Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/cqvohU7KKjubsU6dG7WLyAOBIhI.roa
File:                     cqvohU7KKjubsU6dG7WLyAOBIhI.roa (raw, json)
Hash identifier:          wacJSV0gSqKkXtavjAhCVyz4Q2HYwBAxUSdTrDxiiUc=
Subject key identifier:   72:AB:E8:85:4E:CA:2A:3B:9B:B1:4E:9D:1B:B5:8B:C8:03:81:22:12
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       0A4F4DDB
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/cqvohU7KKjubsU6dG7WLyAOBIhI.roa
Signing time:             Wed 08 Jun 2022 08:29:04 +0000
ROA not before:           Wed 08 Jun 2022 08:29:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.73.128.0/22 maxlen: 24
                          104.247.160.0/19 maxlen: 24
                          185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172969435 (0xa4f4ddb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jun  8 08:29:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72abe8854eca2a3b9bb14e9d1bb58bc803812212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d2:00:2c:a0:1f:85:04:41:ff:48:b7:2f:97:
                    8f:16:67:7c:c7:2d:01:18:a4:fd:e8:b8:86:62:1f:
                    ce:af:de:15:81:6f:f8:3f:1b:71:43:3e:9b:26:4c:
                    92:1d:48:20:1f:f3:83:0a:9f:10:2a:01:ff:aa:ce:
                    03:92:f1:8e:d2:c6:b1:68:3c:08:71:1d:5b:4a:59:
                    e4:d3:53:90:83:52:c4:b4:8f:6f:bf:7f:37:54:c6:
                    38:77:c3:89:ad:4a:f9:85:4a:18:b7:c8:6a:8e:64:
                    14:3d:49:dc:1d:0b:ec:89:5c:bf:02:76:cd:bb:83:
                    98:24:47:92:71:bc:c2:ff:5a:9a:73:1d:4e:a9:d5:
                    81:81:3d:fa:b3:e6:f7:71:1b:cc:a4:2f:e2:b3:26:
                    5e:b6:c8:71:5c:ee:9f:6f:e1:52:93:70:b0:e5:fe:
                    58:0e:2b:d7:fa:4e:62:75:74:67:77:4a:55:55:44:
                    f0:a4:f1:82:bf:a0:a7:35:68:32:6a:8b:c0:55:1a:
                    89:1c:9f:ee:36:72:4d:2f:4a:db:eb:d9:86:6f:a1:
                    95:3b:75:23:a3:32:e1:fe:80:fd:81:94:1f:c2:a7:
                    f2:ec:43:57:9c:d7:7e:7a:a4:4c:7e:c7:7b:3f:f2:
                    52:63:41:2e:10:01:ab:55:d6:cb:16:aa:52:4d:63:
                    ac:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AB:E8:85:4E:CA:2A:3B:9B:B1:4E:9D:1B:B5:8B:C8:03:81:22:12
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/cqvohU7KKjubsU6dG7WLyAOBIhI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.160.0/19
                  185.73.128.0/22
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:97:94:e2:47:d3:8d:83:91:d7:26:9b:49:38:48:a3:bc:f5:
         8d:49:23:2d:08:7a:12:2e:93:0d:46:89:56:85:41:ea:1a:d5:
         34:5b:be:b7:70:e2:22:eb:2f:32:0c:2f:12:fa:ae:b3:f9:bf:
         f2:a8:7c:ac:f4:85:15:58:78:80:5b:e0:9e:ab:45:11:a3:33:
         3a:a8:9b:88:a3:68:fd:20:97:25:46:04:87:32:8a:e3:97:ae:
         cf:40:87:8e:02:e4:4e:5d:16:33:f1:9a:be:cd:69:34:51:73:
         4a:88:91:da:30:78:ce:52:d7:e6:c6:c0:da:4a:27:aa:13:ab:
         05:96:8c:34:d3:21:4b:08:9f:9b:3b:17:b2:c6:42:03:6f:3b:
         fc:b2:9d:8a:65:b8:4c:bd:72:1e:0b:9b:a8:0c:f2:b4:95:3e:
         f0:33:0e:fc:05:45:90:65:be:94:b3:d2:48:e8:5f:58:f5:95:
         99:11:45:a1:57:cb:3a:95:6c:fa:8f:cd:c1:f7:1b:51:35:2e:
         05:d2:89:9b:b1:85:79:8c:36:54:9f:22:3d:4d:a0:c7:61:fd:
         48:38:32:35:51:af:79:d6:96:e0:79:9b:0b:1b:46:11:e3:dc:
         6e:ca:ce:cb:ca:0f:fa:39:ff:1e:ad:c6:3e:18:86:ac:bc:23:
         a9:cc:ae:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECk9N2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDYw
ODA4MjkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhYmU4ODU0ZWNh
MmEzYjliYjE0ZTlkMWJiNThiYzgwMzgxMjIxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDSACygH4UEQf9Ity+XjxZnfMctARik/ei4hmIfzq/eFYFv
+D8bcUM+myZMkh1IIB/zgwqfECoB/6rOA5LxjtLGsWg8CHEdW0pZ5NNTkINSxLSP
b79/N1TGOHfDia1K+YVKGLfIao5kFD1J3B0L7IlcvwJ2zbuDmCRHknG8wv9amnMd
TqnVgYE9+rPm93EbzKQv4rMmXrbIcVzun2/hUpNwsOX+WA4r1/pOYnV0Z3dKVVVE
8KTxgr+gpzVoMmqLwFUaiRyf7jZyTS9K2+vZhm+hlTt1I6My4f6A/YGUH8Kn8uxD
V5zXfnqkTH7Hez/yUmNBLhABq1XWyxaqUk1jrEsCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRyq+iFTsoqO5uxTp0btYvIA4EiEjAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
L2Nxdm9oVTdLS2p1YnNVNmRHN1dMeUFPQkloSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEBWj3oAMEArlJgAMEALmJ1zAPBAIA
AjAJAwcAKgOloAABMA0GCSqGSIb3DQEBCwUAA4IBAQCfl5TiR9ONg5HXJptJOEij
vPWNSSMtCHoSLpMNRolWhUHqGtU0W763cOIi6y8yDC8S+q6z+b/yqHys9IUVWHiA
W+Ceq0URozM6qJuIo2j9IJclRgSHMorjl67PQIeOAuROXRYz8Zq+zWk0UXNKiJHa
MHjOUtfmxsDaSieqE6sFlow00yFLCJ+bOxeyxkIDbzv8sp2KZbhMvXIeC5uoDPK0
lT7wMw78BUWQZb6Us9JI6F9Y9ZWZEUWhV8s6lWz6j83B9xtRNS4F0ombsYV5jDZU
nyI9TaDHYf1IODI1Ua951pbgeZsLG0YR49xuys7Lyg/6Of8ercY+GIasvCOpzK6T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org