Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MVHwJ6IYKuGvKxc4sAGrYj31gEY.roa
File:                     MVHwJ6IYKuGvKxc4sAGrYj31gEY.roa (raw, json)
Hash identifier:          fKaWr+D5f/AcJYys87jVeMoJu9tI40jtA0vbURzvkdk=
Subject key identifier:   31:51:F0:27:A2:18:2A:E1:AF:2B:17:38:B0:01:AB:62:3D:F5:80:46
Certificate issuer:       /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial:       0A335293
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MVHwJ6IYKuGvKxc4sAGrYj31gEY.roa
Signing time:             Sat 01 Jan 2022 06:58:23 +0000
ROA not before:           Sat 01 Jan 2022 06:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56466
IP address blocks:        185.141.105.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171135635 (0xa335293)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
        Validity
            Not Before: Jan  1 06:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3151f027a2182ae1af2b1738b001ab623df58046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:08:c8:5d:38:14:d9:37:83:49:68:ce:05:d9:
                    7e:2d:84:54:c9:02:67:34:75:cd:1c:38:91:d0:ea:
                    38:27:43:31:9c:40:40:19:d1:4e:b3:1c:6a:46:08:
                    b2:78:65:3e:36:e2:43:0b:51:90:14:9f:9e:8d:c5:
                    bf:a7:b6:9e:3b:d0:f0:69:ab:ef:13:2f:d3:70:ce:
                    c7:b9:40:cd:e7:2a:d3:2d:3c:b4:5a:6b:63:81:d8:
                    3d:4a:07:8c:66:94:35:9c:ca:81:e3:f8:1b:3b:20:
                    0d:5f:91:ec:5f:06:f0:91:63:e0:85:a7:9f:b8:4c:
                    16:81:40:e8:5c:e8:3d:67:2a:ba:e9:a1:53:e6:e2:
                    a5:9a:ba:ac:db:45:f3:d4:69:5a:15:24:dc:8c:4c:
                    ad:82:ed:bf:c2:72:a1:dd:c2:11:8e:3f:78:7c:f4:
                    8d:b4:33:1c:30:05:3b:13:a7:f5:a4:bb:fc:38:08:
                    c5:cc:6f:b3:65:f4:fe:34:74:42:54:f2:4b:28:b8:
                    3b:bf:9b:c9:fe:f0:8f:5c:f0:8f:72:39:fc:2f:fb:
                    62:2a:2c:31:e6:d2:5d:b3:e5:ec:1d:68:a8:fe:b3:
                    99:0b:4d:f5:ab:87:ac:a9:1c:59:0c:f2:79:15:a1:
                    1b:c9:fb:ff:6f:ec:c7:52:1d:f1:0d:ae:ea:b1:9e:
                    e5:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:51:F0:27:A2:18:2A:E1:AF:2B:17:38:B0:01:AB:62:3D:F5:80:46
            X509v3 Authority Key Identifier:
                keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MVHwJ6IYKuGvKxc4sAGrYj31gEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.141.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:e5:16:d2:88:9d:6c:49:80:63:0a:f7:16:51:0a:c4:95:c6:
         cd:ac:18:72:be:7f:ab:37:0e:1c:09:d4:f8:c8:ee:25:42:df:
         2c:9b:40:6c:89:f7:57:f6:b2:b4:d3:ef:ef:42:8f:ff:19:ae:
         ae:d5:ce:de:20:4b:06:b3:75:4e:07:3b:bc:64:ad:d8:7c:45:
         d7:04:3b:3e:58:94:a0:eb:ee:dd:d3:19:3e:9a:2e:51:63:75:
         20:6f:97:af:64:b0:be:e9:39:8f:20:fa:4e:89:09:ab:b6:2b:
         c3:4e:fb:72:a4:49:22:39:18:77:96:11:62:55:a9:01:83:a7:
         7d:3c:2a:c2:ff:b5:f4:d3:e4:ac:75:3a:a8:d5:59:8a:ad:03:
         c6:39:e2:32:7f:75:03:2c:bc:32:10:e5:fd:96:e5:fc:2a:83:
         d8:9f:d4:83:2c:e9:74:7e:e3:08:9f:ba:81:67:31:d5:11:40:
         b2:60:47:66:38:93:90:2f:77:b5:ba:19:e6:b2:fe:91:18:bd:
         87:fa:b6:e6:5d:28:b1:78:97:f8:12:b0:95:9a:c0:fd:b0:d3:
         9b:75:fd:d9:30:96:d3:f2:52:6e:4e:96:47:96:00:43:84:70:
         58:b5:08:61:4b:08:d9:39:60:3d:c3:80:cb:64:47:a0:29:69:
         3d:88:d3:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjNSkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MB4XDTIyMDEw
MTA2NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE1MWYwMjdhMjE4
MmFlMWFmMmIxNzM4YjAwMWFiNjIzZGY1ODA0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAIyF04FNk3g0lozgXZfi2EVMkCZzR1zRw4kdDqOCdDMZxA
QBnRTrMcakYIsnhlPjbiQwtRkBSfno3Fv6e2njvQ8Gmr7xMv03DOx7lAzecq0y08
tFprY4HYPUoHjGaUNZzKgeP4GzsgDV+R7F8G8JFj4IWnn7hMFoFA6FzoPWcquumh
U+bipZq6rNtF89RpWhUk3IxMrYLtv8Jyod3CEY4/eHz0jbQzHDAFOxOn9aS7/DgI
xcxvs2X0/jR0QlTySyi4O7+byf7wj1zwj3I5/C/7YiosMebSXbPl7B1oqP6zmQtN
9auHrKkcWQzyeRWhG8n7/2/sx1Id8Q2u6rGe5UkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxUfAnohgq4a8rFziwAatiPfWARjAfBgNVHSMEGDAWgBQIG3oi5Rz7nPhC
BeREmZitVdjwZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCdDZJdVVjLTV6NFFnWGtSSm1ZclZYWThHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8x
L01WSHdKNklZS3VHdkt4YzRzQUdyWWozMWdFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6
NFFnWGtSSm1ZclZYWThHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmNaTANBgkqhkiG9w0BAQsFAAOC
AQEAX+UW0oidbEmAYwr3FlEKxJXGzawYcr5/qzcOHAnU+MjuJULfLJtAbIn3V/ay
tNPv70KP/xmurtXO3iBLBrN1Tgc7vGSt2HxF1wQ7PliUoOvu3dMZPpouUWN1IG+X
r2Swvuk5jyD6TokJq7Yrw077cqRJIjkYd5YRYlWpAYOnfTwqwv+19NPkrHU6qNVZ
iq0DxjniMn91Ayy8MhDl/Zbl/CqD2J/UgyzpdH7jCJ+6gWcx1RFAsmBHZjiTkC93
tboZ5rL+kRi9h/q25l0osXiX+BKwlZrA/bDTm3X92TCW0/JSbk6WR5YAQ4RwWLUI
YUsI2TlgPcOAy2RHoClpPYjT2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org