Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa
File:                     qtrDqL6wo14_hk_FanBx_iMRWVE.roa (raw, json)
Hash identifier:          RYFx5sj0FPPHS6pPFYnwQ2aJTzJmt/JUA+NOocVHwjc=
Subject key identifier:   AA:DA:C3:A8:BE:B0:A3:5E:3F:86:4F:C5:6A:70:71:FE:23:11:59:51
Certificate issuer:       /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial:       180E978E
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa
Signing time:             Sat 01 Jan 2022 01:58:32 +0000
ROA not before:           Sat 01 Jan 2022 01:58:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1200
IP address blocks:        185.55.136.0/22 maxlen: 22
                          91.200.16.0/22 maxlen: 22
                          195.69.144.0/22 maxlen: 22
                          195.60.82.128/26 maxlen: 26
                          91.236.189.0/24 maxlen: 24
                          193.105.101.0/24 maxlen: 24
                          80.249.208.0/21 maxlen: 21
                          2a02:4b60::/32 maxlen: 32
                          2001:67c:1a8::/48 maxlen: 48
                          2001:7f8:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 403609486 (0x180e978e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
        Validity
            Not Before: Jan  1 01:58:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aadac3a8beb0a35e3f864fc56a7071fe23115951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:87:03:60:58:6b:56:c7:06:d5:1c:23:7b:9f:
                    f1:73:52:3a:cd:b7:fa:6a:d5:ad:db:1e:7a:5b:42:
                    15:7d:bf:32:01:fd:58:3b:9f:71:07:5e:b5:b1:0a:
                    83:1e:d7:dc:22:84:2e:30:f5:51:cb:ee:03:c3:57:
                    b2:c2:ae:99:f6:f5:0d:a1:68:a5:a1:72:85:2d:d9:
                    40:58:7c:a5:21:bc:49:1a:2d:91:4c:b0:f7:f3:f8:
                    86:f0:5e:ef:37:85:85:33:47:96:37:61:6a:d4:82:
                    8b:4f:63:6e:71:ed:96:62:e9:71:88:e8:93:a4:42:
                    7f:59:c7:5e:23:06:db:59:46:f2:d9:7f:39:5b:38:
                    07:24:4d:db:7f:e5:5a:f7:30:95:95:7e:8a:c1:4a:
                    60:1a:89:75:9f:f8:9e:a4:47:eb:00:e5:96:39:da:
                    1e:7b:bb:50:c1:5a:33:07:2b:f4:ea:87:b0:e6:0e:
                    54:b4:a9:4c:73:5a:94:38:bd:6a:e7:75:87:ca:57:
                    d9:a0:cb:9a:f7:49:41:09:6c:87:b6:a9:49:5c:5e:
                    66:b6:5b:97:70:09:69:d3:d6:a6:c5:60:75:56:fb:
                    86:75:54:b9:0b:cf:ea:86:76:6f:b1:c7:c6:1b:16:
                    a7:da:8b:31:76:6c:82:1a:f0:55:f6:ff:e1:b2:cf:
                    de:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:DA:C3:A8:BE:B0:A3:5E:3F:86:4F:C5:6A:70:71:FE:23:11:59:51
            X509v3 Authority Key Identifier:
                keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/qtrDqL6wo14_hk_FanBx_iMRWVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.249.208.0/21
                  91.200.16.0/22
                  91.236.189.0/24
                  185.55.136.0/22
                  193.105.101.0/24
