Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/vlgY4gFvrF4_teRmzDj9Rx3DrK0.roa
File:                     vlgY4gFvrF4_teRmzDj9Rx3DrK0.roa (raw, json)
Hash identifier:          3KOtww8UMOa0BRbPDAl6Go7vVS4Xt5y18WpMf2UTY/o=
Subject key identifier:   BE:58:18:E2:01:6F:AC:5E:3F:B5:E4:66:CC:38:FD:47:1D:C3:AC:AD
Certificate issuer:       /CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Certificate serial:       01851A15CF7CB6C13888350AEE7D6AAC91D9
Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/vlgY4gFvrF4_teRmzDj9Rx3DrK0.roa
Signing time:             Fri 16 Dec 2022 08:38:35 +0000
ROA not before:           Fri 16 Dec 2022 08:38:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60304
IP address blocks:        185.33.35.0/24 maxlen: 24
                          185.33.34.0/24 maxlen: 24
                          185.33.33.0/24 maxlen: 24
                          185.33.32.0/24 maxlen: 24
                          2a04:5900::/48 maxlen: 48
                          2a04:5901:27::/48 maxlen: 48
                          2a04:5901:7::/48 maxlen: 48
                          2a04:5901:c::/48 maxlen: 48
                          2a04:5901:1d::/48 maxlen: 48
                          2a04:5901:22::/48 maxlen: 48
                          2a04:5901:2::/48 maxlen: 48
                          2a04:5901:13::/48 maxlen: 48
                          2a04:5901:18::/48 maxlen: 48
                          2a04:5901:9::/48 maxlen: 48
                          2a04:5901:e::/48 maxlen: 48
                          2a04:5900::/32 maxlen: 32
                          2a04:5901:1f::/48 maxlen: 48
                          2a04:5901:24::/48 maxlen: 48
                          2a04:5901:4::/48 maxlen: 48
                          2a04:5901:15::/48 maxlen: 48
                          2a04:5901:1a::/48 maxlen: 48
                          2a04:5901:b::/48 maxlen: 48
                          2a04:5901:10::/48 maxlen: 48
                          2a04:5901:21::/48 maxlen: 48
                          2a04:5901:1::/48 maxlen: 48
                          2a04:5901:6::/48 maxlen: 48
                          2a04:5901:26::/48 maxlen: 48
                          2a04:5901:17::/48 maxlen: 48
                          2a04:5901:1c::/48 maxlen: 48
                          2a04:5901:d::/48 maxlen: 48
                          2a04:5900:1::/48 maxlen: 48
                          2a04:5901:12::/48 maxlen: 48
                          2a04:5901:23::/48 maxlen: 48
                          2a04:5901:3::/48 maxlen: 48
                          2a04:5901:8::/48 maxlen: 48
                          2a04:5900::/29 maxlen: 29
                          2a04:5901:19::/48 maxlen: 48
                          2a04:5901:1e::/48 maxlen: 48
                          2a04:5901:f::/48 maxlen: 48
                          2a04:5901:14::/48 maxlen: 48
                          2a04:5901:25::/48 maxlen: 48
                          2a04:5901:5::/48 maxlen: 48
                          2a04:5901:a::/48 maxlen: 48
                          2a04:5901:1b::/48 maxlen: 48
                          2a04:5901::/32 maxlen: 32
                          2a04:5901:20::/48 maxlen: 48
                          2a04:5901:11::/48 maxlen: 48
                          2a04:5901:16::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1a:15:cf:7c:b6:c1:38:88:35:0a:ee:7d:6a:ac:91:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed
        Validity
            Not Before: Dec 16 08:38:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be5818e2016fac5e3fb5e466cc38fd471dc3acad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:60:3b:29:7c:e5:85:3c:c3:c9:ab:9a:50:ea:
                    2f:3e:03:ed:78:22:19:d3:7f:8e:04:45:54:c3:39:
                    c9:00:41:0c:26:09:b0:02:d4:6f:71:30:11:dd:8e:
