Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ojn0iyj3OmZcNSL20qgfDvU6SEA.roa
File:                     Ojn0iyj3OmZcNSL20qgfDvU6SEA.roa (raw, json)
Hash identifier:          eXGEZ8+BRVWNRKZwOdAGlneULACJmPndQ3TxH9LUZeU=
Subject key identifier:   3A:39:F4:8B:28:F7:3A:66:5C:35:22:F6:D2:A8:1F:0E:F5:3A:48:40
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       03DD6A65
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ojn0iyj3OmZcNSL20qgfDvU6SEA.roa
Signing time:             Fri 18 Feb 2022 11:16:10 +0000
ROA not before:           Fri 18 Feb 2022 11:16:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208392
IP address blocks:        185.112.80.0/24 maxlen: 24
                          185.17.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64842341 (0x3dd6a65)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Feb 18 11:16:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a39f48b28f73a665c3522f6d2a81f0ef53a4840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:65:ec:f2:b2:51:d6:0c:9e:2d:a3:f4:4f:6f:
                    e8:ee:70:83:eb:b3:50:74:0b:3b:9c:b9:7c:21:9b:
                    d7:97:fe:50:68:d4:58:80:1f:d7:ae:09:ce:b6:59:
                    72:c9:61:be:ca:bc:4c:bb:85:d7:aa:f2:08:81:6f:
                    1c:71:6b:98:da:b6:de:12:73:90:d6:a7:40:a0:4b:
                    97:97:b4:be:7a:e4:36:ee:95:f1:41:f0:64:a2:f0:
                    b8:61:0a:64:b5:2c:3d:4e:54:ef:30:61:ea:31:31:
                    31:b6:28:28:13:5c:93:01:7c:d4:81:34:97:16:8a:
                    51:52:f3:62:fd:3e:27:bf:33:44:b5:a2:88:1e:ce:
                    33:bb:f5:2e:84:e2:a9:fc:15:9a:d4:e6:c3:7b:68:
                    da:78:37:d4:38:3e:33:bd:d9:e9:4f:ca:2f:7f:84:
                    c6:25:38:e4:d9:91:8f:23:84:35:69:30:bc:bc:8e:
                    63:48:7d:30:1f:8e:e7:a4:8a:98:93:de:19:f6:d5:
                    15:ee:b4:0c:60:f4:7a:66:5a:26:e3:94:37:7c:52:
                    96:8d:66:43:aa:5f:44:38:b7:67:c3:96:0c:3d:b6:
                    d4:db:00:e2:35:16:d2:c6:7e:50:b0:63:b2:da:bb:
                    7c:fa:0f:af:b7:11:65:e0:02:14:40:74:85:d5:f0:
                    71:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:39:F4:8B:28:F7:3A:66:5C:35:22:F6:D2:A8:1F:0E:F5:3A:48:40
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ojn0iyj3OmZcNSL20qgfDvU6SEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.17.1.0/24
                  185.112.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:d1:0c:59:b7:2a:ea:79:b0:5c:d5:05:00:03:29:b6:f1:0b:
         b4:03:d6:97:02:55:ee:f3:ff:c5:22:02:20:49:0b:5c:1a:24:
         66:ba:28:86:eb:b1:9b:df:a9:14:bd:95:2b:65:61:9f:60:54:
         a2:6f:a2:93:6a:02:e0:47:40:bb:49:5d:f8:89:9a:d6:ca:d4:
         2c:f1:90:50:57:be:51:25:cb:9d:bf:e4:09:2d:68:0d:d8:44:
         87:8b:87:f8:45:1c:63:c6:8d:6c:4f:62:1f:74:2f:08:bf:a2:
         13:ba:4e:db:e2:0d:63:54:3b:96:01:1a:8d:9e:76:7a:0a:df:
         a4:7d:a6:49:c6:53:13:7b:76:8a:cc:70:2c:08:72:e1:a9:b3:
         20:43:12:75:24:0f:1f:09:e7:1b:d2:92:6f:bb:d3:d7:df:8e:
         36:49:8d:99:d7:e9:70:0b:eb:5e:63:b6:71:df:8d:86:2c:81:
         32:ac:b9:ee:cf:92:92:ae:e6:aa:ff:4f:6d:24:89:b6:41:df:
         d7:a0:d3:7b:60:27:bb:f2:2e:78:8c:11:97:7b:34:cb:5e:a9:
         b5:07:88:df:e9:8d:20:5b:c4:78:11:28:5c:17:f1:77:ab:20:
         19:76:90:e5:fb:97:b3:f8:10:d7:4b:f0:18:23:d2:e9:82:aa:
         00:28:ea:d7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA91qZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDIx
ODExMTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzOWY0OGIyOGY3
M2E2NjVjMzUyMmY2ZDJhODFmMGVmNTNhNDg0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZl7PKyUdYMni2j9E9v6O5wg+uzUHQLO5y5fCGb15f+UGjU
WIAf164JzrZZcslhvsq8TLuF16ryCIFvHHFrmNq23hJzkNanQKBLl5e0vnrkNu6V
8UHwZKLwuGEKZLUsPU5U7zBh6jExMbYoKBNckwF81IE0lxaKUVLzYv0+J78zRLWi
iB7OM7v1LoTiqfwVmtTmw3to2ng31Dg+M73Z6U/KL3+ExiU45NmRjyOENWkwvLyO
Y0h9MB+O56SKmJPeGfbVFe60DGD0emZaJuOUN3xSlo1mQ6pfRDi3Z8OWDD221NsA
4jUW0sZ+ULBjstq7fPoPr7cRZeACFEB0hdXwcQsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6OfSLKPc6Zlw1IvbSqB8O9TpIQDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L09qbjBpeWozT21aY05TTDIwcWdmRHZVNlNFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkRAQMEALlwUDANBgkqhkiG9w0B
AQsFAAOCAQEAJdEMWbcq6nmwXNUFAAMptvELtAPWlwJV7vP/xSICIEkLXBokZroo
huuxm9+pFL2VK2Vhn2BUom+ik2oC4EdAu0ld+Ima1srULPGQUFe+USXLnb/kCS1o
DdhEh4uH+EUcY8aNbE9iH3QvCL+iE7pO2+INY1Q7lgEajZ52egrfpH2mScZTE3t2
isxwLAhy4amzIEMSdSQPHwnnG9KSb7vT19+ONkmNmdfpcAvrXmO2cd+NhiyBMqy5
7s+Skq7mqv9PbSSJtkHf16DTe2Anu/IueIwRl3s0y16ptQeI3+mNIFvEeBEoXBfx
d6sgGXaQ5fuXs/gQ10vwGCPS6YKqACjq1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org