY24xZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmwZDANBgkqhkiG9w0BAQsFAAOC
AQEAk8z7GTQIl2UAGQMVyepzbVQjVt4nEEkEa04gk9IVQ+GztcZIfhojdyO8+VB/
LqBrm9vDidS1rIlNpkNBte4nNn5wZq1D5STRIB5eB6KvA+VkzZo6PsdY5aUDP5Y0
js5Cv52KKcAn8H12FGZcFSvdKLYzxDo1VxX4QpUry9lY/s7XZAkk1XAjXxOMEhCN
t3+iCi55ZIqjZClmpFInpsX8433K97A/ovKwnAzd4hp2lzJwiZNmMVeQRRii68xG
na6yXyA0KdTXImoFy2xdhQakqW7kmbLzwipupYc1j+8ipyexjxFbHr6CLypSigoT
sfFwWylJyEBTnj8GwVi/RNkh+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:02 2024 by rpki-client on console-ams.rpki-client.org