Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/bsUUUzIkOcJ-5J7eb5J5UWwth48.roa
File:                     bsUUUzIkOcJ-5J7eb5J5UWwth48.roa (raw, json)
Hash identifier:          ybkcdOhalbSLqzudPjyXUuzf5kZFD4u8L6jp6SKwJZA=
Subject key identifier:   6E:C5:14:53:32:24:39:C2:7E:E4:9E:DE:6F:92:79:51:6C:2D:87:8F
Certificate issuer:       /CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Certificate serial:       036305B2
Authority key identifier: 21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/bsUUUzIkOcJ-5J7eb5J5UWwth48.roa
Signing time:             Wed 20 Apr 2022 06:17:12 +0000
ROA not before:           Wed 20 Apr 2022 06:17:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59625
IP address blocks:        185.84.69.0/24 maxlen: 24
                          185.240.16.0/24 maxlen: 24
                          185.84.68.0/24 maxlen: 24
                          185.84.70.0/24 maxlen: 24
                          185.240.17.0/24 maxlen: 24
                          185.84.71.0/24 maxlen: 24
                          185.240.18.0/24 maxlen: 24
                          185.240.19.0/24 maxlen: 24
                          185.244.177.0/24 maxlen: 24
                          185.244.176.0/24 maxlen: 24
                          2a03:7020:1::/48 maxlen: 48
                          2a03:7020:800::/40 maxlen: 40
                          2a03:7020:1300::/40 maxlen: 40
                          2a03:7020:10::/48 maxlen: 48
                          2a03:7020::/48 maxlen: 48
                          2a03:7020:8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56821170 (0x36305b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=217b491dccb5632216d80b48f8d6286b1effd8d7
        Validity
            Not Before: Apr 20 06:17:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ec51453322439c27ee49ede6f9279516c2d878f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:49:6e:e0:f2:b9:58:79:b5:42:9c:0f:e3:e2:
                    5e:99:a1:0b:32:71:b2:c5:08:8b:6f:d7:fb:31:46:
                    30:57:62:18:66:00:bb:7c:53:c0:64:15:c5:a7:3a:
                    d3:25:1f:f9:86:ee:c1:66:0e:83:f0:26:5e:98:11:
                    a3:0b:7a:f6:a1:07:35:bb:e7:ef:fb:26:37:51:07:
                    12:4e:43:ef:34:ee:61:7f:75:33:29:45:27:7b:5c:
                    2e:d6:67:b4:03:d6:0b:27:39:b8:a2:86:c4:0e:64:
                    76:ef:9f:2c:78:ce:e7:e8:3d:6c:ab:37:f9:9a:c5:
                    26:9f:67:c1:56:3b:b2:73:bb:1a:59:0b:b6:25:b6:
                    c2:68:52:23:9a:4e:32:bc:37:d5:06:9c:d1:a5:b1:
                    a9:aa:61:d4:20:ee:db:6b:42:63:75:1e:af:56:dc:
                    e2:b8:b0:d8:de:ef:4b:44:7e:26:3f:3e:c1:08:21:
                    c6:12:ba:18:a1:c6:d3:2a:6e:76:ce:32:70:5e:0d:
                    f8:e6:14:a4:fa:c1:68:b2:15:5d:13:d5:e1:c4:02:
                    f8:29:8c:68:27:d6:f7:30:09:0f:69:a5:38:c7:42:
                    21:7f:df:af:79:3d:4a:68:4e:10:26:28:99:f3:df:
                    44:6b:1b:97:2a:d4:3f:0d:b6:45:67:da:30:40:76:
                    b6:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C5:14:53:32:24:39:C2:7E:E4:9E:DE:6F:92:79:51:6C:2D:87:8F
