Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/A2OzttB7crezQFDrm1CYcokkBWg.roa
File:                     A2OzttB7crezQFDrm1CYcokkBWg.roa (raw, json)
Hash identifier:          widMLKJ1Z2nAWiDNKkv0EMChxG0zpXe4MoitCFCYWqI=
Subject key identifier:   03:63:B3:B6:D0:7B:72:B7:B3:40:50:EB:9B:50:98:72:89:24:05:68
Certificate issuer:       /CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Certificate serial:       0183302AF1486B20F722BFF7F96421D8018A
Authority key identifier: 65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/A2OzttB7crezQFDrm1CYcokkBWg.roa
Signing time:             Mon 12 Sep 2022 05:27:43 +0000
ROA not before:           Mon 12 Sep 2022 05:27:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8393
IP address blocks:        193.193.228.0/24 maxlen: 24
                          193.193.229.0/24 maxlen: 24
                          193.193.227.0/24 maxlen: 24
                          193.193.233.0/24 maxlen: 24
                          193.193.232.0/24 maxlen: 24
                          193.193.230.0/24 maxlen: 24
                          193.193.231.0/24 maxlen: 24
                          193.193.235.0/24 maxlen: 24
                          193.193.236.0/24 maxlen: 24
                          193.193.234.0/24 maxlen: 24
                          193.193.240.0/24 maxlen: 24
                          193.193.239.0/24 maxlen: 24
                          193.193.237.0/24 maxlen: 24
                          193.193.238.0/24 maxlen: 24
                          193.193.245.0/24 maxlen: 24
                          193.193.246.0/24 maxlen: 24
                          193.193.244.0/24 maxlen: 24
                          193.193.242.0/24 maxlen: 24
                          193.193.243.0/24 maxlen: 24
                          193.193.241.0/24 maxlen: 24
                          193.193.249.0/24 maxlen: 24
                          193.193.250.0/24 maxlen: 24
                          193.193.247.0/24 maxlen: 24
                          193.193.248.0/24 maxlen: 24
                          193.193.251.0/24 maxlen: 24
                          193.193.252.0/23 maxlen: 23
                          193.193.254.0/24 maxlen: 24
                          193.193.255.0/24 maxlen: 24
                          193.193.226.0/24 maxlen: 24
                          193.193.225.0/24 maxlen: 24
                          193.193.224.0/24 maxlen: 24
                          213.157.35.0/24 maxlen: 24
                          213.157.36.0/24 maxlen: 24
                          213.157.33.0/24 maxlen: 24
                          213.157.34.0/24 maxlen: 24
                          213.157.32.0/24 maxlen: 24
                          213.157.37.0/24 maxlen: 24
                          213.157.38.0/24 maxlen: 24
                          213.157.42.0/24 maxlen: 24
                          213.157.43.0/24 maxlen: 24
                          213.157.40.0/24 maxlen: 24
                          213.157.41.0/24 maxlen: 24
                          213.157.39.0/24 maxlen: 24
                          213.157.44.0/24 maxlen: 24
                          213.157.49.0/24 maxlen: 24
                          213.157.50.0/24 maxlen: 24
                          213.157.47.0/24 maxlen: 24
                          213.157.48.0/24 maxlen: 24
                          213.157.46.0/24 maxlen: 24
                          213.157.45.0/24 maxlen: 24
                          213.157.51.0/24 maxlen: 24
                          213.157.58.0/23 maxlen: 23
                          213.157.56.0/24 maxlen: 24
                          213.157.57.0/24 maxlen: 24
                          213.157.54.0/23 maxlen: 23
                          213.157.53.0/24 maxlen: 24
                          213.157.52.0/24 maxlen: 24
                          213.157.63.0/24 maxlen: 24
                          213.157.61.0/24 maxlen: 24
                          213.157.62.0/24 maxlen: 24
                          213.157.60.0/24 maxlen: 24
                          91.203.22.0/24 maxlen: 24
                          91.203.20.0/24 maxlen: 24
                          91.203.21.0/24 maxlen: 24
                          185.217.16.0/24 maxlen: 24
                          185.217.17.0/24 maxlen: 24
                          185.217.19.0/24 maxlen: 24
