Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gODJ4K1t0FYoALExP2rs4prjdMA.roa
File:                     gODJ4K1t0FYoALExP2rs4prjdMA.roa (raw, json)
Hash identifier:          a9Tp2SkhhhG4xA6dfFeQkRNI9aLSrEdn72XL1yY7JRU=
Subject key identifier:   80:E0:C9:E0:AD:6D:D0:56:28:00:B1:31:3F:6A:EC:E2:9A:E3:74:C0
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01852BB95D5E4DE41B69D6C1042E330B06C9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gODJ4K1t0FYoALExP2rs4prjdMA.roa
Signing time:             Mon 19 Dec 2022 18:50:46 +0000
ROA not before:           Mon 19 Dec 2022 18:50:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57986
IP address blocks:        85.133.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2b:b9:5d:5e:4d:e4:1b:69:d6:c1:04:2e:33:0b:06:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Dec 19 18:50:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80e0c9e0ad6dd0562800b1313f6aece29ae374c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:31:d6:26:9a:48:8b:54:70:b4:7d:89:b2:57:
                    0a:30:be:78:ed:aa:11:cf:17:1e:13:84:db:ab:0f:
                    f2:8b:9d:ba:e2:c7:81:a5:7a:d5:11:c8:4f:49:85:
                    be:df:67:37:d8:91:d5:4d:03:62:a0:27:a0:eb:97:
                    64:67:81:88:36:9c:a9:e3:57:f5:71:c9:f9:f4:97:
                    ea:9f:72:62:a9:dd:3b:7e:b3:18:ab:50:72:96:69:
                    44:ca:86:fd:cb:4a:19:59:9d:b4:8b:ce:b9:72:67:
                    4d:a4:dc:d4:57:c7:cc:35:a7:14:2c:9d:d3:ad:c6:
                    48:f8:b1:7f:b6:1c:eb:ea:85:78:c0:e4:e4:c2:4b:
                    dc:df:71:d7:31:de:85:82:b8:c0:c2:49:79:c8:d8:
                    94:d8:04:64:a9:4d:3e:57:78:fc:cf:90:79:dd:cb:
                    2c:25:f3:39:ad:3e:1e:71:71:be:7c:09:de:59:ef:
                    2d:a3:18:e1:93:e3:9f:e6:86:ae:b0:a9:2a:14:d9:
                    c4:8a:61:2b:62:fe:c0:44:3d:e7:a1:43:d5:c3:36:
                    21:a3:1d:2c:0d:a1:03:4a:db:4d:67:39:47:27:7b:
                    de:1e:b4:87:9d:16:f8:c0:30:da:06:8d:ad:1d:25:
                    1d:f6:1a:30:c1:88:b7:69:9c:85:8d:d1:18:08:23:
                    5f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:E0:C9:E0:AD:6D:D0:56:28:00:B1:31:3F:6A:EC:E2:9A:E3:74:C0
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gODJ4K1t0FYoALExP2rs4prjdMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:f9:eb:f0:ef:b2:12:65:aa:60:ed:8b:6b:97:2a:58:6a:db:
         2f:a2:ad:8b:0f:cd:50:fd:34:27:55:ea:12:21:d4:c4:f1:39:
         0b:72:b9:fe:3a:93:77:c6:39:1b:03:c5:6e:19:78:16:c8:a8:
         23:27:e5:17:c7:1f:aa:60:81:88:15:f5:34:1f:29:13:74:14:
         66:31:a9:27:70:3c:42:52:d0:bd:81:52:c1:85:8e:52:87:52:
         48:2b:d3:47:89:83:09:4b:92:5f:d7:b2:ff:a1:da:57:6d:11:
         65:dd:9d:b8:9c:95:cc:ce:95:78:c0:2e:96:42:77:ae:18:cd:
         1a:f1:19:52:24:78:b6:ef:91:83:9d:96:fa:d3:9e:ff:e7:dc:
         83:42:33:0b:e5:37:bb:44:a3:64:33:a3:a4:3d:2c:36:b4:66:
         c5:72:c5:ae:57:68:6a:d7:c5:71:8d:4b:1c:2e:77:b2:e0:39:
         12:a9:46:e6:76:e8:33:42:29:6e:48:bc:7e:b3:ba:24:9b:12:
         42:35:a4:f1:75:2c:48:1b:1e:08:85:16:74:a9:39:25:ee:1f:
         be:53:13:19:ad:54:f9:17:cd:68:41:c0:ab:74:45:b1:cd:dc:
         a5:7f:4d:90:37:52:2a:63:3e:8b:91:b7:e9:bd:dd:80:16:4e:
         b0:af:28:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUruV1eTeQbadbBBC4zCwbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE5MTg1MDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGUwYzllMGFkNmRkMDU2MjgwMGIxMzEzZjZhZWNlMjlhZTM3NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDHWJppIi1RwtH2JslcKML547aoR
zxceE4Tbqw/yi5264seBpXrVEchPSYW+32c32JHVTQNioCeg65dkZ4GINpyp41f1
ccn59Jfqn3Jiqd07frMYq1BylmlEyob9y0oZWZ20i865cmdNpNzUV8fMNacULJ3T
rcZI+LF/thzr6oV4wOTkwkvc33HXMd6FgrjAwkl5yNiU2ARkqU0+V3j8z5B53css
JfM5rT4ecXG+fAneWe8toxjhk+Of5oausKkqFNnEimErYv7ARD3noUPVwzYhox0s
DaEDSttNZzlHJ3veHrSHnRb4wDDaBo2tHSUd9howwYi3aZyFjdEYCCNfYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDgyeCtbdBWKACxMT9q7OKa43TAMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZ09ESjRLMXQwRllvQUxFeFAycnM0cHJqZE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXGMA0G
CSqGSIb3DQEBCwUAA4IBAQB2+evw77ISZapg7YtrlypYatsvoq2LD81Q/TQnVeoS
IdTE8TkLcrn+OpN3xjkbA8VuGXgWyKgjJ+UXxx+qYIGIFfU0HykTdBRmMakncDxC
UtC9gVLBhY5Sh1JIK9NHiYMJS5Jf17L/odpXbRFl3Z24nJXMzpV4wC6WQneuGM0a
8RlSJHi275GDnZb6057/59yDQjML5Te7RKNkM6OkPSw2tGbFcsWuV2hq18VxjUsc
Lney4DkSqUbmdugzQiluSLx+s7okmxJCNaTxdSxIGx4IhRZ0qTkl7h++UxMZrVT5
F81oQcCrdEWxzdylf02QN1IqYz6Lkbfpvd2AFk6wryh1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org