Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/e19jK734M9ExWV9w1UUxKl3qhAc.roa
File:                     e19jK734M9ExWV9w1UUxKl3qhAc.roa (raw, json)
Hash identifier:          CBtkdDV/Ze2pC4JYeP+xJNaV/Aa55jwmWmVL4bh1vyE=
Subject key identifier:   7B:5F:63:2B:BD:F8:33:D1:31:59:5F:70:D5:45:31:2A:5D:EA:84:07
Certificate issuer:       /CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
Certificate serial:       0273D184
Authority key identifier: 1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/e19jK734M9ExWV9w1UUxKl3qhAc.roa
Signing time:             Sat 01 Jan 2022 14:54:36 +0000
ROA not before:           Sat 01 Jan 2022 14:54:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28919
IP address blocks:        94.24.56.0/21 maxlen: 24
                          185.164.112.0/22 maxlen: 24
                          89.41.128.0/21 maxlen: 24
                          185.66.48.0/22 maxlen: 24
                          80.93.32.0/20 maxlen: 24
                          213.182.224.0/19 maxlen: 24
                          185.163.144.0/22 maxlen: 24
                          2a03:c680::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 41144708 (0x273d184)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
        Validity
            Not Before: Jan  1 14:54:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7b5f632bbdf833d131595f70d545312a5dea8407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:31:59:2c:ff:5d:2d:09:fa:09:20:d8:fd:59:
                    d8:1f:ae:39:88:1b:12:18:93:b4:28:86:7e:79:c6:
                    20:63:c4:1c:0d:fc:25:73:09:37:74:80:56:bf:ba:
                    88:78:35:95:63:02:ca:69:2f:9b:ed:73:2f:80:52:
                    e8:74:22:62:63:63:48:9f:15:7b:c7:6d:19:d9:86:
                    91:a8:2a:6a:36:56:4d:f4:f9:b1:be:5c:2a:7f:47:
                    32:6d:7c:d9:c9:6c:de:b5:48:6e:75:f9:54:31:9a:
                    45:50:bf:41:13:47:ff:20:0a:5e:07:46:52:d4:46:
                    03:1f:61:39:b2:d5:d1:e3:1a:e3:df:09:3e:f3:23:
                    bb:07:36:20:0d:68:2e:1c:b8:92:e8:0c:55:45:3e:
                    dc:c9:df:c9:e0:f3:17:0f:5a:4f:56:d2:2b:8e:7c:
                    59:7b:63:60:73:01:00:32:12:2a:7f:c2:34:09:1f:
                    18:b7:e9:31:95:49:33:0d:de:f2:7f:d4:44:6d:eb:
                    e5:db:bd:cf:68:2e:b1:4d:8b:03:dd:c6:4b:f7:da:
                    b6:b5:ca:ab:0b:bd:77:d9:77:ce:02:fa:85:62:e4:
                    9d:43:57:b4:67:00:04:7d:d2:be:96:60:37:80:61:
                    37:a0:e9:f5:77:38:63:d8:45:d5:09:38:10:6a:ce:
                    27:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:5F:63:2B:BD:F8:33:D1:31:59:5F:70:D5:45:31:2A:5D:EA:84:07
            X509v3 Authority Key Identifier:
                keyid:1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/e19jK734M9ExWV9w1UUxKl3qhAc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.93.32.0/20
                  89.41.128.0/21
