Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NAHdAjdJRRRNUTf4Tfw1GzKYl1U.roa
File:                     NAHdAjdJRRRNUTf4Tfw1GzKYl1U.roa (raw, json)
Hash identifier:          WZhqi6ywTFW7Jcu+Dv7jGNrFP53nnZPRFJ7Nd6KoVTs=
Subject key identifier:   34:01:DD:02:37:49:45:14:4D:51:37:F8:4D:FC:35:1B:32:98:97:55
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0182A0F483015358375F40EB40343949F45C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NAHdAjdJRRRNUTf4Tfw1GzKYl1U.roa
Signing time:             Mon 15 Aug 2022 10:02:35 +0000
ROA not before:           Mon 15 Aug 2022 10:02:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        85.208.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a0:f4:83:01:53:58:37:5f:40:eb:40:34:39:49:f4:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug 15 10:02:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3401dd02374945144d5137f84dfc351b32989755
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:10:6b:fb:f0:f0:1e:b5:f9:d4:62:5a:75:e5:
                    4a:90:5f:0c:b1:47:98:c0:41:c3:97:e5:6c:7f:42:
                    b8:31:d9:63:d8:75:e3:29:ee:1b:eb:32:53:09:e2:
                    e9:2c:f8:26:20:90:79:3f:aa:a7:1d:0e:0d:01:f2:
                    af:96:b9:8e:c7:8d:10:34:ca:99:cd:08:2e:8c:65:
                    7c:4d:f6:c2:9c:da:ec:8b:8e:65:a9:f6:ef:d0:13:
                    09:2c:50:95:64:52:49:1f:84:97:06:40:d6:f4:ac:
                    c9:39:31:86:1b:a2:2a:a0:60:a8:47:a1:92:d8:59:
                    23:28:51:80:c2:29:8d:be:4b:f2:93:94:8a:b2:10:
                    62:ad:ae:bd:98:59:ab:ec:39:1f:1b:2a:9b:9f:b7:
                    f9:7a:ed:79:eb:eb:57:1b:71:61:83:5b:71:a2:f2:
                    9c:96:be:14:1a:fc:c4:2b:d6:2f:90:7e:90:eb:a3:
                    fc:9f:0d:8a:09:72:69:69:b9:60:9d:16:22:54:3e:
                    fc:1b:21:dc:bb:f5:69:50:11:00:71:49:35:ae:51:
                    d0:24:d4:65:2e:ae:5a:40:0c:12:e5:23:3e:66:59:
                    f1:f8:87:e1:da:74:64:67:e9:ef:59:33:7e:ad:84:
                    4c:b4:9c:94:48:fb:83:34:72:c3:b9:d0:37:87:fc:
                    d9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:01:DD:02:37:49:45:14:4D:51:37:F8:4D:FC:35:1B:32:98:97:55
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NAHdAjdJRRRNUTf4Tfw1GzKYl1U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:f0:74:80:18:88:99:1a:32:34:87:27:0a:b8:4b:b5:42:4a:
         98:d8:3e:89:f3:c3:28:91:58:60:68:c9:8d:a9:66:ee:62:8b:
         f9:de:e0:f7:37:41:99:4c:e1:04:89:03:86:1d:55:9d:f7:81:
         de:12:28:2e:31:4f:ee:e4:e5:1f:be:8e:b5:4e:1a:1f:7c:ae:
         da:d7:5c:42:40:5c:57:6d:15:31:6f:d3:d6:65:a2:7e:d9:8d:
         98:c2:82:0d:35:15:c9:e4:a2:80:14:5a:7c:60:c9:2b:e0:ed:
         fc:d6:f1:21:e4:b6:ea:06:21:58:1b:f2:bd:aa:f0:a2:e2:f8:
         af:41:23:44:79:d5:2a:8b:b4:23:58:cc:88:1d:b1:82:b1:25:
         33:35:07:a7:c4:d2:01:8b:ed:79:14:c2:7f:d9:a7:46:37:99:
         3f:5b:5d:d0:95:4e:96:ea:99:85:eb:ea:ea:c9:6a:66:44:7f:
         fb:d0:1e:ee:7d:c4:07:6d:6b:b7:62:f1:2b:a2:6c:1a:16:d8:
         99:d9:df:2b:ad:2c:3c:72:6a:57:83:96:22:b4:6c:ec:60:c3:
         1a:64:b5:ee:76:c5:aa:c3:1b:ba:56:3b:92:fc:82:b9:77:c5:
         f4:a2:9f:91:d8:6d:56:64:32:f4:1d:5f:66:ff:b0:c1:b4:2d:
         c4:cd:59:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKg9IMBU1g3X0DrQDQ5SfRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODE1MTAwMjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDAxZGQwMjM3NDk0NTE0NGQ1MTM3Zjg0ZGZjMzUxYjMyOTg5NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hBr+/DwHrX51GJadeVKkF8MsUeY
wEHDl+Vsf0K4Mdlj2HXjKe4b6zJTCeLpLPgmIJB5P6qnHQ4NAfKvlrmOx40QNMqZ
zQgujGV8TfbCnNrsi45lqfbv0BMJLFCVZFJJH4SXBkDW9KzJOTGGG6IqoGCoR6GS
2FkjKFGAwimNvkvyk5SKshBira69mFmr7DkfGyqbn7f5eu156+tXG3Fhg1txovKc
lr4UGvzEK9YvkH6Q66P8nw2KCXJpablgnRYiVD78GyHcu/VpUBEAcUk1rlHQJNRl
Lq5aQAwS5SM+Zlnx+Ifh2nRkZ+nvWTN+rYRMtJyUSPuDNHLDudA3h/zZYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQB3QI3SUUUTVE3+E38NRsymJdVMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTkFIZEFqZEpSUlJOVVRmNFRmdzFHektZbDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBwMA0G
CSqGSIb3DQEBCwUAA4IBAQAt8HSAGIiZGjI0hycKuEu1QkqY2D6J88MokVhgaMmN
qWbuYov53uD3N0GZTOEEiQOGHVWd94HeEiguMU/u5OUfvo61ThoffK7a11xCQFxX
bRUxb9PWZaJ+2Y2YwoINNRXJ5KKAFFp8YMkr4O381vEh5LbqBiFYG/K9qvCi4viv
QSNEedUqi7QjWMyIHbGCsSUzNQenxNIBi+15FMJ/2adGN5k/W13QlU6W6pmF6+rq
yWpmRH/70B7ufcQHbWu3YvEromwaFtiZ2d8rrSw8cmpXg5YitGzsYMMaZLXudsWq
wxu6VjuS/IK5d8X0op+R2G1WZDL0HV9m/7DBtC3EzVmr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org