Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/KAmF_CwS298L3BdSQg6DK6fxkOw.roa
File:                     KAmF_CwS298L3BdSQg6DK6fxkOw.roa (raw, json)
Hash identifier:          ziWGlW3A3roc8S7hdkI2ylWgYpLQ1vVqgk6JoKSkOaQ=
Subject key identifier:   28:09:85:FC:2C:12:DB:DF:0B:DC:17:52:42:0E:83:2B:A7:F1:90:EC
Certificate issuer:       /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial:       AADAB7
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/KAmF_CwS298L3BdSQg6DK6fxkOw.roa
Signing time:             Sat 01 Jan 2022 04:58:39 +0000
ROA not before:           Sat 01 Jan 2022 04:58:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34066
IP address blocks:        78.158.48.0/20 maxlen: 24
                          185.158.56.0/22 maxlen: 24
                          193.104.103.0/24 maxlen: 24
                          193.104.131.0/24 maxlen: 24
                          77.240.48.0/20 maxlen: 24
                          2a03:7600::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11197111 (0xaadab7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=795013346c8d8f23e0128d306997980237db2374
        Validity
            Not Before: Jan  1 04:58:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=280985fc2c12dbdf0bdc1752420e832ba7f190ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:21:74:14:64:4c:c5:e7:a6:83:65:14:24:41:
                    80:fb:ed:ba:46:6b:14:0e:1e:96:89:2f:31:a1:80:
                    39:88:d5:f8:31:c2:de:9b:71:d6:27:fd:6d:2e:70:
                    61:59:1d:21:aa:e6:e5:d8:1d:f5:8b:e3:1e:49:1a:
                    0c:de:a1:89:8d:3b:0b:27:ed:ea:43:9b:e2:ca:e7:
                    ca:66:ea:b8:75:38:5f:f7:28:64:53:ae:cb:88:ba:
                    f4:d1:57:7b:06:d2:bf:c4:cd:f3:c4:cd:e6:f2:77:
                    a0:19:9e:2a:fe:94:29:e1:4c:9a:71:fb:49:bf:a1:
                    d4:91:13:cc:d3:97:81:0a:39:a4:88:e6:81:f6:4e:
                    ae:9e:90:9b:de:4e:b4:92:f5:56:95:ce:9d:78:cc:
                    c3:a9:77:31:ed:aa:dc:54:85:69:a1:8f:f3:a8:b1:
                    2f:d4:97:8c:bb:f2:2b:f1:ac:83:d0:f2:ef:ba:be:
                    ab:a0:5c:23:bc:74:d6:e8:32:c4:e7:94:54:1c:48:
                    8d:36:5a:f5:92:4e:e1:bd:cd:a5:ec:29:65:bb:a9:
                    bc:18:77:74:31:04:57:4d:44:6a:5e:0d:3f:74:bc:
                    30:c5:96:97:53:a0:a8:c9:11:1f:0e:8e:59:ab:eb:
                    4c:e4:f1:a7:78:0f:55:ab:e8:df:82:ce:05:c7:3a:
                    a8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:09:85:FC:2C:12:DB:DF:0B:DC:17:52:42:0E:83:2B:A7:F1:90:EC
            X509v3 Authority Key Identifier:
                keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/KAmF_CwS298L3BdSQg6DK6fxkOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.240.48.0/20
                  78.158.48.0/20
