Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/OjcvNNzgrxMhLMkywnuIIoWbVwI.roa
File:                     OjcvNNzgrxMhLMkywnuIIoWbVwI.roa (raw, json)
Hash identifier:          w+gK1pZUjBhEaAPtnVdxMIcq2Q8lQN1EQGNDnJMFKE4=
Subject key identifier:   3A:37:2F:34:DC:E0:AF:13:21:2C:C9:32:C2:7B:88:22:85:9B:57:02
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       197668DB
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/OjcvNNzgrxMhLMkywnuIIoWbVwI.roa
Signing time:             Mon 04 Apr 2022 07:23:46 +0000
ROA not before:           Mon 04 Apr 2022 07:23:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7489
IP address blocks:        185.133.192.0/24 maxlen: 24
                          185.117.22.0/24 maxlen: 24
                          185.122.56.0/24 maxlen: 32
                          185.122.57.0/24 maxlen: 24
                          185.122.58.0/24 maxlen: 32
                          185.122.56.0/22 maxlen: 32
                          185.122.59.0/24 maxlen: 32
                          2a06:8e00::/48 maxlen: 48
                          2a06:8ec0:3::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 427190491 (0x197668db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Apr  4 07:23:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a372f34dce0af13212cc932c27b8822859b5702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:be:ab:9b:84:f6:a2:e9:46:43:d0:28:75:06:
                    6d:b6:29:3c:98:39:04:69:7b:54:7e:71:fd:ec:ab:
                    41:12:5e:14:e3:5c:d4:df:41:4e:af:6a:3a:ce:79:
                    75:21:0c:df:86:c4:91:87:19:e6:4c:96:ab:a3:19:
                    13:1e:95:5f:26:9d:98:05:10:cc:92:2c:68:29:67:
                    13:8e:05:99:5b:fd:3a:6e:0c:2b:18:5a:1a:71:49:
                    69:f6:7f:57:2e:d2:fd:9d:af:83:35:75:8f:da:19:
                    b3:ea:1e:45:a6:9c:c7:5a:9b:93:25:9f:ff:cc:5a:
                    eb:da:68:2e:b4:0e:3a:6f:f1:9e:cd:e3:0e:3a:fc:
                    fd:d9:10:b9:d9:f8:eb:b9:b9:d7:42:29:b6:38:7c:
                    ec:a0:1d:3b:e2:9b:27:b7:3f:3a:c2:7d:86:74:ad:
                    6d:9d:4f:39:6f:6f:3d:a9:3c:ad:64:a0:61:21:08:
                    32:01:37:3a:99:22:eb:e0:3f:dc:a3:bc:af:a8:e0:
                    cc:e5:f2:6b:e1:c3:1a:73:de:c0:d8:84:c9:2a:20:
                    87:76:4b:ed:35:9e:dc:5d:33:11:33:fc:91:d5:7b:
                    7b:13:0f:22:bf:83:b9:b6:ac:76:88:52:b0:8c:5f:
                    57:94:16:31:68:29:92:b7:90:b4:83:82:8f:b5:17:
                    3b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:37:2F:34:DC:E0:AF:13:21:2C:C9:32:C2:7B:88:22:85:9B:57:02
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/OjcvNNzgrxMhLMkywnuIIoWbVwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.22.0/24
                  185.122.56.0/22
                  185.133.192.0/24
                IPv6:
                  2a06:8e00::/48
                  2a06:8ec0:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:72:78:aa:09:c4:26:fd:c8:26:3a:de:4a:e5:0d:eb:e1:75:
         04:df:2f:d6:26:43:80:ed:a1:34:80:d6:0f:30:72:d1:23:48:
         21:6a:49:39:da:c3:8c:8f:51:94:a6:f9:c5:f0:14:03:fb:6f:
         f5:1b:47:1d:17:68:b3:cb:55:e8:1e:6a:10:91:2b:a6:3f:a2:
         28:fa:1a:90:d0:cf:e0:fe:57:a8:88:f8:f7:8b:bf:b3:8c:21:
         ca:6c:34:f5:00:42:01:0e:46:78:d2:a1:72:41:68:ab:dd:9b:
         69:66:37:89:5c:59:e5:3a:28:68:64:ee:e7:11:a8:e4:ce:1f:
         5b:d8:36:dc:44:1b:97:89:bd:c6:b6:27:56:17:51:1f:ea:e3:
         91:18:a5:08:cf:4f:cc:d9:02:c8:64:43:be:1a:22:02:40:36:
         b7:c6:e6:7a:58:13:f1:6f:20:6a:88:d7:a5:e8:e0:91:8f:00:
         5e:d9:7e:06:f8:91:58:3e:46:ff:d1:31:da:58:06:8d:da:3f:
         69:47:d8:ec:5c:97:81:e0:f8:7b:8e:f9:28:9d:c8:4c:01:41:
         ec:c3:11:e7:47:98:40:69:42:48:c5:26:43:ca:14:13:b0:4a:
         f5:a1:86:cb:a6:b8:7f:e2:e5:b4:36:dc:c5:65:15:70:d1:83:
         ed:b5:5d:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGXZo2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NDA3MjM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EzNzJmMzRkY2Uw
YWYxMzIxMmNjOTMyYzI3Yjg4MjI4NTliNTcwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe+q5uE9qLpRkPQKHUGbbYpPJg5BGl7VH5x/eyrQRJeFONc
1N9BTq9qOs55dSEM34bEkYcZ5kyWq6MZEx6VXyadmAUQzJIsaClnE44FmVv9Om4M
KxhaGnFJafZ/Vy7S/Z2vgzV1j9oZs+oeRaacx1qbkyWf/8xa69poLrQOOm/xns3j
Djr8/dkQudn467m510Iptjh87KAdO+KbJ7c/OsJ9hnStbZ1POW9vPak8rWSgYSEI
MgE3Opki6+A/3KO8r6jgzOXya+HDGnPewNiEySogh3ZL7TWe3F0zETP8kdV7exMP
Ir+DubasdohSsIxfV5QWMWgpkreQtIOCj7UXO1kCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQ6Ny803OCvEyEsyTLCe4gihZtXAjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L09qY3ZOTnpncnhNaExNa3l3bnVJSW9XYlZ3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQAMcniqCcQm
/cgmOt5K5Q3r4XUE3y/WJkOA7aE0gNYPMHLRI0ghakk52sOMj1GUpvnF8BQD+2/1
G0cdF2izy1XoHmoQkSumP6Io+hqQ0M/g/leoiPj3i7+zjCHKbDT1AEIBDkZ40qFy
QWir3ZtpZjeJXFnlOihoZO7nEajkzh9b2DbcRBuXib3GtidWF1Ef6uORGKUIz0/M
2QLIZEO+GiICQDa3xuZ6WBPxbyBqiNel6OCRjwBe2X4G+JFYPkb/0THaWAaN2j9p
R9jsXJeB4Ph7jvkonchMAUHswxHnR5hAaUJIxSZDyhQTsEr1oYbLprh/4uW0NtzF
ZRVw0YPttV0M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org