Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/j2MUGxmSvUMWytuCaobICbBkBJo.roa
File:                     j2MUGxmSvUMWytuCaobICbBkBJo.roa (raw, json)
Hash identifier:          y4qm/jfYlwt//xUwDgI6Hi8seO0SlbuOLEmGnAWnEHU=
Subject key identifier:   8F:63:14:1B:19:92:BD:43:16:CA:DB:82:6A:86:C8:09:B0:64:04:9A
Certificate issuer:       /CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Certificate serial:       01851A0BBFFA456E13C1AEB8E984F0654746
Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/j2MUGxmSvUMWytuCaobICbBkBJo.roa
Signing time:             Fri 16 Dec 2022 08:27:35 +0000
ROA not before:           Fri 16 Dec 2022 08:27:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60304
IP address blocks:        185.33.35.0/24 maxlen: 24
                          185.33.34.0/24 maxlen: 24
                          185.33.33.0/24 maxlen: 24
                          185.33.32.0/24 maxlen: 24
                          2a04:5901:7::/48 maxlen: 48
                          2a04:5901:27::/48 maxlen: 48
                          2a04:5901:c::/48 maxlen: 48
                          2a04:5901:1d::/48 maxlen: 48
                          2a04:5901:2::/48 maxlen: 48
                          2a04:5901:22::/48 maxlen: 48
                          2a04:5901:13::/48 maxlen: 48
                          2a04:5901:18::/48 maxlen: 48
                          2a04:5901:9::/48 maxlen: 48
                          2a04:5901:e::/48 maxlen: 48
                          2a04:5900::/32 maxlen: 32
                          2a04:5901:1f::/48 maxlen: 48
                          2a04:5901:4::/48 maxlen: 48
                          2a04:5901:24::/48 maxlen: 48
                          2a04:5901:15::/48 maxlen: 48
                          2a04:5901:1a::/48 maxlen: 48
                          2a04:5901:b::/48 maxlen: 48
                          2a04:5901:10::/48 maxlen: 48
                          2a04:5901:1::/48 maxlen: 48
                          2a04:5901:21::/48 maxlen: 48
                          2a04:5901:26::/48 maxlen: 48
                          2a04:5901:6::/48 maxlen: 48
                          2a04:5901:17::/48 maxlen: 48
                          2a04:5901:1c::/48 maxlen: 48
                          2a04:5901:d::/48 maxlen: 48
                          2a04:5901:12::/48 maxlen: 48
                          2a04:5901:3::/48 maxlen: 48
                          2a04:5901:23::/48 maxlen: 48
                          2a04:5901:8::/48 maxlen: 48
                          2a04:5900::/29 maxlen: 29
                          2a04:5901:19::/48 maxlen: 48
                          2a04:5901:1e::/48 maxlen: 48
                          2a04:5901:f::/48 maxlen: 48
                          2a04:5901:14::/48 maxlen: 48
                          2a04:5901:5::/48 maxlen: 48
                          2a04:5901:25::/48 maxlen: 48
                          2a04:5901:a::/48 maxlen: 48
                          2a04:5901:1b::/48 maxlen: 48
                          2a04:5901::/32 maxlen: 32
                          2a04:5901:20::/48 maxlen: 48
                          2a04:5901:11::/48 maxlen: 48
                          2a04:5901:16::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1a:0b:bf:fa:45:6e:13:c1:ae:b8:e9:84:f0:65:47:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed
        Validity
            Not Before: Dec 16 08:27:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f63141b1992bd4316cadb826a86c809b064049a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9c:88:bc:6b:49:6c:df:fe:4f:60:f7:ad:04:
                    ef:1a:3c:16:33:dc:a0:6b:7a:92:28:38:7f:b9:16:
                    08:df:a9:2d:e9:c7:e1:32:47:ee:75:2d:f2:ba:f5:
                    64:24:cc:cb:d7:46:cf:0e:d9:8c:14:3e:11:ad:e8:
