Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0m_kCiTdKn7SWUquFG_B8s1Yyjk.roa
File:                     0m_kCiTdKn7SWUquFG_B8s1Yyjk.roa (raw, json)
Hash identifier:          8ecRO8PNGLDUhqLsB8EVzcG4G93ypVMDwCET76XMHwQ=
Subject key identifier:   D2:6F:E4:0A:24:DD:2A:7E:D2:59:4A:AE:14:6F:C1:F2:CD:58:CA:39
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0B0D4A4B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0m_kCiTdKn7SWUquFG_B8s1Yyjk.roa
Signing time:             Wed 27 Apr 2022 07:50:40 +0000
ROA not before:           Wed 27 Apr 2022 07:50:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34078
IP address blocks:        85.133.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 185420363 (0xb0d4a4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 27 07:50:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d26fe40a24dd2a7ed2594aae146fc1f2cd58ca39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1e:f9:ab:0f:af:1b:5a:05:4a:99:0b:a8:a8:
                    a4:4a:7d:cf:2a:e0:eb:49:a4:d7:aa:e2:a3:32:6f:
                    65:92:cc:12:96:08:75:50:1d:26:18:f1:98:5a:ed:
                    39:76:ef:dd:1a:79:19:ac:65:f7:07:e7:8d:3c:ce:
                    a3:e7:4d:fc:37:a0:6b:fe:02:d3:b6:05:53:9d:13:
                    5a:f2:b6:e2:45:79:4f:58:14:0f:e7:1e:f3:80:4f:
                    dc:14:4d:5d:db:17:4f:a6:e5:d7:ed:0a:a8:c0:76:
                    b7:d8:56:66:37:24:6e:1a:0f:dd:09:f4:c3:84:54:
                    a1:3b:73:ba:bc:15:ad:8c:a8:2f:90:90:31:68:9a:
                    d4:dd:e7:aa:d2:8a:4c:e4:b6:8b:89:4a:9c:e2:5f:
                    e9:af:53:36:ce:b4:d3:af:93:3b:6b:db:f4:0c:21:
                    9c:4b:3f:3a:11:1c:66:bd:0b:72:75:31:74:f6:bc:
                    23:f3:d0:8c:c9:8a:04:8c:51:5d:b4:ae:db:fb:50:
                    fe:50:f1:28:0a:23:fa:c7:a8:9b:8d:4e:8e:0e:be:
                    27:fd:14:d4:4a:9e:8a:5f:44:3e:ff:73:c0:04:45:
                    d3:98:df:cf:51:9a:ef:cd:d4:9a:ae:47:85:64:b9:
                    1d:27:b4:8d:4c:4a:3b:6d:8e:73:74:84:cc:12:7c:
                    f2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:6F:E4:0A:24:DD:2A:7E:D2:59:4A:AE:14:6F:C1:F2:CD:58:CA:39
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/0m_kCiTdKn7SWUquFG_B8s1Yyjk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:af:0f:dd:ba:9b:f3:6d:b2:79:4e:0d:d9:15:f4:62:0d:34:
         2a:01:f2:fc:2b:30:ff:9a:5f:b9:c8:12:0b:67:b6:93:fe:0d:
         4e:81:ac:89:40:8e:fd:6f:23:dd:23:b0:7b:2c:cb:31:56:18:
         a8:38:07:76:d6:56:42:8a:6d:d4:3d:f8:0d:db:40:b8:fc:03:
         3c:f3:d8:c4:36:dd:b4:30:8b:9a:19:84:e5:18:28:9d:ab:89:
         be:f0:d0:4d:d0:2e:05:2b:47:6d:b9:6f:56:cb:f8:11:fd:e1:
         50:df:ba:35:83:7c:35:c5:33:dd:d0:8f:ae:86:de:8a:b4:b5:
         31:f6:31:a4:ee:e0:8f:6b:1c:73:a0:e1:57:1b:48:3f:2a:7d:
         ff:e9:d6:13:3e:e3:7e:6a:9b:35:43:e6:39:57:56:37:44:36:
         69:b8:0d:7e:90:3e:d6:af:ac:13:ca:3e:41:e3:10:d9:d7:1d:
         42:d7:30:9a:f5:3c:65:82:f1:ea:f9:c6:13:26:83:e1:60:ab:
         f6:b5:04:52:06:9c:66:32:07:24:82:02:1f:fb:25:66:31:9c:
         01:86:7b:98:7a:79:10:33:6e:79:fa:49:3a:fd:c2:48:ac:8e:
         88:c9:ca:10:ed:09:cf:fe:63:bf:a9:c4:93:3c:6f:cf:ed:4b:
         88:db:7a:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECw1KSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDQy
NzA3NTA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI2ZmU0MGEyNGRk
MmE3ZWQyNTk0YWFlMTQ2ZmMxZjJjZDU4Y2EzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYe+asPrxtaBUqZC6iopEp9zyrg60mk16riozJvZZLMEpYI
dVAdJhjxmFrtOXbv3Rp5Gaxl9wfnjTzOo+dN/Dega/4C07YFU50TWvK24kV5T1gU
D+ce84BP3BRNXdsXT6bl1+0KqMB2t9hWZjckbhoP3Qn0w4RUoTtzurwVrYyoL5CQ
MWia1N3nqtKKTOS2i4lKnOJf6a9TNs6006+TO2vb9AwhnEs/OhEcZr0LcnUxdPa8
I/PQjMmKBIxRXbSu2/tQ/lDxKAoj+seom41Ojg6+J/0U1Eqeil9EPv9zwARF05jf
z1Ga783Umq5HhWS5HSe0jUxKO22Oc3SEzBJ88oECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSb+QKJN0qftJZSq4Ub8HyzVjKOTAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
LzBtX2tDaVRkS243U1dVcXVGR19COHMxWXlqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWFqTANBgkqhkiG9w0BAQsFAAOC
AQEAEq8P3bqb822yeU4N2RX0Yg00KgHy/Csw/5pfucgSC2e2k/4NToGsiUCO/W8j
3SOweyzLMVYYqDgHdtZWQopt1D34DdtAuPwDPPPYxDbdtDCLmhmE5RgonauJvvDQ
TdAuBStHbblvVsv4Ef3hUN+6NYN8NcUz3dCProbeirS1MfYxpO7gj2scc6DhVxtI
Pyp9/+nWEz7jfmqbNUPmOVdWN0Q2abgNfpA+1q+sE8o+QeMQ2dcdQtcwmvU8ZYLx
6vnGEyaD4WCr9rUEUgacZjIHJIICH/slZjGcAYZ7mHp5EDNuefpJOv3CSKyOiMnK
EO0Jz/5jv6nEkzxvz+1LiNt6tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org