Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa
File:                     So8xABZEV5EFrHihB8jwvoidxC8.roa (raw, json)
Hash identifier:          lpCzKPDYczb++fKtSuzxb1Y81Rv7gnDuLgOvGKW+mbM=
Subject key identifier:   4A:8F:31:00:16:44:57:91:05:AC:78:A1:07:C8:F0:BE:88:9D:C4:2F
Certificate issuer:       /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial:       11C41718
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa
Signing time:             Wed 18 May 2022 15:07:17 +0000
ROA not before:           Wed 18 May 2022 15:07:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31214
IP address blocks:        5.11.64.0/20 maxlen: 20
                          178.210.0.0/19 maxlen: 19
                          109.111.128.0/19 maxlen: 19
                          194.50.12.0/22 maxlen: 22
                          185.234.120.0/22 maxlen: 22
                          91.109.128.0/19 maxlen: 19
                          185.251.216.0/22 maxlen: 22
                          37.60.208.0/20 maxlen: 20
                          213.149.0.0/19 maxlen: 19
                          185.238.76.0/22 maxlen: 22
                          31.192.128.0/19 maxlen: 19
                          185.16.136.0/22 maxlen: 22
                          83.219.128.0/19 maxlen: 19
                          2a03:5800::/32 maxlen: 32
                          2a06:50c0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298063640 (0x11c41718)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
        Validity
            Not Before: May 18 15:07:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a8f31001644579105ac78a107c8f0be889dc42f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:8c:1c:f5:37:5b:35:22:f6:2c:94:f6:cb:57:
                    62:db:af:10:9e:45:11:ab:b7:bc:f5:9b:0c:12:90:
                    b4:96:ce:f8:6a:ae:43:54:41:8b:fa:7d:f7:57:59:
                    cd:ec:1e:e1:ee:ab:cf:cb:e0:ce:30:3c:58:6f:da:
                    32:b4:82:e4:d2:50:77:3b:79:b8:b7:26:31:94:d0:
                    4d:46:af:b4:fd:91:b5:e7:dc:67:e8:a2:7d:39:36:
                    28:e3:89:0e:6e:58:1f:6d:c4:96:b9:7f:14:1f:ec:
                    c9:5e:5d:4c:f3:27:a4:db:44:5c:52:15:de:87:64:
                    21:87:18:a2:88:58:16:89:03:a5:71:67:4b:c3:b1:
                    41:4a:34:d4:4f:bb:3f:32:f7:fa:49:40:e4:a0:8c:
                    31:d1:bf:c9:df:51:aa:5e:b4:a4:89:4f:06:ff:df:
                    3e:3f:ea:29:9c:e8:99:32:04:39:0a:d9:3f:58:1e:
                    ef:10:5f:1f:90:30:7a:95:19:d5:47:82:a1:b8:35:
                    5f:cf:6e:d2:46:11:e2:e4:7a:b4:90:48:74:87:5f:
                    23:83:9e:55:8e:25:c2:12:b9:24:5b:e6:89:b4:e7:
                    3f:9d:05:1c:1f:74:de:c5:6a:1e:74:d5:d0:42:98:
                    5b:50:e5:fa:39:fc:a7:67:1e:da:58:7c:6c:38:d4:
                    74:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:8F:31:00:16:44:57:91:05:AC:78:A1:07:C8:F0:BE:88:9D:C4:2F
            X509v3 Authority Key Identifier:
                keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/So8xABZEV5EFrHihB8jwvoidxC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.11.64.0/20
                  31.192.128.0/19
