Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/zwlGNaWJyfyYczj2bBzXyG8myRA.roa
File:                     zwlGNaWJyfyYczj2bBzXyG8myRA.roa (raw, json)
Hash identifier:          4w1SBQHpApJQiiJmzw1crm/zmFdS2Blj5MV0WQZBOuk=
Subject key identifier:   CF:09:46:35:A5:89:C9:FC:98:73:38:F6:6C:1C:D7:C8:6F:26:C9:10
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       0A6252EA
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/zwlGNaWJyfyYczj2bBzXyG8myRA.roa
Signing time:             Sun 19 Jun 2022 12:43:45 +0000
ROA not before:           Sun 19 Jun 2022 12:43:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.73.128.0/22 maxlen: 24
                          104.247.170.0/24 maxlen: 24
                          185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174215914 (0xa6252ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jun 19 12:43:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf094635a589c9fc987338f66c1cd7c86f26c910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7a:ef:89:bf:50:78:f8:d1:61:31:d7:c5:63:
                    99:b9:69:95:38:12:77:2e:79:9c:e2:cb:41:99:53:
                    34:b2:ed:f0:82:1f:ec:88:34:f1:bc:61:ac:6c:85:
                    55:c2:58:fd:bb:9d:66:42:d7:96:56:f6:69:b8:0a:
                    be:8e:73:d5:e0:d3:80:90:11:d3:97:7f:25:68:3d:
                    78:1d:c3:7d:5a:4d:10:b4:b3:b0:f4:88:f0:db:45:
                    1a:7f:ba:01:e5:0d:84:e5:89:57:47:13:75:06:17:
                    7c:8b:00:2b:7f:cc:ed:72:5c:fd:4c:22:f5:98:ac:
                    95:3c:5b:ce:cd:26:77:bd:d3:09:a0:80:28:c3:5c:
                    ce:06:f9:93:81:c8:0c:47:2d:2a:fb:00:03:94:e1:
                    30:66:87:e9:3f:c7:ef:ea:2b:3c:3b:12:aa:7e:93:
                    cb:9d:91:bf:54:53:fb:43:44:51:32:09:f9:2d:d0:
                    4c:a9:67:de:ed:38:70:30:4e:84:c0:cf:ee:25:91:
                    7c:29:52:b6:46:df:d6:9a:b9:90:9a:72:57:7a:13:
                    d3:f3:9f:ad:e6:06:7d:25:f5:2e:9f:b8:1f:7d:75:
                    23:47:11:fd:59:ae:c0:4c:4b:f3:0e:32:c6:37:cb:
                    3f:1c:4c:50:37:80:60:c1:84:61:11:17:12:68:77:
                    63:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:09:46:35:A5:89:C9:FC:98:73:38:F6:6C:1C:D7:C8:6F:26:C9:10
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/zwlGNaWJyfyYczj2bBzXyG8myRA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.170.0/24
                  185.73.128.0/22
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:82:3b:22:d4:3c:cf:95:56:a8:c3:00:33:00:65:a6:47:98:
         8b:12:00:f0:db:38:63:ee:10:d7:74:f2:49:b9:4c:52:31:19:
         ec:b0:97:1f:22:02:0c:03:e2:e1:f0:27:e2:e2:3c:6c:61:91:
         6a:78:f4:f1:09:70:92:cf:7e:97:55:b6:c3:05:d4:bd:88:78:
         28:71:19:45:c8:cf:ac:aa:03:5f:1e:f0:65:ac:59:27:32:9c:
         ae:83:d5:cd:b0:9e:1c:00:ce:72:5c:e9:4f:13:9c:ae:9f:0b:
         42:9c:8a:9d:21:57:b8:82:33:78:55:02:dd:d2:89:ce:61:4a:
         3d:50:c5:bd:b3:9a:fe:83:33:7d:ad:42:67:92:04:fa:da:e0:
         d9:3d:cf:f9:1c:e3:59:9b:f3:10:2d:2f:56:41:d6:94:a3:9a:
         fe:94:3e:ad:e1:70:05:c3:2d:77:2a:bd:33:d0:6d:30:de:86:
         46:71:88:57:00:8b:a5:b2:b6:c9:3e:cd:d4:ed:21:02:e2:be:
         b5:2a:df:bd:8c:e1:5c:4e:0c:e4:87:c9:72:e0:b4:75:f3:f5:
         1c:fa:86:3a:49:ee:ec:3b:30:df:78:c1:7a:35:21:09:a2:55:
         78:93:4f:6c:de:8c:40:33:d7:d1:17:ab:06:9d:c8:cc:29:be:
         e3:0d:de:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECmJS6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDYx
OTEyNDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YwOTQ2MzVhNTg5
YzlmYzk4NzMzOGY2NmMxY2Q3Yzg2ZjI2YzkxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJl674m/UHj40WEx18VjmblplTgSdy55nOLLQZlTNLLt8IIf
7Ig08bxhrGyFVcJY/budZkLXllb2abgKvo5z1eDTgJAR05d/JWg9eB3DfVpNELSz
sPSI8NtFGn+6AeUNhOWJV0cTdQYXfIsAK3/M7XJc/Uwi9ZislTxbzs0md73TCaCA
KMNczgb5k4HIDEctKvsAA5ThMGaH6T/H7+orPDsSqn6Ty52Rv1RT+0NEUTIJ+S3Q
TKln3u04cDBOhMDP7iWRfClStkbf1pq5kJpyV3oT0/OfreYGfSX1Lp+4H311I0cR
/VmuwExL8w4yxjfLPxxMUDeAYMGEYREXEmh3Yx0CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTPCUY1pYnJ/JhzOPZsHNfIbybJEDAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
L3p3bEdOYVdKeWZ5WWN6ajJiQnpYeUc4bXlSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAGj3qgMEArlJgAMEALmJ1zAPBAIA
AjAJAwcAKgOloAABMA0GCSqGSIb3DQEBCwUAA4IBAQB/gjsi1DzPlVaowwAzAGWm
R5iLEgDw2zhj7hDXdPJJuUxSMRnssJcfIgIMA+Lh8Cfi4jxsYZFqePTxCXCSz36X
VbbDBdS9iHgocRlFyM+sqgNfHvBlrFknMpyug9XNsJ4cAM5yXOlPE5yunwtCnIqd
IVe4gjN4VQLd0onOYUo9UMW9s5r+gzN9rUJnkgT62uDZPc/5HONZm/MQLS9WQdaU
o5r+lD6t4XAFwy13Kr0z0G0w3oZGcYhXAIulsrbJPs3U7SEC4r61Kt+9jOFcTgzk
h8ly4LR18/Uc+oY6Se7sOzDfeMF6NSEJolV4k09s3oxAM9fRF6sGncjMKb7jDd7e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org