Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/lAw1QcnHKd2N0YTmG0Hu6eQsRWc.roa
File:                     lAw1QcnHKd2N0YTmG0Hu6eQsRWc.roa (raw, json)
Hash identifier:          HNCcWbBU1FNmF/xd0TWnjFrXzpyu9HV08IKHhOj8VVQ=
Subject key identifier:   94:0C:35:41:C9:C7:29:DD:8D:D1:84:E6:1B:41:EE:E9:E4:2C:45:67
Certificate issuer:       /CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
Certificate serial:       08531F41
Authority key identifier: 86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/lAw1QcnHKd2N0YTmG0Hu6eQsRWc.roa
Signing time:             Sat 01 Jan 2022 09:53:22 +0000
ROA not before:           Sat 01 Jan 2022 09:53:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209181
IP address blocks:        2.58.192.0/24 maxlen: 24
                          2.58.192.0/22 maxlen: 22
                          2.58.195.0/24 maxlen: 24
                          2.58.194.0/24 maxlen: 24
                          2.58.193.0/24 maxlen: 24
                          79.143.17.0/24 maxlen: 24
                          79.143.16.0/24 maxlen: 24
                          79.143.18.0/24 maxlen: 24
                          2a09:e9c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139665217 (0x8531f41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
        Validity
            Not Before: Jan  1 09:53:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=940c3541c9c729dd8dd184e61b41eee9e42c4567
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:16:3a:8b:37:6b:3f:af:d3:b6:0f:b6:39:e7:
                    31:c0:92:30:ce:6e:39:8f:a5:af:30:ca:9a:23:49:
                    be:ca:f5:87:81:de:d7:ad:31:7e:11:0d:1e:35:82:
                    7f:48:b2:30:f5:c1:37:72:73:6b:8e:01:53:45:56:
                    75:95:d0:32:eb:2f:62:80:95:49:dc:2d:51:ff:8e:
                    7a:51:99:de:1d:bb:e4:9e:c1:45:46:37:a5:23:61:
                    ae:fb:9d:37:85:da:f4:96:57:f6:90:36:8c:f5:1f:
                    49:81:aa:36:21:1f:bc:c2:43:dc:8a:79:2d:8e:be:
                    31:8b:22:29:de:63:87:15:4e:e7:61:08:68:bf:9b:
                    b6:79:bc:26:c0:ae:9f:04:41:33:4a:32:30:bf:49:
                    8d:47:f2:c9:2b:c6:f7:a4:d6:a3:be:1d:0e:0d:ed:
                    be:30:c8:0a:9a:29:82:97:db:ee:d6:0f:19:79:b4:
                    74:e8:34:b5:31:a8:2a:64:46:b6:93:57:b7:0d:cf:
                    06:6a:c3:e5:6e:28:a2:96:09:0c:05:ab:fc:4a:33:
                    93:70:78:15:c5:a0:82:d2:51:68:9a:93:ba:de:d4:
                    65:51:f5:8b:63:7a:a6:0b:01:55:b1:bf:af:d2:e4:
                    ab:a2:86:50:d0:c2:7b:66:91:9c:f6:3d:33:1d:6b:
                    07:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:0C:35:41:C9:C7:29:DD:8D:D1:84:E6:1B:41:EE:E9:E4:2C:45:67
            X509v3 Authority Key Identifier:
                keyid:86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/lAw1QcnHKd2N0YTmG0Hu6eQsRWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.192.0/22
