Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OdF0zGCXubCMYOkB5bOgTW4fnCA.roa
File:                     OdF0zGCXubCMYOkB5bOgTW4fnCA.roa (raw, json)
Hash identifier:          OPoN0mVouKBlbi1HNERsUrk+u4PZduyT/OMaxjbp5bg=
Subject key identifier:   39:D1:74:CC:60:97:B9:B0:8C:60:E9:01:E5:B3:A0:4D:6E:1F:9C:20
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018226FE1BE6DFD23164EE450B4D5956DFE8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OdF0zGCXubCMYOkB5bOgTW4fnCA.roa
Signing time:             Fri 22 Jul 2022 17:39:23 +0000
ROA not before:           Fri 22 Jul 2022 17:39:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        194.50.200.0/23 maxlen: 23
                          195.138.96.0/19 maxlen: 24
                          194.50.206.0/23 maxlen: 23
                          91.242.105.0/24 maxlen: 24
                          91.242.108.0/22 maxlen: 22
                          91.242.120.0/21 maxlen: 21
                          185.173.244.0/22 maxlen: 24
                          91.242.64.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:26:fe:1b:e6:df:d2:31:64:ee:45:0b:4d:59:56:df:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jul 22 17:39:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39d174cc6097b9b08c60e901e5b3a04d6e1f9c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fb:ef:72:d7:a1:b2:ab:ba:25:c0:b1:03:61:
                    44:93:67:97:8a:5e:ae:53:cb:82:e6:fc:37:d2:2b:
                    f1:d6:19:4e:a8:fb:13:34:28:04:3a:dc:4e:99:b0:
                    e7:8a:13:5f:fc:95:3b:da:84:3f:08:39:d1:e0:82:
                    61:1e:b2:e9:69:c5:bf:68:bd:e0:b4:5e:dc:65:a1:
                    35:b5:0e:a1:d4:e4:75:98:1b:24:20:6a:ae:fe:cd:
                    29:8c:fd:b8:a3:4c:d6:72:1b:fb:1f:16:49:2d:d0:
                    23:a3:1b:99:21:d9:ca:c8:65:65:a5:1c:13:b4:71:
                    14:b7:68:c9:f0:91:1d:e6:ec:ab:08:26:87:30:db:
                    9a:f3:70:06:9c:c5:47:f6:a7:03:bf:ba:2f:04:3b:
                    23:22:cd:33:d5:8b:83:60:b9:09:51:41:39:ee:ce:
                    02:5a:48:44:8e:57:de:b3:95:63:f4:a4:4d:09:7d:
                    02:ef:1d:02:25:7c:04:2b:24:86:4a:d2:8b:e2:3b:
                    f3:16:89:4a:80:6f:58:43:3b:ae:e9:11:35:b3:bd:
                    05:80:7a:55:2a:32:d1:29:b9:b3:e1:ef:72:8d:69:
                    77:60:d2:20:9e:63:52:0f:e7:f5:8d:1a:2d:a6:92:
                    ba:98:c7:58:98:23:f7:a5:02:97:cf:74:d6:7e:5a:
                    27:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:D1:74:CC:60:97:B9:B0:8C:60:E9:01:E5:B3:A0:4D:6E:1F:9C:20
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OdF0zGCXubCMYOkB5bOgTW4fnCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.64.0/22
                  91.242.105.0/24
                  91.242.108.0/22
                  91.242.120.0/21
                  185.173.244.0/22
                  194.50.200.0/23
                  194.50.206.0/23
                  195.138.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         9a:77:e6:73:ff:0d:b4:e7:c2:ca:2e:8d:34:9d:0a:f4:ab:b1:
         5b:dc:2e:51:c7:8a:14:4e:99:d5:36:bf:6f:8d:16:b0:c5:94:
         b6:37:fc:35:79:d3:c1:f8:7f:63:dc:34:ce:eb:72:e8:b3:67:
         07:29:da:0a:56:10:63:bd:a2:a5:ab:3c:86:66:72:6c:38:0b:
         b7:bc:e0:8d:57:ef:f5:8f:22:1d:2e:00:f6:bb:7b:86:fd:a6:
         74:43:49:d7:e2:0f:9a:0a:8f:de:64:09:eb:ef:2b:44:11:0b:
         c4:c9:cf:0e:69:4a:8b:a9:36:9e:cc:b8:1b:78:35:5d:15:a1:
         96:6e:2b:4a:5a:05:3a:4a:10:19:5d:b9:13:1c:3c:2c:f0:9b:
         41:f2:23:fe:c2:5b:53:60:8f:93:43:fa:f8:02:be:b3:13:88:
         2a:fc:c7:ee:16:4a:d6:87:cf:f5:90:7a:02:7c:82:74:dd:1e:
         e9:57:3c:8e:f1:ab:74:67:ec:55:2b:94:39:f4:5d:db:af:60:
         1d:6a:45:28:c9:91:1d:36:7e:54:14:b0:6c:25:66:f1:4b:42:
         7b:48:e4:a0:40:f5:f4:72:1b:1c:fc:ef:51:c5:0e:68:7b:d4:
         bd:0b:65:fc:61:bd:a1:03:34:36:d0:ff:ac:63:a2:cf:12:e5:
         81:bf:57:a5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYIm/hvm39IxZO5FC01ZVt/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzIyMTczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQxNzRjYzYwOTdiOWIwOGM2MGU5MDFlNWIzYTA0ZDZlMWY5YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPvvctehsqu6JcCxA2FEk2eXil6u
U8uC5vw30ivx1hlOqPsTNCgEOtxOmbDnihNf/JU72oQ/CDnR4IJhHrLpacW/aL3g
tF7cZaE1tQ6h1OR1mBskIGqu/s0pjP24o0zWchv7HxZJLdAjoxuZIdnKyGVlpRwT
tHEUt2jJ8JEd5uyrCCaHMNua83AGnMVH9qcDv7ovBDsjIs0z1YuDYLkJUUE57s4C
WkhEjlfes5Vj9KRNCX0C7x0CJXwEKySGStKL4jvzFolKgG9YQzuu6RE1s70FgHpV
KjLRKbmz4e9yjWl3YNIgnmNSD+f1jRotppK6mMdYmCP3pQKXz3TWflonQwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDnRdMxgl7mwjGDpAeWzoE1uH5wgMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvT2RGMHpHQ1h1YkNNWU9rQjViT2dUVzRmbkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCW/JAAwQA
W/JpAwQCW/JsAwQDW/J4AwQCua30AwQBwjLIAwQBwjLOAwQFw4pgMA0GCSqGSIb3
DQEBCwUAA4IBAQCad+Zz/w2058LKLo00nQr0q7Fb3C5Rx4oUTpnVNr9vjRawxZS2
N/w1edPB+H9j3DTO63Los2cHKdoKVhBjvaKlqzyGZnJsOAu3vOCNV+/1jyIdLgD2
u3uG/aZ0Q0nX4g+aCo/eZAnr7ytEEQvEyc8OaUqLqTaezLgbeDVdFaGWbitKWgU6
ShAZXbkTHDws8JtB8iP+wltTYI+TQ/r4Ar6zE4gq/MfuFkrWh8/1kHoCfIJ03R7p
VzyO8at0Z+xVK5Q59F3br2AdakUoyZEdNn5UFLBsJWbxS0J7SOSgQPX0chsc/O9R
xQ5oe9S9C2X8Yb2hAzQ20P+sY6LPEuWBv1el
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org