Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/0UFrDKHIdpoQ3fZd5KT1U9iw_X0.roa
File:                     0UFrDKHIdpoQ3fZd5KT1U9iw_X0.roa (raw, json)
Hash identifier:          VFQurbFSVy0m0j2QFSh+i9GmjXH4PXH2Xp5VOjsyEDI=
Subject key identifier:   D1:41:6B:0C:A1:C8:76:9A:10:DD:F6:5D:E4:A4:F5:53:D8:B0:FD:7D
Certificate issuer:       /CN=83ad289621833dae86fdda62e4b9b09e29e078a0
Certificate serial:       A9DD94
Authority key identifier: 83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/0UFrDKHIdpoQ3fZd5KT1U9iw_X0.roa
Signing time:             Sat 01 Jan 2022 06:53:41 +0000
ROA not before:           Sat 01 Jan 2022 06:53:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44180
IP address blocks:        193.34.116.0/22 maxlen: 24
                          185.144.204.0/22 maxlen: 24
                          46.227.88.0/21 maxlen: 24
                          185.98.56.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11132308 (0xa9dd94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83ad289621833dae86fdda62e4b9b09e29e078a0
        Validity
            Not Before: Jan  1 06:53:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1416b0ca1c8769a10ddf65de4a4f553d8b0fd7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:61:c2:22:2f:0f:49:55:3e:5f:3e:86:54:a6:
                    52:d9:1f:d5:19:1e:8d:4c:7c:c3:10:6d:18:ec:25:
                    e4:a9:bb:84:aa:91:6d:86:be:7f:60:e9:e6:8c:4b:
                    83:16:68:ed:7e:49:83:05:13:92:be:47:6d:cc:96:
                    83:82:35:9a:43:81:e4:5b:40:6c:e2:a1:4c:7b:ed:
                    7a:58:10:3d:12:e6:e7:66:71:6f:58:3b:53:c2:8f:
                    c5:51:e2:2f:c5:f0:19:88:44:8b:07:23:7f:57:7e:
                    e3:90:0e:ea:e0:66:96:e9:cf:b0:59:b1:23:cb:3b:
                    76:e8:40:b8:68:53:79:5a:c0:a1:73:08:ca:c4:b5:
                    46:9c:fc:8a:33:ce:4d:45:b0:03:34:fe:ce:5e:d8:
                    54:ba:77:14:5c:76:86:79:b0:75:ac:98:4d:75:fb:
                    a1:a4:d5:ae:b5:2d:35:42:4d:eb:fa:55:0a:0c:b7:
                    22:a7:f1:f7:e5:47:7a:96:19:a6:02:01:47:fa:34:
                    fa:16:21:a3:c6:2a:dd:c6:8b:92:fe:68:0c:37:fe:
                    36:32:e8:0f:b5:2d:cd:b9:24:2e:c8:8d:66:ce:f1:
                    93:bd:49:67:68:e2:b6:94:53:0d:5c:15:b2:65:61:
                    ba:6a:f5:5a:66:de:e6:0e:3f:b7:3d:37:cb:e6:42:
                    ac:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:41:6B:0C:A1:C8:76:9A:10:DD:F6:5D:E4:A4:F5:53:D8:B0:FD:7D
            X509v3 Authority Key Identifier:
                keyid:83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/0UFrDKHIdpoQ3fZd5KT1U9iw_X0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/g60oliGDPa6G_dpi5LmwningeKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.88.0/21
