Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RJ8ym0X2DGNaRlBdDJZ-MS-p5x0.roa
File:                     RJ8ym0X2DGNaRlBdDJZ-MS-p5x0.roa (raw, json)
Hash identifier:          wR+nTiTc1lxpVGJIlr/01YhdxYHEgXwZLqLFPh5+0WI=
Subject key identifier:   44:9F:32:9B:45:F6:0C:63:5A:46:50:5D:0C:96:7E:31:2F:A9:E7:1D
Certificate issuer:       /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial:       1471FA8D
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RJ8ym0X2DGNaRlBdDJZ-MS-p5x0.roa
Signing time:             Sat 01 Jan 2022 09:58:54 +0000
ROA not before:           Sat 01 Jan 2022 09:58:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205516
IP address blocks:        185.121.83.0/24 maxlen: 24
                          185.121.82.0/24 maxlen: 24
                          185.121.80.0/24 maxlen: 24
                          185.121.81.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 343014029 (0x1471fa8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
        Validity
            Not Before: Jan  1 09:58:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=449f329b45f60c635a46505d0c967e312fa9e71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bf:9b:a5:f4:99:13:04:db:e3:88:21:7a:e6:
                    a0:e9:51:70:31:ab:75:28:b3:67:66:3f:96:89:4d:
                    9f:69:c3:d2:e2:33:63:e4:ae:06:bd:bb:a8:15:11:
                    12:2a:3e:e8:9b:a5:b1:4e:bd:32:96:34:cd:d7:da:
                    c6:52:e1:b7:19:96:d6:8a:7c:0d:07:2d:58:d0:3e:
                    f4:7c:b5:38:09:22:5a:6d:50:6f:a9:a5:69:38:e2:
                    42:86:59:f7:29:66:a1:81:ba:67:85:76:35:ac:27:
                    32:90:d5:74:ff:03:33:72:d9:24:b5:7e:00:d6:ce:
                    68:3e:6b:71:40:60:f3:27:a4:c6:bc:ec:e4:2f:d2:
                    40:fe:3f:5f:c9:09:12:ef:35:65:f8:61:99:5a:e6:
                    10:6e:43:a5:eb:3a:9b:86:71:63:9e:7a:e0:ea:16:
                    59:48:e6:cb:94:68:d5:4d:e6:08:d6:26:8c:c1:05:
                    d7:0c:0f:33:a6:ef:39:9c:ea:d2:3d:ec:10:a8:6b:
                    f3:e4:76:e4:1f:97:4a:c1:ae:70:22:ae:d2:87:f9:
                    ed:29:8f:c9:49:3d:51:93:0c:fc:0b:cc:6d:f3:14:
                    54:3b:9d:c7:52:f5:0c:6f:2a:a1:c4:29:5d:11:34:
                    67:75:9f:05:4a:9b:96:5a:f0:f9:f3:5a:76:65:40:
                    c2:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:9F:32:9B:45:F6:0C:63:5A:46:50:5D:0C:96:7E:31:2F:A9:E7:1D
            X509v3 Authority Key Identifier:
                keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/RJ8ym0X2DGNaRlBdDJZ-MS-p5x0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.121.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cb:b3:ff:a1:85:5a:74:0d:d5:5d:8d:5d:88:76:8f:56:ba:6b:
         8c:b4:b7:8d:25:b7:5b:54:20:ee:95:9b:73:b9:a9:f1:17:e7:
         a4:f2:2f:e0:b8:1f:f4:db:63:c0:8f:96:24:48:ac:ff:3d:b6:
         d5:a9:49:2a:f0:15:3a:43:0f:02:2a:eb:fe:74:f5:90:e9:0f:
         dc:bc:cc:14:f4:67:e6:57:ce:aa:b5:27:d6:53:35:6a:53:8c:
         fc:5a:0c:64:a1:2f:b9:df:55:73:93:b0:f4:25:66:dc:d3:2f:
         da:35:50:de:9d:16:5c:42:66:ba:1b:ce:0c:1f:5a:43:c3:c2:
         4b:55:bd:47:e2:b7:d2:08:46:61:55:bf:cf:2a:40:b3:30:af:
         2a:74:93:c9:3e:29:43:dd:45:12:f7:e2:78:1a:54:5d:44:e2:
         80:2e:6f:c1:ed:49:6e:58:da:2a:84:15:d3:61:13:10:00:d0:
         09:de:54:6a:e3:95:c9:e7:3e:fd:97:b6:4e:0b:69:90:2c:72:
         b0:22:cc:6b:8f:6a:1a:20:91:7f:c6:5d:3f:73:46:af:22:13:
         af:3c:5c:f7:4e:1b:40:b5:fa:ce:2a:d2:17:ef:29:fb:26:11:
         1f:18:de:67:58:5e:98:54:54:27:58:31:7e:0c:69:0b:b5:a9:
         dc:90:13:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFHH6jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDEw
MTA5NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ5ZjMyOWI0NWY2
MGM2MzVhNDY1MDVkMGM5NjdlMzEyZmE5ZTcxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK/m6X0mRME2+OIIXrmoOlRcDGrdSizZ2Y/lolNn2nD0uIz
Y+SuBr27qBUREio+6JulsU69MpY0zdfaxlLhtxmW1op8DQctWNA+9Hy1OAkiWm1Q
b6mlaTjiQoZZ9ylmoYG6Z4V2NawnMpDVdP8DM3LZJLV+ANbOaD5rcUBg8yekxrzs
5C/SQP4/X8kJEu81ZfhhmVrmEG5Dpes6m4ZxY5564OoWWUjmy5Ro1U3mCNYmjMEF
1wwPM6bvOZzq0j3sEKhr8+R25B+XSsGucCKu0of57SmPyUk9UZMM/AvMbfMUVDud
x1L1DG8qocQpXRE0Z3WfBUqbllrw+fNadmVAwssCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBREnzKbRfYMY1pGUF0Mln4xL6nnHTAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
L1JKOHltMFgyREdOYVJsQmRESlotTVMtcDV4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl5UDANBgkqhkiG9w0BAQsFAAOC
AQEAy7P/oYVadA3VXY1diHaPVrprjLS3jSW3W1Qg7pWbc7mp8RfnpPIv4Lgf9Ntj
wI+WJEis/z221alJKvAVOkMPAirr/nT1kOkP3LzMFPRn5lfOqrUn1lM1alOM/FoM
ZKEvud9Vc5Ow9CVm3NMv2jVQ3p0WXEJmuhvODB9aQ8PCS1W9R+K30ghGYVW/zypA
szCvKnSTyT4pQ91FEvfieBpUXUTigC5vwe1JbljaKoQV02ETEADQCd5UauOVyec+
/Ze2TgtpkCxysCLMa49qGiCRf8ZdP3NGryITrzxc904bQLX6zirSF+8p+yYRHxje
Z1hemFRUJ1gxfgxpC7Wp3JATUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org