Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/OHHj2dayTnTO1OkDslut1u5Ho3Q.roa
File:                     OHHj2dayTnTO1OkDslut1u5Ho3Q.roa (raw, json)
Hash identifier:          c1eRri7WxniYCB/TufZVcN8vbeJDZW6N1gobQWwSdP8=
Subject key identifier:   38:71:E3:D9:D6:B2:4E:74:CE:D4:E9:03:B2:5B:AD:D6:EE:47:A3:74
Certificate issuer:       /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial:       0184375F699B7D0F3964BC481C01155BEDFD
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/OHHj2dayTnTO1OkDslut1u5Ho3Q.roa
Signing time:             Wed 02 Nov 2022 08:05:10 +0000
ROA not before:           Wed 02 Nov 2022 08:05:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200168
IP address blocks:        195.254.172.0/23 maxlen: 23
                          185.35.213.0/24 maxlen: 24
                          185.35.212.0/24 maxlen: 24
                          185.35.214.0/24 maxlen: 24
                          2a04:6543::/32 maxlen: 32
                          2a04:6540::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:37:5f:69:9b:7d:0f:39:64:bc:48:1c:01:15:5b:ed:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
        Validity
            Not Before: Nov  2 08:05:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3871e3d9d6b24e74ced4e903b25badd6ee47a374
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:bb:59:0b:2a:5f:1f:7c:96:0f:9b:11:64:79:
                    f9:cb:7b:9d:c7:10:b9:c9:c5:45:df:ef:47:a2:4e:
                    6e:bd:7d:00:0e:3b:14:8b:21:d6:fe:19:7b:43:ce:
                    63:00:d4:6c:b4:0e:28:5b:bc:b3:64:db:76:7d:f1:
                    94:bf:d5:9e:93:88:56:ed:34:6a:76:ae:23:0c:a7:
                    a7:a5:31:3d:06:b3:ef:3c:e3:23:b3:3c:d0:00:50:
                    51:f8:d1:c2:ed:49:5e:d8:7a:81:bd:92:c5:77:7a:
                    d8:c4:f8:20:fc:b4:69:01:c0:28:a0:0b:28:af:10:
                    07:15:c9:b3:6c:b7:49:a2:9f:55:16:31:a5:6d:f3:
                    38:35:7c:f0:48:f9:44:12:cd:80:23:38:fe:3a:0d:
                    87:52:43:0f:3b:9f:9e:51:2b:30:6d:3c:e7:cc:57:
                    92:0e:97:b8:f9:54:19:03:8a:79:e2:ea:da:13:3e:
                    54:4a:87:e4:be:61:b5:c9:a1:26:5e:4d:eb:d3:00:
                    b7:05:c2:68:a4:a4:ed:ef:93:77:d5:4a:60:a3:46:
                    83:99:e3:a1:d6:a1:3e:8f:82:62:fa:dd:3c:ec:a3:
                    6b:1f:b2:09:9a:1c:fa:8d:e3:9f:68:2e:88:ac:85:
                    64:82:aa:ad:75:07:4b:a9:be:ed:ed:dd:50:0c:af:
                    34:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:71:E3:D9:D6:B2:4E:74:CE:D4:E9:03:B2:5B:AD:D6:EE:47:A3:74
            X509v3 Authority Key Identifier:
                keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/OHHj2dayTnTO1OkDslut1u5Ho3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.212.0-185.35.214.255
