Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wsRKVB0mPTkdzfL2hEtMNgZuKks.roa
File:                     wsRKVB0mPTkdzfL2hEtMNgZuKks.roa (raw, json)
Hash identifier:          UwJ9YFquxw+6ebsOhf096FHu0GDeQLG4UvA1d6Ehj6A=
Subject key identifier:   C2:C4:4A:54:1D:26:3D:39:1D:CD:F2:F6:84:4B:4C:36:06:6E:2A:4B
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       14D17E2F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wsRKVB0mPTkdzfL2hEtMNgZuKks.roa
Signing time:             Tue 26 Apr 2022 14:38:41 +0000
ROA not before:           Tue 26 Apr 2022 14:38:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        194.50.200.0/23 maxlen: 23
                          195.138.96.0/19 maxlen: 24
                          194.50.206.0/23 maxlen: 23
                          91.242.100.0/23 maxlen: 23
                          91.242.105.0/24 maxlen: 24
                          91.242.108.0/22 maxlen: 22
                          91.242.120.0/21 maxlen: 21
                          185.173.244.0/22 maxlen: 24
                          91.242.64.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 349273647 (0x14d17e2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Apr 26 14:38:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2c44a541d263d391dcdf2f6844b4c36066e2a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d3:bd:24:d8:3e:4c:9c:d7:30:b8:2a:0a:6d:
                    3a:1e:4f:12:6b:79:36:7e:6e:90:c0:00:29:87:49:
                    51:38:1f:06:0c:e3:c5:6b:35:c8:46:df:a7:84:a0:
                    df:1e:6b:3c:e8:b4:ee:80:af:cf:04:2b:e8:af:8e:
                    76:e4:59:26:33:02:ba:a1:52:0b:dd:51:3a:fa:9f:
                    5b:58:64:30:5f:24:28:dd:5c:f7:15:bb:9c:1d:98:
                    b8:00:b1:c5:8a:6d:73:4b:f6:8f:3b:34:3c:b1:89:
                    90:e8:d9:d6:28:c0:5c:58:33:a6:83:58:c0:9b:29:
                    04:9c:04:4a:e8:ce:ac:ac:20:b4:53:20:f4:63:94:
                    d8:ea:26:c9:5d:ee:10:c7:c9:9d:fc:ab:85:93:b4:
                    43:8f:8e:7d:f4:6c:60:20:e7:a2:a7:30:e4:d3:06:
                    3f:66:3b:7b:c4:a9:44:72:87:c5:f1:05:d9:c0:ac:
                    e9:fd:38:e6:bf:d5:35:2b:10:30:05:02:1f:dd:67:
                    45:42:13:e1:9a:98:09:86:0e:3d:58:83:e9:88:18:
                    bf:9f:0b:1f:de:02:f5:f6:4d:68:a0:08:6f:3b:9c:
                    0d:42:7d:94:8b:c3:84:85:b4:64:6b:bc:a0:60:94:
                    f1:53:49:5e:5d:25:ec:63:59:3d:66:f9:bb:dd:15:
                    4e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:C4:4A:54:1D:26:3D:39:1D:CD:F2:F6:84:4B:4C:36:06:6E:2A:4B
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/wsRKVB0mPTkdzfL2hEtMNgZuKks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.64.0/22
                  91.242.100.0/23
                  91.242.105.0/24
                  91.242.108.0/22
                  91.242.120.0/21
                  185.173.244.0/22
                  194.50.200.0/23
                  194.50.206.0/23
                  195.138.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         26:19:85:14:3c:56:77:25:ee:93:4b:b9:c2:dc:c4:1b:c4:1c:
         95:7f:a0:71:bf:de:a1:7b:fe:27:6e:06:75:2b:60:0c:cb:04:
         37:d2:3e:19:7a:71:b4:c6:42:b3:00:c5:3f:e8:83:3a:00:3e:
         4c:9a:8a:82:6e:a3:84:f3:c8:52:cf:ab:17:eb:e3:f6:ba:f8:
         f8:16:8d:d0:90:cf:6a:8e:08:96:c0:73:41:0b:a8:d5:4f:13:
         3e:aa:43:f1:3a:d2:36:60:be:06:8d:2c:ee:b4:e8:4f:a3:5a:
         1b:a6:7c:11:04:2b:44:f4:35:80:02:c0:8d:82:6a:da:d8:9a:
         78:fb:59:c4:69:3a:22:f0:4d:d3:d4:f2:b8:62:46:ee:c4:7a:
         40:18:45:17:71:5b:3b:d2:0d:55:92:f6:68:b1:23:6d:fa:90:
         5b:51:15:c6:d5:61:22:30:58:2c:af:1d:62:6f:05:c2:93:6f:
         37:61:d7:7b:06:2b:03:ab:c0:4b:46:d0:35:39:21:e1:99:31:
         dc:9f:75:a5:ed:d1:98:60:3c:ce:e4:00:7e:14:95:47:18:60:
         54:e3:fa:1c:e8:cc:0d:df:5d:92:7f:0e:9d:ee:45:c5:bc:b7:
         11:36:86:2b:a5:3d:34:24:58:94:12:da:5f:48:96:b8:62:4f:
         d5:27:ea:17
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEFNF+LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQy
NjE0Mzg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJjNDRhNTQxZDI2
M2QzOTFkY2RmMmY2ODQ0YjRjMzYwNjZlMmE0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDTvSTYPkyc1zC4KgptOh5PEmt5Nn5ukMAAKYdJUTgfBgzj
xWs1yEbfp4Sg3x5rPOi07oCvzwQr6K+OduRZJjMCuqFSC91ROvqfW1hkMF8kKN1c
9xW7nB2YuACxxYptc0v2jzs0PLGJkOjZ1ijAXFgzpoNYwJspBJwESujOrKwgtFMg
9GOU2OomyV3uEMfJnfyrhZO0Q4+OffRsYCDnoqcw5NMGP2Y7e8SpRHKHxfEF2cCs
6f045r/VNSsQMAUCH91nRUIT4ZqYCYYOPViD6YgYv58LH94C9fZNaKAIbzucDUJ9
lIvDhIW0ZGu8oGCU8VNJXl0l7GNZPWb5u90VTukCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTCxEpUHSY9OR3N8vaES0w2Bm4qSzAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3dzUktWQjBtUFRrZHpmTDJoRXRNTmdadUtrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvyQAMEAVvyZAMEAFvyaQMEAlvy
bAMEA1vyeAMEArmt9AMEAcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOC
AQEAJhmFFDxWdyXuk0u5wtzEG8QclX+gcb/eoXv+J24GdStgDMsEN9I+GXpxtMZC
swDFP+iDOgA+TJqKgm6jhPPIUs+rF+vj9rr4+BaN0JDPao4IlsBzQQuo1U8TPqpD
8TrSNmC+Bo0s7rToT6NaG6Z8EQQrRPQ1gALAjYJq2tiaePtZxGk6IvBN09TyuGJG
7sR6QBhFF3FbO9INVZL2aLEjbfqQW1EVxtVhIjBYLK8dYm8FwpNvN2HXewYrA6vA
S0bQNTkh4Zkx3J91pe3RmGA8zuQAfhSVRxhgVOP6HOjMDd9dkn8One5Fxby3ETaG
K6U9NCRYlBLaX0iWuGJP1SfqFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org