Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/1-ImAjqyvs3MRaxdGk2nkKro0BEA.roa
File:                     1-ImAjqyvs3MRaxdGk2nkKro0BEA.roa (raw, json)
Hash identifier:          qxJ5zuAla/2hCP73dAbky0OYYWk4TJ7uwxs7IjLUeho=
Subject key identifier:   F8:89:80:8E:AC:AF:B3:73:11:6B:17:46:93:69:E4:2A:BA:34:04:40
Certificate issuer:       /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial:       0A4DF03F
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/1-ImAjqyvs3MRaxdGk2nkKro0BEA.roa
Signing time:             Sat 01 Jan 2022 13:00:56 +0000
ROA not before:           Sat 01 Jan 2022 13:00:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41114
IP address blocks:        185.98.64.0/22 maxlen: 22
                          62.192.140.0/22 maxlen: 22
                          2a0a:7980::/32 maxlen: 32
                          2a00:7aa0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172879935 (0xa4df03f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
        Validity
            Not Before: Jan  1 13:00:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f889808eacafb373116b17469369e42aba340440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8e:e0:fc:e0:38:41:a4:fa:e9:87:f3:47:9e:
                    e3:46:9d:18:b1:e5:17:c0:ed:d8:9b:05:10:1e:a1:
                    19:f0:52:3b:65:11:55:92:f6:54:2e:25:20:00:a5:
                    66:29:3f:41:2a:f3:0b:32:10:a4:28:2d:77:a6:bf:
                    e5:c7:67:c9:f4:8c:bc:e8:9d:62:29:f6:c8:bd:bd:
                    64:d7:99:ea:ab:0d:b5:55:af:ca:84:9b:e8:8d:e0:
                    d5:2e:cd:74:33:7d:db:31:a2:6e:39:4b:3a:93:da:
                    02:5a:fa:16:00:25:26:c2:f1:ac:58:46:55:86:80:
                    64:bf:63:dc:bc:fc:df:6c:06:f9:67:b4:52:4a:78:
                    6f:a6:7d:6a:02:77:e4:5b:60:88:5a:81:73:4e:c8:
                    43:34:c5:ea:81:82:fe:e0:6e:8a:dc:a4:1d:02:3e:
                    d3:62:4a:dc:52:bc:01:6f:fc:26:26:65:26:15:59:
                    43:2e:2f:64:8b:fe:3b:41:1c:3f:d8:e2:2b:ed:57:
                    4d:72:0b:63:93:03:05:a9:08:4b:0c:28:b2:d7:04:
                    c0:b3:cc:29:75:73:2c:b6:37:01:4f:a4:57:01:f2:
                    d2:8e:a6:82:c1:33:56:f8:67:f8:6e:d5:91:91:c9:
                    b0:23:cb:ba:a9:36:ff:75:69:d4:dd:1a:1a:52:d8:
                    51:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:89:80:8E:AC:AF:B3:73:11:6B:17:46:93:69:E4:2A:BA:34:04:40
            X509v3 Authority Key Identifier:
                keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/1-ImAjqyvs3MRaxdGk2nkKro0BEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.192.140.0/22
                  185.98.64.0/22
                IPv6:
                  2a00:7aa0::/32
