Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/DXJdbYgP65uI7yfQnEkQydJ0PRM.roa
File:                     DXJdbYgP65uI7yfQnEkQydJ0PRM.roa (raw, json)
Hash identifier:          3mx4NbnGberlkH9sRWGRFGvvMVUmqdovEsm16rcgOjM=
Subject key identifier:   0D:72:5D:6D:88:0F:EB:9B:88:EF:27:D0:9C:49:10:C9:D2:74:3D:13
Certificate issuer:       /CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Certificate serial:       07A50B7B
Authority key identifier: 48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/DXJdbYgP65uI7yfQnEkQydJ0PRM.roa
Signing time:             Sat 01 Jan 2022 09:02:15 +0000
ROA not before:           Sat 01 Jan 2022 09:02:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208769
IP address blocks:        85.208.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128256891 (0x7a50b7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
        Validity
            Not Before: Jan  1 09:02:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d725d6d880feb9b88ef27d09c4910c9d2743d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:7d:72:58:1d:e4:79:a3:17:2b:65:d6:d9:d2:
                    b5:95:9c:3e:02:8f:83:db:ef:e8:7a:f2:a8:49:9d:
                    a9:d4:55:b0:98:6d:55:6e:9d:fb:df:30:17:12:6a:
                    db:b5:2a:df:c4:48:ec:23:25:24:f3:0c:90:0c:05:
                    d6:d7:34:25:01:bb:90:58:3d:ac:09:8a:e5:be:b7:
                    0f:fb:2d:bf:79:77:db:15:5c:50:88:61:33:64:a2:
                    b9:d1:2c:fb:24:94:d4:8f:b1:35:21:51:82:40:b2:
                    03:05:ca:c1:eb:c7:34:3f:2a:0f:3f:67:b3:4c:ce:
                    d6:b9:c7:53:1c:bf:48:dd:8d:c2:2c:95:af:85:fb:
                    d7:78:74:e5:7b:1c:de:b1:92:54:6e:2f:61:77:3d:
                    1d:eb:07:ac:01:65:9f:a2:37:49:8b:b2:83:a7:6b:
                    5b:a3:93:aa:8c:f4:3e:a8:bd:d9:03:7e:6a:60:78:
                    73:84:57:88:98:be:d6:3b:71:3b:2f:52:e4:ca:3b:
                    5c:19:63:06:95:f5:8e:84:44:04:f1:6a:29:ff:7b:
                    99:0a:d1:1d:8c:94:23:81:87:37:4a:f3:fb:88:e5:
                    4b:5f:d8:45:25:65:d7:e5:52:2c:71:c5:be:07:55:
                    ec:b7:a4:7f:34:92:67:0c:17:fb:ea:89:03:6c:bf:
                    d6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:72:5D:6D:88:0F:EB:9B:88:EF:27:D0:9C:49:10:C9:D2:74:3D:13
            X509v3 Authority Key Identifier:
                keyid:48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/DXJdbYgP65uI7yfQnEkQydJ0PRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/SAw7k_8qNPv6WuglVvZwNAy11ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:4f:22:6e:1f:f4:e2:49:d6:29:80:58:3c:7f:35:01:a3:54:
         bd:b2:2a:66:f1:ac:ed:3f:18:3c:9a:fd:7b:75:11:75:5b:69:
         ae:d7:b9:bb:c2:c2:cf:76:e9:15:8a:9b:27:85:6a:ae:8c:26:
         44:94:6e:21:8c:c8:93:02:b8:6f:0f:52:85:65:a6:c1:72:ff:
         17:c9:1c:de:c4:0f:95:12:15:5b:19:05:c6:29:e6:cd:5e:70:
         2e:ef:46:ba:00:ea:15:ff:44:e4:4c:5c:f1:6e:97:e6:85:0d:
         23:3a:ff:53:97:a4:e3:4b:4a:45:66:4f:c5:2c:c8:74:94:3a:
         fc:f7:77:bc:2d:9e:26:76:67:e2:83:fc:6b:ba:4d:11:c2:19:
         a6:94:06:69:e6:74:84:0d:3a:75:3d:32:6f:bb:08:e6:5d:93:
         f3:92:4e:6d:36:73:a6:a0:ee:52:fb:82:1e:e7:77:0a:1d:94:
         fc:35:3b:f0:61:0c:d3:47:d1:ea:a7:b7:e4:2b:61:87:4e:bb:
         d1:a0:2f:8f:61:ae:f1:31:78:09:27:0e:fd:65:47:da:fb:23:
         d4:36:c0:82:79:66:41:90:0a:b3:f9:b3:5e:3c:d5:98:aa:90:
         dd:53:e1:d0:c0:cb:b2:89:38:dd:1e:fc:2a:78:17:37:9b:df:
         19:1e:7b:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6ULezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODBjM2I5M2ZmMmEzNGZiZmE1YWU4MjU1NmY2NzAzNDBjYjVkNWM5MB4XDTIyMDEw
MTA5MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ3MjVkNmQ4ODBm
ZWI5Yjg4ZWYyN2QwOWM0OTEwYzlkMjc0M2QxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO19clgd5HmjFytl1tnStZWcPgKPg9vv6HryqEmdqdRVsJht
VW6d+98wFxJq27Uq38RI7CMlJPMMkAwF1tc0JQG7kFg9rAmK5b63D/stv3l32xVc
UIhhM2SiudEs+ySU1I+xNSFRgkCyAwXKwevHND8qDz9ns0zO1rnHUxy/SN2NwiyV
r4X713h05Xsc3rGSVG4vYXc9HesHrAFln6I3SYuyg6drW6OTqoz0Pqi92QN+amB4
c4RXiJi+1jtxOy9S5Mo7XBljBpX1joREBPFqKf97mQrRHYyUI4GHN0rz+4jlS1/Y
RSVl1+VSLHHFvgdV7LekfzSSZwwX++qJA2y/1jkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNcl1tiA/rm4jvJ9CcSRDJ0nQ9EzAfBgNVHSMEGDAWgBRIDDuT/yo0+/pa
6CVW9nA0DLXVyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBdzdrXzhxTlB2Nld1Z2xWdlp3TkF5MTFjay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMTgwMGE0LTUwZmMtNGZmOC05ZTM2LTQ5YzZmZGJiYWZiNy8x
L0RYSmRiWWdQNjV1STd5ZlFuRWtReWRKMFBSTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MTgwMGE0LTUwZmMtNGZmOC05ZTM2LTQ5YzZmZGJiYWZiNy8xL1NBdzdrXzhxTlB2
Nld1Z2xWdlp3TkF5MTFjay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXQZjANBgkqhkiG9w0BAQsFAAOC
AQEAJ08ibh/04knWKYBYPH81AaNUvbIqZvGs7T8YPJr9e3URdVtprte5u8LCz3bp
FYqbJ4VqrowmRJRuIYzIkwK4bw9ShWWmwXL/F8kc3sQPlRIVWxkFxinmzV5wLu9G
ugDqFf9E5Exc8W6X5oUNIzr/U5ek40tKRWZPxSzIdJQ6/Pd3vC2eJnZn4oP8a7pN
EcIZppQGaeZ0hA06dT0yb7sI5l2T85JObTZzpqDuUvuCHud3Ch2U/DU78GEM00fR
6qe35Cthh0670aAvj2Gu8TF4CScO/WVH2vsj1DbAgnlmQZAKs/mzXjzVmKqQ3VPh
0MDLsok43R78KngXN5vfGR57vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org