Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa
File:                     xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa (raw, json)
Hash identifier:          GH952J+oAyaUMssVG+YYDPBvDi9i6SpDAlLaQ03itpg=
Subject key identifier:   C5:DA:78:6D:50:21:04:B2:15:75:3F:11:41:F6:BD:F9:E7:12:4C:C7
Certificate issuer:       /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial:       073612EC
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa
Signing time:             Sat 01 Jan 2022 12:05:59 +0000
ROA not before:           Sat 01 Jan 2022 12:05:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8916
IP address blocks:        213.5.88.0/21 maxlen: 21
                          188.246.192.0/19 maxlen: 19
                          185.87.56.0/22 maxlen: 22
                          193.108.199.0/24 maxlen: 24
                          2a03:9800::/29 maxlen: 29
                          2001:67c:1b8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120984300 (0x73612ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
        Validity
            Not Before: Jan  1 12:05:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5da786d502104b215753f1141f6bdf9e7124cc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2e:6e:e8:60:c0:87:fe:71:e7:00:d8:d2:37:
                    49:10:01:71:95:78:48:d6:da:7a:9d:f5:a3:52:33:
                    bb:78:fc:1c:a5:b7:05:bf:e8:03:92:be:1e:26:9a:
                    ca:5b:71:f0:dd:21:f7:16:31:13:d3:39:e2:a4:74:
                    7d:4a:46:36:90:9c:b4:78:d3:92:39:87:b5:80:62:
                    f9:87:6a:04:35:d0:44:2e:32:2d:a4:90:2f:19:e7:
                    b6:2f:81:63:30:b5:4e:5d:1f:e4:33:06:54:c7:52:
                    4a:e7:12:03:f6:16:28:fb:86:d0:96:44:b9:e4:06:
                    8c:ab:15:b0:40:b8:b6:3a:43:2b:9c:9d:e6:76:1d:
                    22:84:34:fd:1d:a2:ef:70:50:72:24:59:20:79:be:
                    7b:49:5c:e6:20:cf:23:94:52:31:d2:80:64:13:9b:
                    30:0f:a4:b2:e9:13:e4:28:a6:4f:3b:bf:bc:d7:78:
                    16:bf:4f:ba:84:9f:61:a4:da:dd:68:c0:64:54:48:
                    2b:60:b4:b6:c1:76:72:36:81:8c:87:25:1a:ec:73:
                    8b:21:4f:ca:22:02:17:31:72:bf:88:e6:4c:12:e8:
                    aa:ef:27:16:e8:16:86:63:17:c1:6f:62:83:28:73:
                    13:39:c5:5c:97:b7:a1:bd:8b:7d:76:57:f1:20:eb:
                    53:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:DA:78:6D:50:21:04:B2:15:75:3F:11:41:F6:BD:F9:E7:12:4C:C7
            X509v3 Authority Key Identifier:
                keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.87.56.0/22
                  188.246.192.0/19
                  193.108.199.0/24
                  213.5.88.0/21
                IPv6:
                  2001:67c:1b8::/48
