Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa
File:                     nYOegSxJsJoowkSTfY2ScM695dM.roa (raw, json)
Hash identifier:          w6bEHNQiPBj0woEZxKYQDQa4oQaDf9DFMgieCZukVd4=
Subject key identifier:   9D:83:9E:81:2C:49:B0:9A:28:C2:44:93:7D:8D:92:70:CE:BD:E5:D3
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       08F28DFD
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa
Signing time:             Sat 01 Jan 2022 16:00:02 +0000
ROA not before:           Sat 01 Jan 2022 16:00:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7489
IP address blocks:        2.56.164.0/22 maxlen: 24
                          78.108.216.0/22 maxlen: 24
                          45.140.220.0/22 maxlen: 24
                          193.221.192.0/22 maxlen: 24
                          194.50.16.0/22 maxlen: 24
                          194.31.140.0/22 maxlen: 24
                          212.107.12.0/22 maxlen: 24
                          185.186.64.0/22 maxlen: 24
                          45.154.196.0/22 maxlen: 24
                          185.227.68.0/22 maxlen: 24
                          185.185.40.0/22 maxlen: 24
                          194.56.224.0/22 maxlen: 24
                          178.218.144.0/22 maxlen: 24
                          45.90.144.0/22 maxlen: 24
                          77.83.240.0/22 maxlen: 24
                          45.81.20.0/22 maxlen: 24
                          89.190.156.0/22 maxlen: 24
                          83.143.116.0/22 maxlen: 24
                          185.242.224.0/22 maxlen: 24
                          185.234.72.0/22 maxlen: 24
                          193.31.28.0/22 maxlen: 24
                          85.202.160.0/22 maxlen: 24
                          193.34.76.0/22 maxlen: 24
                          2a0b:7080:10::/48 maxlen: 48
                          2a0b:b87:ffb4::/48 maxlen: 48
                          2a0b:b82::/44 maxlen: 44
                          2a0b:b85::/32 maxlen: 32
                          2a0b:b87:fff0::/44 maxlen: 44
                          2a0b:7080:10::/44 maxlen: 44
                          2a0b:7080:10::/45 maxlen: 45
                          2a0b:b87:ffda::/48 maxlen: 48
                          2a0d:77c7::/32 maxlen: 48
                          2a0b:b87:ffec::/48 maxlen: 48
                          2a0b:b84::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150113789 (0x8f28dfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:00:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d839e812c49b09a28c244937d8d9270cebde5d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b8:51:e9:35:6d:ea:ab:b1:44:1f:ac:ea:ce:
                    29:d4:a7:f0:a1:fb:ff:5f:fb:33:85:1b:ec:d4:10:
                    e4:04:82:c2:cd:39:2a:ff:b9:4c:be:74:9d:88:71:
                    f2:10:16:4e:0f:f1:05:a7:fa:eb:30:a8:cf:ab:f7:
                    21:28:46:7f:b5:5d:5e:f8:b3:c4:8b:c5:fc:77:d0:
                    dd:1f:11:1c:28:71:e2:9e:0d:6f:b0:8c:eb:63:cd:
                    05:aa:f3:fe:c5:c7:9e:98:8c:1f:e0:2a:d7:1d:9c:
                    a6:39:a3:82:d4:79:12:17:04:48:07:b9:d1:0f:8b:
                    eb:ba:04:7d:eb:4b:a4:3b:a4:8b:90:ce:9d:e0:be:
                    35:bb:c2:be:2e:22:fd:ac:77:d1:3d:20:17:1a:f5:
                    78:cb:5d:f4:8a:5e:3b:30:88:a9:75:9b:34:d1:60:
                    b1:32:01:4d:af:5f:ea:56:d5:f1:54:6f:00:34:b2:
                    7e:09:ed:fb:3e:31:24:df:38:66:1d:57:a2:89:7f:
                    fc:13:d4:f8:3b:ac:3e:c9:43:37:83:83:8e:d8:e6:
                    33:2c:7f:8b:eb:a4:f4:20:a5:41:61:7f:64:8f:23:
                    fc:9a:4c:d5:9d:42:26:2d:ff:e3:69:f8:d7:ce:68:
                    aa:33:a4:6f:9d:fb:be:3a:4d:7b:da:67:20:f7:32:
