Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa
File:                     qF7pR7gKbvt6AN67-IWEysQc8uA.roa (raw, json)
Hash identifier:          6cPdwJl3GkYMwRY1/cvzcf27NlfPxUhL1RSfsNCNiro=
Subject key identifier:   A8:5E:E9:47:B8:0A:6E:FB:7A:00:DE:BB:F8:85:84:CA:C4:1C:F2:E0
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       034BCC5C
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa
Signing time:             Tue 21 Jun 2022 12:52:47 +0000
ROA not before:           Tue 21 Jun 2022 12:52:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        88.218.101.0/24 maxlen: 24
                          88.218.102.0/23 maxlen: 23
                          88.218.100.0/24 maxlen: 24
                          195.206.108.0/24 maxlen: 24
                          195.206.109.0/24 maxlen: 24
                          193.31.74.0/24 maxlen: 24
                          193.31.75.0/24 maxlen: 24
                          85.209.216.0/24 maxlen: 24
                          85.209.218.0/23 maxlen: 23
                          139.28.138.0/23 maxlen: 23
                          139.28.137.0/24 maxlen: 24
                          45.84.44.0/24 maxlen: 24
                          194.5.0.0/22 maxlen: 22
                          45.84.45.0/24 maxlen: 24
                          45.84.47.0/24 maxlen: 24
                          141.98.242.0/23 maxlen: 23
                          194.124.52.0/22 maxlen: 22
                          85.8.190.0/23 maxlen: 23
                          85.8.188.0/24 maxlen: 24
                          85.8.189.0/24 maxlen: 24
                          45.11.236.0/22 maxlen: 22
                          92.119.180.0/24 maxlen: 24
                          45.157.74.0/23 maxlen: 23
                          45.14.72.0/24 maxlen: 24
                          5.182.100.0/24 maxlen: 24
                          5.182.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55299164 (0x34bcc5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 21 12:52:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a85ee947b80a6efb7a00debbf88584cac41cf2e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:d4:7a:e4:ac:bb:ea:d3:24:33:ae:eb:25:83:
                    68:d7:e9:15:bb:77:1f:e4:5b:b2:55:44:82:82:6d:
                    de:60:1b:89:8b:a0:be:8d:76:3f:ad:61:ae:31:eb:
                    d0:ef:dd:ae:15:cd:6c:29:74:44:11:29:4d:fe:b3:
                    fa:43:3d:39:7b:0e:07:34:23:82:b0:ff:2d:fa:0d:
                    90:ec:10:9f:e4:c7:4b:11:75:e4:d8:6b:61:2e:04:
                    12:a2:3a:66:c8:2c:a1:d0:70:36:40:4c:89:7a:95:
                    59:49:f1:18:44:68:61:d8:5d:96:b0:25:bb:7c:69:
                    95:fe:17:47:53:56:b0:10:c3:d2:f4:25:04:1f:2b:
                    c3:94:fc:8f:71:cc:1d:99:63:31:12:93:2b:f6:97:
                    1b:c4:88:6d:67:c1:98:51:b6:00:3b:6a:1e:56:56:
                    fd:0b:a1:35:91:b3:ca:a8:5e:3a:b1:42:83:3f:7c:
                    a6:12:13:c0:f0:a8:5e:ea:98:e6:a3:c9:01:6a:65:
                    6a:6e:c9:f1:24:fb:fc:98:93:c7:dd:a3:07:75:1e:
                    5d:76:34:87:23:81:14:2f:da:e3:7a:ce:54:d5:63:
                    a1:fb:48:f7:a1:62:2d:7a:87:d1:58:a9:e3:34:a5:
