Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa
File:                     DY3MThqCozNyjm5gjgcrKlNlMtA.roa (raw, json)
Hash identifier:          HD3iZNxDo9vc4oEQ+m/N2my1+grgVuMrR5enfS3rdM4=
Subject key identifier:   0D:8D:CC:4E:1A:82:A3:33:72:8E:6E:60:8E:07:2B:2A:53:65:32:D0
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0184C87F1165B47B358FE28598B48D4A6F2A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa
Signing time:             Wed 30 Nov 2022 12:24:41 +0000
ROA not before:           Wed 30 Nov 2022 12:24:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        194.55.224.0/24 maxlen: 24
                          194.55.225.0/24 maxlen: 24
                          178.215.225.0/24 maxlen: 24
                          194.55.227.0/24 maxlen: 24
                          178.215.227.0/24 maxlen: 24
                          178.215.239.0/24 maxlen: 24
                          80.76.48.0/24 maxlen: 24
                          85.31.47.0/24 maxlen: 24
                          85.31.45.0/24 maxlen: 24
                          84.21.173.0/24 maxlen: 24
                          185.216.70.0/24 maxlen: 24
                          185.216.69.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          193.35.19.0/24 maxlen: 24
                          94.154.172.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c8:7f:11:65:b4:7b:35:8f:e2:85:98:b4:8d:4a:6f:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Nov 30 12:24:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d8dcc4e1a82a333728e6e608e072b2a536532d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:61:2b:7b:c3:cc:0c:fb:51:a2:14:7b:2e:63:
                    b3:52:16:8e:13:90:96:94:77:aa:ea:73:78:c3:fb:
                    e0:94:8d:5f:4d:b9:f9:99:3d:5d:63:48:dd:57:0f:
                    d2:7e:01:a4:9e:95:4a:29:71:3e:f2:59:f1:6c:24:
                    05:a5:02:51:ec:18:cd:5a:35:f9:bd:fb:1f:53:70:
                    07:35:18:f4:ca:f5:0e:ff:6b:78:18:30:8a:eb:f4:
                    e6:4b:ff:c1:c3:65:78:19:e3:a6:b4:54:98:e7:cb:
                    5c:ff:6e:45:c2:24:4e:a7:8c:af:08:ff:7d:66:ea:
                    dd:41:f7:b5:8b:0d:8a:e9:af:34:a9:aa:fd:90:ec:
                    09:27:f8:53:7e:dd:82:25:94:3e:d1:b4:95:50:ac:
                    65:a6:d8:91:16:17:a7:58:bf:c2:9d:4d:8d:02:47:
                    e4:a2:ee:05:98:99:12:6e:7f:ab:44:db:6d:a7:28:
                    5f:ea:74:58:ff:07:d0:1a:55:15:2b:78:4c:44:a6:
                    79:b6:f6:a0:dd:d4:88:47:d8:6a:02:e7:95:85:57:
                    42:1e:8a:c4:d5:9c:4d:fc:27:46:af:98:6a:3e:ef:
                    dc:81:6b:ff:67:64:4f:1a:b2:51:38:4d:ba:00:0b:
                    c5:cc:3b:7e:34:71:34:64:6f:63:4f:44:e9:65:e0:
                    c0:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:8D:CC:4E:1A:82:A3:33:72:8E:6E:60:8E:07:2B:2A:53:65:32:D0