                  185.158.56.0/22
                  193.104.103.0/24
                  193.104.131.0/24
                IPv6:
                  2a03:7600::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:eb:c7:0e:25:8c:12:fe:09:6c:82:bc:ae:8e:93:01:93:ee:
         d2:81:a4:5a:7d:10:a3:b0:d9:50:1b:ce:fc:c4:de:d4:b0:dc:
         55:ea:86:a5:70:b7:38:ac:fd:96:e4:0b:5f:f7:02:0a:fb:35:
         54:7d:ea:2a:cc:82:69:4b:a5:43:7c:8b:9f:ba:7c:af:99:52:
         78:de:40:3f:97:9d:19:65:dc:44:80:0d:7c:b3:fa:e5:d5:e0:
         12:20:56:98:37:bc:26:42:81:2a:72:51:b1:15:46:8e:31:ea:
         9f:65:3e:55:41:40:70:be:55:f0:76:fe:8e:98:5b:a1:dc:f2:
         0a:9d:ca:4d:0b:08:7c:aa:d4:b5:8c:15:36:35:20:33:e4:cc:
         91:b8:c6:f9:24:ad:d6:84:10:44:dd:ce:25:06:d3:7a:14:a3:
         d2:97:74:3b:77:87:24:9f:6a:c3:5b:0c:f0:ff:53:9c:96:fd:
         cf:b6:33:ae:f5:45:9c:c7:ef:2f:8e:a6:11:3f:3a:03:2b:18:
         29:3d:92:0b:31:76:64:d0:c7:8e:67:ca:7e:d5:77:9e:e6:78:
         e5:a1:9d:7d:b8:18:5c:33:7d:3e:43:ad:7b:9e:d5:91:8e:19:
         37:d3:a8:f0:e9:04:9f:2e:8c:60:d8:0c:82:3d:9a:97:88:9a:
         0e:f5:fe:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAKratzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTUwMTMzNDZjOGQ4ZjIzZTAxMjhkMzA2OTk3OTgwMjM3ZGIyMzc0MB4XDTIyMDEw
MTA0NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgwOTg1ZmMyYzEy
ZGJkZjBiZGMxNzUyNDIwZTgzMmJhN2YxOTBlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALchdBRkTMXnpoNlFCRBgPvtukZrFA4elokvMaGAOYjV+DHC
3ptx1if9bS5wYVkdIarm5dgd9YvjHkkaDN6hiY07Cyft6kOb4srnymbquHU4X/co
ZFOuy4i69NFXewbSv8TN88TN5vJ3oBmeKv6UKeFMmnH7Sb+h1JETzNOXgQo5pIjm
gfZOrp6Qm95OtJL1VpXOnXjMw6l3Me2q3FSFaaGP86ixL9SXjLvyK/Gsg9Dy77q+
q6BcI7x01ugyxOeUVBxIjTZa9ZJO4b3NpewpZbupvBh3dDEEV01Eal4NP3S8MMWW
l1OgqMkRHw6OWavrTOTxp3gPVavo34LOBcc6qPkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQoCYX8LBLb3wvcF1JCDoMrp/GQ7DAfBgNVHSMEGDAWgBR5UBM0bI2PI+AS
jTBpl5gCN9sjdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VWQVROR3lOanlQZ0VvMHdhWmVZQWpmYkkzUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvODJjMDFlLWI4Y2QtNDRhZC04YWE3LThlOThlYTZjYThlZS8x
L0tBbUZfQ3dTMjk4TDNCZFNRZzZESzZmeGtPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ODJjMDFlLWI4Y2QtNDRhZC04YWE3LThlOThlYTZjYThlZS8xL2VWQVROR3lOanlQ
Z0VvMHdhWmVZQWpmYkkzUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBE3wMAMEBE6eMAMEArmeOAMEAMFo
ZwMEAMFogzANBAIAAjAHAwUAKgN2ADANBgkqhkiG9w0BAQsFAAOCAQEAE+vHDiWM
Ev4JbIK8ro6TAZPu0oGkWn0Qo7DZUBvO/MTe1LDcVeqGpXC3OKz9luQLX/cCCvs1
VH3qKsyCaUulQ3yLn7p8r5lSeN5AP5edGWXcRIANfLP65dXgEiBWmDe8JkKBKnJR
sRVGjjHqn2U+VUFAcL5V8Hb+jphbodzyCp3KTQsIfKrUtYwVNjUgM+TMkbjG+SSt
1oQQRN3OJQbTehSj0pd0O3eHJJ9qw1sM8P9TnJb9z7YzrvVFnMfvL46mET86AysY
KT2SCzF2ZNDHjmfKftV3nuZ45aGdfbgYXDN9PkOte57VkY4ZN9Oo8OkEny6MYNgM
gj2al4iaDvX+0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org