Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/QeUI64Xnb6V8OgLWYshazE2X860.roa
File:                     QeUI64Xnb6V8OgLWYshazE2X860.roa (raw, json)
Hash identifier:          cqNG3yP3mbGQn12+WW4YrFRvubOYQDm/bcdqkgkLbgc=
Subject key identifier:   41:E5:08:EB:85:E7:6F:A5:7C:3A:02:D6:62:C8:5A:CC:4D:97:F3:AD
Certificate issuer:       /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial:       14719748
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/QeUI64Xnb6V8OgLWYshazE2X860.roa
Signing time:             Sat 01 Jan 2022 09:58:53 +0000
ROA not before:           Sat 01 Jan 2022 09:58:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200590
IP address blocks:        185.121.83.0/24 maxlen: 24
                          185.121.82.0/24 maxlen: 24
                          185.121.81.0/24 maxlen: 24
                          185.121.80.0/24 maxlen: 24
                          185.116.192.0/24 maxlen: 24
                          185.116.195.0/24 maxlen: 24
                          185.116.194.0/24 maxlen: 24
                          185.116.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 342988616 (0x14719748)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
        Validity
            Not Before: Jan  1 09:58:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=41e508eb85e76fa57c3a02d662c85acc4d97f3ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:92:f3:b3:2f:cf:1d:ab:13:4f:fb:18:44:e6:
                    6f:d8:d6:bb:63:6f:2e:0d:99:c8:43:96:24:57:5f:
                    62:50:35:77:7f:6e:a5:f3:00:77:8f:f5:e3:58:0e:
                    eb:27:e8:a4:c6:48:9e:16:a3:17:2a:88:ff:71:e2:
                    77:70:d1:e6:1a:48:63:69:2d:f3:74:76:9b:e2:5e:
                    20:3b:56:eb:a8:f2:53:00:cd:b6:2b:3a:10:3a:ee:
                    0c:a1:04:a7:e2:33:ee:97:0d:22:cd:66:c7:37:88:
                    c6:a2:b7:82:70:76:be:4c:3a:82:c8:d4:8f:b7:78:
                    9a:b5:ad:b9:a4:7d:ba:e0:21:0d:00:16:ba:55:06:
                    8f:3d:22:4a:54:32:2b:49:b0:cb:17:2f:3a:32:3a:
                    a2:80:98:d0:cf:3b:0e:d9:1a:74:7e:ac:6a:fc:5b:
                    9c:df:fd:8f:32:ad:61:be:f6:fd:7e:e9:b2:90:d6:
                    a8:30:52:e0:b1:ac:7c:89:ce:71:75:df:5f:10:aa:
                    84:fc:da:83:ef:60:70:25:6e:23:45:ad:cd:76:b5:
                    68:a1:45:23:1c:f4:64:28:06:fd:fa:81:17:93:ee:
                    d7:f2:e4:81:79:43:00:ea:32:e7:cf:3b:52:5c:79:
                    b7:e5:39:a6:5d:23:9f:29:1b:f6:b1:b6:99:4b:03:
                    e3:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E5:08:EB:85:E7:6F:A5:7C:3A:02:D6:62:C8:5A:CC:4D:97:F3:AD
            X509v3 Authority Key Identifier:
                keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/QeUI64Xnb6V8OgLWYshazE2X860.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.116.192.0/22
                  185.121.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:f8:0b:d5:3a:c4:b4:f8:12:d1:8b:3a:a6:b1:18:5e:91:78:
         89:5e:70:29:6e:3e:c8:a8:c7:05:e2:19:4c:a4:1c:fd:9d:d1:
         46:d2:5c:0a:9b:1a:5f:0f:40:3b:ef:b5:7f:5b:5b:82:95:5d:
         10:da:48:e7:ae:df:80:55:96:6d:eb:35:6d:d1:9a:e3:c3:23:
         14:c5:f0:2c:81:dc:28:c7:50:01:4d:0b:a0:44:83:8c:65:d0:
         f2:43:5f:4b:76:fd:10:8b:8f:f9:c5:ed:6a:40:37:78:a3:09:
         76:fb:18:ac:ce:5f:00:9c:c4:ec:54:7d:14:22:22:ea:48:21:
         0d:eb:6c:96:b8:86:c9:4f:96:d5:c3:3a:b9:ca:ac:7f:aa:a4:
         d0:44:92:16:8e:8e:dc:63:5c:33:fc:7e:2d:57:91:da:da:b9:
         2f:69:19:be:6f:1e:f9:92:6e:55:f1:f4:7a:5b:10:1b:e6:3c:
         56:f4:9f:2c:a9:09:a4:7f:04:6c:f5:a1:42:35:89:17:8a:e1:
         56:f4:05:12:3c:65:3d:ab:9a:7a:00:0a:71:41:8e:0b:5d:1b:
         41:83:94:8b:04:a9:48:5f:21:1d:a4:fc:92:fd:13:bc:56:ab:
         27:d0:fd:4e:76:70:ed:fe:66:9f:19:6b:c1:4b:cd:c6:4a:af:
         5b:cf:61:bd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFHGXSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDEw
MTA5NTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFlNTA4ZWI4NWU3
NmZhNTdjM2EwMmQ2NjJjODVhY2M0ZDk3ZjNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSS87Mvzx2rE0/7GETmb9jWu2NvLg2ZyEOWJFdfYlA1d39u
pfMAd4/141gO6yfopMZInhajFyqI/3Hid3DR5hpIY2kt83R2m+JeIDtW66jyUwDN
tis6EDruDKEEp+Iz7pcNIs1mxzeIxqK3gnB2vkw6gsjUj7d4mrWtuaR9uuAhDQAW
ulUGjz0iSlQyK0mwyxcvOjI6ooCY0M87DtkadH6savxbnN/9jzKtYb72/X7pspDW
qDBS4LGsfInOcXXfXxCqhPzag+9gcCVuI0WtzXa1aKFFIxz0ZCgG/fqBF5Pu1/Lk
gXlDAOoy5887Ulx5t+U5pl0jnykb9rG2mUsD4+cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRB5QjrhedvpXw6AtZiyFrMTZfzrTAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
L1FlVUk2NFhuYjZWOE9nTFdZc2hhekUyWDg2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArl0wAMEArl5UDANBgkqhkiG9w0B
AQsFAAOCAQEAKfgL1TrEtPgS0Ys6prEYXpF4iV5wKW4+yKjHBeIZTKQc/Z3RRtJc
CpsaXw9AO++1f1tbgpVdENpI567fgFWWbes1bdGa48MjFMXwLIHcKMdQAU0LoESD
jGXQ8kNfS3b9EIuP+cXtakA3eKMJdvsYrM5fAJzE7FR9FCIi6kghDetslriGyU+W
1cM6ucqsf6qk0ESSFo6O3GNcM/x+LVeR2tq5L2kZvm8e+ZJuVfH0elsQG+Y8VvSf
LKkJpH8EbPWhQjWJF4rhVvQFEjxlPauaegAKcUGOC10bQYOUiwSpSF8hHaT8kv0T
vFarJ9D9TnZw7f5mnxlrwUvNxkqvW89hvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org