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.76.48.0/24
                  84.21.173.0/24
                  85.31.45.0/24
                  85.31.47.0/24
                  87.120.87.0/24
                  94.154.172.0/24
                  178.215.225.0/24
                  178.215.227.0/24
                  178.215.239.0/24
                  185.216.69.0-185.216.70.255
                  193.35.19.0/24
                  194.55.224.0/23
                  194.55.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:94:0c:40:f0:dc:9a:46:f0:0c:c4:21:df:f1:7e:cb:01:d5:
         12:8d:e5:52:7b:15:da:58:eb:26:44:f1:fb:e7:4a:fc:4b:a3:
         b8:66:d8:90:66:3c:e3:1c:68:f3:93:10:83:ce:8c:69:e3:12:
         c3:0d:10:82:18:91:58:68:55:95:55:56:5e:43:dd:10:74:9a:
         68:b4:cc:07:73:96:45:ea:88:f3:99:61:02:e8:30:07:e2:94:
         59:7a:fc:33:43:8a:28:32:6e:e0:34:04:b6:cb:a2:31:b8:b9:
         e3:58:ed:10:76:e7:60:3b:35:96:ef:1a:03:7d:af:32:4a:53:
         7c:2f:7f:dc:a3:47:9c:45:a6:e4:fb:6a:05:ba:34:ba:9a:c9:
         18:b9:43:9d:05:09:ed:fa:07:80:90:4b:08:2c:af:27:19:8e:
         ff:56:b1:ad:a7:03:3b:e3:32:64:bb:db:82:80:c4:76:c0:ed:
         02:02:b2:69:7a:49:9a:21:da:b9:c6:2e:31:07:b6:83:ef:d1:
         2f:f9:86:38:97:f4:6b:f0:27:2a:13:b9:35:00:75:cb:26:5d:
         71:bf:b8:ef:93:20:49:28:8c:e2:3d:7a:4d:18:29:8d:cc:18:
         00:1c:80:2a:d6:a6:d9:73:6e:39:80:b4:f8:10:df:ad:17:7a:
         43:4c:44:3c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYTIfxFltHs1j+KFmLSNSm8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTMwMTIyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhkY2M0ZTFhODJhMzMzNzI4ZTZlNjA4ZTA3MmIyYTUzNjUzMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGEre8PMDPtRohR7LmOzUhaOE5CW
lHeq6nN4w/vglI1fTbn5mT1dY0jdVw/SfgGknpVKKXE+8lnxbCQFpQJR7BjNWjX5
vfsfU3AHNRj0yvUO/2t4GDCK6/TmS//Bw2V4GeOmtFSY58tc/25FwiROp4yvCP99
ZurdQfe1iw2K6a80qar9kOwJJ/hTft2CJZQ+0bSVUKxlptiRFhenWL/CnU2NAkfk
ou4FmJkSbn+rRNttpyhf6nRY/wfQGlUVK3hMRKZ5tvag3dSIR9hqAueVhVdCHorE
1ZxN/CdGr5hqPu/cgWv/Z2RPGrJROE26AAvFzDt+NHE0ZG9jT0TpZeDAAQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFA2NzE4agqMzco5uYI4HKypTZTLQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRFkzTVRocUNvek55am01Z2pnY3JLbE5sTXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAUEwwAwQA
VBWtAwQAVR8tAwQAVR8vAwQAV3hXAwQAXpqsAwQAstfhAwQAstfjAwQAstfvMAwD
BAC52EUDBAC52EYDBADBIxMDBAHCN+ADBADCN+MwDQYJKoZIhvcNAQELBQADggEB
AEaUDEDw3JpG8AzEId/xfssB1RKN5VJ7FdpY6yZE8fvnSvxLo7hm2JBmPOMcaPOT
EIPOjGnjEsMNEIIYkVhoVZVVVl5D3RB0mmi0zAdzlkXqiPOZYQLoMAfilFl6/DND
iigybuA0BLbLojG4ueNY7RB252A7NZbvGgN9rzJKU3wvf9yjR5xFpuT7agW6NLqa
yRi5Q50FCe36B4CQSwgsrycZjv9Wsa2nAzvjMmS724KAxHbA7QICsml6SZoh2rnG
LjEHtoPv0S/5hjiX9GvwJyoTuTUAdcsmXXG/uO+TIEkojOI9ek0YKY3MGAAcgCrW
ptlzbjmAtPgQ360XekNMRDw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org