Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/pFGm1eriDpLy83Bl2MBDJ_LNAm8.roa
File:                     pFGm1eriDpLy83Bl2MBDJ_LNAm8.roa (raw, json)
Hash identifier:          XPpJRtSwx+pROc4KAjUPvL6lVumZBNZ4mp6vwWXGQbM=
Subject key identifier:   A4:51:A6:D5:EA:E2:0E:92:F2:F3:70:65:D8:C0:43:27:F2:CD:02:6F
Certificate issuer:       /CN=98a987c6cd0a36f94dbef10ef2a2c66020a95611
Certificate serial:       01823FA668792A75826D6072D37CF418C249
Authority key identifier: 98:A9:87:C6:CD:0A:36:F9:4D:BE:F1:0E:F2:A2:C6:60:20:A9:56:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mKmHxs0KNvlNvvEO8qLGYCCpVhE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/pFGm1eriDpLy83Bl2MBDJ_LNAm8.roa
Signing time:             Wed 27 Jul 2022 12:34:06 +0000
ROA not before:           Wed 27 Jul 2022 12:34:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29611
IP address blocks:        45.157.84.0/22 maxlen: 24
                          217.68.240.0/20 maxlen: 24
                          185.2.216.0/22 maxlen: 24
                          185.43.184.0/22 maxlen: 24
                          185.73.184.0/22 maxlen: 24
                          217.69.32.0/20 maxlen: 24
                          2a0f:5280::/29 maxlen: 48
                          2a03:2d20::/32 maxlen: 48
                          2a00:c20::/32 maxlen: 32
                          2a04:95c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3f:a6:68:79:2a:75:82:6d:60:72:d3:7c:f4:18:c2:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98a987c6cd0a36f94dbef10ef2a2c66020a95611
        Validity
            Not Before: Jul 27 12:34:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a451a6d5eae20e92f2f37065d8c04327f2cd026f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d5:4e:fa:10:3f:60:ae:25:f5:98:22:0d:5f:
                    f9:45:64:2b:c9:2a:6a:21:24:ef:8f:7c:18:be:93:
                    7e:b2:ef:e9:48:01:eb:69:e2:fd:6e:f8:ae:98:79:
                    f5:8e:45:19:be:56:ed:92:8e:cf:0d:b3:3f:bb:7e:
                    18:50:87:5f:8b:5f:ff:48:e0:8f:2f:04:ca:0f:d9:
                    bc:1b:f1:ff:d6:43:87:dc:34:84:e9:c6:b8:b7:2b:
                    81:d0:08:21:ba:e7:92:5d:96:02:46:51:44:6c:2e:
                    07:cc:4b:61:31:45:9d:89:a6:4e:5f:5d:1d:fb:81:
                    fa:e6:ea:da:86:b8:9e:b2:c1:d4:e2:db:c5:04:e7:
                    f7:f0:1c:68:01:36:44:66:56:63:e9:d5:28:6b:df:
                    5e:c1:7d:a7:5c:4f:56:d7:97:f8:61:5e:35:21:d5:
                    7f:cf:a6:94:48:7b:86:46:90:2c:2a:bf:a5:af:c5:
                    47:9a:06:f3:71:e7:cc:af:0c:63:e2:1d:23:75:06:
                    34:70:7a:d8:31:e9:5b:0b:30:d2:e5:3f:1a:9b:27:
                    0f:58:19:5b:62:61:42:8d:e1:5e:1e:27:dd:3d:ce:
                    aa:ce:e8:c3:6b:44:bf:bf:2b:18:ab:81:b2:9a:7e:
                    30:b7:26:be:20:cd:10:22:03:63:23:fe:d5:fc:1f:
                    0e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:51:A6:D5:EA:E2:0E:92:F2:F3:70:65:D8:C0:43:27:F2:CD:02:6F
            X509v3 Authority Key Identifier:
                keyid:98:A9:87:C6:CD:0A:36:F9:4D:BE:F1:0E:F2:A2:C6:60:20:A9:56:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKmHxs0KNvlNvvEO8qLGYCCpVhE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/pFGm1eriDpLy83Bl2MBDJ_LNAm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab8307-5f9c-49c6-8a0b-f3b45819f2b0/1/mKmHxs0KNvlNvvEO8qLGYCCpVhE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.84.0/22
