Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b5ZUZVayuT4aGd_WeKU8AulSoBg.roa
File:                     b5ZUZVayuT4aGd_WeKU8AulSoBg.roa (raw, json)
Hash identifier:          b27W+rngJomFTYNkGEamioPao+aRkav0jF65FiXduEE=
Subject key identifier:   6F:96:54:65:56:B2:B9:3E:1A:19:DF:D6:78:A5:3C:02:E9:52:A0:18
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0B17C7F2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b5ZUZVayuT4aGd_WeKU8AulSoBg.roa
Signing time:             Sat 30 Apr 2022 11:48:20 +0000
ROA not before:           Sat 30 Apr 2022 11:48:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34078
IP address blocks:        85.133.224.0/24 maxlen: 24
                          85.133.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186107890 (0xb17c7f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 30 11:48:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f96546556b2b93e1a19dfd678a53c02e952a018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ba:39:56:7b:37:d2:00:da:6e:71:42:ae:bb:
                    e2:6c:a1:3a:fe:a3:7b:60:71:e3:5d:dd:d7:10:f4:
                    10:1e:ae:cd:4f:23:1a:a9:dc:9a:49:e4:46:64:eb:
                    fb:e8:91:35:27:f5:4c:81:de:a2:3a:86:a1:de:0d:
                    de:8e:0b:64:65:6d:a4:72:01:9c:fd:1e:2f:cc:8b:
                    43:7c:cf:50:c3:78:26:b6:44:98:f9:9a:f0:28:c7:
                    72:01:af:73:05:d3:3e:bd:66:a8:03:e4:79:20:f1:
                    e6:17:10:cb:a0:38:ad:ab:e7:7d:ac:fd:d6:53:1a:
                    28:f8:96:1a:89:85:bb:36:a0:39:3a:e7:c5:1d:7b:
                    de:24:f1:e7:2f:b8:d2:04:1b:f5:09:49:bb:3f:f4:
                    c3:b1:34:92:04:17:48:28:af:45:13:53:97:18:74:
                    b0:7b:8d:01:a3:ad:cf:c6:e9:74:d4:1a:1a:fd:0c:
                    20:b6:23:11:28:66:30:df:96:e3:ae:90:a1:c0:43:
                    5b:3c:ee:c0:f8:0e:5a:43:7c:8d:7a:68:db:17:21:
                    56:ea:27:8d:0e:1c:68:ed:5d:14:be:e5:f9:f3:69:
                    2e:14:47:16:99:23:99:ed:14:36:82:9a:96:d4:a3:
                    3a:c7:b1:6e:dd:80:35:0b:27:bc:29:92:24:5e:13:
                    5b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:96:54:65:56:B2:B9:3E:1A:19:DF:D6:78:A5:3C:02:E9:52:A0:18
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b5ZUZVayuT4aGd_WeKU8AulSoBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.169.0/24
                  85.133.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:93:b9:38:1c:b2:31:ae:5f:74:e1:55:18:e4:c0:aa:bd:f0:
         18:2c:b4:6d:5a:bc:85:dc:55:2b:32:af:ad:06:7a:08:ba:cb:
         7d:60:4a:c9:52:13:7f:a9:86:9c:02:22:23:4b:85:ab:6d:d1:
         fa:d3:37:33:77:66:6e:6e:27:83:2e:45:89:f4:4c:e3:ff:b8:
         be:0f:4b:a6:12:07:7d:f7:5d:ad:50:91:7a:a8:94:ac:a4:b9:
         a5:1c:03:c8:dc:55:a3:8d:eb:03:51:6e:80:8d:ef:95:31:f3:
         b2:5a:11:02:3c:1c:db:54:d3:59:be:0e:55:2e:00:33:e5:9e:
         25:44:af:c4:ce:72:8f:ef:70:e5:2d:9e:9a:44:8b:70:f6:3f:
         b8:25:96:df:22:d1:67:4f:e5:c3:ec:96:82:a1:58:45:a3:6c:
         3f:db:c1:5b:1a:f3:96:38:4a:f9:fd:87:7a:96:22:d2:81:ec:
         ff:f9:54:31:82:fc:aa:98:c1:fa:eb:9d:e6:29:cb:d7:44:b8:
         76:6e:e2:bf:e7:32:f6:fb:0c:56:c7:f9:22:23:44:4c:80:e2:
         81:f3:f3:9b:f1:86:34:3b:87:8a:57:96:45:61:cb:c5:00:0b:
         f6:75:e5:7d:f6:ec:72:10:ba:70:07:31:d9:81:20:f4:64:44:
         f7:2e:a4:06
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECxfH8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDQz
MDExNDgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY5NjU0NjU1NmIy
YjkzZTFhMTlkZmQ2NzhhNTNjMDJlOTUyYTAxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL26OVZ7N9IA2m5xQq674myhOv6je2Bx413d1xD0EB6uzU8j
GqncmknkRmTr++iRNSf1TIHeojqGod4N3o4LZGVtpHIBnP0eL8yLQ3zPUMN4JrZE
mPma8CjHcgGvcwXTPr1mqAPkeSDx5hcQy6A4ravnfaz91lMaKPiWGomFuzagOTrn
xR173iTx5y+40gQb9QlJuz/0w7E0kgQXSCivRRNTlxh0sHuNAaOtz8bpdNQaGv0M
ILYjEShmMN+W466QocBDWzzuwPgOWkN8jXpo2xchVuonjQ4caO1dFL7l+fNpLhRH
Fpkjme0UNoKaltSjOsexbt2ANQsnvCmSJF4TW6UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRvllRlVrK5PhoZ39Z4pTwC6VKgGDAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L2I1WlVaVmF5dVQ0YUdkX1dlS1U4QXVsU29CZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWFqQMEAFWF4DANBgkqhkiG9w0B
AQsFAAOCAQEAm5O5OByyMa5fdOFVGOTAqr3wGCy0bVq8hdxVKzKvrQZ6CLrLfWBK
yVITf6mGnAIiI0uFq23R+tM3M3dmbm4ngy5FifRM4/+4vg9LphIHffddrVCReqiU
rKS5pRwDyNxVo43rA1FugI3vlTHzsloRAjwc21TTWb4OVS4AM+WeJUSvxM5yj+9w
5S2emkSLcPY/uCWW3yLRZ0/lw+yWgqFYRaNsP9vBWxrzljhK+f2HepYi0oHs//lU
MYL8qpjB+uud5inL10S4dm7iv+cy9vsMVsf5IiNETIDigfPzm/GGNDuHileWRWHL
xQAL9nXlffbschC6cAcx2YEg9GRE9y6kBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org