Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/pOPUTA3BTmb4ikYG4-jN1tZTOWE.roa
File:                     pOPUTA3BTmb4ikYG4-jN1tZTOWE.roa (raw, json)
Hash identifier:          iDraTvpMicSiGiaRlkTPl2t/0CApNEyn9n4IU3zguwc=
Subject key identifier:   A4:E3:D4:4C:0D:C1:4E:66:F8:8A:46:06:E3:E8:CD:D6:D6:53:39:61
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       0183C24FDE89D0DDF57F305649741C65321A
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/pOPUTA3BTmb4ikYG4-jN1tZTOWE.roa
Signing time:             Mon 10 Oct 2022 14:32:37 +0000
ROA not before:           Mon 10 Oct 2022 14:32:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20765
IP address blocks:        185.84.216.0/22 maxlen: 24
                          193.96.96.0/21 maxlen: 24
                          194.115.4.0/24 maxlen: 24
                          2a05:a880:de10::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c2:4f:de:89:d0:dd:f5:7f:30:56:49:74:1c:65:32:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Oct 10 14:32:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4e3d44c0dc14e66f88a4606e3e8cdd6d6533961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d3:d8:99:22:18:79:17:cd:fb:00:20:dd:5f:
                    dc:8c:3f:37:02:76:74:ee:0b:2f:4c:7e:10:d2:1e:
                    88:de:94:ca:5c:f2:41:0d:73:a1:ed:bb:5c:70:c9:
                    43:0a:c6:f5:e5:4e:63:b5:23:2f:8c:c9:29:21:b0:
                    88:f5:76:93:04:41:70:ee:fa:9c:a5:2c:ef:9b:fd:
                    34:89:15:17:ef:25:fd:3a:4b:0c:bd:fc:e4:66:36:
                    f9:45:1e:b1:77:5e:d6:e4:75:00:83:19:74:a3:af:
                    b4:be:e4:89:62:56:a6:73:4f:94:f0:62:3e:e1:d2:
                    e3:de:17:d1:04:6d:95:8c:52:11:9e:18:3d:08:66:
                    9d:21:8b:a6:7e:03:52:76:1a:aa:ab:dd:5c:ed:78:
                    34:1c:dd:78:5e:85:b6:62:2e:6c:5a:db:df:05:7d:
                    50:81:2d:22:28:bb:cb:65:bd:21:55:40:91:31:ff:
                    f0:0d:0c:4f:e7:70:5e:dc:bf:49:86:af:c0:6a:39:
                    c9:ef:28:7b:65:a8:f0:d9:88:18:e6:8b:97:d7:b1:
                    4b:00:3f:19:83:57:cb:e1:d0:76:eb:42:84:74:2a:
                    b6:95:e7:5c:60:b4:46:2d:46:cd:41:af:04:a1:4c:
                    30:05:ee:5f:35:a8:df:7b:81:41:65:15:1a:ae:5a:
                    52:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:E3:D4:4C:0D:C1:4E:66:F8:8A:46:06:E3:E8:CD:D6:D6:53:39:61
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/pOPUTA3BTmb4ikYG4-jN1tZTOWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.216.0/22
                  193.96.96.0/21
                  194.115.4.0/24
                IPv6:
                  2a05:a880:de10::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:db:8f:80:89:20:53:a9:d1:87:5f:0a:b8:95:57:97:52:6c:
         b4:00:31:c0:68:fd:71:a0:ad:06:ad:a5:fd:0d:f9:a8:da:d9:
         c2:8b:1a:a7:ef:c6:f8:cf:8a:15:a4:17:81:eb:ac:6e:80:15:
         7e:2a:84:c2:29:29:52:ac:90:f3:8c:7c:24:12:1a:48:28:b4:
         6f:67:4c:b9:d9:92:57:02:ab:03:92:d9:18:7d:10:9d:e6:ba:
         ab:6f:12:82:ae:d9:9e:4e:eb:0a:11:1a:2b:2c:83:b8:5f:9f:
         4e:d5:be:2f:1b:69:83:bc:c2:4e:68:e4:08:9c:a6:18:20:ea:
         3e:c0:b1:0f:a8:3f:0b:36:81:52:00:37:38:eb:38:5b:c5:c8:
         b9:3f:c7:1c:a1:2a:83:cb:dd:69:9e:1e:e6:ca:a0:5f:ba:23:
         04:ab:95:5c:a3:93:b4:12:93:81:6e:dd:56:8e:5e:f0:be:21:
         06:fe:e4:97:d9:01:36:ab:54:af:6a:d3:b7:3a:1d:af:ca:e2:
         ed:b8:4e:fc:92:3f:98:54:43:54:08:87:76:fd:83:c6:e2:a9:
         b0:7b:32:fb:b2:7f:54:48:6e:b8:92:7a:54:a7:b6:c1:51:b3:
         88:97:c6:5e:de:18:c1:0b:bb:96:65:ec:01:f5:eb:12:2f:49:
         9c:99:40:39
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYPCT96J0N31fzBWSXQcZTIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjIxMDEwMTQzMjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUzZDQ0YzBkYzE0ZTY2Zjg4YTQ2MDZlM2U4Y2RkNmQ2NTMzOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstPYmSIYeRfN+wAg3V/cjD83AnZ0
7gsvTH4Q0h6I3pTKXPJBDXOh7btccMlDCsb15U5jtSMvjMkpIbCI9XaTBEFw7vqc
pSzvm/00iRUX7yX9OksMvfzkZjb5RR6xd17W5HUAgxl0o6+0vuSJYlamc0+U8GI+
4dLj3hfRBG2VjFIRnhg9CGadIYumfgNSdhqqq91c7Xg0HN14XoW2Yi5sWtvfBX1Q
gS0iKLvLZb0hVUCRMf/wDQxP53Be3L9Jhq/AajnJ7yh7Zajw2YgY5ouX17FLAD8Z
g1fL4dB260KEdCq2ledcYLRGLUbNQa8EoUwwBe5fNajfe4FBZRUarlpS+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKTj1EwNwU5m+IpGBuPozdbWUzlhMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvcE9QVVRBM0JUbWI0aWtZRzQtak4xdFpUT1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuVTYAwQD
wWBgAwQAwnMEMA8EAgACMAkDBwAqBaiA3hAwDQYJKoZIhvcNAQELBQADggEBAFjb
j4CJIFOp0YdfCriVV5dSbLQAMcBo/XGgrQatpf0N+aja2cKLGqfvxvjPihWkF4Hr
rG6AFX4qhMIpKVKskPOMfCQSGkgotG9nTLnZklcCqwOS2Rh9EJ3muqtvEoKu2Z5O
6woRGissg7hfn07Vvi8baYO8wk5o5Aicphgg6j7AsQ+oPws2gVIANzjrOFvFyLk/
xxyhKoPL3WmeHubKoF+6IwSrlVyjk7QSk4Fu3VaOXvC+IQb+5JfZATarVK9q07c6
Ha/K4u24TvySP5hUQ1QIh3b9g8biqbB7Mvuyf1RIbriSelSntsFRs4iXxl7eGMEL
u5Zl7AH16xIvSZyZQDk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:56 2024 by rpki-client on console-ams.rpki-client.org