Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4mke9z-goI-GN_l_jqn66RL6Gag.roa
File:                     4mke9z-goI-GN_l_jqn66RL6Gag.roa (raw, json)
Hash identifier:          bsRSmomBy3fjpTkjMXQ1g5Ejm6u7EAbVIhoKbs7Jd9E=
Subject key identifier:   E2:69:1E:F7:3F:A0:A0:8F:86:37:F9:7F:8E:A9:FA:E9:12:FA:19:A8
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0F322CD0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4mke9z-goI-GN_l_jqn66RL6Gag.roa
Signing time:             Wed 23 Mar 2022 10:38:05 +0000
ROA not before:           Wed 23 Mar 2022 10:38:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211252
IP address blocks:        212.193.30.0/24 maxlen: 24
                          195.133.18.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.133.38.0/24 maxlen: 24
                          195.133.40.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          194.87.84.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 254946512 (0xf322cd0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar 23 10:38:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2691ef73fa0a08f8637f97f8ea9fae912fa19a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b5:81:99:cb:3c:d4:e6:31:e0:15:65:fa:0b:
                    1d:fc:5b:cb:ca:cf:2a:5e:d7:20:19:34:e6:00:b9:
                    b6:e3:27:75:8e:8d:c5:2b:4c:c7:cb:fe:93:70:b9:
                    36:d6:8c:1e:eb:2a:45:d7:aa:9d:73:d6:03:42:f2:
                    5c:06:2b:ca:89:7b:f6:f0:91:56:e4:2e:38:f9:fd:
                    75:78:e7:97:a4:22:10:77:34:66:ef:48:25:5a:86:
                    f9:66:9f:44:12:04:1c:bf:a9:e7:24:b2:db:d2:71:
                    f7:82:3c:92:d4:dd:08:be:d8:49:d4:94:a1:91:65:
                    49:71:2a:74:a7:10:c7:a2:f2:47:0b:ba:6d:b1:02:
                    91:03:9c:bc:11:40:b2:76:72:fd:7a:9e:26:15:eb:
                    6c:f9:56:2f:77:d8:5d:5e:62:5d:39:20:c3:c7:56:
                    67:5e:f3:6d:bd:12:a3:98:ff:d3:4d:d8:31:31:c2:
                    0a:4b:14:4f:7a:e0:1a:e0:6a:2a:42:53:b9:9d:9a:
                    23:e2:df:82:76:a7:cf:d3:48:a1:62:70:3e:09:0d:
                    fe:72:ac:1e:a5:61:ee:61:e5:fd:2f:bd:2a:90:56:
                    6b:f5:4b:8e:9c:88:ad:d1:40:49:73:2c:a1:86:11:
                    eb:64:9d:74:e4:34:04:de:76:fe:d2:11:c8:c0:a9:
                    88:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:69:1E:F7:3F:A0:A0:8F:86:37:F9:7F:8E:A9:FA:E9:12:FA:19:A8
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4mke9z-goI-GN_l_jqn66RL6Gag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.84.0/22
                  195.133.18.0/24
                  195.133.35.0/24
                  195.133.38.0/24
                  195.133.40.0/24
                  212.192.241.0/24
                  212.193.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:93:fa:57:af:50:5b:dc:ab:bc:fa:74:7d:06:bb:f5:cc:70:
         f7:97:2c:04:77:bd:45:85:8f:89:81:82:53:58:be:8c:f0:17:
         63:cc:b4:7f:d9:03:a8:f0:7f:8f:3c:ab:ce:68:ec:eb:b9:97:
         29:9b:1c:f7:bf:36:9d:60:b8:e4:44:00:6f:54:91:71:04:47:
         ce:7b:55:d1:c9:6d:4a:4b:fb:fa:8d:2b:ed:bb:f8:41:38:f5:
         c5:e8:ad:4b:59:dd:ae:e9:27:13:0f:60:ee:d5:d1:d0:42:14:
         e7:19:b6:46:cd:99:b7:d0:c8:cd:00:57:e3:0f:c4:ed:99:b9:
         5d:fe:2d:8a:a4:49:f1:d1:c0:47:8c:2d:21:65:98:00:73:91:
         be:18:d5:5a:6c:61:3c:38:da:48:9e:cb:e4:98:02:06:35:92:
         c2:28:c6:46:67:18:2b:90:d1:df:df:4a:51:b5:ba:75:f0:2b:
         d3:03:43:04:65:9d:8a:92:95:f1:eb:b5:eb:78:e0:e1:fd:1f:
         e1:17:81:8e:09:f6:22:52:c0:e0:b3:08:cc:90:69:2e:1a:8e:
         97:02:4a:a6:81:a9:08:ff:6f:cf:50:3b:f4:fb:0c:bf:73:29:
         99:0b:b0:b5:85:76:df:f5:0b:da:a8:f7:e2:5a:f3:3a:be:94:
         96:c3:31:37
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDzIs0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDMy
MzEwMzgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI2OTFlZjczZmEw
YTA4Zjg2MzdmOTdmOGVhOWZhZTkxMmZhMTlhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq1gZnLPNTmMeAVZfoLHfxby8rPKl7XIBk05gC5tuMndY6N
xStMx8v+k3C5NtaMHusqRdeqnXPWA0LyXAYryol79vCRVuQuOPn9dXjnl6QiEHc0
Zu9IJVqG+WafRBIEHL+p5ySy29Jx94I8ktTdCL7YSdSUoZFlSXEqdKcQx6LyRwu6
bbECkQOcvBFAsnZy/XqeJhXrbPlWL3fYXV5iXTkgw8dWZ17zbb0So5j/003YMTHC
CksUT3rgGuBqKkJTuZ2aI+Lfgnanz9NIoWJwPgkN/nKsHqVh7mHl/S+9KpBWa/VL
jpyIrdFASXMsoYYR62SddOQ0BN52/tIRyMCpiBsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTiaR73P6Cgj4Y3+X+OqfrpEvoZqDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
LzRta2U5ei1nb0ktR05fbF9qcW42NlJMNkdhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAsJXVAMEAMOFEgMEAMOFIwMEAMOF
JgMEAMOFKAMEANTA8QMEANTBHjANBgkqhkiG9w0BAQsFAAOCAQEAjJP6V69QW9yr
vPp0fQa79cxw95csBHe9RYWPiYGCU1i+jPAXY8y0f9kDqPB/jzyrzmjs67mXKZsc
9782nWC45EQAb1SRcQRHzntV0cltSkv7+o0r7bv4QTj1xeitS1ndruknEw9g7tXR
0EIU5xm2Rs2Zt9DIzQBX4w/E7Zm5Xf4tiqRJ8dHAR4wtIWWYAHORvhjVWmxhPDja
SJ7L5JgCBjWSwijGRmcYK5DR399KUbW6dfAr0wNDBGWdipKV8eu163jg4f0f4ReB
jgn2IlLA4LMIzJBpLhqOlwJKpoGpCP9vz1A79PsMv3MpmQuwtYV23/UL2qj34lrz
Or6UlsMxNw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-ams.rpki-client.org