                  185.98.56.0/22
                  185.144.204.0/22
                  193.34.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:ea:4b:b2:5b:c4:b7:25:ad:91:c2:08:5d:03:c6:3a:cb:be:
         7f:e0:c4:13:9f:56:1c:9b:fe:27:81:06:98:03:aa:45:30:77:
         fa:71:2d:f9:79:b5:1a:a4:c8:43:13:c8:34:03:78:b6:72:b5:
         3a:64:c2:42:a5:0d:54:56:03:f5:5a:fe:b4:e5:f6:58:f3:4d:
         04:26:86:1c:f7:cd:20:94:a2:b9:a9:cc:45:1f:46:f2:1e:7c:
         d0:4a:28:a3:a6:54:e4:f6:bb:fa:c1:e4:05:f2:dc:d2:91:e6:
         58:2a:bc:ed:31:ed:1f:b8:b7:37:11:34:fa:cb:03:68:36:ae:
         43:6c:be:0a:09:37:d4:b1:1f:d0:55:6c:1c:49:0a:58:47:4e:
         18:0c:74:b8:ed:67:de:31:85:0d:3d:c5:77:63:33:1e:34:79:
         7d:14:fa:57:bf:64:eb:0c:5d:cf:55:96:bd:13:f1:52:b0:b4:
         3e:e7:a4:64:ef:89:8c:75:b2:2b:70:fb:5f:da:b3:3e:b8:09:
         46:77:23:e6:49:6e:b4:fd:b9:a6:25:e0:72:ad:48:95:53:4c:
         85:04:7a:b5:44:59:92:e3:b6:b7:78:61:03:5b:60:db:8c:79:
         b3:23:ac:05:60:ab:4e:09:88:86:10:79:fb:3a:da:7c:94:3f:
         55:59:39:37
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAKndlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
M2FkMjg5NjIxODMzZGFlODZmZGRhNjJlNGI5YjA5ZTI5ZTA3OGEwMB4XDTIyMDEw
MTA2NTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE0MTZiMGNhMWM4
NzY5YTEwZGRmNjVkZTRhNGY1NTNkOGIwZmQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9hwiIvD0lVPl8+hlSmUtkf1RkejUx8wxBtGOwl5Km7hKqR
bYa+f2Dp5oxLgxZo7X5JgwUTkr5HbcyWg4I1mkOB5FtAbOKhTHvtelgQPRLm52Zx
b1g7U8KPxVHiL8XwGYhEiwcjf1d+45AO6uBmlunPsFmxI8s7duhAuGhTeVrAoXMI
ysS1Rpz8ijPOTUWwAzT+zl7YVLp3FFx2hnmwdayYTXX7oaTVrrUtNUJN6/pVCgy3
Iqfx9+VHepYZpgIBR/o0+hYho8Yq3caLkv5oDDf+NjLoD7UtzbkkLsiNZs7xk71J
Z2jitpRTDVwVsmVhumr1Wmbe5g4/tz03y+ZCrH8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTRQWsMoch2mhDd9l3kpPVT2LD9fTAfBgNVHSMEGDAWgBSDrSiWIYM9rob9
2mLkubCeKeB4oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c2MG9saUdEUGE2R19kcGk1TG13bmluZ2VLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZTE4NzBmLTljYjYtNDMzOS1hYTM4LTBhZjQyMzFkYTc5YS8x
LzBVRnJES0hJZHBvUTNmWmQ1S1QxVTlpd19YMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ZTE4NzBmLTljYjYtNDMzOS1hYTM4LTBhZjQyMzFkYTc5YS8xL2c2MG9saUdEUGE2
R19kcGk1TG13bmluZ2VLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAy7jWAMEArliOAMEArmQzAMEAsEi
dDANBgkqhkiG9w0BAQsFAAOCAQEAO+pLslvEtyWtkcIIXQPGOsu+f+DEE59WHJv+
J4EGmAOqRTB3+nEt+Xm1GqTIQxPINAN4tnK1OmTCQqUNVFYD9Vr+tOX2WPNNBCaG
HPfNIJSiuanMRR9G8h580Eooo6ZU5Pa7+sHkBfLc0pHmWCq87THtH7i3NxE0+ssD
aDauQ2y+Cgk31LEf0FVsHEkKWEdOGAx0uO1n3jGFDT3Fd2MzHjR5fRT6V79k6wxd
z1WWvRPxUrC0PuekZO+JjHWyK3D7X9qzPrgJRncj5klutP25piXgcq1IlVNMhQR6
tURZkuO2t3hhA1tg24x5syOsBWCrTgmIhhB5+zrafJQ/VVk5Nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:42 2024 by rpki-client on console-ams.rpki-client.org