Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iH5xPF0IJttvXcDJiRq1LvYSIlo.roa
File:                     iH5xPF0IJttvXcDJiRq1LvYSIlo.roa (raw, json)
Hash identifier:          6RZRatNdc1Uz0hda5gRcxGKWuMa1T/vYvIs5tI0PnJ0=
Subject key identifier:   88:7E:71:3C:5D:08:26:DB:6F:5D:C0:C9:89:1A:B5:2E:F6:12:22:5A
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0ABD2676
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iH5xPF0IJttvXcDJiRq1LvYSIlo.roa
Signing time:             Tue 29 Mar 2022 04:22:38 +0000
ROA not before:           Tue 29 Mar 2022 04:22:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        85.133.194.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180168310 (0xabd2676)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Mar 29 04:22:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=887e713c5d0826db6f5dc0c9891ab52ef612225a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c3:5c:53:c8:2c:36:4a:a0:bd:5e:e9:70:87:
                    db:cb:d6:8c:9b:f9:b7:b5:7e:b2:6d:77:73:28:c2:
                    90:3a:82:c9:df:75:0f:94:41:98:a4:9c:ea:3f:48:
                    7f:dd:8b:67:70:aa:da:49:c5:b2:75:4a:7d:f5:02:
                    e2:45:d7:47:66:27:16:82:24:58:95:98:a1:93:6c:
                    b3:84:50:11:f3:fc:8f:2d:04:3e:84:13:d6:ff:9f:
                    23:fd:3d:8a:82:52:9f:96:f1:6e:bf:b3:e0:ad:ea:
                    ed:c9:97:ba:77:51:83:9a:f9:27:7e:f0:65:44:c8:
                    37:ab:4b:e8:1b:a9:6d:67:3b:82:4e:65:84:e6:11:
                    ea:0e:df:87:2f:b6:71:f7:6d:0b:cd:0d:78:c9:85:
                    bd:50:47:2c:bb:6e:03:d3:36:7e:35:52:8a:b7:c5:
                    f5:b6:c5:7a:ed:dd:af:64:44:d9:34:ea:cf:eb:46:
                    3f:ff:e7:5b:82:c8:2b:1d:1d:1c:d8:0d:d1:87:bf:
                    ab:c2:d1:b5:b4:2b:c4:4f:cd:94:68:70:1b:3f:9b:
                    31:31:e6:51:a9:70:4d:cc:87:66:9a:8c:9b:0a:dc:
                    10:06:ec:fc:54:de:5c:01:e2:70:2b:e9:d6:8c:42:
                    d0:2f:8f:dd:8d:4f:cb:e6:7d:74:c0:01:5f:a2:13:
                    2e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7E:71:3C:5D:08:26:DB:6F:5D:C0:C9:89:1A:B5:2E:F6:12:22:5A
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/iH5xPF0IJttvXcDJiRq1LvYSIlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.137.0/24
                  85.133.169.0/24
                  85.133.194.0/24
                  85.133.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:71:fd:db:17:b5:1b:9d:a4:e4:e8:4b:59:a9:4b:43:8c:ed:
         c6:39:3b:94:6e:f2:63:41:fc:63:10:5a:d1:7e:9d:ab:b9:1f:
         ca:04:1f:53:d6:bb:fb:4e:6d:1e:56:28:73:56:ec:17:51:eb:
         0d:6d:cd:46:d7:5a:2a:2f:ca:da:46:f8:c6:55:ad:29:b1:59:
         00:fb:33:4c:f0:2a:72:e6:b7:92:bd:24:e3:2b:fe:1d:0c:7b:
         71:27:16:82:7c:1f:df:4d:be:37:ce:b4:de:b6:69:46:94:9a:
         47:f7:d0:05:f4:16:94:21:bc:3d:4d:cb:6e:42:ca:17:82:13:
         5d:93:00:99:0d:eb:cd:7d:d7:8e:22:e1:cd:fb:27:c6:11:84:
         60:67:77:0a:8b:88:c9:35:96:bb:7d:38:13:f1:c6:b1:32:ce:
         4c:65:97:3e:19:21:7b:36:81:94:58:be:ad:8a:0d:8d:6e:81:
         c7:71:56:79:cb:80:3c:e5:9d:2f:ac:ea:f1:8f:37:cb:8f:cd:
         ca:85:16:2c:17:28:8e:cd:fd:d6:99:f2:d7:99:99:37:01:ec:
         6d:d1:25:a8:d5:0e:f4:c0:5e:17:6b:3f:01:6d:b5:3d:6c:ce:
         06:79:05:92:1d:32:b6:0e:94:4a:52:3b:be:07:b9:d7:48:3a:
         75:b2:7d:50
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECr0mdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDMy
OTA0MjIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg3ZTcxM2M1ZDA4
MjZkYjZmNWRjMGM5ODkxYWI1MmVmNjEyMjI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHDXFPILDZKoL1e6XCH28vWjJv5t7V+sm13cyjCkDqCyd91
D5RBmKSc6j9If92LZ3Cq2knFsnVKffUC4kXXR2YnFoIkWJWYoZNss4RQEfP8jy0E
PoQT1v+fI/09ioJSn5bxbr+z4K3q7cmXundRg5r5J37wZUTIN6tL6BupbWc7gk5l
hOYR6g7fhy+2cfdtC80NeMmFvVBHLLtuA9M2fjVSirfF9bbFeu3dr2RE2TTqz+tG
P//nW4LIKx0dHNgN0Ye/q8LRtbQrxE/NlGhwGz+bMTHmUalwTcyHZpqMmwrcEAbs
/FTeXAHicCvp1oxC0C+P3Y1Py+Z9dMABX6ITLjECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSIfnE8XQgm229dwMmJGrUu9hIiWjAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L2lINXhQRjBJSnR0dlhjREppUnExTHZZU0lsby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFWFiQMEAFWFqQMEAFWFwgMEAFWF
6jANBgkqhkiG9w0BAQsFAAOCAQEAmXH92xe1G52k5OhLWalLQ4ztxjk7lG7yY0H8
YxBa0X6dq7kfygQfU9a7+05tHlYoc1bsF1HrDW3NRtdaKi/K2kb4xlWtKbFZAPsz
TPAqcua3kr0k4yv+HQx7cScWgnwf302+N8603rZpRpSaR/fQBfQWlCG8PU3LbkLK
F4ITXZMAmQ3rzX3XjiLhzfsnxhGEYGd3CouIyTWWu304E/HGsTLOTGWXPhkhezaB
lFi+rYoNjW6Bx3FWecuAPOWdL6zq8Y83y4/NyoUWLBcojs391pny15mZNwHsbdEl
qNUO9MBeF2s/AW21PWzOBnkFkh0ytg6USlI7vge510g6dbJ9UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org