Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa
File:                     ioRfmEX2LYaRq1jKIcapE2reKMU.roa (raw, json)
Hash identifier:          IJ14sfj3mwcEYpF6JssXSTbaR5Ro+naqO0KYSshsTvk=
Subject key identifier:   8A:84:5F:98:45:F6:2D:86:91:AB:58:CA:21:C6:A9:13:6A:DE:28:C5
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0BDDD08F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa
Signing time:             Fri 11 Feb 2022 15:04:09 +0000
ROA not before:           Fri 11 Feb 2022 15:04:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12695
IP address blocks:        89.43.44.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          85.204.78.0/24 maxlen: 24
                          89.45.34.0/24 maxlen: 24
                          93.113.203.0/24 maxlen: 24
                          93.114.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199086223 (0xbddd08f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Feb 11 15:04:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8a845f9845f62d8691ab58ca21c6a9136ade28c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dd:18:b6:d5:d2:e4:c5:b3:5c:70:72:bd:eb:
                    c3:c5:33:76:5a:99:9d:27:62:bd:4d:29:cc:26:2d:
                    dd:06:46:29:d3:50:6e:bd:70:0a:c8:70:bf:dd:da:
                    29:b0:d6:d0:3a:e9:34:29:98:b4:9f:23:b2:e4:37:
                    43:04:a5:38:f0:3b:33:05:71:47:e6:f6:50:05:bc:
                    41:ee:87:da:6b:0e:50:38:ce:cf:17:c6:84:5b:6f:
                    be:04:f3:d4:32:18:a8:35:f5:fe:a5:c0:89:05:58:
                    1c:4f:51:61:49:bb:27:7b:5b:2c:1a:ac:61:0e:e7:
                    22:48:a2:82:8d:89:4a:5c:27:46:8b:30:ac:4d:48:
                    6c:e3:31:2b:65:33:bd:2c:f1:28:6b:eb:91:fb:77:
                    93:00:43:0b:bb:00:4b:5a:05:b4:1b:38:00:3a:16:
                    b8:aa:18:d9:84:fe:b5:44:e5:17:43:f9:b8:de:f3:
                    cd:5e:f2:cc:60:cc:4a:a2:20:d9:07:65:2d:8c:fb:
                    8a:17:1b:3a:f6:4f:ba:ce:12:7d:65:e4:dd:70:05:
                    9e:a0:bf:72:65:04:6c:a1:46:75:3f:f1:0e:84:ff:
                    7d:86:f4:8d:19:c8:54:5b:08:d2:4c:31:11:2d:31:
                    81:de:df:dd:90:61:a5:d7:bc:1d:90:c3:98:0a:7a:
                    bb:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:84:5F:98:45:F6:2D:86:91:AB:58:CA:21:C6:A9:13:6A:DE:28:C5
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.78.0/24
                  86.106.80.0/24
                  89.43.44.0/23
                  89.43.73.0/24
                  89.45.34.0/24
                  93.113.203.0/24
                  93.114.171.0/24
                  188.240.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:fe:9a:46:d9:64:6b:c2:e7:79:e3:ca:65:a6:cb:ea:a3:d0:
         d3:5f:73:23:13:2e:1b:2d:36:19:3a:00:8b:b8:9c:dd:e5:47:
         76:23:13:30:53:5b:dc:1c:b0:4d:1c:ae:e7:af:03:93:85:10:
         af:c1:dd:4d:80:45:f3:9a:25:49:77:91:6b:48:ff:3e:02:30:
         62:c8:99:f1:15:50:fd:70:6b:9d:47:14:b6:3c:4e:7f:fd:4a:
         35:08:84:be:19:ec:0c:40:8c:49:65:d3:81:bd:d7:93:cd:86:
         b2:18:f0:da:d6:89:c7:0a:b8:8f:47:fb:1c:2a:c3:df:42:02:
         bf:11:b0:ad:e5:41:8f:99:7f:22:4f:b5:d3:49:21:0d:85:92:
         1b:0c:45:09:9a:34:ee:03:6f:e9:b6:80:f6:a3:d2:01:a5:07:
         1c:97:a7:a1:8c:f3:96:a4:3f:82:35:3e:41:c7:d7:9f:16:f7:
         3e:df:b8:18:70:5b:4d:6d:e1:bf:19:c2:bd:ed:f8:70:58:45:
         4b:df:fe:4f:dc:bb:b9:b3:e6:06:80:6e:a8:14:c6:4b:97:a9:
         67:9c:42:c0:5f:bd:1c:8d:1b:9b:2d:af:be:c4:a8:26:07:74:
         e5:e9:ff:69:bf:23:b8:b7:3e:0f:df:5f:06:64:ad:19:77:fb:
         06:5b:73:0a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEC93QjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDIx
MTE1MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE4NDVmOTg0NWY2
MmQ4NjkxYWI1OGNhMjFjNmE5MTM2YWRlMjhjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjdGLbV0uTFs1xwcr3rw8UzdlqZnSdivU0pzCYt3QZGKdNQ
br1wCshwv93aKbDW0DrpNCmYtJ8jsuQ3QwSlOPA7MwVxR+b2UAW8Qe6H2msOUDjO
zxfGhFtvvgTz1DIYqDX1/qXAiQVYHE9RYUm7J3tbLBqsYQ7nIkiigo2JSlwnRosw
rE1IbOMxK2UzvSzxKGvrkft3kwBDC7sAS1oFtBs4ADoWuKoY2YT+tUTlF0P5uN7z
zV7yzGDMSqIg2QdlLYz7ihcbOvZPus4SfWXk3XAFnqC/cmUEbKFGdT/xDoT/fYb0
jRnIVFsI0kwxES0xgd7f3ZBhpde8HZDDmAp6u58CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSKhF+YRfYthpGrWMohxqkTat4oxTAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L2lvUmZtRVgyTFlhUnExaktJY2FwRTJyZUtNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFXMTgMEAFZqUAMEAVkrLAMEAFkr
SQMEAFktIgMEAF1xywMEAF1yqwMEALzwDjANBgkqhkiG9w0BAQsFAAOCAQEAD/6a
Rtlka8LneePKZabL6qPQ019zIxMuGy02GToAi7ic3eVHdiMTMFNb3BywTRyu568D
k4UQr8HdTYBF85olSXeRa0j/PgIwYsiZ8RVQ/XBrnUcUtjxOf/1KNQiEvhnsDECM
SWXTgb3Xk82Gshjw2taJxwq4j0f7HCrD30ICvxGwreVBj5l/Ik+100khDYWSGwxF
CZo07gNv6baA9qPSAaUHHJenoYzzlqQ/gjU+QcfXnxb3Pt+4GHBbTW3hvxnCve34
cFhFS9/+T9y7ubPmBoBuqBTGS5epZ5xCwF+9HI0bmy2vvsSoJgd05en/ab8juLc+
D99fBmStGXf7BltzCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org