                  2a03:9800::/29

    Signature Algorithm: sha256WithRSAEncryption
         a4:c4:4e:14:46:5b:d9:17:5a:1d:d7:93:66:34:2c:46:a7:fa:
         bf:db:f4:2c:f0:50:88:e3:8b:3c:de:8e:7b:12:da:22:5c:16:
         1c:38:6a:9d:74:72:58:3d:81:d2:77:ae:3f:07:fd:a1:50:fe:
         2f:a4:0f:6e:d9:f4:b1:a2:3e:81:d8:9e:ae:6e:a2:f8:49:65:
         07:e2:e1:ad:0a:3d:0a:33:ba:13:ab:76:38:d2:27:59:2c:87:
         84:62:e7:25:c6:90:4b:db:75:05:ec:3d:35:74:f7:3e:da:39:
         4c:91:e5:b8:d1:a7:27:a2:da:47:e5:39:27:2b:33:08:01:f9:
         df:f5:06:c4:da:e6:e1:fa:a0:30:93:82:85:b6:38:52:de:1e:
         06:51:1c:96:99:b6:99:a3:b3:9b:25:24:02:aa:14:3e:a5:26:
         98:b6:7c:2b:06:94:a2:9c:d1:92:3a:52:11:0a:3b:9a:2e:98:
         b1:d6:5b:79:63:64:c2:33:fe:75:32:6d:4c:66:84:2c:92:15:
         83:76:6a:a8:9e:8b:05:7c:8c:70:67:cd:46:1a:92:d6:cc:89:
         59:c6:b3:d1:94:a3:08:68:ba:62:0e:a7:1e:54:b0:62:19:ad:
         58:74:0c:8d:3e:66:71:9e:c7:d9:35:21:11:11:e4:4d:3b:da:
         44:66:d8:6c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBzYS7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDI3YTYzMWJiNjczOGViNjhiYjZlYTZjNDI0ZWY0YTdkMTRjM2NiMB4XDTIyMDEw
MTEyMDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVkYTc4NmQ1MDIx
MDRiMjE1NzUzZjExNDFmNmJkZjllNzEyNGNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0ubuhgwIf+cecA2NI3SRABcZV4SNbaep31o1Izu3j8HKW3
Bb/oA5K+Hiaayltx8N0h9xYxE9M54qR0fUpGNpCctHjTkjmHtYBi+YdqBDXQRC4y
LaSQLxnnti+BYzC1Tl0f5DMGVMdSSucSA/YWKPuG0JZEueQGjKsVsEC4tjpDK5yd
5nYdIoQ0/R2i73BQciRZIHm+e0lc5iDPI5RSMdKAZBObMA+ksukT5CimTzu/vNd4
Fr9PuoSfYaTa3WjAZFRIK2C0tsF2cjaBjIclGuxziyFPyiICFzFyv4jmTBLoqu8n
FugWhmMXwW9igyhzEznFXJe3ob2LfXZX8SDrU+ECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTF2nhtUCEEshV1PxFB9r355xJMxzAfBgNVHSMEGDAWgBQwJ6Yxu2c462i7
bqbEJO9KfRTDyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01DZW1NYnRuT090b3UyNm14Q1R2U24wVXc4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvOGQ3OGViLTI4MzItNDA4My1hZTFmLTFkZDZkMjgxYzg4YS8x
L3hkcDRiVkFoQkxJVmRUOFJRZmE5LWVjU1RNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
OGQ3OGViLTI4MzItNDA4My1hZTFmLTFkZDZkMjgxYzg4YS8xL01DZW1NYnRuT090
b3UyNm14Q1R2U24wVXc4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEArlXOAMEBbz2wAMEAMFsxwMEA9UF
WDAWBAIAAjAQAwcAIAEGfAG4AwUDKgOYADANBgkqhkiG9w0BAQsFAAOCAQEApMRO
FEZb2RdaHdeTZjQsRqf6v9v0LPBQiOOLPN6OexLaIlwWHDhqnXRyWD2B0neuPwf9
oVD+L6QPbtn0saI+gdierm6i+EllB+LhrQo9CjO6E6t2ONInWSyHhGLnJcaQS9t1
Bew9NXT3Pto5TJHluNGnJ6LaR+U5JyszCAH53/UGxNrm4fqgMJOChbY4Ut4eBlEc
lpm2maOzmyUkAqoUPqUmmLZ8KwaUopzRkjpSEQo7mi6YsdZbeWNkwjP+dTJtTGaE
LJIVg3ZqqJ6LBXyMcGfNRhqS1syJWcaz0ZSjCGi6Yg6nHlSwYhmtWHQMjT5mcZ7H
2TUhERHkTTvaRGbYbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:59 2024 by rpki-client on console-ams.rpki-client.org