Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jp6HB7mB-0frR2qrNnzJKuwNgP4.roa
File:                     jp6HB7mB-0frR2qrNnzJKuwNgP4.roa (raw, json)
Hash identifier:          uxWktFdmkNYqf6Q3YPFee6ExkPaoluFLZ9qpa33hOWw=
Subject key identifier:   8E:9E:87:07:B9:81:FB:47:EB:47:6A:AB:36:7C:C9:2A:EC:0D:80:FE
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0BD0970C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jp6HB7mB-0frR2qrNnzJKuwNgP4.roa
Signing time:             Thu 10 Feb 2022 11:07:00 +0000
ROA not before:           Thu 10 Feb 2022 11:07:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          89.43.41.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.113.202.0/24 maxlen: 24
                          93.113.203.0/24 maxlen: 24
                          89.44.209.0/24 maxlen: 24
                          188.215.95.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.97.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 198219532 (0xbd0970c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Feb 10 11:07:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e9e8707b981fb47eb476aab367cc92aec0d80fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3d:9c:c5:19:04:76:2c:84:a1:07:63:13:00:
                    a4:31:9e:8e:77:01:3d:44:b4:f4:0a:0e:f9:39:97:
                    e8:86:8a:f0:5a:9c:21:3f:b0:40:47:72:22:70:b1:
                    68:cc:c0:43:0f:ad:68:5f:3a:b8:91:4c:0a:70:8c:
                    9d:83:d8:eb:37:29:28:72:14:8a:3b:2f:75:f4:d4:
                    8d:c9:63:10:71:05:09:cb:bd:bd:7f:e3:52:7f:5b:
                    fc:2c:6a:b2:50:df:bc:ae:cc:1f:f4:be:fd:0c:6b:
                    90:b6:ef:61:d3:b2:53:04:45:ae:30:c1:54:55:0d:
                    b4:fb:f7:68:71:0d:98:98:60:08:15:a2:ae:40:76:
                    7e:5e:3c:2d:6e:36:e1:16:16:b3:42:83:f9:2b:06:
                    9d:11:00:ea:a7:15:58:68:12:c5:72:cc:f6:05:b3:
                    1d:02:d4:e1:38:d9:a1:99:51:26:ab:02:48:da:68:
                    ba:81:10:ad:21:d6:db:7e:5d:b1:61:25:bf:83:1a:
                    bd:77:49:b2:c0:24:45:40:6b:b1:bd:f7:03:ad:aa:
                    8d:d8:5d:b2:89:8a:a0:2d:31:99:20:d8:35:cb:33:
                    c6:37:e4:ea:0c:e5:94:9c:be:89:d4:4f:7a:3b:c4:
                    93:78:b4:5c:51:b5:4a:52:84:15:23:7e:e8:ce:16:
                    fe:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:9E:87:07:B9:81:FB:47:EB:47:6A:AB:36:7C:C9:2A:EC:0D:80:FE
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jp6HB7mB-0frR2qrNnzJKuwNgP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  86.106.97.0/24
                  86.106.104.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/22
                  89.43.45.0-89.43.46.255
                  89.43.73.0/24
                  89.44.209.0/24
                  93.113.158.0/24
                  93.113.202.0/23
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.215.95.0/24
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         3a:20:75:ee:18:9c:93:29:a1:65:8e:03:f7:1f:b4:c0:ad:b5:
         4f:6c:6f:4b:09:7b:4f:7b:86:76:9d:20:0d:3b:c8:af:e8:4e:
         4e:e4:74:e9:1d:df:98:ad:7d:81:e6:65:04:15:d0:9a:69:21:
         68:c9:76:8c:75:b3:b5:08:2f:af:7b:50:30:92:d2:cd:cb:6a:
         fc:48:0b:e0:94:ae:f1:b9:47:af:c2:b5:32:6f:b5:36:6e:59:
         f7:10:34:77:a6:c6:5d:e9:31:eb:e0:ba:a6:f2:0e:b7:c2:33:
         e3:32:75:c7:21:05:a6:49:7c:2d:3a:50:0c:e4:74:8e:b8:dd:
         12:97:06:a3:8b:88:cd:dd:4d:4d:0f:0f:48:33:59:79:a3:7c:
         d8:d0:71:fd:33:51:18:04:53:42:da:43:3d:cc:2f:56:ae:ae:
         b1:0f:da:bc:4d:8b:4a:f8:f1:af:dc:d8:56:f4:73:3b:d8:b3:
         70:38:bd:94:7e:d9:b7:62:29:27:34:4e:30:d4:37:2e:d7:5f:
         93:a6:0a:ab:4a:79:ba:c2:a0:dd:b8:56:21:90:bf:d4:e4:30:
         e3:3c:99:05:04:a0:f1:e0:2d:a5:c2:4b:7e:5d:8e:7c:3b:59:
         8e:4f:82:88:ca:c9:32:e7:56:65:d5:2f:4a:26:44:a3:78:b5:
         81:4f:18:bf
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIEC9CXDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDIx
MDExMDcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU5ZTg3MDdiOTgx
ZmI0N2ViNDc2YWFiMzY3Y2M5MmFlYzBkODBmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL89nMUZBHYshKEHYxMApDGejncBPUS09AoO+TmX6IaK8Fqc
IT+wQEdyInCxaMzAQw+taF86uJFMCnCMnYPY6zcpKHIUijsvdfTUjcljEHEFCcu9
vX/jUn9b/CxqslDfvK7MH/S+/QxrkLbvYdOyUwRFrjDBVFUNtPv3aHENmJhgCBWi
rkB2fl48LW424RYWs0KD+SsGnREA6qcVWGgSxXLM9gWzHQLU4TjZoZlRJqsCSNpo
uoEQrSHW235dsWElv4MavXdJssAkRUBrsb33A62qjdhdsomKoC0xmSDYNcszxjfk
6gzllJy+idRPejvEk3i0XFG1SlKEFSN+6M4W/usCAwEAAaOCAqUwggKhMB0GA1Ud
DgQWBBSOnocHuYH7R+tHaqs2fMkq7A2A/jAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L2pwNkhCN21CLTBmclIycXJObnpKS3V3TmdQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ugYIKwYBBQUHAQcBAf8EgaowgacwgZMEAgABMIGMAwQAVcx9AwQAVcx/AwQAVmpQ
AwQAVmphAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSsoMAwDBABZ
Ky0DBABZKy4DBABZK0kDBABZLNEDBABdcZ4DBAFdccoDBABdcjcDBABdcmMDBABd
crsDBAC81RIDBAG810gDBAC8118DBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkq
hkiG9w0BAQsFAAOCAQEAOiB17hickymhZY4D9x+0wK21T2xvSwl7T3uGdp0gDTvI
r+hOTuR06R3fmK19geZlBBXQmmkhaMl2jHWztQgvr3tQMJLSzctq/EgL4JSu8blH
r8K1Mm+1Nm5Z9xA0d6bGXekx6+C6pvIOt8Iz4zJ1xyEFpkl8LTpQDOR0jrjdEpcG
o4uIzd1NTQ8PSDNZeaN82NBx/TNRGARTQtpDPcwvVq6usQ/avE2LSvjxr9zYVvRz
O9izcDi9lH7Zt2IpJzROMNQ3Ltdfk6YKq0p5usKg3bhWIZC/1OQw4zyZBQSg8eAt
pcJLfl2OfDtZjk+CiMrJMudWZdUvSiZEo3i1gU8Yvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org