                    48:10:c0:30:c4:bd:3e:6f:38:86:04:69:a0:e1:62:
                    f9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:5E:E9:47:B8:0A:6E:FB:7A:00:DE:BB:F8:85:84:CA:C4:1C:F2:E0
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.100.0/24
                  5.182.103.0/24
                  45.11.236.0/22
                  45.14.72.0/24
                  45.84.44.0/23
                  45.84.47.0/24
                  45.157.74.0/23
                  85.8.188.0/22
                  85.209.216.0/24
                  85.209.218.0/23
                  88.218.100.0/22
                  92.119.180.0/24
                  139.28.137.0-139.28.139.255
                  141.98.242.0/23
                  193.31.74.0/23
                  194.5.0.0/22
                  194.124.52.0/22
                  195.206.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:2b:eb:f5:5a:06:e9:1d:59:06:a9:75:c5:cc:18:35:fc:ee:
         2d:f2:e6:81:1a:34:82:4e:a0:37:dd:91:a2:b0:19:d6:67:f7:
         bb:f9:74:19:93:71:5a:60:a0:fd:16:70:f2:4e:54:d6:df:58:
         34:5b:99:79:90:a7:d5:45:ab:f0:bc:c3:c8:68:ba:88:f7:e1:
         a0:5d:16:06:39:48:65:38:c1:5b:5c:4f:43:c6:2b:4a:9a:28:
         23:b8:46:61:ca:d4:70:19:84:14:2a:52:af:30:bb:03:1d:2b:
         b4:02:e6:57:23:22:1b:29:68:72:ed:8e:7b:4e:45:76:eb:a9:
         4d:06:f0:8e:e0:e6:4b:99:93:90:45:46:d2:06:66:88:9e:cd:
         bf:c6:9d:6e:f7:f9:77:85:4c:bb:72:08:b0:4f:97:42:44:62:
         d7:e9:24:0e:d7:eb:99:93:1e:57:0e:64:18:19:c5:8f:f0:a5:
         60:d8:be:1b:03:ec:de:39:db:bc:45:5d:15:25:f4:b8:2b:89:
         c5:7a:a4:dd:0f:22:e6:78:33:cb:24:e5:c7:fa:4a:7c:df:e8:
         a6:29:ce:05:9d:f8:2a:74:75:ad:c0:c5:c7:4d:e0:19:e5:8b:
         16:a9:6c:f7:66:8d:f4:95:d3:c0:06:cd:f7:98:ca:6f:0e:48:
         35:6a:6e:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEA0vMXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDYy
MTEyNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg1ZWU5NDdiODBh
NmVmYjdhMDBkZWJiZjg4NTg0Y2FjNDFjZjJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjUeuSsu+rTJDOu6yWDaNfpFbt3H+RbslVEgoJt3mAbiYug
vo12P61hrjHr0O/drhXNbCl0RBEpTf6z+kM9OXsOBzQjgrD/LfoNkOwQn+THSxF1
5NhrYS4EEqI6ZsgsodBwNkBMiXqVWUnxGERoYdhdlrAlu3xplf4XR1NWsBDD0vQl
BB8rw5T8j3HMHZljMRKTK/aXG8SIbWfBmFG2ADtqHlZW/QuhNZGzyqheOrFCgz98
phITwPCoXuqY5qPJAWplam7J8ST7/JiTx92jB3UeXXY0hyOBFC/a43rOVNVjoftI
96FiLXqH0Vip4zSlSBDAMMS9Pm84hgRpoOFi+asCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBSoXulHuApu+3oA3rv4hYTKxBzy4DAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L3FGN3BSN2dLYnZ0NkFONjctSVdFeXNRYzh1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAAFtmQDBAAFtmcDBAItC+wDBAAt
DkgDBAEtVCwDBAAtVC8DBAEtnUoDBAJVCLwDBABV0dgDBAFV0doDBAJY2mQDBABc
d7QwDAMEAIsciQMEAosciAMEAY1i8gMEAcEfSgMEAsIFAAMEAsJ8NAMEAcPObDAN
BgkqhkiG9w0BAQsFAAOCAQEAPivr9VoG6R1ZBql1xcwYNfzuLfLmgRo0gk6gN92R
orAZ1mf3u/l0GZNxWmCg/RZw8k5U1t9YNFuZeZCn1UWr8LzDyGi6iPfhoF0WBjlI
ZTjBW1xPQ8YrSpooI7hGYcrUcBmEFCpSrzC7Ax0rtALmVyMiGylocu2Oe05Fduup
TQbwjuDmS5mTkEVG0gZmiJ7Nv8adbvf5d4VMu3IIsE+XQkRi1+kkDtfrmZMeVw5k
GBnFj/ClYNi+GwPs3jnbvEVdFSX0uCuJxXqk3Q8i5ngzyyTlx/pKfN/opinOBZ34
KnR1rcDFx03gGeWLFqls92aN9JXTwAbN95jKbw5INWputw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org