Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/Dd0npzZxevWj60XtrUET4aXHU9Q.roa
File:                     Dd0npzZxevWj60XtrUET4aXHU9Q.roa (raw, json)
Hash identifier:          fBjjtDkXuMMvCOeDYSuFO9sO5jHEL33CJdROIa6jWSc=
Subject key identifier:   0D:DD:27:A7:36:71:7A:F5:A3:EB:45:ED:AD:41:13:E1:A5:C7:53:D4
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       01FC7903
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/Dd0npzZxevWj60XtrUET4aXHU9Q.roa
Signing time:             Sat 01 Jan 2022 06:02:59 +0000
ROA not before:           Sat 01 Jan 2022 06:02:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.228.0.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33323267 (0x1fc7903)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Jan  1 06:02:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ddd27a736717af5a3eb45edad4113e1a5c753d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c5:93:dc:a1:69:26:92:81:5c:f0:f0:91:03:
                    c2:bd:98:e6:1a:97:a1:3b:23:c3:fd:72:ae:a8:b2:
                    ad:a0:95:8c:08:e1:7a:f9:15:e6:f7:61:f5:be:c0:
                    57:61:9a:d3:b0:37:a6:2f:ed:0e:81:4d:e8:82:77:
                    54:35:36:40:f0:6b:40:26:ed:03:ae:39:a6:98:bc:
                    55:ff:ef:d8:f1:61:01:78:84:cd:fa:36:19:ae:bf:
                    7b:20:05:51:c3:fb:4d:7b:0d:5c:4c:7b:40:14:38:
                    94:64:45:b3:15:bf:da:6a:6c:d8:ca:2a:08:47:1c:
                    67:b2:1c:88:07:51:e2:77:61:4c:e1:6f:87:16:72:
                    d7:f8:ca:7d:47:88:5d:43:cb:30:1e:99:ae:54:1d:
                    cf:d2:25:9b:1e:b1:dc:d3:e3:d1:11:2c:37:19:95:
                    ea:19:4b:71:50:96:d0:35:da:00:ec:3b:8c:b5:86:
                    76:23:56:bd:be:a8:3a:16:14:ee:10:f4:9e:5d:33:
                    5d:5d:67:a2:18:35:37:34:b9:4b:aa:f0:95:76:ea:
                    85:58:58:12:6b:05:ec:5c:1b:33:72:19:35:2e:53:
                    8e:78:35:ca:8f:b9:2e:63:de:19:88:f8:1e:18:4e:
                    28:15:c5:cc:33:ca:1c:0c:13:ad:6f:d4:4f:67:57:
                    46:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:DD:27:A7:36:71:7A:F5:A3:EB:45:ED:AD:41:13:E1:A5:C7:53:D4
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/Dd0npzZxevWj60XtrUET4aXHU9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:ce:e5:f1:14:31:f8:9a:16:7a:15:11:25:a6:a2:d5:94:bd:
         0a:14:cb:e8:fc:3c:08:6c:ae:41:ee:cf:4d:59:1b:41:31:e2:
         af:a2:80:eb:3f:05:02:a7:11:4e:59:b3:75:9f:40:b4:b3:68:
         51:71:8f:ec:22:49:cc:87:35:24:dc:5b:c3:61:6a:f3:5d:19:
         49:20:ff:18:be:f9:2c:bf:ef:45:cc:93:d9:d8:ac:88:f1:52:
         02:88:12:61:d9:da:6b:10:04:32:9b:b9:8a:ce:d1:69:f3:71:
         cb:24:1a:bd:b0:37:61:f0:c1:84:48:9c:b7:5a:2e:b6:b0:14:
         b2:70:17:42:6d:83:26:ef:d8:fd:ef:a5:90:c3:5c:39:51:a7:
         f2:c6:63:45:ac:a3:4b:19:c7:42:c1:a6:e2:46:62:78:07:44:
         15:20:4d:93:4c:98:e9:0c:74:d2:2b:31:38:6f:e9:72:5d:13:
         68:20:c3:24:b1:e4:0e:cf:bd:45:22:11:e0:9d:7f:15:13:b1:
         16:4d:12:8a:a1:4c:ad:b3:ef:b1:68:ac:11:0f:5c:16:00:c4:
         c3:25:8c:bc:de:5b:04:b6:80:9f:62:25:98:d2:61:36:65:d9:
         7b:01:f0:25:7a:81:8b:a4:62:90:28:9c:f5:9a:9c:60:e1:49:
         cb:72:dc:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfx5AzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWM2MzczZWFiMTljZjQzZGQyZjQzMTExMzk4MzgzZWUyYmFkMDMwMB4XDTIyMDEw
MTA2MDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRkZDI3YTczNjcx
N2FmNWEzZWI0NWVkYWQ0MTEzZTFhNWM3NTNkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7Fk9yhaSaSgVzw8JEDwr2Y5hqXoTsjw/1yrqiyraCVjAjh
evkV5vdh9b7AV2Ga07A3pi/tDoFN6IJ3VDU2QPBrQCbtA645ppi8Vf/v2PFhAXiE
zfo2Ga6/eyAFUcP7TXsNXEx7QBQ4lGRFsxW/2mps2MoqCEccZ7IciAdR4ndhTOFv
hxZy1/jKfUeIXUPLMB6ZrlQdz9Ilmx6x3NPj0REsNxmV6hlLcVCW0DXaAOw7jLWG
diNWvb6oOhYU7hD0nl0zXV1nohg1NzS5S6rwlXbqhVhYEmsF7FwbM3IZNS5Tjng1
yo+5LmPeGYj4HhhOKBXFzDPKHAwTrW/UT2dXRhcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN3SenNnF69aPrRe2tQRPhpcdT1DAfBgNVHSMEGDAWgBSlxjc+qxnPQ90v
QxETmDg+4rrQMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BjWTNQcXNaejBQZEwwTVJFNWc0UHVLNjBEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8x
L0RkMG5welp4ZXZXajYwWHRyVUVUNGFYSFU5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
ZjBmNWUzLTYwNTAtNGUyZC1hNGVhLWE0ZWEwYTYzZjc2Ni8xL3BjWTNQcXNaejBQ
ZEwwTVJFNWc0UHVLNjBEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnkADANBgkqhkiG9w0BAQsFAAOC
AQEAaM7l8RQx+JoWehURJaai1ZS9ChTL6Pw8CGyuQe7PTVkbQTHir6KA6z8FAqcR
TlmzdZ9AtLNoUXGP7CJJzIc1JNxbw2Fq810ZSSD/GL75LL/vRcyT2disiPFSAogS
YdnaaxAEMpu5is7RafNxyyQavbA3YfDBhEict1outrAUsnAXQm2DJu/Y/e+lkMNc
OVGn8sZjRayjSxnHQsGm4kZieAdEFSBNk0yY6Qx00isxOG/pcl0TaCDDJLHkDs+9
RSIR4J1/FROxFk0SiqFMrbPvsWisEQ9cFgDEwyWMvN5bBLaAn2IlmNJhNmXZewHw
JXqBi6RikCic9ZqcYOFJy3Lc+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:14 2024 by rpki-client on console-fra.rpki-client.org