                          185.217.18.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:30:2a:f1:48:6b:20:f7:22:bf:f7:f9:64:21:d8:01:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
        Validity
            Not Before: Sep 12 05:27:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0363b3b6d07b72b7b34050eb9b50987289240568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:33:38:a5:a4:0e:d9:1f:9f:a1:29:0e:bd:15:
                    9f:c0:b5:da:e3:81:d9:4a:01:22:35:5c:95:db:c3:
                    b9:19:67:22:d3:ec:ad:ba:27:0d:89:b9:5d:3b:fa:
                    92:06:92:a9:55:c3:28:aa:60:f3:51:0a:e0:b3:cd:
                    d2:30:b5:4f:57:1f:7d:aa:f3:eb:e0:1e:f4:76:3c:
                    02:40:4f:50:ee:57:a3:15:b2:d7:20:58:0f:97:a9:
                    08:ae:11:cb:a4:e2:24:86:51:da:91:df:2d:a5:aa:
                    76:34:94:ef:fc:70:c0:ab:5b:04:7d:a5:23:1b:52:
                    cd:b5:3d:87:a0:b5:ae:6c:d2:7d:5f:c4:20:33:ea:
                    09:bb:bc:05:08:b3:6b:c8:72:07:31:38:32:33:d0:
                    ea:31:11:ca:c8:b6:9c:46:88:72:91:ea:71:2c:02:
                    13:c6:71:58:fb:13:69:fd:7b:b2:ce:fc:93:67:be:
                    3d:45:04:af:70:79:df:70:c4:1a:79:99:1e:6e:52:
                    f9:aa:b0:24:73:7b:6e:66:56:90:e8:d0:a6:0f:1c:
                    28:99:9c:0e:57:c9:32:a5:21:5a:06:c7:b7:90:22:
                    2c:87:6c:1b:43:62:d8:f2:e2:89:39:74:08:8f:69:
                    1c:32:7a:70:9b:30:fa:75:e6:f4:82:20:78:3f:06:
                    44:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:63:B3:B6:D0:7B:72:B7:B3:40:50:EB:9B:50:98:72:89:24:05:68
            X509v3 Authority Key Identifier:
                keyid:65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/A2OzttB7crezQFDrm1CYcokkBWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.20.0-91.203.22.255
                  185.217.16.0/22
                  193.193.224.0/19
                  213.157.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6f:d4:fb:07:de:16:f5:a5:2e:f6:aa:51:18:25:75:5e:bb:d1:
         80:57:5b:a0:f1:bf:a0:0e:49:35:38:21:b6:18:26:fa:53:0e:
         e4:1a:e6:1c:82:98:d2:49:4f:92:0b:93:e0:d4:85:30:90:b0:
         f5:41:fa:3b:a2:59:62:f5:2b:58:43:ea:5c:da:4e:ee:e7:52:
         49:74:70:fd:57:01:e4:b7:50:82:e3:a4:38:67:72:46:5b:45:
         23:68:68:49:2f:e7:8e:ca:e5:db:56:2d:7e:69:4f:8e:bb:f8:
         92:63:9f:3a:31:c1:de:f9:a2:d9:e3:af:5a:c4:66:33:71:1a:
         f4:c7:07:19:0f:31:fb:b4:00:72:8a:3d:a1:15:ec:2a:9a:65:
         bd:ea:0e:fe:1c:05:d7:7f:53:8b:26:66:db:46:48:99:02:80:
         01:35:f7:e7:00:66:0a:ba:9e:0f:74:27:39:40:03:b8:bf:a1:
         af:fe:83:be:8a:59:d8:7e:79:b1:30:14:39:2e:d3:44:d5:f5:
         7a:b3:95:43:64:f7:51:1c:90:af:5e:34:6f:f4:2c:65:2f:c8:
         56:2f:c5:92:b2:5f:a4:08:b8:cb:25:41:c9:2e:ff:7f:d3:c1:
         b3:a9:36:3a:ed:51:49:71:7f:ed:a2:4a:5f:58:1f:21:06:7b:
         e4:c6:7d:22
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYMwKvFIayD3Ir/3+WQh2AGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjVkOGI3ZjE5ZTJmYjc1Y2I3Zjk1Nzg5ZDkxMThmNmIx
Yjk3MDUwHhcNMjIwOTEyMDUyNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzYzYjNiNmQwN2I3MmI3YjM0MDUwZWI5YjUwOTg3Mjg5MjQwNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TM4paQO2R+foSkOvRWfwLXa44HZ
SgEiNVyV28O5GWci0+ytuicNibldO/qSBpKpVcMoqmDzUQrgs83SMLVPVx99qvPr
4B70djwCQE9Q7lejFbLXIFgPl6kIrhHLpOIkhlHakd8tpap2NJTv/HDAq1sEfaUj
G1LNtT2HoLWubNJ9X8QgM+oJu7wFCLNryHIHMTgyM9DqMRHKyLacRohykepxLAIT
xnFY+xNp/XuyzvyTZ749RQSvcHnfcMQaeZkeblL5qrAkc3tuZlaQ6NCmDxwomZwO
V8kypSFaBse3kCIsh2wbQ2LY8uKJOXQIj2kcMnpwmzD6deb0giB4PwZEBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFANjs7bQe3K3s0BQ65tQmHKJJAVoMB8GA1UdIwQY
MBaAFGUl2Lfxni+3XLf5V4nZEY9rG5cFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUt
NDY2MDNkZTgwNWVjLzEvQTJPenR0QjdjcmV6UUZEcm0xQ1ljb2trQldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUtNDY2MDNkZTgwNWVj
LzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJbyxQD
BABbyxYDBAK52RADBAXBweADBAXVnSAwDQYJKoZIhvcNAQELBQADggEBAG/U+wfe
FvWlLvaqURgldV670YBXW6Dxv6AOSTU4IbYYJvpTDuQa5hyCmNJJT5ILk+DUhTCQ
sPVB+juiWWL1K1hD6lzaTu7nUkl0cP1XAeS3UILjpDhnckZbRSNoaEkv547K5dtW
LX5pT467+JJjnzoxwd75otnjr1rEZjNxGvTHBxkPMfu0AHKKPaEV7CqaZb3qDv4c
Bdd/U4smZttGSJkCgAE19+cAZgq6ng90JzlAA7i/oa/+g76KWdh+ebEwFDku00TV
9XqzlUNk91EckK9eNG/0LGUvyFYvxZKyX6QIuMslQcku/3/TwbOpNjrtUUlxf+2i
Sl9YHyEGe+TGfSI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org