            X509v3 Authority Key Identifier:
                keyid:21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/bsUUUzIkOcJ-5J7eb5J5UWwth48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.68.0/22
                  185.240.16.0/22
                  185.244.176.0/23
                IPv6:
                  2a03:7020::/47
                  2a03:7020:8::/48
                  2a03:7020:10::/48
                  2a03:7020:800::/40
                  2a03:7020:1300::/40

    Signature Algorithm: sha256WithRSAEncryption
         32:6b:ef:8e:07:03:5e:fb:2d:b0:44:e6:90:6c:d4:ed:e8:8e:
         2a:69:95:bb:e4:96:3c:fa:90:14:cb:36:18:97:4c:27:7d:da:
         b4:41:ab:2a:77:55:e1:24:39:a7:b0:60:3d:05:50:b8:16:c3:
         09:63:b4:2f:36:42:e5:e3:9a:e1:04:51:ac:7d:b7:1f:49:66:
         94:58:c3:94:44:4b:c5:a1:3c:72:9f:e2:7c:91:12:5c:22:57:
         11:ca:e3:b9:27:45:4f:f6:7d:fd:93:41:e9:28:c7:ca:44:fc:
         be:65:f6:89:32:33:17:8f:eb:e8:3d:fa:52:24:2d:bc:9e:7d:
         17:a5:de:0a:01:90:05:7a:ae:15:96:29:95:75:0c:b3:98:7e:
         7a:18:26:cf:69:34:c7:b7:67:ba:cf:a5:ed:7a:df:d1:b1:50:
         a0:d7:12:ab:2e:0a:42:ce:18:76:37:0d:a1:03:2a:3c:10:ff:
         40:93:a1:cc:dc:30:50:ac:ed:9f:80:ea:6c:1c:80:ac:fd:1e:
         02:fe:04:f8:9b:44:c8:ae:73:da:44:a6:25:22:29:71:0a:37:
         02:bc:b0:a8:27:5f:e9:81:10:87:dc:8b:0a:cd:54:f9:1e:6a:
         33:cf:e5:0b:8f:77:47:7a:69:d7:9b:75:29:42:b6:b2:d6:1b:
         19:68:c0:4e
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEA2MFsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTdiNDkxZGNjYjU2MzIyMTZkODBiNDhmOGQ2Mjg2YjFlZmZkOGQ3MB4XDTIyMDQy
MDA2MTcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVjNTE0NTMzMjI0
MzljMjdlZTQ5ZWRlNmY5Mjc5NTE2YzJkODc4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVJbuDyuVh5tUKcD+PiXpmhCzJxssUIi2/X+zFGMFdiGGYA
u3xTwGQVxac60yUf+YbuwWYOg/AmXpgRowt69qEHNbvn7/smN1EHEk5D7zTuYX91
MylFJ3tcLtZntAPWCyc5uKKGxA5kdu+fLHjO5+g9bKs3+ZrFJp9nwVY7snO7GlkL
tiW2wmhSI5pOMrw31Qac0aWxqaph1CDu22tCY3Uer1bc4riw2N7vS0R+Jj8+wQgh
xhK6GKHG0ypuds4ycF4N+OYUpPrBaLIVXRPV4cQC+CmMaCfW9zAJD2mlOMdCIX/f
r3k9SmhOECYomfPfRGsblyrUPw22RWfaMEB2tuUCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBRuxRRTMiQ5wn7knt5vknlRbC2HjzAfBgNVHSMEGDAWgBQhe0kdzLVjIhbY
C0j41ihrHv/Y1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lYdEpIY3kxWXlJVzJBdEktTllvYXg3XzJOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8x
L2JzVVVVeklrT2NKLTVKN2ViNUo1VVd3dGg0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8xL0lYdEpIY3kxWXlJ
VzJBdEktTllvYXg3XzJOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wGAQCAAEwEgMEArlURAMEArnwEAMEAbn0sDAxBAIA
AjArAwcBKgNwIAAAAwcAKgNwIAAIAwcAKgNwIAAQAwYAKgNwIAgDBgAqA3AgEzAN
BgkqhkiG9w0BAQsFAAOCAQEAMmvvjgcDXvstsETmkGzU7eiOKmmVu+SWPPqQFMs2
GJdMJ33atEGrKndV4SQ5p7BgPQVQuBbDCWO0LzZC5eOa4QRRrH23H0lmlFjDlERL
xaE8cp/ifJESXCJXEcrjuSdFT/Z9/ZNB6SjHykT8vmX2iTIzF4/r6D36UiQtvJ59
F6XeCgGQBXquFZYplXUMs5h+ehgmz2k0x7dnus+l7Xrf0bFQoNcSqy4KQs4YdjcN
oQMqPBD/QJOhzNwwUKztn4DqbByArP0eAv4E+JtEyK5z2kSmJSIpcQo3ArywqCdf
6YEQh9yLCs1U+R5qM8/lC493R3pp15t1KUK2stYbGWjATg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org