                  79.143.16.0-79.143.18.255
                IPv6:
                  2a09:e9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         84:4d:a4:dc:51:3f:8e:a9:66:74:85:25:60:01:1b:45:38:e3:
         6b:bd:6c:eb:b4:3c:4c:84:c2:21:7c:cc:5c:34:48:62:17:82:
         cf:47:6e:66:e8:d8:ed:7b:93:b7:2f:b0:89:aa:62:09:b0:40:
         af:b5:e0:c6:af:86:91:c9:74:73:79:89:88:b1:bf:67:3f:b8:
         5a:9b:e7:40:a2:46:56:ba:1c:39:df:6f:11:f6:30:2e:cc:13:
         ca:5b:62:cf:c3:d7:0d:ef:22:88:d6:a3:ca:8f:43:56:84:4d:
         17:4f:6e:6f:be:64:fe:ba:4d:c7:25:f2:d9:dd:9b:e1:87:87:
         43:9a:78:c6:f3:89:8c:00:5e:70:53:ae:bf:1c:63:08:6f:7f:
         8b:bc:f3:dc:f8:ff:c3:f5:1f:05:33:34:b1:74:e3:a4:cb:c1:
         be:b9:ea:4f:66:16:b8:3a:83:45:0c:cf:90:e2:86:3a:97:64:
         3f:ba:e5:cc:45:65:c4:b6:5b:78:aa:97:aa:db:e9:ba:90:ab:
         ae:88:ae:17:16:f4:68:e3:03:62:9b:98:b8:85:0a:f7:b3:2a:
         da:4f:78:68:97:e4:f0:3c:0c:10:57:63:40:31:16:fa:77:a7:
         43:e3:e2:6b:bf:54:3b:c2:b4:fa:7b:a7:71:04:60:09:b6:c9:
         92:b5:1a:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECFMfQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmE4ZmY0YzljNTY2NjdkOTkwMjVkN2YwMTU5MWNiZjc3YWQyZjA5MB4XDTIyMDEw
MTA5NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwYzM1NDFjOWM3
MjlkZDhkZDE4NGU2MWI0MWVlZTllNDJjNDU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUWOos3az+v07YPtjnnMcCSMM5uOY+lrzDKmiNJvsr1h4He
160xfhENHjWCf0iyMPXBN3Jza44BU0VWdZXQMusvYoCVSdwtUf+OelGZ3h275J7B
RUY3pSNhrvudN4Xa9JZX9pA2jPUfSYGqNiEfvMJD3Ip5LY6+MYsiKd5jhxVO52EI
aL+btnm8JsCunwRBM0oyML9JjUfyySvG96TWo74dDg3tvjDICpopgpfb7tYPGXm0
dOg0tTGoKmRGtpNXtw3PBmrD5W4oopYJDAWr/Eozk3B4FcWggtJRaJqTut7UZVH1
i2N6pgsBVbG/r9Lkq6KGUNDCe2aRnPY9Mx1rB90CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBSUDDVByccp3Y3RhOYbQe7p5CxFZzAfBgNVHSMEGDAWgBSGqP9MnFZmfZkC
XX8BWRy/d60vCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxal9USnhXWm4yWkFsMV9BVmtjdjNldEx3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYzkyMWU4LTZjOTQtNGNjMi1iOWZkLTA2YTQ5OTY4YzJkMy8x
L2xBdzFRY25IS2QyTjBZVG1HMEh1NmVRc1JXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YzkyMWU4LTZjOTQtNGNjMi1iOWZkLTA2YTQ5OTY4YzJkMy8xL2hxal9USnhXWm4y
WkFsMV9BVmtjdjNldEx3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEAgI6wDAMAwQET48QAwQAT48SMA0E
AgACMAcDBQMqCenAMA0GCSqGSIb3DQEBCwUAA4IBAQCETaTcUT+OqWZ0hSVgARtF
OONrvWzrtDxMhMIhfMxcNEhiF4LPR25m6Njte5O3L7CJqmIJsECvteDGr4aRyXRz
eYmIsb9nP7ham+dAokZWuhw5328R9jAuzBPKW2LPw9cN7yKI1qPKj0NWhE0XT25v
vmT+uk3HJfLZ3Zvhh4dDmnjG84mMAF5wU66/HGMIb3+LvPPc+P/D9R8FMzSxdOOk
y8G+uepPZha4OoNFDM+Q4oY6l2Q/uuXMRWXEtlt4qpeq2+m6kKuuiK4XFvRo4wNi
m5i4hQr3syraT3hol+TwPAwQV2NAMRb6d6dD4+Jrv1Q7wrT6e6dxBGAJtsmStRpP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:50 2024 by rpki-client on console-ams.rpki-client.org