                    c1:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:83:9E:81:2C:49:B0:9A:28:C2:44:93:7D:8D:92:70:CE:BD:E5:D3
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.164.0/22
                  45.81.20.0/22
                  45.90.144.0/22
                  45.140.220.0/22
                  45.154.196.0/22
                  77.83.240.0/22
                  78.108.216.0/22
                  83.143.116.0/22
                  85.202.160.0/22
                  89.190.156.0/22
                  178.218.144.0/22
                  185.185.40.0/22
                  185.186.64.0/22
                  185.227.68.0/22
                  185.234.72.0/22
                  185.242.224.0/22
                  193.31.28.0/22
                  193.34.76.0/22
                  193.221.192.0/22
                  194.31.140.0/22
                  194.50.16.0/22
                  194.56.224.0/22
                  212.107.12.0/22
                IPv6:
                  2a0b:b82::/44
                  2a0b:b84::/31
                  2a0b:b87:ffb4::/48
                  2a0b:b87:ffda::/48
                  2a0b:b87:ffec::/48
                  2a0b:b87:fff0::/44
                  2a0b:7080:10::/44
                  2a0d:77c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:38:f1:37:44:1b:ca:7a:1c:15:a9:f2:f6:f4:74:bf:35:04:
         a8:07:3f:3a:aa:f4:a7:1f:2f:10:8c:7a:58:62:57:51:d5:e9:
         42:2d:4f:7e:7b:b9:fe:4a:7b:61:db:11:93:b4:07:3f:35:32:
         c4:ac:e4:ab:73:a2:ef:b0:8d:d3:28:54:5c:67:de:cc:9d:09:
         e3:07:0e:76:f9:8d:e7:a8:d8:46:13:99:d7:52:1f:b2:1a:9e:
         70:20:d1:56:03:b0:5e:d5:2a:13:6c:6e:4c:37:67:90:17:59:
         a5:2d:9d:40:57:d7:82:79:e2:b8:9c:b0:07:60:71:c9:51:5a:
         09:7c:d3:b8:d8:70:37:f8:77:e3:c6:d6:b8:67:d1:85:8a:10:
         b4:32:fc:54:67:93:18:ad:d8:04:71:ce:b3:0b:6e:54:2f:fa:
         59:cd:4d:d2:2f:0d:40:19:aa:01:17:75:bc:80:c4:bb:a2:97:
         7d:9e:9a:79:e0:ab:90:fe:b4:8a:5b:28:12:06:09:a8:43:3e:
         60:ea:3e:ae:91:4c:ed:c1:f4:6e:e0:11:52:07:f9:7a:67:4a:
         b6:4a:fc:95:7b:78:7c:69:dc:ee:9c:62:6f:4b:1e:e5:1c:1e:
         50:bf:aa:a4:32:a1:d3:06:b2:48:3d:0e:b9:57:db:5a:da:78:
         af:53:48:b9
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIECPKN/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ4MzllODEyYzQ5
YjA5YTI4YzI0NDkzN2Q4ZDkyNzBjZWJkZTVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKG4Uek1beqrsUQfrOrOKdSn8KH7/1/7M4Ub7NQQ5ASCws05
Kv+5TL50nYhx8hAWTg/xBaf66zCoz6v3IShGf7VdXvizxIvF/HfQ3R8RHChx4p4N
b7CM62PNBarz/sXHnpiMH+Aq1x2cpjmjgtR5EhcESAe50Q+L67oEfetLpDuki5DO
neC+NbvCvi4i/ax30T0gFxr1eMtd9IpeOzCIqXWbNNFgsTIBTa9f6lbV8VRvADSy
fgnt+z4xJN84Zh1Xool//BPU+DusPslDN4ODjtjmMyx/i+uk9CClQWF/ZI8j/JpM
1Z1CJi3/42n4185oqjOkb537vjpNe9pnIPcywdsCAwEAAaOCAt4wggLaMB0GA1Ud
DgQWBBSdg56BLEmwmijCRJN9jZJwzr3l0zAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L25ZT2VnU3hKc0pvb3drU1RmWTJTY002OTVkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8wYIKwYBBQUHAQcBAf8EgeMwgeAwgZEEAgABMIGKAwQCAjikAwQCLVEUAwQCLVqQ
AwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQCVcqgAwQCWb6cAwQCstqQ
AwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQCwR8cAwQCwSJMAwQCwd3A
AwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMEoEAgACMEQDBwQqCwuCAAADBQEqCwuE
AwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wAwcEKgtwgAAQAwUA
Kg13xzANBgkqhkiG9w0BAQsFAAOCAQEAODjxN0QbynocFany9vR0vzUEqAc/Oqr0
px8vEIx6WGJXUdXpQi1Pfnu5/kp7YdsRk7QHPzUyxKzkq3Oi77CN0yhUXGfezJ0J
4wcOdvmN56jYRhOZ11IfshqecCDRVgOwXtUqE2xuTDdnkBdZpS2dQFfXgnniuJyw
B2BxyVFaCXzTuNhwN/h348bWuGfRhYoQtDL8VGeTGK3YBHHOswtuVC/6Wc1N0i8N
QBmqARd1vIDEu6KXfZ6aeeCrkP60ilsoEgYJqEM+YOo+rpFM7cH0buARUgf5emdK
tkr8lXt4fGnc7pxib0se5RweUL+qpDKh0waySD0OuVfbWtp4r1NIuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org