                  185.2.216.0/22
                  185.43.184.0/22
                  185.73.184.0/22
                  217.68.240.0/20
                  217.69.32.0/20
                IPv6:
                  2a00:c20::/32
                  2a03:2d20::/32
                  2a04:95c0::/29
                  2a0f:5280::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:1b:f7:21:3b:f9:d7:d0:9d:d0:76:16:cb:26:43:12:b0:0e:
         6c:ba:5e:34:e6:c3:67:04:02:63:27:97:d9:84:5f:a1:d0:2c:
         9a:d7:71:c5:54:8e:14:db:38:a4:8e:57:28:84:5d:c1:91:0d:
         8e:b4:f1:d9:9e:b9:dc:19:2b:06:96:22:fa:34:a3:19:73:0b:
         f2:49:2c:e9:ca:cc:7f:0c:de:36:3c:78:dc:ba:7d:19:6a:eb:
         5c:36:97:09:db:5f:f1:09:5a:26:02:25:1a:66:4f:bc:c2:c2:
         7b:3f:94:78:fe:f8:ed:34:e8:21:42:2f:fb:e8:8b:c9:70:72:
         2a:51:8f:e4:6f:44:e9:d9:a5:d9:e6:b0:0f:69:47:38:7c:09:
         b3:2e:c8:12:64:47:7e:61:7c:c9:e5:60:1c:1d:68:05:76:76:
         ea:66:de:8b:ef:e1:52:f0:4a:6f:a5:09:a9:9a:a0:a8:72:f3:
         8b:f5:c1:b0:d6:a4:c3:66:04:7d:8c:32:3b:07:55:92:a5:da:
         ff:7f:bb:fd:55:11:c4:f8:35:cc:f5:4e:3c:60:ed:17:3d:83:
         d1:83:a6:e8:18:55:75:b5:ab:57:61:43:38:bf:5d:05:b4:81:
         44:4a:70:a2:0d:5e:7b:d1:72:00:4a:84:58:dc:f1:4d:92:29:
         44:c8:59:83
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYI/pmh5KnWCbWBy03z0GMJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTk4N2M2Y2QwYTM2Zjk0ZGJlZjEwZWYyYTJjNjYwMjBh
OTU2MTEwHhcNMjIwNzI3MTIzNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUxYTZkNWVhZTIwZTkyZjJmMzcwNjVkOGMwNDMyN2YyY2QwMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9VO+hA/YK4l9ZgiDV/5RWQrySpq
ISTvj3wYvpN+su/pSAHraeL9bviumHn1jkUZvlbtko7PDbM/u34YUIdfi1//SOCP
LwTKD9m8G/H/1kOH3DSE6ca4tyuB0AghuueSXZYCRlFEbC4HzEthMUWdiaZOX10d
+4H65urahriessHU4tvFBOf38BxoATZEZlZj6dUoa99ewX2nXE9W15f4YV41IdV/
z6aUSHuGRpAsKr+lr8VHmgbzcefMrwxj4h0jdQY0cHrYMelbCzDS5T8amycPWBlb
YmFCjeFeHifdPc6qzujDa0S/vysYq4Gymn4wtya+IM0QIgNjI/7V/B8OtwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKRRptXq4g6S8vNwZdjAQyfyzQJvMB8GA1UdIwQY
MBaAFJiph8bNCjb5Tb7xDvKixmAgqVYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUttSHhzMEtOdmxOdnZFTzhxTEdZQ0NwVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hYjgzMDctNWY5Yy00OWM2LThhMGIt
ZjNiNDU4MTlmMmIwLzEvcEZHbTFlcmlEcEx5ODNCbDJNQkRKX0xOQW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hYjgzMDctNWY5Yy00OWM2LThhMGItZjNiNDU4MTlmMmIw
LzEvbUttSHhzMEtOdmxOdnZFTzhxTEdZQ0NwVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQCLZ1UAwQC
uQLYAwQCuSu4AwQCuUm4AwQE2UTwAwQE2UUgMCIEAgACMBwDBQAqAAwgAwUAKgMt
IAMFAyoElcADBQMqD1KAMA0GCSqGSIb3DQEBCwUAA4IBAQCDG/chO/nX0J3QdhbL
JkMSsA5sul405sNnBAJjJ5fZhF+h0Cya13HFVI4U2zikjlcohF3BkQ2OtPHZnrnc
GSsGliL6NKMZcwvySSzpysx/DN42PHjcun0ZautcNpcJ21/xCVomAiUaZk+8wsJ7
P5R4/vjtNOghQi/76IvJcHIqUY/kb0Tp2aXZ5rAPaUc4fAmzLsgSZEd+YXzJ5WAc
HWgFdnbqZt6L7+FS8EpvpQmpmqCocvOL9cGw1qTDZgR9jDI7B1WSpdr/f7v9VRHE
+DXM9U48YO0XPYPRg6boGFV1tatXYUM4v10FtIFESnCiDV570XIASoRY3PFNkilE
yFmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:18 2024 by rpki-client on console-fra.rpki-client.org