                  195.254.172.0/23
                IPv6:
                  2a04:6540::/32
                  2a04:6543::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:0d:46:f2:96:0e:22:8f:ec:cc:69:a5:7b:d8:d9:f9:dd:80:
         a7:ad:be:6f:da:06:dd:e4:ef:73:4c:ca:6c:4b:39:58:a3:4b:
         89:4a:66:98:52:02:ec:85:e7:df:5a:d0:37:59:8e:02:ca:88:
         d7:dc:00:47:2d:04:66:5f:7c:bd:66:e2:c7:3d:55:98:6b:eb:
         cc:0a:10:88:bd:0e:21:aa:08:b1:f3:fa:70:92:a6:fc:0d:72:
         24:a8:5e:7a:f7:59:2d:d3:65:5e:a2:df:d3:0e:90:ed:3e:c0:
         aa:7b:db:53:2c:8f:a1:1c:37:4b:67:5a:6d:d1:b6:6a:76:6e:
         35:62:4e:24:2b:19:93:d7:db:03:e4:cc:1c:72:90:ab:74:1c:
         82:c2:9e:a5:c1:f4:ad:d1:48:32:ef:4a:3d:52:21:e9:11:15:
         48:18:aa:19:31:08:d0:10:79:ae:f4:88:8e:19:8c:dc:74:ae:
         e5:f3:74:f7:08:19:8e:95:3d:96:3d:51:2e:d0:fa:09:8f:d4:
         ca:9b:22:d3:69:98:14:b8:61:f1:f1:4a:9c:d4:a6:4b:34:c7:
         71:f1:40:e9:49:98:1a:9f:28:c5:9f:f2:18:2e:d8:e0:92:78:
         51:d8:75:ee:6c:1a:be:a9:e3:fa:52:79:26:94:ae:6b:99:2b:
         22:0e:59:83
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQ3X2mbfQ85ZLxIHAEVW+39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTFkNTI2MjU2MWE5ZGQ3MTNkZmEzOTE2M2RlYzg0OWZl
ZTQ2MzYwHhcNMjIxMTAyMDgwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcxZTNkOWQ2YjI0ZTc0Y2VkNGU5MDNiMjViYWRkNmVlNDdhMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rtZCypfH3yWD5sRZHn5y3udxxC5
ycVF3+9Hok5uvX0ADjsUiyHW/hl7Q85jANRstA4oW7yzZNt2ffGUv9Wek4hW7TRq
dq4jDKenpTE9BrPvPOMjszzQAFBR+NHC7Ule2HqBvZLFd3rYxPgg/LRpAcAooAso
rxAHFcmzbLdJop9VFjGlbfM4NXzwSPlEEs2AIzj+Og2HUkMPO5+eUSswbTznzFeS
Dpe4+VQZA4p54uraEz5USofkvmG1yaEmXk3r0wC3BcJopKTt75N31Upgo0aDmeOh
1qE+j4Ji+t087KNrH7IJmhz6jeOfaC6IrIVkgqqtdQdLqb7t7d1QDK808wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDhx49nWsk50ztTpA7JbrdbuR6N0MB8GA1UdIwQY
MBaAFKuR1SYlYandcT36ORY97ISf7kY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQt
Mjc1MjQyYWE2Nzc1LzEvT0hIajJkYXlUblRPMU9rRHNsdXQxdTVIbzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQtMjc1MjQyYWE2Nzc1
LzEvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAK5I9QD
BAC5I9YDBAHD/qwwFAQCAAIwDgMFACoEZUADBQAqBGVDMA0GCSqGSIb3DQEBCwUA
A4IBAQBqDUbylg4ij+zMaaV72Nn53YCnrb5v2gbd5O9zTMpsSzlYo0uJSmaYUgLs
heffWtA3WY4CyojX3ABHLQRmX3y9ZuLHPVWYa+vMChCIvQ4hqgix8/pwkqb8DXIk
qF5691kt02Veot/TDpDtPsCqe9tTLI+hHDdLZ1pt0bZqdm41Yk4kKxmT19sD5Mwc
cpCrdByCwp6lwfSt0Ugy70o9UiHpERVIGKoZMQjQEHmu9IiOGYzcdK7l83T3CBmO
lT2WPVEu0PoJj9TKmyLTaZgUuGHx8Uqc1KZLNMdx8UDpSZganyjFn/IYLtjgknhR
2HXubBq+qeP6UnkmlK5rmSsiDlmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:25 2024 by rpki-client on console-fra.rpki-client.org