                  37.60.208.0/20
                  83.219.128.0/19
                  91.109.128.0/19
                  109.111.128.0/19
                  178.210.0.0/19
                  185.16.136.0/22
                  185.234.120.0/22
                  185.238.76.0/22
                  185.251.216.0/22
                  194.50.12.0/22
                  213.149.0.0/19
                IPv6:
                  2a03:5800::/32
                  2a06:50c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:e4:e0:59:bc:1a:0c:36:96:6b:af:08:99:ba:a1:a1:82:b7:
         93:1c:df:b3:60:a2:90:47:b4:b7:27:bb:3c:c1:d1:0f:90:94:
         22:9c:5f:6e:a0:d8:de:f3:08:be:30:df:e4:15:b8:0a:f4:1c:
         6a:46:81:8a:02:94:68:51:ac:56:25:90:22:d7:41:5a:d1:2e:
         24:0b:8c:7b:d8:76:9c:05:1a:a1:dd:cb:64:3c:c9:c2:c2:09:
         cd:21:b5:85:89:da:40:75:8c:b8:2f:ad:1e:2d:38:19:a5:8a:
         7a:45:7d:c0:6b:04:22:7f:b9:ea:08:0a:fe:21:d0:87:45:2b:
         90:42:6a:0d:f3:24:3a:fd:83:b6:34:bc:24:b9:91:4c:27:ef:
         7b:0d:95:62:b0:cd:4e:a9:9e:9c:31:a3:4c:3a:73:76:8d:63:
         2a:fb:a9:ab:6c:ae:a7:43:a2:ce:62:b7:70:6a:6e:c7:79:61:
         74:e4:50:ad:65:4f:22:82:92:e3:3b:05:d4:bf:f9:18:85:40:
         32:46:90:1e:c3:f6:15:de:0a:f4:30:ea:3a:71:90:be:20:2d:
         f8:b0:1a:71:ff:8b:f3:0d:0d:b4:b7:a4:3d:6b:e7:ce:35:6f:
         50:01:14:3e:33:99:93:65:b3:10:1a:d2:9c:d6:47:59:6f:91:
         82:28:bf:33
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEEcQXGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2ZlODBhZWExMDBlOThjMGRhNWQxZmZlZjk4YjM3MWQxMWVkZGEyMB4XDTIyMDUx
ODE1MDcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE4ZjMxMDAxNjQ0
NTc5MTA1YWM3OGExMDdjOGYwYmU4ODlkYzQyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWMHPU3WzUi9iyU9stXYtuvEJ5FEau3vPWbDBKQtJbO+Gqu
Q1RBi/p991dZzewe4e6rz8vgzjA8WG/aMrSC5NJQdzt5uLcmMZTQTUavtP2Rtefc
Z+iifTk2KOOJDm5YH23Elrl/FB/syV5dTPMnpNtEXFIV3odkIYcYoohYFokDpXFn
S8OxQUo01E+7PzL3+klA5KCMMdG/yd9Rql60pIlPBv/fPj/qKZzomTIEOQrZP1ge
7xBfH5AwepUZ1UeCobg1X89u0kYR4uR6tJBIdIdfI4OeVY4lwhK5JFvmibTnP50F
HB903sVqHnTV0EKYW1Dl+jn8p2ce2lh8bDjUdLcCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBRKjzEAFkRXkQWseKEHyPC+iJ3ELzAfBgNVHSMEGDAWgBQz/oCuoQDpjA2l
0f/vmLNx0R7dojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fNkFycUVBNll3TnBkSF83NWl6Y2RFZTNhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8x
L1NvOHhBQlpFVjVFRnJIaWhCOGp3dm9pZHhDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8xL01fNkFycUVBNll3
TnBkSF83NWl6Y2RFZTNhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwVAQCAAEwTgMEBAULQAMEBR/AgAMEBCU80AMEBVPb
gAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArnqeAMEArnuTAMEArn72AMEAsIy
DAMEBdWVADAUBAIAAjAOAwUAKgNYAAMFACoGUMAwDQYJKoZIhvcNAQELBQADggEB
AIfk4Fm8Ggw2lmuvCJm6oaGCt5Mc37NgopBHtLcnuzzB0Q+QlCKcX26g2N7zCL4w
3+QVuAr0HGpGgYoClGhRrFYlkCLXQVrRLiQLjHvYdpwFGqHdy2Q8ycLCCc0htYWJ
2kB1jLgvrR4tOBmlinpFfcBrBCJ/ueoICv4h0IdFK5BCag3zJDr9g7Y0vCS5kUwn
73sNlWKwzU6pnpwxo0w6c3aNYyr7qatsrqdDos5it3Bqbsd5YXTkUK1lTyKCkuM7
BdS/+RiFQDJGkB7D9hXeCvQw6jpxkL4gLfiwGnH/i/MNDbS3pD1r5841b1ABFD4z
mZNlsxAa0pzWR1lvkYIovzM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org