Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/10d5_vNkeXY2tK6h5hqnmW932OQ.roa
File:                     10d5_vNkeXY2tK6h5hqnmW932OQ.roa (raw, json)
Hash identifier:          PLPRR4lpqf7uiqgmbIIX9DCkaZXMKO9Wuag7LeQgqWE=
Subject key identifier:   D7:47:79:FE:F3:64:79:76:36:B4:AE:A1:E6:1A:A7:99:6F:77:D8:E4
Certificate issuer:       /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial:       06F879F4
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/10d5_vNkeXY2tK6h5hqnmW932OQ.roa
Signing time:             Sat 01 Jan 2022 09:55:58 +0000
ROA not before:           Sat 01 Jan 2022 09:55:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206101
IP address blocks:        185.196.112.0/24 maxlen: 24
                          185.196.115.0/24 maxlen: 24
                          185.196.114.0/24 maxlen: 24
                          185.196.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116947444 (0x6f879f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
        Validity
            Not Before: Jan  1 09:55:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d74779fef364797636b4aea1e61aa7996f77d8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:da:9b:06:77:87:2c:c2:fd:19:c2:3e:47:30:
                    85:33:8b:96:bc:00:de:d2:5d:fc:de:71:38:78:af:
                    65:76:3e:28:57:97:c5:e9:05:81:8f:e7:e6:77:9a:
                    0a:a8:3e:85:12:54:ac:d4:23:95:66:8e:52:cd:16:
                    b3:d3:bd:17:0a:84:d0:44:23:03:38:eb:ed:e8:1c:
                    c8:4f:82:f2:de:ae:37:99:74:7b:1e:f7:c6:16:f1:
                    64:b9:ae:b4:85:3c:1e:d7:ff:c0:44:cb:2b:b0:cc:
                    e9:4c:81:8f:6f:11:40:fd:7c:54:e1:ac:13:da:34:
                    27:d1:41:7c:2a:cf:c5:e1:a9:8a:46:9e:9f:a0:5e:
                    9a:3d:38:6a:16:52:e4:1d:ac:c4:97:c5:c7:ab:5d:
                    76:df:80:c1:4d:44:4d:6d:89:04:2e:da:5c:29:e9:
                    7e:66:6e:e3:e9:b6:94:16:3e:f3:9a:83:66:f1:42:
                    59:f0:4e:84:6d:be:73:ae:e5:a3:6c:15:d2:dc:8c:
                    a2:49:cd:22:8b:a9:e0:dc:80:ce:7c:b5:ea:d2:d7:
                    97:06:02:f7:a9:28:07:45:d6:d9:4e:97:90:99:b5:
                    18:30:36:37:da:0f:8f:38:42:3e:67:9d:bd:7a:70:
                    13:b5:bd:01:08:ca:24:fe:b7:93:9c:4c:e0:a7:f1:
                    ca:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:47:79:FE:F3:64:79:76:36:B4:AE:A1:E6:1A:A7:99:6F:77:D8:E4
            X509v3 Authority Key Identifier:
                keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/10d5_vNkeXY2tK6h5hqnmW932OQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:5b:0e:ce:6a:0c:68:1b:7f:e0:b1:74:82:9d:9b:a5:2a:ac:
         41:92:10:f6:90:fa:9c:db:b6:a7:0c:8d:3e:1e:96:b3:94:5e:
         0e:34:0e:5e:4b:79:e4:95:94:9f:6c:04:cd:b0:ea:2d:01:66:
         42:1a:10:37:af:48:9e:94:91:e3:f8:df:35:29:07:29:44:cb:
         75:25:d4:f4:ec:c5:f5:fb:bd:d9:a8:43:ca:57:b3:7f:cc:cc:
         5a:9f:17:8d:1a:da:28:cd:77:cb:e3:fc:cb:16:4b:6c:69:44:
         10:a8:9d:0a:65:34:2a:63:fa:45:97:2c:92:f9:20:a8:91:79:
         62:cd:ed:02:42:fe:b0:23:0a:24:5f:fa:1a:31:a4:99:63:f5:
         7e:ed:17:cf:d2:85:9c:f0:39:64:55:02:0f:68:1b:88:ae:6a:
         9c:db:c0:c9:c2:e3:04:2d:78:c1:32:55:37:aa:dc:28:50:3f:
         17:64:4c:b5:e0:d6:80:18:a6:18:07:51:ae:50:c0:e4:05:25:
         c0:c6:45:93:59:39:6c:5c:0c:c9:1f:f0:2a:39:ed:5a:6d:36:
         95:a7:d5:3a:cf:22:6b:6d:a0:15:24:5a:11:1b:33:dd:da:d4:
         04:23:a8:e0:0f:0d:09:ee:a1:9e:14:ea:53:d7:59:c8:3d:f4:
         04:09:eb:16
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBvh59DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTc2ZTZhYjA4NGM5ZWVlZGU4NmUyYWY2YmRlNzIxNTI3NGI5NWE3MB4XDTIyMDEw
MTA5NTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc0Nzc5ZmVmMzY0
Nzk3NjM2YjRhZWExZTYxYWE3OTk2Zjc3ZDhlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXamwZ3hyzC/RnCPkcwhTOLlrwA3tJd/N5xOHivZXY+KFeX
xekFgY/n5neaCqg+hRJUrNQjlWaOUs0Ws9O9FwqE0EQjAzjr7egcyE+C8t6uN5l0
ex73xhbxZLmutIU8Htf/wETLK7DM6UyBj28RQP18VOGsE9o0J9FBfCrPxeGpikae
n6Bemj04ahZS5B2sxJfFx6tddt+AwU1ETW2JBC7aXCnpfmZu4+m2lBY+85qDZvFC
WfBOhG2+c67lo2wV0tyMoknNIoup4NyAzny16tLXlwYC96koB0XW2U6XkJm1GDA2
N9oPjzhCPmedvXpwE7W9AQjKJP63k5xM4KfxypkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTXR3n+82R5dja0rqHmGqeZb3fY5DAfBgNVHSMEGDAWgBQ5duarCEye7t6G
4q9r3nIVJ0uVpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09YYm1xd2hNbnU3ZWh1S3ZhOTV5RlNkTGxhYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNzAyOWNjLWQzMzEtNDYwNi04ODljLWQ2NjY3NGNmYTQyNC8x
LzEwZDVfdk5rZVhZMnRLNmg1aHFubVc5MzJPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NzAyOWNjLWQzMzEtNDYwNi04ODljLWQ2NjY3NGNmYTQyNC8xL09YYm1xd2hNbnU3
ZWh1S3ZhOTV5RlNkTGxhYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnEcDANBgkqhkiG9w0BAQsFAAOC
AQEAm1sOzmoMaBt/4LF0gp2bpSqsQZIQ9pD6nNu2pwyNPh6Ws5ReDjQOXkt55JWU
n2wEzbDqLQFmQhoQN69InpSR4/jfNSkHKUTLdSXU9OzF9fu92ahDylezf8zMWp8X
jRraKM13y+P8yxZLbGlEEKidCmU0KmP6RZcskvkgqJF5Ys3tAkL+sCMKJF/6GjGk
mWP1fu0Xz9KFnPA5ZFUCD2gbiK5qnNvAycLjBC14wTJVN6rcKFA/F2RMteDWgBim
GAdRrlDA5AUlwMZFk1k5bFwMyR/wKjntWm02lafVOs8ia22gFSRaERsz3drUBCOo
4A8NCe6hnhTqU9dZyD30BAnrFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org