Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/i5gMhe4VPtYKS4BHy8wpSYQEkNY.roa
File:                     i5gMhe4VPtYKS4BHy8wpSYQEkNY.roa (raw, json)
Hash identifier:          JsgksUazSvhZ5A9aWfjZybufsRGYyAeaXz/ZHGc3/IY=
Subject key identifier:   8B:98:0C:85:EE:15:3E:D6:0A:4B:80:47:CB:CC:29:49:84:04:90:D6
Certificate issuer:       /CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Certificate serial:       0181F8C3CAE0A09748DDA018641F74E96241
Authority key identifier: 4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/i5gMhe4VPtYKS4BHy8wpSYQEkNY.roa
Signing time:             Wed 13 Jul 2022 18:13:09 +0000
ROA not before:           Wed 13 Jul 2022 18:13:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44932
IP address blocks:        91.228.132.0/23 maxlen: 24
                          185.147.176.0/24 maxlen: 24
                          185.147.176.0/22 maxlen: 24
                          185.147.177.0/24 maxlen: 24
                          185.147.178.0/24 maxlen: 24
                          185.147.179.0/24 maxlen: 24
                          91.229.46.0/23 maxlen: 24
                          188.209.119.0/24 maxlen: 24
                          185.80.198.0/23 maxlen: 24
                          188.209.117.0/24 maxlen: 24
                          188.209.118.0/24 maxlen: 24
                          188.209.116.0/24 maxlen: 24
                          188.209.116.0/22 maxlen: 24
                          2a0b:1fc0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f8:c3:ca:e0:a0:97:48:dd:a0:18:64:1f:74:e9:62:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
        Validity
            Not Before: Jul 13 18:13:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b980c85ee153ed60a4b8047cbcc2949840490d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:55:8d:6f:39:09:5e:24:df:c7:ba:21:c6:7d:
                    dd:fb:77:5b:7e:31:35:3e:47:e4:ab:ed:9e:b9:dc:
                    1e:2d:14:bc:67:9f:8e:65:b2:12:85:fe:5f:b7:48:
                    53:64:90:56:31:80:0a:b9:ee:8a:6e:0e:15:b2:a8:
                    13:a8:65:16:d7:6c:f4:7c:54:17:7b:3a:6b:e6:7e:
                    98:2f:f5:1f:73:5a:2e:69:6b:c6:3e:4e:b9:78:9a:
                    3f:2e:1b:b1:6c:8b:9c:27:38:68:f6:e8:e3:1a:89:
                    b0:f4:ce:ec:43:09:7c:de:38:08:ac:f4:88:28:d9:
                    fd:42:3b:f2:1b:19:bb:04:b0:3e:82:7d:30:cc:4f:
                    31:45:d8:82:95:bd:98:dc:7b:ec:1c:1a:62:26:05:
                    07:fd:b2:1c:1f:12:95:e6:f5:fb:9f:00:12:f6:8f:
                    13:61:49:6f:32:eb:08:dc:8c:00:48:3c:bd:5b:bc:
                    5b:f8:d4:e4:84:aa:98:b7:30:54:85:64:00:03:fa:
                    c4:e2:56:dc:4b:03:81:f6:ff:36:60:a0:54:8c:d9:
                    6e:42:65:68:b7:b7:74:c7:b3:78:41:e7:5e:e1:26:
                    15:29:c7:ed:eb:40:f3:60:49:3b:08:3b:7f:55:8f:
                    2f:20:73:f7:93:3a:44:74:11:45:00:f3:8a:56:04:
                    d4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:98:0C:85:EE:15:3E:D6:0A:4B:80:47:CB:CC:29:49:84:04:90:D6
