Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/DMWD63oVRqRhMODK-pOA7xtRk1M.roa
File:                     DMWD63oVRqRhMODK-pOA7xtRk1M.roa (raw, json)
Hash identifier:          vtbxWZ/CF/0+3xEaKjIhUvGVwLWxyt9YeS3NCtdyPcQ=
Subject key identifier:   0C:C5:83:EB:7A:15:46:A4:61:30:E0:CA:FA:93:80:EF:1B:51:93:53
Certificate issuer:       /CN=3d2384b784f197ea03dac2feda7895fc4b740729
Certificate serial:       08226BCA
Authority key identifier: 3D:23:84:B7:84:F1:97:EA:03:DA:C2:FE:DA:78:95:FC:4B:74:07:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PSOEt4Txl-oD2sL-2niV_Et0Byk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/DMWD63oVRqRhMODK-pOA7xtRk1M.roa
Signing time:             Mon 30 May 2022 16:27:57 +0000
ROA not before:           Mon 30 May 2022 16:27:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206626
IP address blocks:        185.85.56.0/24 maxlen: 24
                          185.85.57.0/24 maxlen: 24
                          185.85.56.0/22 maxlen: 22
                          185.85.58.0/24 maxlen: 24
                          185.85.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136473546 (0x8226bca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2384b784f197ea03dac2feda7895fc4b740729
        Validity
            Not Before: May 30 16:27:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0cc583eb7a1546a46130e0cafa9380ef1b519353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:28:22:d8:9f:d2:2f:78:9c:73:cd:44:eb:73:
                    2c:99:cc:3a:04:bf:c7:46:16:8d:27:96:17:51:d4:
                    e4:3c:24:ca:5b:d8:96:be:54:59:d8:35:e7:e5:fb:
                    14:0d:43:87:a5:33:22:3f:00:7f:8a:1f:a4:5d:7e:
                    29:0f:f1:a9:95:f5:fe:72:b1:d0:00:ee:d1:13:0e:
                    76:09:b0:07:08:c1:f9:96:1a:55:a6:6f:2e:3f:9a:
                    00:1b:2d:4b:30:fd:06:b3:4b:94:11:be:25:22:75:
                    60:8f:c3:bd:21:af:41:65:0b:56:a5:48:14:9e:0b:
                    89:0a:38:35:0e:fd:ad:77:ba:88:c4:be:79:bc:5e:
                    45:a3:9c:dc:a9:cd:8c:af:1d:8f:6c:1d:00:c5:ed:
                    4e:1d:d9:c6:68:05:4d:2d:66:f8:02:b4:52:46:28:
                    ca:a6:3a:1f:c4:b3:a0:46:81:81:23:47:d9:95:b2:
                    c0:43:f8:f3:de:51:b3:09:44:d7:d8:32:fb:eb:0d:
                    2d:62:e2:1b:c7:53:1c:5a:24:f6:47:e2:08:e3:59:
                    a8:c9:3e:02:66:0e:3a:91:31:d3:20:dc:ba:c9:62:
                    44:85:c0:14:c1:5e:cd:ba:10:af:a4:81:69:ea:d5:
                    69:ed:9e:d3:72:b9:aa:31:16:5c:db:76:35:b6:76:
                    46:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:C5:83:EB:7A:15:46:A4:61:30:E0:CA:FA:93:80:EF:1B:51:93:53
            X509v3 Authority Key Identifier:
