Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/R6Ycv6zRcDJmTOqvp5_NMwdjCRo.roa
File:                     R6Ycv6zRcDJmTOqvp5_NMwdjCRo.roa (raw, json)
Hash identifier:          F0I6ZUP5zS/b3UXpDQSTaFg5VRyzMRMYkyO8ceyFTuM=
Subject key identifier:   47:A6:1C:BF:AC:D1:70:32:66:4C:EA:AF:A7:9F:CD:33:07:63:09:1A
Certificate issuer:       /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial:       01831194E8D869D76746037B8F0819BAA0C7
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/R6Ycv6zRcDJmTOqvp5_NMwdjCRo.roa
Signing time:             Tue 06 Sep 2022 06:55:15 +0000
ROA not before:           Tue 06 Sep 2022 06:55:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200590
IP address blocks:        188.94.152.0/23 maxlen: 24
                          185.182.216.0/23 maxlen: 24
                          77.240.44.0/22 maxlen: 24
                          87.255.200.0/23 maxlen: 24
                          89.223.2.0/24 maxlen: 24
                          194.76.124.0/22 maxlen: 24
                          89.223.0.0/24 maxlen: 24
                          79.143.20.0/22 maxlen: 24
                          5.188.152.0/22 maxlen: 24
                          178.238.78.0/23 maxlen: 24
                          84.252.156.0/22 maxlen: 24
                          5.188.64.0/22 maxlen: 24
                          94.126.201.0/24 maxlen: 24
                          185.97.112.0/22 maxlen: 24
                          87.255.196.0/22 maxlen: 24
                          87.255.194.0/23 maxlen: 24
                          93.190.240.0/22 maxlen: 24
                          2a06:580::/29 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:11:94:e8:d8:69:d7:67:46:03:7b:8f:08:19:ba:a0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
        Validity
            Not Before: Sep  6 06:55:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47a61cbfacd17032664ceaafa79fcd330763091a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:98:a9:fd:22:f7:9d:b1:e7:ff:14:a0:3a:10:
                    52:e5:84:65:a3:10:7d:55:8d:67:66:5e:d2:ab:fa:
                    f5:91:71:f4:eb:45:1f:bb:94:f8:fd:92:63:6d:b8:
                    16:02:89:15:81:4d:dc:e7:9c:2a:16:66:73:a4:83:
                    4f:c5:f8:32:ad:57:2c:ba:35:34:c7:fa:31:0f:d6:
                    84:f1:17:09:78:41:df:5d:57:6f:01:d9:51:c7:b7:
                    56:74:9c:b4:8f:7a:72:b8:3c:44:26:cc:58:40:38:
                    66:a2:8e:c2:4e:f7:ed:80:a8:65:fa:f3:f1:79:88:
                    71:27:ff:c1:2f:61:fa:06:fc:fb:68:39:5b:75:3f:
                    81:d1:ab:97:98:7d:90:3c:91:47:43:29:68:76:d6:
                    96:61:94:64:27:68:29:be:2e:87:3f:a7:ec:b2:3f:
                    be:44:fe:5a:0f:f7:1e:4d:78:77:fa:97:c7:08:b5:
                    6c:08:57:2e:78:fe:67:eb:a8:04:60:e8:e1:58:2c:
                    9f:ca:07:97:30:75:27:df:d5:00:f1:0f:d7:01:4c:
                    5c:16:42:a3:0c:92:ad:5c:ee:6e:23:9b:a0:56:52:
                    78:5c:2d:3e:25:66:7e:58:55:e3:99:7b:7e:40:09:
                    ae:50:22:c5:c1:54:49:84:9c:ec:3a:7e:e8:9d:da:
                    f6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A6:1C:BF:AC:D1:70:32:66:4C:EA:AF:A7:9F:CD:33:07:63:09:1A
            X509v3 Authority Key Identifier:
                keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/R6Ycv6zRcDJmTOqvp5_NMwdjCRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.64.0/22
                  5.188.152.0/22
                  77.240.44.0/22
                  79.143.20.0/22
                  84.252.156.0/22
                  87.255.194.0-87.255.201.255
                  89.223.0.0/24
                  89.223.2.0/24
                  93.190.240.0/22
                  94.126.201.0/24
                  178.238.78.0/23
                  185.97.112.0/22
                  185.182.216.0/23
                  188.94.152.0/23
                  194.76.124.0/22
                IPv6:
                  2a06:580::/29

    Signature Algorithm: sha256WithRSAEncryption
         2e:c5:e5:8e:45:eb:2d:3a:8e:cb:01:34:76:92:50:da:70:e7:
         f5:59:ce:ba:97:c8:e4:c2:9f:97:22:75:b9:e1:8e:da:9e:2b:
         63:0e:26:f3:a3:3e:49:c9:cc:4f:29:1d:1b:c9:9c:6e:02:96:
         8d:10:64:8f:d2:b2:23:55:d3:96:7d:86:34:66:3b:13:ad:19:
         af:da:b8:e9:c2:8c:84:41:e6:69:c8:eb:3c:67:cf:f3:65:79:
         ce:20:40:2a:39:33:89:cf:dc:b8:95:96:0b:af:44:70:49:a9:
         d4:ba:a6:ca:30:ee:63:18:c1:af:72:5e:b4:a6:ce:fb:a3:a6:
         d8:3c:cd:c6:c4:f9:5e:f1:0c:15:c9:34:76:cd:76:de:fb:c0:
         d6:16:4d:d1:c7:bd:0c:fb:57:89:a1:cd:0d:73:29:43:74:d8:
         42:18:9f:40:88:7b:38:e2:6e:e4:48:48:12:f9:e1:7e:c7:80:
         28:3f:64:6d:72:0f:44:ca:61:50:fc:56:83:d1:da:36:8c:ed:
         ae:36:ca:66:97:06:e8:04:14:ee:79:08:b3:d0:6d:d4:9b:22:
         46:54:fc:6a:e3:07:14:48:8b:31:46:08:fd:55:d7:2e:30:20:
         7e:a0:36:e3:ea:c6:33:76:fa:37:f8:38:b1:a6:2f:73:20:b0:
         81:0e:73:c0
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYMRlOjYaddnRgN7jwgZuqDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOWZmZjhlOGZmZDhmOGU3ZDlhN2I2NmQxY2M3M2RjMzky
ODFlZjYwHhcNMjIwOTA2MDY1NTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2E2MWNiZmFjZDE3MDMyNjY0Y2VhYWZhNzlmY2QzMzA3NjMwOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJip/SL3nbHn/xSgOhBS5YRloxB9
VY1nZl7Sq/r1kXH060Ufu5T4/ZJjbbgWAokVgU3c55wqFmZzpINPxfgyrVcsujU0
x/oxD9aE8RcJeEHfXVdvAdlRx7dWdJy0j3pyuDxEJsxYQDhmoo7CTvftgKhl+vPx
eYhxJ//BL2H6Bvz7aDlbdT+B0auXmH2QPJFHQylodtaWYZRkJ2gpvi6HP6fssj++
RP5aD/ceTXh3+pfHCLVsCFcueP5n66gEYOjhWCyfygeXMHUn39UA8Q/XAUxcFkKj
DJKtXO5uI5ugVlJ4XC0+JWZ+WFXjmXt+QAmuUCLFwVRJhJzsOn7ondr20QIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFEemHL+s0XAyZkzqr6efzTMHYwkaMB8GA1UdIwQY
MBaAFLCf/46P/Y+OfZp7ZtHMc9w5KB72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTIt
ZTVhNzdmN2E3YWEyLzEvUjZZY3Y2elJjREptVE9xdnA1X05Nd2RqQ1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTItZTVhNzdmN2E3YWEy
LzEvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAgW8QAME
AgW8mAMEAk3wLAMEAk+PFAMEAlT8nDAMAwQBV//CAwQBV//IAwQAWd8AAwQAWd8C
AwQCXb7wAwQAXn7JAwQBsu5OAwQCuWFwAwQBubbYAwQBvF6YAwQCwkx8MA0EAgAC
MAcDBQMqBgWAMA0GCSqGSIb3DQEBCwUAA4IBAQAuxeWORestOo7LATR2klDacOf1
Wc66l8jkwp+XInW54Y7anitjDibzoz5JycxPKR0byZxuApaNEGSP0rIjVdOWfYY0
ZjsTrRmv2rjpwoyEQeZpyOs8Z8/zZXnOIEAqOTOJz9y4lZYLr0RwSanUuqbKMO5j
GMGvcl60ps77o6bYPM3GxPle8QwVyTR2zXbe+8DWFk3Rx70M+1eJoc0NcylDdNhC
GJ9AiHs44m7kSEgS+eF+x4AoP2Rtcg9EymFQ/FaD0do2jO2uNspmlwboBBTueQiz
0G3UmyJGVPxq4wcUSIsxRgj9VdcuMCB+oDbj6sYzdvo3+Dixpi9zILCBDnPA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:58 2024 by rpki-client on console-fra.rpki-client.org