                  94.24.56.0/21
                  185.66.48.0/22
                  185.163.144.0/22
                  185.164.112.0/22
                  213.182.224.0/19
                IPv6:
                  2a03:c680::/29

    Signature Algorithm: sha256WithRSAEncryption
         4c:7d:d2:b8:e2:fd:bf:3d:87:14:37:d0:a9:69:9a:90:ea:04:
         d1:23:fd:bf:9e:f7:bb:83:49:75:ce:56:06:7d:dd:6d:d2:9c:
         d6:8f:7d:b1:ab:98:d4:73:8b:5c:de:8d:f2:87:3c:5f:39:43:
         53:ba:e8:a0:42:46:35:49:a2:52:88:29:67:eb:05:6e:3e:c4:
         39:af:be:5d:f6:36:92:a5:f5:4d:5f:e6:04:78:8a:cc:7f:ad:
         b5:c8:b1:28:30:32:b4:f1:72:83:6f:45:38:ef:66:2c:da:75:
         d8:de:1d:d4:bf:bc:f6:c5:70:ff:71:ed:89:95:40:cd:c3:df:
         c4:26:4f:60:5c:e5:c2:88:75:da:9c:4d:4b:8b:3d:9b:2f:62:
         74:96:87:7e:85:72:a8:99:f2:94:6d:0b:a0:25:33:cd:9d:14:
         28:32:8c:54:9f:73:5c:a1:fc:47:43:b5:8a:a9:42:05:48:13:
         ca:a7:20:36:d3:36:49:29:71:11:dd:88:f6:65:17:2b:93:0b:
         3a:03:59:44:4e:a3:30:83:80:10:59:8b:1e:24:02:54:60:7a:
         68:87:79:07:e6:dc:a6:ed:39:87:a0:58:7c:b3:b9:94:51:47:
         65:6b:8b:d8:23:0a:10:a9:2d:d1:f0:66:f5:1e:d6:91:d1:f1:
         78:87:9b:f5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAnPRhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDA2NzJjOTlmODdmMDVjZDgzZjBiNjI3ZDMxODcxZmU4MGJlMDFmMB4XDTIyMDEw
MTE0NTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I1ZjYzMmJiZGY4
MzNkMTMxNTk1ZjcwZDU0NTMxMmE1ZGVhODQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMExWSz/XS0J+gkg2P1Z2B+uOYgbEhiTtCiGfnnGIGPEHA38
JXMJN3SAVr+6iHg1lWMCymkvm+1zL4BS6HQiYmNjSJ8Ve8dtGdmGkagqajZWTfT5
sb5cKn9HMm182cls3rVIbnX5VDGaRVC/QRNH/yAKXgdGUtRGAx9hObLV0eMa498J
PvMjuwc2IA1oLhy4kugMVUU+3MnfyeDzFw9aT1bSK458WXtjYHMBADISKn/CNAkf
GLfpMZVJMw3e8n/URG3r5du9z2gusU2LA93GS/fatrXKqwu9d9l3zgL6hWLknUNX
tGcABH3SvpZgN4BhN6Dp9Xc4Y9hF1Qk4EGrOJ3UCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBR7X2Mrvfgz0TFZX3DVRTEqXeqEBzAfBgNVHSMEGDAWgBQdBnLJn4fwXNg/
C2J9MYcf6AvgHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hRWnl5Wi1IOEZ6WVB3dGlmVEdISC1nTDRCOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvN2U0ZjA4LTY3MzAtNDA1MS05NzkyLTQ5NGY0YzRkYTQyNi8x
L2UxOWpLNzM0TTlFeFdWOXcxVVV4S2wzcWhBYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
N2U0ZjA4LTY3MzAtNDA1MS05NzkyLTQ5NGY0YzRkYTQyNi8xL0hRWnl5Wi1IOEZ6
WVB3dGlmVEdISC1nTDRCOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBFBdIAMEA1kpgAMEA14YOAMEArlC
MAMEArmjkAMEArmkcAMEBdW24DANBAIAAjAHAwUDKgPGgDANBgkqhkiG9w0BAQsF
AAOCAQEATH3SuOL9vz2HFDfQqWmakOoE0SP9v573u4NJdc5WBn3dbdKc1o99sauY
1HOLXN6N8oc8XzlDU7rooEJGNUmiUogpZ+sFbj7EOa++XfY2kqX1TV/mBHiKzH+t
tcixKDAytPFyg29FOO9mLNp12N4d1L+89sVw/3HtiZVAzcPfxCZPYFzlwoh12pxN
S4s9my9idJaHfoVyqJnylG0LoCUzzZ0UKDKMVJ9zXKH8R0O1iqlCBUgTyqcgNtM2
SSlxEd2I9mUXK5MLOgNZRE6jMIOAEFmLHiQCVGB6aId5B+bcpu05h6BYfLO5lFFH
ZWuL2CMKEKkt0fBm9R7WkdHxeIeb9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org