Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/kOGlaZji4AN80kqBr1s1ukmY0xM.roa
File:                     kOGlaZji4AN80kqBr1s1ukmY0xM.roa (raw, json)
Hash identifier:          riA9p4iXnFje8jLrAuzR6fb9Yd/zwyh48K3NEIaAHiY=
Subject key identifier:   90:E1:A5:69:98:E2:E0:03:7C:D2:4A:81:AF:5B:35:BA:49:98:D3:13
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       0A2CC0D9
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/kOGlaZji4AN80kqBr1s1ukmY0xM.roa
Signing time:             Sat 01 Jan 2022 14:59:16 +0000
ROA not before:           Sat 01 Jan 2022 14:59:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49453
IP address blocks:        185.152.92.0/22 maxlen: 24
                          85.239.36.0/22 maxlen: 24
                          85.239.35.0/24 maxlen: 24
                          85.239.48.0/22 maxlen: 22
                          85.239.52.0/22 maxlen: 22
                          85.239.56.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170705113 (0xa2cc0d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: Jan  1 14:59:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=90e1a56998e2e0037cd24a81af5b35ba4998d313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:69:e8:e7:79:89:79:81:4a:46:96:53:58:da:
                    06:4e:2e:af:fe:37:07:e3:6a:eb:37:8b:65:8c:40:
                    fa:29:7f:a1:fc:a3:80:ac:3f:0f:32:de:d3:2d:b6:
                    96:8e:3f:21:fe:44:50:d1:78:51:74:cb:74:81:74:
                    b3:6b:f2:13:aa:39:41:5d:96:f3:47:58:54:ff:fe:
                    ef:02:e6:99:7a:06:94:9e:b8:24:78:9c:d7:a6:bb:
                    7c:8e:5a:fb:9e:7f:2e:d5:7e:70:ca:9d:b5:b1:8f:
                    b0:ee:1a:a8:69:9b:90:6e:49:ad:7d:cb:5d:eb:13:
                    bd:42:99:d3:0e:b6:33:c2:95:4d:34:c5:c6:4b:0c:
                    51:3d:c6:a3:79:ef:d5:71:a6:56:e3:98:d8:8f:30:
                    e1:19:91:a8:3a:70:d1:0b:80:a3:40:28:63:7a:66:
                    f4:6b:60:c7:fa:cb:28:9d:aa:a9:66:cb:9f:e1:09:
                    2c:77:72:fb:c0:45:3e:eb:6a:e4:6a:5c:de:43:19:
                    0a:1f:57:60:1f:d5:80:c7:ec:3a:ca:6e:20:47:53:
                    ae:e8:d1:76:bb:80:5b:79:83:98:38:77:50:e5:9a:
                    fa:3c:19:bc:cf:bc:d8:68:e9:c5:2a:e8:82:2e:1e:
                    30:71:72:af:bd:8e:ec:f0:1e:5e:de:13:2c:0e:4c:
                    44:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E1:A5:69:98:E2:E0:03:7C:D2:4A:81:AF:5B:35:BA:49:98:D3:13
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/kOGlaZji4AN80kqBr1s1ukmY0xM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.35.0-85.239.39.255
                  85.239.48.0-85.239.59.255
                  185.152.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:69:d2:b7:68:7d:a1:36:e3:74:32:5c:25:ed:f2:97:e9:18:
         a2:52:bd:e4:c0:e0:67:f9:ca:0c:c7:77:a8:97:52:a4:1d:94:
         8a:68:24:c2:5b:56:e1:ea:46:66:6b:ae:ce:ac:d5:ba:b2:b0:
         93:ee:d1:68:2d:2f:5f:11:15:c5:a3:58:ed:58:56:e8:b0:dd:
         cc:b8:71:93:f8:f9:ff:68:eb:9d:ed:a9:dd:fb:c7:8c:d2:6e:
         23:5f:b3:a6:fd:61:f6:38:78:6e:67:0a:c4:dc:da:5f:97:6b:
         8e:9f:36:56:17:cd:03:5f:a4:31:b6:b7:e3:12:c5:ef:93:72:
         c2:68:6f:cd:f6:32:e2:e3:12:c3:f0:2f:11:f8:83:cf:ea:f9:
         10:f0:e3:0b:1d:48:a4:cf:fd:e3:62:74:d5:2e:a6:5c:3b:b5:
         f3:0a:c9:e5:65:2f:86:27:3b:41:c7:e0:ee:57:ae:04:33:7e:
         48:ac:24:82:1e:a8:df:59:3b:5c:3f:a5:c6:03:88:9c:01:cc:
         7e:be:41:a2:87:f3:35:df:d3:9a:a9:0a:0d:4b:cf:7c:d5:3d:
         bd:37:f5:e2:f4:a8:40:46:b0:8a:ca:39:86:58:39:ff:38:0b:
         72:db:26:3a:7d:cf:90:10:5b:5d:d7:a7:48:60:c7:ad:4a:df:
         a4:26:d9:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECizA2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDEw
MTE0NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBlMWE1Njk5OGUy
ZTAwMzdjZDI0YTgxYWY1YjM1YmE0OTk4ZDMxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdp6Od5iXmBSkaWU1jaBk4ur/43B+Nq6zeLZYxA+il/ofyj
gKw/DzLe0y22lo4/If5EUNF4UXTLdIF0s2vyE6o5QV2W80dYVP/+7wLmmXoGlJ64
JHic16a7fI5a+55/LtV+cMqdtbGPsO4aqGmbkG5JrX3LXesTvUKZ0w62M8KVTTTF
xksMUT3Go3nv1XGmVuOY2I8w4RmRqDpw0QuAo0AoY3pm9Gtgx/rLKJ2qqWbLn+EJ
LHdy+8BFPutq5Gpc3kMZCh9XYB/VgMfsOspuIEdTrujRdruAW3mDmDh3UOWa+jwZ
vM+82GjpxSrogi4eMHFyr72O7PAeXt4TLA5MRB8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSQ4aVpmOLgA3zSSoGvWzW6SZjTEzAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L2tPR2xhWmppNEFOODBrcUJyMXMxdWttWTB4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQAVe8jAwQDVe8gMAwDBARV7zAD
BAJV7zgDBAK5mFwwDQYJKoZIhvcNAQELBQADggEBAJVp0rdofaE243QyXCXt8pfp
GKJSveTA4Gf5ygzHd6iXUqQdlIpoJMJbVuHqRmZrrs6s1bqysJPu0WgtL18RFcWj
WO1YVuiw3cy4cZP4+f9o653tqd37x4zSbiNfs6b9YfY4eG5nCsTc2l+Xa46fNlYX
zQNfpDG2t+MSxe+TcsJob832MuLjEsPwLxH4g8/q+RDw4wsdSKTP/eNidNUuplw7
tfMKyeVlL4YnO0HH4O5XrgQzfkisJIIeqN9ZO1w/pcYDiJwBzH6+QaKH8zXf05qp
Cg1Lz3zVPb039eL0qEBGsIrKOYZYOf84C3LbJjp9z5AQW13Xp0hgx61K36Qm2eE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org