                    41:8e:50:9b:06:da:ba:43:ae:44:de:a1:22:89:4d:
                    fc:ae:a0:9a:c4:76:de:1a:16:af:69:87:bd:31:22:
                    1c:55:b9:c9:e2:03:12:32:18:7c:c2:73:c4:7e:82:
                    e1:ce:2a:1f:15:f1:9f:7d:f7:69:63:47:15:17:d4:
                    cf:3c:a7:46:66:19:a8:71:3d:59:c4:47:de:b8:19:
                    4c:c8:4a:b3:82:b6:7f:57:83:f0:46:4a:61:e7:aa:
                    90:b8:7b:32:34:5a:f4:cd:0f:e2:25:f6:13:bd:00:
                    96:48:c9:1c:09:0a:c6:4a:34:38:fe:7f:e9:28:d8:
                    96:fb:c1:cc:aa:8c:f0:8b:10:66:c2:85:28:7e:a9:
                    03:5b:aa:c6:4a:ee:18:ea:14:2a:e9:df:ef:f9:43:
                    29:74:b7:c8:a4:35:3c:82:50:10:61:c5:ac:f4:e3:
                    fd:d0:8a:15:18:78:22:97:5c:47:49:2f:0c:21:e6:
                    45:03:69:bc:86:79:25:5c:72:97:96:6e:ac:51:d0:
                    de:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:63:14:1B:19:92:BD:43:16:CA:DB:82:6A:86:C8:09:B0:64:04:9A
            X509v3 Authority Key Identifier:
                keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/j2MUGxmSvUMWytuCaobICbBkBJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.32.0/22
                IPv6:
                  2a04:5900::/29

    Signature Algorithm: sha256WithRSAEncryption
         ba:8e:bc:92:4d:0b:60:96:da:1d:2a:12:08:24:df:94:d0:3c:
         36:31:73:ac:77:4d:40:a4:75:0c:47:02:f5:e9:f2:61:9f:17:
         ed:da:47:b0:c0:a4:b6:d6:59:b1:cb:8c:22:51:f7:cf:58:9c:
         2c:71:65:d4:d7:bd:37:18:0c:40:33:37:a0:e4:43:86:0f:e1:
         58:13:dd:62:a1:8c:c6:54:9b:a0:63:eb:5b:97:7f:9b:3e:37:
         eb:7c:ff:99:db:14:46:18:16:3b:70:51:ee:89:d7:f1:4f:9e:
         92:75:4e:2a:26:e9:f5:ba:e2:d3:2b:88:33:0f:a5:f0:5a:2e:
         7d:f5:4c:7c:5b:74:e5:98:8e:c1:dc:5b:47:c4:80:84:97:23:
         bc:e5:c7:0a:c4:5c:35:a4:10:0e:75:79:dd:96:ed:fc:43:82:
         9b:04:7b:d3:39:af:83:1d:69:72:4e:a0:13:7c:a3:c2:8a:a7:
         67:bf:9d:40:81:2d:4a:d8:e0:f7:86:83:1b:f0:76:91:4b:a4:
         53:38:fc:76:3e:72:41:f7:9c:b0:7b:d2:c2:02:e7:7f:39:45:
         07:7a:3d:43:73:90:80:f4:9b:e7:1a:e5:35:5e:e7:d2:81:c8:
         d1:36:65:92:50:f9:f2:8e:70:53:50:00:e8:d7:5f:76:56:da:
         58:a0:0a:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUaC7/6RW4Twa646YTwZUdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjFjNTQzODQ0YzQxN2Y2MWFkNzkzOTI0NGQzYjc1OWMy
YTQzZWQwHhcNMjIxMjE2MDgyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjYzMTQxYjE5OTJiZDQzMTZjYWRiODI2YTg2YzgwOWIwNjQwNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJyIvGtJbN/+T2D3rQTvGjwWM9yg
a3qSKDh/uRYI36kt6cfhMkfudS3yuvVkJMzL10bPDtmMFD4RrehBjlCbBtq6Q65E
3qEiiU38rqCaxHbeGhavaYe9MSIcVbnJ4gMSMhh8wnPEfoLhziofFfGfffdpY0cV
F9TPPKdGZhmocT1ZxEfeuBlMyEqzgrZ/V4PwRkph56qQuHsyNFr0zQ/iJfYTvQCW
SMkcCQrGSjQ4/n/pKNiW+8HMqozwixBmwoUofqkDW6rGSu4Y6hQq6d/v+UMpdLfI
pDU8glAQYcWs9OP90IoVGHgil1xHSS8MIeZFA2m8hnklXHKXlm6sUdDe1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI9jFBsZkr1DFsrbgmqGyAmwZASaMB8GA1UdIwQY
MBaAFB8hxUOETEF/Ya15OSRNO3WcKkPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2Qt
YjhjNDg1M2U0MmJjLzEvajJNVUd4bVN2VU1XeXR1Q2FvYklDYkJrQkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2QtYjhjNDg1M2U0MmJj
LzEvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSEgMA0E
AgACMAcDBQMqBFkAMA0GCSqGSIb3DQEBCwUAA4IBAQC6jrySTQtgltodKhIIJN+U
0Dw2MXOsd01ApHUMRwL16fJhnxft2kewwKS21lmxy4wiUffPWJwscWXU1703GAxA
Mzeg5EOGD+FYE91ioYzGVJugY+tbl3+bPjfrfP+Z2xRGGBY7cFHuidfxT56SdU4q
Jun1uuLTK4gzD6XwWi599Ux8W3TlmI7B3FtHxICElyO85ccKxFw1pBAOdXndlu38
Q4KbBHvTOa+DHWlyTqATfKPCiqdnv51AgS1K2OD3hoMb8HaRS6RTOPx2PnJB95yw
e9LCAud/OUUHej1Dc5CA9JvnGuU1XufSgcjRNmWSUPnyjnBTUADo1192VtpYoAqZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:29 2024 by rpki-client on console-fra.rpki-client.org