                    bf:0c:b5:bd:74:d6:e6:6d:64:06:f8:1e:bf:ae:e5:
                    6c:39:41:45:ae:45:54:67:68:ce:9f:53:9e:49:ed:
                    72:74:42:d3:26:96:90:93:d6:71:fc:b7:74:8d:ea:
                    28:e3:d9:67:d5:b1:a7:5a:df:66:d6:07:f6:d9:45:
                    f9:6e:b0:cb:e5:4d:7c:6b:5a:1c:9c:22:02:10:ed:
                    7d:66:90:a1:e8:1c:b5:5e:53:0a:54:6d:1a:0e:a6:
                    9f:5c:97:ec:db:da:12:c3:31:34:1c:cc:f3:9f:9f:
                    dc:86:91:d4:35:93:86:31:e7:fe:a7:83:ad:58:67:
                    38:34:e6:f0:16:f8:ed:25:76:b1:d3:fe:fa:cb:4f:
                    10:69:a7:c4:47:0c:df:c7:61:1f:97:3c:f9:c4:86:
                    2e:5a:54:8e:b9:08:f8:a7:17:bf:1d:a2:ff:8e:e3:
                    59:35:56:5b:42:84:12:30:9c:21:18:e1:c6:61:8d:
                    62:7c:89:70:c3:82:7e:76:ab:be:36:9e:2f:7b:2f:
                    74:75:6f:41:fa:ee:5d:71:d7:fb:e0:73:5f:56:40:
                    ac:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:58:18:E2:01:6F:AC:5E:3F:B5:E4:66:CC:38:FD:47:1D:C3:AC:AD
            X509v3 Authority Key Identifier:
                keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/vlgY4gFvrF4_teRmzDj9Rx3DrK0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.32.0/22
                IPv6:
                  2a04:5900::/29

    Signature Algorithm: sha256WithRSAEncryption
         8f:8f:55:45:03:14:ff:17:40:72:bb:c8:e5:e3:93:e2:75:97:
         b2:33:f0:bd:0b:36:10:4c:c4:2a:dc:86:82:cb:bf:da:37:ba:
         96:d5:9d:c6:f8:79:7b:16:62:cd:90:40:bd:7c:07:1a:ca:08:
         12:cd:4e:4d:a2:dd:cc:90:6c:a3:df:0e:ac:50:47:62:09:2a:
         78:2a:1c:61:e0:62:70:3c:62:5f:db:95:d4:f7:76:2b:98:4b:
         7b:b8:9f:9b:ca:5a:6c:c7:47:b1:8d:29:35:73:6b:69:40:ad:
         93:b9:16:3e:2d:06:46:aa:9d:c6:0d:e9:14:f6:ce:d3:d4:6b:
         39:e6:0a:68:98:d7:9b:88:cc:c1:7f:ed:fd:50:d3:39:86:01:
         b9:de:55:2f:0b:8c:d2:0f:a5:7a:1f:e7:04:6f:95:7a:cd:4e:
         6a:b9:a1:51:0e:94:02:85:52:f5:46:57:66:dd:41:a4:4e:83:
         3c:1a:81:aa:10:56:f6:84:97:dd:b9:57:2d:ba:26:d4:d1:96:
         e7:3c:f6:86:f3:75:0d:c6:a5:9b:3a:68:97:dc:17:83:f7:cb:
         2b:ae:3b:16:8b:34:01:65:d0:25:6f:3a:05:b4:5a:da:f3:cf:
         85:44:1f:1b:9e:07:f0:57:05:c5:a8:71:c0:33:1a:21:17:b1:
         fe:58:5e:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUaFc98tsE4iDUK7n1qrJHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjFjNTQzODQ0YzQxN2Y2MWFkNzkzOTI0NGQzYjc1OWMy
YTQzZWQwHhcNMjIxMjE2MDgzODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTU4MThlMjAxNmZhYzVlM2ZiNWU0NjZjYzM4ZmQ0NzFkYzNhY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2A7KXzlhTzDyauaUOovPgPteCIZ
03+OBEVUwznJAEEMJgmwAtRvcTAR3Y6/DLW9dNbmbWQG+B6/ruVsOUFFrkVUZ2jO
n1OeSe1ydELTJpaQk9Zx/Ld0jeoo49ln1bGnWt9m1gf22UX5brDL5U18a1ocnCIC
EO19ZpCh6By1XlMKVG0aDqafXJfs29oSwzE0HMzzn5/chpHUNZOGMef+p4OtWGc4
NObwFvjtJXax0/76y08QaafERwzfx2Eflzz5xIYuWlSOuQj4pxe/HaL/juNZNVZb
QoQSMJwhGOHGYY1ifIlww4J+dqu+Np4vey90dW9B+u5dcdf74HNfVkCszwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL5YGOIBb6xeP7XkZsw4/Ucdw6ytMB8GA1UdIwQY
MBaAFB8hxUOETEF/Ya15OSRNO3WcKkPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2Qt
YjhjNDg1M2U0MmJjLzEvdmxnWTRnRnZyRjRfdGVSbXpEajlSeDNEckswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2QtYjhjNDg1M2U0MmJj
LzEvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSEgMA0E
AgACMAcDBQMqBFkAMA0GCSqGSIb3DQEBCwUAA4IBAQCPj1VFAxT/F0Byu8jl45Pi
dZeyM/C9CzYQTMQq3IaCy7/aN7qW1Z3G+Hl7FmLNkEC9fAcayggSzU5Not3MkGyj
3w6sUEdiCSp4Khxh4GJwPGJf25XU93YrmEt7uJ+bylpsx0exjSk1c2tpQK2TuRY+
LQZGqp3GDekU9s7T1Gs55gpomNebiMzBf+39UNM5hgG53lUvC4zSD6V6H+cEb5V6
zU5quaFRDpQChVL1Rldm3UGkToM8GoGqEFb2hJfduVctuibU0ZbnPPaG83UNxqWb
OmiX3BeD98srrjsWizQBZdAlbzoFtFra88+FRB8bngfwVwXFqHHAMxohF7H+WF5O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:29 2024 by rpki-client on console-fra.rpki-client.org