Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MuUBiaRLmp6i6BsXK6xFzZx8zz4.roa
File:                     MuUBiaRLmp6i6BsXK6xFzZx8zz4.roa (raw, json)
Hash identifier:          OP4QeQQVJFoTq0tiX0KNycQuZZ/aKHDZKA1sI//sJY0=
Subject key identifier:   32:E5:01:89:A4:4B:9A:9E:A2:E8:1B:17:2B:AC:45:CD:9C:7C:CF:3E
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0A8EB704
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MuUBiaRLmp6i6BsXK6xFzZx8zz4.roa
Signing time:             Mon 07 Mar 2022 18:13:08 +0000
ROA not before:           Mon 07 Mar 2022 18:13:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        85.133.136.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177125124 (0xa8eb704)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Mar  7 18:13:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32e50189a44b9a9ea2e81b172bac45cd9c7ccf3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c7:04:1b:6d:d7:d8:48:95:4c:89:9c:bc:e5:
                    35:76:f7:5c:a2:20:f4:f2:7b:25:5c:e7:ea:a6:96:
                    50:80:c7:bf:a5:27:29:19:b1:41:9f:8d:41:98:6f:
                    ae:2a:c9:6e:ea:2a:d2:31:06:d9:de:8d:6f:54:60:
                    8b:ff:b2:a9:69:4a:ca:81:7c:e6:78:4e:db:a4:f7:
                    55:8c:b9:05:db:c5:10:3e:1f:5a:1b:1a:be:6a:73:
                    a4:45:8d:ca:80:bf:5f:d7:e0:ad:de:ad:e5:51:8e:
                    ef:00:58:c1:26:9c:b0:06:a1:51:91:f7:37:60:bc:
                    9c:fa:ac:88:36:d1:33:67:3d:23:02:87:cf:0f:68:
                    5f:dc:64:7e:2d:cd:ce:1f:64:55:92:14:c2:e4:60:
                    f2:24:51:50:17:d6:68:70:8b:c9:ba:5b:34:5f:ed:
                    29:ab:cd:cb:5b:06:25:98:d8:89:35:ec:fd:08:61:
                    b9:db:b3:78:91:d4:fb:a2:11:ff:09:b2:04:ce:39:
                    8f:cc:cf:23:23:b0:d1:90:2a:68:f8:24:67:01:62:
                    04:35:de:ae:cb:cc:7b:eb:a0:92:df:ef:e1:51:2d:
                    29:79:c3:d4:c7:b7:7a:f3:fd:73:04:97:a9:15:b1:
                    a5:30:4b:df:0c:c3:ac:99:62:5b:b1:01:5c:91:2b:
                    35:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E5:01:89:A4:4B:9A:9E:A2:E8:1B:17:2B:AC:45:CD:9C:7C:CF:3E
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/MuUBiaRLmp6i6BsXK6xFzZx8zz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.136.0/24
                  85.133.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:ec:eb:61:1a:53:69:b1:67:59:16:86:55:0b:57:3f:c6:9b:
         92:02:dd:d9:42:ea:ea:64:d0:2b:50:db:7d:6e:4d:1d:7d:70:
         34:e3:79:e8:21:4d:34:07:0a:1f:fe:77:fa:a5:01:80:48:c3:
         b7:93:66:0f:e7:17:1a:89:fa:c2:34:8b:ac:64:4d:30:d8:56:
         fd:ae:e1:16:8f:7f:89:92:b8:fd:1f:7d:6d:32:37:65:ec:64:
         16:63:3a:23:d5:4b:3b:a9:38:e1:dc:68:ff:ef:19:3f:c6:bb:
         c7:0f:ba:1d:73:58:26:48:ac:83:7d:49:31:d6:d9:a8:ac:34:
         96:13:aa:de:dd:f6:06:dd:94:66:87:0f:a8:38:00:21:de:b3:
         54:49:79:35:10:1f:e8:36:8f:d6:0c:8f:ff:f1:8b:cc:9a:1e:
         8b:b8:24:e9:2c:58:0b:90:35:58:25:da:d9:ae:6d:5d:92:78:
         44:a2:ea:b0:d2:65:56:f7:45:32:53:02:eb:35:0c:bf:f0:5c:
         15:33:87:f5:12:61:85:95:f2:e7:29:c6:c6:32:0b:de:cc:80:
         be:7d:54:96:c1:f2:85:49:18:08:91:d5:6b:8e:e8:41:4e:c9:
         13:ce:11:ca:25:38:b8:86:ed:70:76:f7:38:ed:9b:c5:65:8e:
         38:d0:7b:f8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECo63BDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDMw
NzE4MTMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJlNTAxODlhNDRi
OWE5ZWEyZTgxYjE3MmJhYzQ1Y2Q5YzdjY2YzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbHBBtt19hIlUyJnLzlNXb3XKIg9PJ7JVzn6qaWUIDHv6Un
KRmxQZ+NQZhvrirJbuoq0jEG2d6Nb1Rgi/+yqWlKyoF85nhO26T3VYy5BdvFED4f
WhsavmpzpEWNyoC/X9fgrd6t5VGO7wBYwSacsAahUZH3N2C8nPqsiDbRM2c9IwKH
zw9oX9xkfi3Nzh9kVZIUwuRg8iRRUBfWaHCLybpbNF/tKavNy1sGJZjYiTXs/Qhh
uduzeJHU+6IR/wmyBM45j8zPIyOw0ZAqaPgkZwFiBDXersvMe+ugkt/v4VEtKXnD
1Me3evP9cwSXqRWxpTBL3wzDrJliW7EBXJErNQUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQy5QGJpEuanqLoGxcrrEXNnHzPPjAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L011VUJpYVJMbXA2aTZCc1hLNnhGelp4OHp6NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWFiAMEAFWFpDANBgkqhkiG9w0B
AQsFAAOCAQEAnOzrYRpTabFnWRaGVQtXP8abkgLd2ULq6mTQK1DbfW5NHX1wNON5
6CFNNAcKH/53+qUBgEjDt5NmD+cXGon6wjSLrGRNMNhW/a7hFo9/iZK4/R99bTI3
ZexkFmM6I9VLO6k44dxo/+8ZP8a7xw+6HXNYJkisg31JMdbZqKw0lhOq3t32Bt2U
ZocPqDgAId6zVEl5NRAf6DaP1gyP//GLzJoei7gk6SxYC5A1WCXa2a5tXZJ4RKLq
sNJlVvdFMlMC6zUMv/BcFTOH9RJhhZXy5ynGxjIL3syAvn1UlsHyhUkYCJHVa47o
QU7JE84RyiU4uIbtcHb3OO2bxWWOONB7+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org