Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/6zs-vG-LuncSs6_17EPy0UOekuU.roa
File:                     6zs-vG-LuncSs6_17EPy0UOekuU.roa (raw, json)
Hash identifier:          8UEYFSX1SnIVZMKyvyDz545UdpCGIN8rtuDPWEp+bE0=
Subject key identifier:   EB:3B:3E:BC:6F:8B:BA:77:12:B3:AF:F5:EC:43:F2:D1:43:9E:92:E5
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0185066D200B55B55CA8CAF3EA7CEB9EF464
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/6zs-vG-LuncSs6_17EPy0UOekuU.roa
Signing time:             Mon 12 Dec 2022 13:01:32 +0000
ROA not before:           Mon 12 Dec 2022 13:01:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6762
IP address blocks:        85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          188.215.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:06:6d:20:0b:55:b5:5c:a8:ca:f3:ea:7c:eb:9e:f4:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Dec 12 13:01:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb3b3ebc6f8bba7712b3aff5ec43f2d1439e92e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:67:da:ad:06:92:79:8c:4d:0e:da:74:bb:b9:
                    26:cc:d2:35:f0:27:d5:d9:4b:be:0b:09:d6:9f:35:
                    58:07:28:54:98:bb:1b:71:bb:13:12:04:41:b5:e9:
                    1d:3b:79:6e:ec:ae:c1:cd:96:1b:a3:c8:50:ff:4c:
                    d6:68:15:7f:8d:6b:85:4d:1b:45:d8:0b:1f:3d:4d:
                    bb:dc:5a:e1:f7:cc:03:30:aa:aa:f5:6e:57:8a:e8:
                    af:ab:60:32:fb:4c:bb:2e:8f:d1:f2:c8:b2:88:23:
                    ea:ed:01:12:8c:04:24:32:4c:4c:15:bb:73:71:e9:
                    6d:62:e0:8a:1c:1d:4f:ae:92:86:7c:da:a7:ef:d2:
                    b0:fd:d2:41:07:c9:47:04:10:29:4a:09:bd:81:86:
                    a8:8e:67:46:e9:11:c5:7a:a9:1d:d2:be:1a:58:ea:
                    cc:12:3c:57:28:e4:85:69:a4:24:27:10:29:64:c8:
                    a2:70:33:b4:0d:c1:41:51:ac:12:e3:32:9b:8f:b1:
                    b7:00:95:87:d7:6d:4d:6f:c3:24:3c:05:af:de:3b:
                    9c:65:9a:54:75:ac:4e:ad:94:b4:e8:53:11:a6:0d:
                    49:c6:10:e8:a5:f7:44:71:f2:a7:ca:38:67:53:b3:
                    e3:90:af:60:75:36:ab:ab:70:3e:b5:7e:fc:26:9f:
                    6d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:3B:3E:BC:6F:8B:BA:77:12:B3:AF:F5:EC:43:F2:D1:43:9E:92:E5
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/6zs-vG-LuncSs6_17EPy0UOekuU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  89.33.163.0/24
                  89.39.252.0/24
                  89.43.73.0/24
                  93.113.158.0/24
                  188.215.72.0/24
                  188.240.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:e2:d2:06:e6:ba:82:61:41:60:21:44:46:bc:a4:c3:f7:ce:
         d6:47:83:86:84:3f:9b:04:ab:32:91:b1:5c:2f:13:7b:33:81:
         f8:33:87:80:81:94:3b:6d:1e:eb:e9:5f:50:10:81:6c:58:d0:
         5a:c2:d2:48:c1:b1:e8:b9:87:ad:d3:bc:da:b4:ed:46:3b:59:
         63:00:54:02:bc:0a:3c:e3:40:e9:d2:30:80:a8:73:29:a4:db:
         e3:80:75:90:31:1c:c9:8c:1f:88:97:48:2c:05:37:26:2b:e8:
         a4:16:9c:3b:93:7e:26:56:91:3d:12:5d:eb:a8:e3:61:b2:4c:
         10:f6:a6:f9:ff:17:c8:ca:2e:49:6a:d8:00:0f:71:ea:8b:70:
         d9:0b:3d:86:f9:ea:a9:75:02:e4:20:de:ec:f1:05:01:51:9c:
         4c:0f:d6:d1:a3:03:6b:3c:fa:41:8c:56:cd:ca:59:88:f5:5c:
         67:7f:9f:c5:4a:54:38:4b:ff:98:4b:cf:ff:1e:18:92:94:86:
         e1:84:f2:d1:eb:33:ad:f1:0e:7a:d7:56:a4:48:b3:bf:7f:d7:
         8b:7e:a0:cf:eb:0a:8d:45:f7:af:41:e5:7a:0a:1d:f5:9a:20:
         8b:b9:4b:94:f2:a2:9f:e2:36:56:d1:b5:d9:fe:94:1c:68:5d:
         4f:52:f2:93
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYUGbSALVbVcqMrz6nzrnvRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMjEyMTMwMTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNiM2ViYzZmOGJiYTc3MTJiM2FmZjVlYzQzZjJkMTQzOWU5MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGfarQaSeYxNDtp0u7kmzNI18CfV
2Uu+CwnWnzVYByhUmLsbcbsTEgRBtekdO3lu7K7BzZYbo8hQ/0zWaBV/jWuFTRtF
2AsfPU273Frh98wDMKqq9W5Xiuivq2Ay+0y7Lo/R8siyiCPq7QESjAQkMkxMFbtz
celtYuCKHB1PrpKGfNqn79Kw/dJBB8lHBBApSgm9gYaojmdG6RHFeqkd0r4aWOrM
EjxXKOSFaaQkJxApZMiicDO0DcFBUawS4zKbj7G3AJWH121Nb8MkPAWv3jucZZpU
daxOrZS06FMRpg1JxhDopfdEcfKnyjhnU7PjkK9gdTarq3A+tX78Jp9t/wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOs7Prxvi7p3ErOv9exD8tFDnpLlMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvNnpzLXZHLUx1bmNTczZfMTdFUHkwVU9la3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVcx9AwQA
Vcx/AwQAWSGjAwQAWSf8AwQAWStJAwQAXXGeAwQAvNdIAwQAvPAOMA0GCSqGSIb3
DQEBCwUAA4IBAQDJ4tIG5rqCYUFgIURGvKTD987WR4OGhD+bBKsykbFcLxN7M4H4
M4eAgZQ7bR7r6V9QEIFsWNBawtJIwbHouYet07zatO1GO1ljAFQCvAo840Dp0jCA
qHMppNvjgHWQMRzJjB+Il0gsBTcmK+ikFpw7k34mVpE9El3rqONhskwQ9qb5/xfI
yi5JatgAD3Hqi3DZCz2G+eqpdQLkIN7s8QUBUZxMD9bRowNrPPpBjFbNylmI9Vxn
f5/FSlQ4S/+YS8//HhiSlIbhhPLR6zOt8Q5611akSLO/f9eLfqDP6wqNRfevQeV6
Ch31miCLuUuU8qKf4jZW0bXZ/pQcaF1PUvKT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org