Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8bjuJxIxhKzADgobsvYRt0diA_8.roa
File:                     8bjuJxIxhKzADgobsvYRt0diA_8.roa (raw, json)
Hash identifier:          Oe1dQ/aroDUuDaYhgknWT5OqvIU0XilyBAESipnFuIc=
Subject key identifier:   F1:B8:EE:27:12:31:84:AC:C0:0E:0A:1B:B2:F6:11:B7:47:62:03:FF
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0185626554A3D063093DD85C7510BC2EF31B
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8bjuJxIxhKzADgobsvYRt0diA_8.roa
Signing time:             Fri 30 Dec 2022 09:38:06 +0000
ROA not before:           Fri 30 Dec 2022 09:38:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          89.43.41.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.113.202.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          89.45.34.0/24 maxlen: 24
                          85.204.78.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:65:54:a3:d0:63:09:3d:d8:5c:75:10:bc:2e:f3:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Dec 30 09:38:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1b8ee27123184acc00e0a1bb2f611b7476203ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:62:f2:24:21:87:8a:c1:f2:53:42:26:b0:29:
                    83:99:e2:86:f4:a6:b2:13:67:86:51:93:e6:e9:b2:
                    1e:b9:6c:3c:d4:33:a0:eb:bf:84:f2:1e:cb:e2:2d:
                    ad:09:67:50:af:8c:05:fb:ec:e4:7e:b9:53:4b:5a:
                    65:5b:7b:96:c7:19:d0:68:d5:08:e3:fc:87:fa:29:
                    fc:f0:98:a7:f1:7c:10:d7:b0:14:56:f9:43:fa:cc:
                    22:c1:88:34:99:6b:2e:5d:72:80:a1:3e:9f:af:c1:
                    49:00:46:6a:33:7c:7c:c7:c3:20:e0:48:75:0f:9c:
                    40:76:24:5a:11:ea:ad:79:2f:02:59:c5:46:22:15:
                    ba:cb:71:19:6d:3a:66:34:b4:e9:8b:d0:1e:1d:4e:
                    6b:8f:ed:98:90:c6:fb:45:79:cb:38:8f:10:32:23:
                    88:8e:89:c1:59:86:2f:33:d4:c2:93:cf:bb:d1:09:
                    11:21:f2:7f:da:86:37:54:e0:f4:d3:5a:93:23:cc:
                    50:93:97:26:f1:6c:f9:d2:0a:4d:7d:47:f8:6f:23:
                    40:61:6f:19:44:24:1f:a8:e6:b7:76:fc:57:8f:2c:
                    8b:7e:c6:eb:ff:ad:92:48:9f:70:f6:a0:96:bb:19:
                    d0:88:2f:a9:40:b3:c3:50:e3:46:47:0f:fc:1e:e7:
                    47:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:B8:EE:27:12:31:84:AC:C0:0E:0A:1B:B2:F6:11:B7:47:62:03:FF
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8bjuJxIxhKzADgobsvYRt0diA_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.78.0/24
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0-89.43.44.255
                  89.43.73.0/24
                  89.45.34.0/24
                  93.113.158.0/24
                  93.113.202.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:33:45:0d:1b:0f:3b:21:37:60:7d:c8:8f:77:77:1b:e1:23:
         d2:2b:6b:09:6c:b4:a2:ae:4d:be:13:8e:cd:26:f9:9f:c0:91:
         a5:f3:28:21:0a:e9:41:70:74:ec:af:60:ff:80:b4:62:5d:01:
         cc:5c:2d:2b:e2:47:a4:a1:5b:7a:1f:8f:98:b3:25:3a:81:82:
         f6:55:dd:e0:2e:4d:eb:e0:e9:28:35:87:1a:14:7f:00:9c:05:
         c4:81:23:b2:f6:8b:41:d1:15:e8:1d:f3:cb:d2:c0:f9:ec:76:
         76:7a:59:fe:70:85:03:42:94:4d:7a:0c:9a:df:1e:4f:5c:db:
         c3:1a:c3:9b:e2:18:3b:0d:d6:ec:d6:3d:4d:01:50:d1:38:5a:
         d0:b5:4d:f0:48:0e:99:7f:b0:3d:43:61:20:40:b7:61:df:99:
         e3:5d:16:ef:d2:30:ce:2c:e9:40:49:b2:13:88:8f:78:5d:3a:
         ca:d8:8b:8e:87:52:ec:ed:d3:4a:0c:f7:63:10:2e:9d:04:b7:
         8f:dd:40:1f:6e:b2:a4:ec:ca:8a:39:d3:d2:0d:a5:56:ba:c9:
         16:62:fd:64:67:7d:42:03:16:06:6d:79:33:44:09:20:85:fb:
         42:58:30:8e:a5:4a:88:4d:94:cd:55:63:de:16:1f:71:a5:87:
         ad:6a:df:1d
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYViZVSj0GMJPdhcdRC8LvMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMjMwMDkzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWI4ZWUyNzEyMzE4NGFjYzAwZTBhMWJiMmY2MTFiNzQ3NjIwM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2LyJCGHisHyU0ImsCmDmeKG9Kay
E2eGUZPm6bIeuWw81DOg67+E8h7L4i2tCWdQr4wF++zkfrlTS1plW3uWxxnQaNUI
4/yH+in88Jin8XwQ17AUVvlD+swiwYg0mWsuXXKAoT6fr8FJAEZqM3x8x8Mg4Eh1
D5xAdiRaEeqteS8CWcVGIhW6y3EZbTpmNLTpi9AeHU5rj+2YkMb7RXnLOI8QMiOI
jonBWYYvM9TCk8+70QkRIfJ/2oY3VOD001qTI8xQk5cm8Wz50gpNfUf4byNAYW8Z
RCQfqOa3dvxXjyyLfsbr/62SSJ9w9qCWuxnQiC+pQLPDUONGRw/8HudH1wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFPG47icSMYSswA4KG7L2EbdHYgP/MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOGJqdUp4SXhoS3pBRGdvYnN2WVJ0MGRpQV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAFXM
TgMEAFXMfQMEAFXMfwMEAFZqUAMEAFkhowMEA1kiCAMEAFkliAMEAFkn/DAMAwQD
WSsoAwQAWSssAwQAWStJAwQAWS0iAwQAXXGeAwQAXXHKAwQAXXI3AwQAXXJjAwQA
XXK7AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBAGEzRQ0bDzshN2B9yI93dxvhI9IrawlstKKuTb4Tjs0m+Z/AkaXz
KCEK6UFwdOyvYP+AtGJdAcxcLSviR6ShW3ofj5izJTqBgvZV3eAuTevg6Sg1hxoU
fwCcBcSBI7L2i0HRFegd88vSwPnsdnZ6Wf5whQNClE16DJrfHk9c28Maw5viGDsN
1uzWPU0BUNE4WtC1TfBIDpl/sD1DYSBAt2HfmeNdFu/SMM4s6UBJshOIj3hdOsrY
i46HUuzt00oM92MQLp0Et4/dQB9usqTsyoo509INpVa6yRZi/WRnfUIDFgZteTNE
CSCF+0JYMI6lSohNlM1VY94WH3Glh61q3x0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org