                  195.60.82.128/26
                  195.69.144.0/22
                IPv6:
                  2001:67c:1a8::/48
                  2001:7f8:1::/48
                  2a02:4b60::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:45:85:d3:8b:30:e2:fe:64:52:47:09:d9:02:27:07:77:f4:
         18:05:ba:00:ec:84:1f:6b:5f:db:3e:cf:81:7a:01:ed:52:fa:
         8e:7a:e3:7a:cf:8d:2f:d2:81:8a:d3:72:b8:63:29:4b:18:f9:
         d4:28:60:f0:cc:fe:1a:94:84:52:f8:cb:f5:ba:70:3b:8a:d1:
         58:e2:77:7d:25:55:36:3b:2b:07:c0:76:da:13:f1:f5:06:03:
         7c:d3:1b:2b:1c:b9:e0:73:2f:35:f2:26:ae:06:07:4a:a8:83:
         3e:06:64:14:7d:5a:d7:de:46:ca:47:69:5d:bf:31:3a:f2:d4:
         9f:dd:d6:48:c0:22:e9:73:cd:e7:da:aa:ec:18:7a:9c:9b:7d:
         6c:e0:22:ee:29:03:6f:f4:86:4e:8d:d9:2c:af:bb:ac:ca:26:
         f5:07:b0:64:75:1e:f1:ac:26:33:76:ee:b5:33:c5:aa:f9:68:
         4b:85:5b:59:7f:9e:bf:ec:ee:8e:1c:19:c0:1a:93:b7:14:53:
         9b:32:bb:ca:2a:36:28:9b:8a:eb:7c:ea:90:3d:71:e5:cf:dc:
         d7:66:b3:8e:20:77:12:09:c9:cd:53:97:bd:0d:72:73:1a:0f:
         93:df:46:18:4b:d1:94:75:cd:60:10:35:01:95:4f:86:73:c5:
         97:e3:c2:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEGA6XjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjZmYjc5NTQxNzlhOTY2NmI0Y2I2YWZlMzQ2ZDFlMjFlYzMwZTQ1MB4XDTIyMDEw
MTAxNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFkYWMzYThiZWIw
YTM1ZTNmODY0ZmM1NmE3MDcxZmUyMzExNTk1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiHA2BYa1bHBtUcI3uf8XNSOs23+mrVrdseeltCFX2/MgH9
WDufcQdetbEKgx7X3CKELjD1UcvuA8NXssKumfb1DaFopaFyhS3ZQFh8pSG8SRot
kUyw9/P4hvBe7zeFhTNHljdhatSCi09jbnHtlmLpcYjok6RCf1nHXiMG21lG8tl/
OVs4ByRN23/lWvcwlZV+isFKYBqJdZ/4nqRH6wDlljnaHnu7UMFaMwcr9OqHsOYO
VLSpTHNalDi9aud1h8pX2aDLmvdJQQlsh7apSVxeZrZbl3AJadPWpsVgdVb7hnVU
uQvP6oZ2b7HHxhsWp9qLMXZsghrwVfb/4bLP3n0CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBSq2sOovrCjXj+GT8VqcHH+IxFZUTAfBgNVHSMEGDAWgBSfb7eVQXmpZmtM
tq/jRtHiHsMORTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L24yLTNsVUY1cVdaclRMYXY0MGJSNGg3RERrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvMGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8x
L3F0ckRxTDZ3bzE0X2hrX0ZhbkJ4X2lNUldWRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
MGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8xL24yLTNsVUY1cVda
clRMYXY0MGJSNGg3RERrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwMQQCAAEwKwMEA1D50AMEAlvIEAMEAFvsvQMEArk3
iAMEAMFpZQMFBsM8UoADBALDRZAwHwQCAAIwGQMHACABBnwBqAMHACABB/gAAQMF
ACoCS2AwDQYJKoZIhvcNAQELBQADggEBADFFhdOLMOL+ZFJHCdkCJwd39BgFugDs
hB9rX9s+z4F6Ae1S+o5643rPjS/SgYrTcrhjKUsY+dQoYPDM/hqUhFL4y/W6cDuK
0Vjid30lVTY7KwfAdtoT8fUGA3zTGyscueBzLzXyJq4GB0qogz4GZBR9WtfeRspH
aV2/MTry1J/d1kjAIulzzefaquwYepybfWzgIu4pA2/0hk6N2Syvu6zKJvUHsGR1
HvGsJjN27rUzxar5aEuFW1l/nr/s7o4cGcAak7cUU5syu8oqNiibiut86pA9ceXP
3Ndms44gdxIJyc1Tl70NcnMaD5PfRhhL0ZR1zWAQNQGVT4ZzxZfjwkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:56 2024 by rpki-client on console-ams.rpki-client.org