            X509v3 Authority Key Identifier:
                keyid:4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/i5gMhe4VPtYKS4BHy8wpSYQEkNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.132.0/23
                  91.229.46.0/23
                  185.80.198.0/23
                  185.147.176.0/22
                  188.209.116.0/22
                IPv6:
                  2a0b:1fc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         1b:74:4a:6b:13:23:ff:ca:72:34:54:a7:25:13:ed:88:e2:69:
         f6:78:b7:0f:3a:cb:9e:e8:80:d2:0e:6b:b5:4c:e4:81:c2:a2:
         d4:2e:81:a9:f9:d0:a3:d2:68:0b:2c:52:4c:9f:01:56:23:6b:
         84:39:32:e6:bb:57:0b:3a:a1:ed:0b:54:de:1c:61:2c:ef:be:
         9a:81:0b:8f:65:57:02:79:3c:0d:54:22:52:12:2f:bc:e2:9d:
         c5:9a:b6:6b:f4:94:c4:af:86:c5:a9:34:05:05:96:be:99:1c:
         42:3b:72:c1:1a:00:e8:88:ef:4a:12:6a:dc:38:87:39:3c:4c:
         e5:ab:d5:6b:ac:58:d5:1d:b3:e0:a0:bc:de:b7:b5:af:13:d4:
         a5:3e:a5:6a:8d:3e:49:09:45:3b:52:d8:2a:26:e5:f4:e7:db:
         78:56:1c:af:49:97:04:18:e8:6c:6a:5b:db:fb:fe:f0:fe:ab:
         a3:60:f3:9e:3e:92:fd:98:c3:b0:83:70:2a:7c:73:e7:6f:62:
         dd:cd:e2:fc:fe:a9:aa:9c:9b:d0:5f:83:eb:fa:00:83:00:31:
         c9:c7:d6:07:76:5c:74:49:e9:c0:dd:1a:a2:3f:f7:cf:e9:a5:
         0b:f2:9a:f8:d1:af:1b:ff:ce:04:07:bd:d5:d5:a4:56:71:2a:
         92:ee:4c:1b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYH4w8rgoJdI3aAYZB906WJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYzNhMDYyY2I5NmQ5YTNmMjFhOGIyZGE4NDhmODFjNmY3
M2JmOTUwHhcNMjIwNzEzMTgxMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk4MGM4NWVlMTUzZWQ2MGE0YjgwNDdjYmNjMjk0OTg0MDQ5MGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVWNbzkJXiTfx7ohxn3d+3dbfjE1
Pkfkq+2eudweLRS8Z5+OZbIShf5ft0hTZJBWMYAKue6Kbg4VsqgTqGUW12z0fFQX
ezpr5n6YL/Ufc1ouaWvGPk65eJo/LhuxbIucJzho9ujjGomw9M7sQwl83jgIrPSI
KNn9QjvyGxm7BLA+gn0wzE8xRdiClb2Y3HvsHBpiJgUH/bIcHxKV5vX7nwAS9o8T
YUlvMusI3IwASDy9W7xb+NTkhKqYtzBUhWQAA/rE4lbcSwOB9v82YKBUjNluQmVo
t7d0x7N4Qede4SYVKcft60DzYEk7CDt/VY8vIHP3kzpEdBFFAPOKVgTUKQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIuYDIXuFT7WCkuAR8vMKUmEBJDWMB8GA1UdIwQY
MBaAFE7DoGLLltmj8hqLLahI+Bxvc7+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWIt
ZjU2N2MzZTlmNWZmLzEvaTVnTWhlNFZQdFlLUzRCSHk4d3BTWVFFa05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWItZjU2N2MzZTlmNWZm
LzEvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW+SEAwQB
W+UuAwQBuVDGAwQCuZOwAwQCvNF0MA0EAgACMAcDBQMqCx/AMA0GCSqGSIb3DQEB
CwUAA4IBAQAbdEprEyP/ynI0VKclE+2I4mn2eLcPOsue6IDSDmu1TOSBwqLULoGp
+dCj0mgLLFJMnwFWI2uEOTLmu1cLOqHtC1TeHGEs776agQuPZVcCeTwNVCJSEi+8
4p3FmrZr9JTEr4bFqTQFBZa+mRxCO3LBGgDoiO9KEmrcOIc5PEzlq9VrrFjVHbPg
oLzet7WvE9SlPqVqjT5JCUU7UtgqJuX059t4VhyvSZcEGOhsalvb+/7w/qujYPOe
PpL9mMOwg3AqfHPnb2LdzeL8/qmqnJvQX4Pr+gCDADHJx9YHdlx0SenA3RqiP/fP
6aUL8pr40a8b/84EB73V1aRWcSqS7kwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org