                keyid:3D:23:84:B7:84:F1:97:EA:03:DA:C2:FE:DA:78:95:FC:4B:74:07:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSOEt4Txl-oD2sL-2niV_Et0Byk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/DMWD63oVRqRhMODK-pOA7xtRk1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/PSOEt4Txl-oD2sL-2niV_Et0Byk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.85.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:e3:96:8e:dc:15:eb:6d:5e:81:7b:51:da:e2:ea:12:19:43:
         67:bd:45:bf:99:62:5f:31:2f:46:d1:2b:91:60:ab:1c:9f:e2:
         a2:5b:e9:8a:a0:8b:b6:72:da:93:cb:6f:11:20:b6:9c:d7:c8:
         74:4a:e3:2e:2b:51:8e:b1:54:10:d6:e6:87:b2:69:ee:3a:7f:
         d8:27:79:53:39:16:b6:d1:dd:ea:2a:ba:50:91:a5:f5:39:3a:
         43:66:d7:43:ba:e3:d8:29:fd:38:ec:5b:a1:81:7a:41:ab:40:
         53:5e:41:af:41:b3:5c:d3:7f:fa:97:7e:bd:1a:ea:8f:96:37:
         ef:b4:bb:11:f6:35:5f:4e:d6:0c:66:80:8b:c4:a5:31:bf:8f:
         12:6f:6d:85:c5:3a:70:19:85:73:df:e2:a2:2f:76:40:db:2b:
         41:9f:b7:b2:2d:b2:85:e0:bf:7e:10:c2:4b:25:64:63:b4:94:
         70:eb:81:4d:a6:b8:4d:10:77:a5:dc:ea:0c:39:7d:bd:c6:bc:
         25:51:e8:ef:fd:f0:e7:c5:be:c9:31:a8:25:e4:aa:16:08:a3:
         06:52:4a:8e:68:89:46:a3:c5:ad:35:0d:3d:28:2d:91:bf:91:
         2e:c3:c0:98:5c:f8:d9:03:4b:39:ea:78:4f:0c:a8:10:39:f5:
         a5:d8:87:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECCJryjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDIzODRiNzg0ZjE5N2VhMDNkYWMyZmVkYTc4OTVmYzRiNzQwNzI5MB4XDTIyMDUz
MDE2Mjc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNjNTgzZWI3YTE1
NDZhNDYxMzBlMGNhZmE5MzgwZWYxYjUxOTM1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkoItif0i94nHPNROtzLJnMOgS/x0YWjSeWF1HU5DwkylvY
lr5UWdg15+X7FA1Dh6UzIj8Af4ofpF1+KQ/xqZX1/nKx0ADu0RMOdgmwBwjB+ZYa
VaZvLj+aABstSzD9BrNLlBG+JSJ1YI/DvSGvQWULVqVIFJ4LiQo4NQ79rXe6iMS+
ebxeRaOc3KnNjK8dj2wdAMXtTh3ZxmgFTS1m+AK0UkYoyqY6H8SzoEaBgSNH2ZWy
wEP4895RswlE19gy++sNLWLiG8dTHFok9kfiCONZqMk+AmYOOpEx0yDcusliRIXA
FMFezboQr6SBaerVae2e03K5qjEWXNt2NbZ2RgUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMxYPrehVGpGEw4Mr6k4DvG1GTUzAfBgNVHSMEGDAWgBQ9I4S3hPGX6gPa
wv7aeJX8S3QHKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BTT0V0NFR4bC1vRDJzTC0ybmlWX0V0MEJ5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvM2JkMTNkLWZlOTUtNDg2Zi04MGVmLWYwNzM1NDgzNTJiZi8x
L0RNV0Q2M29WUnFSaE1PREstcE9BN3h0UmsxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
M2JkMTNkLWZlOTUtNDg2Zi04MGVmLWYwNzM1NDgzNTJiZi8xL1BTT0V0NFR4bC1v
RDJzTC0ybmlWX0V0MEJ5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlVODANBgkqhkiG9w0BAQsFAAOC
AQEAWeOWjtwV621egXtR2uLqEhlDZ71Fv5liXzEvRtErkWCrHJ/iolvpiqCLtnLa
k8tvESC2nNfIdErjLitRjrFUENbmh7Jp7jp/2Cd5UzkWttHd6iq6UJGl9Tk6Q2bX
Q7rj2Cn9OOxboYF6QatAU15Br0GzXNN/+pd+vRrqj5Y377S7EfY1X07WDGaAi8Sl
Mb+PEm9thcU6cBmFc9/ioi92QNsrQZ+3si2yheC/fhDCSyVkY7SUcOuBTaa4TRB3
pdzqDDl9vca8JVHo7/3w58W+yTGoJeSqFgijBlJKjmiJRqPFrTUNPSgtkb+RLsPA
mFz42QNLOep4TwyoEDn1pdiHBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:50 2024 by rpki-client on console-fra.rpki-client.org