                  2a0a:7980::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:b3:df:ae:64:8b:ef:c0:28:a9:c1:29:06:1c:9a:d2:d5:aa:
         a6:7a:5e:d4:96:29:a4:05:4d:c7:bf:5a:f6:93:9b:44:9c:d9:
         80:3b:f3:42:87:29:af:41:ad:08:5a:6c:7e:59:27:d5:c0:db:
         05:0c:bf:af:c4:0b:ba:4e:4d:83:c1:f3:34:ac:5f:2c:f6:86:
         a5:c7:30:b7:29:5b:bb:2e:c7:e8:f7:a4:17:6e:28:54:5e:84:
         43:87:c6:c0:af:4d:b4:45:1b:14:f8:55:f7:5f:05:de:9e:93:
         c6:fc:71:97:f2:ab:09:d9:ff:1e:3e:07:cb:ad:52:f5:91:e8:
         1c:b7:4f:0e:0d:84:53:56:52:a6:82:e4:b9:31:36:2e:64:be:
         22:3f:05:25:5d:ac:c6:a3:fe:75:df:84:b3:f6:5b:72:de:5c:
         e1:71:fd:7b:ed:e3:11:99:71:03:50:e5:01:b9:be:12:c2:d8:
         c4:8b:ad:fb:bd:ac:29:eb:d2:e9:a4:48:d9:ef:c5:28:8a:d1:
         13:c3:82:83:a7:3c:89:33:51:76:6b:b4:39:09:e9:61:c8:eb:
         81:2b:5c:ac:91:74:1c:b7:a9:6a:61:2e:b0:c4:d6:d5:26:f9:
         aa:22:37:77:67:32:5a:bb:cf:cd:f0:1f:87:c2:1b:d3:54:0a:
         ba:db:4b:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECk3wPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Y2RjZjI2Zjc0ODYwNTg4Y2FjNmJhZTE3Zjk5ZGUyMmRiYzQ5YWU2MB4XDTIyMDEw
MTEzMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg4OTgwOGVhY2Fm
YjM3MzExNmIxNzQ2OTM2OWU0MmFiYTM0MDQ0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiO4PzgOEGk+umH80ee40adGLHlF8Dt2JsFEB6hGfBSO2UR
VZL2VC4lIAClZik/QSrzCzIQpCgtd6a/5cdnyfSMvOidYin2yL29ZNeZ6qsNtVWv
yoSb6I3g1S7NdDN92zGibjlLOpPaAlr6FgAlJsLxrFhGVYaAZL9j3Lz832wG+We0
Ukp4b6Z9agJ35FtgiFqBc07IQzTF6oGC/uBuitykHQI+02JK3FK8AW/8JiZlJhVZ
Qy4vZIv+O0EcP9jiK+1XTXILY5MDBakISwwostcEwLPMKXVzLLY3AU+kVwHy0o6m
gsEzVvhn+G7VkZHJsCPLuqk2/3Vp1N0aGlLYUQECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBT4iYCOrK+zcxFrF0aTaeQqujQEQDAfBgNVHSMEGDAWgBSM3PJvdIYFiMrG
uuF/md4i28Sa5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pOenliM1NHQllqS3hycmhmNW5lSXR2RW11WS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZDViMWE3LTQ2NmQtNDcxYy1hNzBjLTJmYjI1YWJmZGM1My8x
LzEtSW1BanF5dnMzTVJheGRHazJua0tybzBCRUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3
L2Q1YjFhNy00NjZkLTQ3MWMtYTcwYy0yZmIyNWFiZmRjNTMvMS9qTnp5YjNTR0JZ
akt4cnJoZjVuZUl0dkVtdVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OwYIKwYBBQUHAQcBAf8ELDAqMBIEAgABMAwDBAI+wIwDBAK5YkAwFAQCAAIwDgMF
ACoAeqADBQAqCnmAMA0GCSqGSIb3DQEBCwUAA4IBAQBTs9+uZIvvwCipwSkGHJrS
1aqmel7UlimkBU3Hv1r2k5tEnNmAO/NChymvQa0IWmx+WSfVwNsFDL+vxAu6Tk2D
wfM0rF8s9oalxzC3KVu7Lsfo96QXbihUXoRDh8bAr020RRsU+FX3XwXenpPG/HGX
8qsJ2f8ePgfLrVL1kegct08ODYRTVlKmguS5MTYuZL4iPwUlXazGo/5134Sz9lty
3lzhcf177eMRmXEDUOUBub4SwtjEi637vawp69LppEjZ78UoitETw4KDpzyJM1F2
a7Q5CelhyOuBK1yskXQct6lqYS6wxNbVJvmqIjd3ZzJau8/N8B+HwhvTVAq620uM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:52 2024 by rpki-client on console-fra.rpki-client.org