Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa
File:                     hooMq8c-22OJg--k3PS-Fi587mg.roa (raw, json)
Hash identifier:          uCZs0fgvwFEnADL9Q6ShXNaE6xf3x8njQkY/aQU0I4Y=
Subject key identifier:   86:8A:0C:AB:C7:3E:DB:63:89:83:EF:A4:DC:F4:BE:16:2E:7C:EE:68
Certificate issuer:       /CN=934959adebf7de943555bca2508807eb913ce6f2
Certificate serial:       15E948FC
Authority key identifier: 93:49:59:AD:EB:F7:DE:94:35:55:BC:A2:50:88:07:EB:91:3C:E6:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k0lZrev33pQ1VbyiUIgH65E85vI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa
Signing time:             Sat 01 Jan 2022 00:52:01 +0000
ROA not before:           Sat 01 Jan 2022 00:52:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201739
IP address blocks:        185.22.252.0/22 maxlen: 22
                          185.22.252.0/24 maxlen: 24
                          185.22.253.0/24 maxlen: 24
                          185.22.255.0/24 maxlen: 24
                          185.22.254.0/24 maxlen: 24
                          45.152.2.0/24 maxlen: 24
                          45.152.3.0/24 maxlen: 24
                          45.152.0.0/22 maxlen: 22
                          45.152.0.0/24 maxlen: 24
                          45.152.1.0/24 maxlen: 24
                          185.65.111.0/24 maxlen: 24
                          185.65.109.0/24 maxlen: 24
                          185.65.110.0/24 maxlen: 24
                          185.65.108.0/22 maxlen: 22
                          185.65.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 367610108 (0x15e948fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=934959adebf7de943555bca2508807eb913ce6f2
        Validity
            Not Before: Jan  1 00:52:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=868a0cabc73edb638983efa4dcf4be162e7cee68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:28:da:61:f5:1d:66:cd:20:1d:0f:2f:98:b8:
                    02:48:34:a6:b1:f7:36:07:7b:80:15:2d:58:8a:a1:
                    c2:4a:48:44:19:e1:46:8a:97:e4:37:ae:6c:ca:66:
                    96:da:f0:82:65:09:ea:a5:15:92:df:fc:23:47:34:
                    00:09:86:be:20:0e:dd:6e:26:8c:06:de:18:05:2e:
                    50:86:39:f2:5d:25:7f:ac:63:09:91:16:7a:05:c9:
                    b7:26:1b:d0:72:ac:1f:a7:e9:ad:fd:54:ab:f5:af:
                    78:3a:e9:01:ab:c9:29:58:e7:af:4e:72:8c:2f:b6:
                    d0:6c:2a:20:22:6d:d9:95:77:39:db:f0:a5:79:ee:
                    b5:1c:74:f0:bd:1f:75:11:48:e9:ff:a4:25:db:07:
                    54:62:0c:dd:95:51:03:97:5a:8d:3f:2c:72:fd:44:
                    c5:06:1a:28:24:1b:ba:b3:3c:72:35:0c:58:d7:a6:
                    1d:a5:12:87:fc:dd:22:10:2e:f7:b1:a5:38:de:70:
                    6f:d2:33:84:5c:78:e7:21:d3:b7:1e:b6:23:89:20:
                    c9:ed:0c:fe:e4:9d:a0:44:43:c1:8a:5f:1f:27:f8:
                    38:e3:3a:3f:7f:3d:76:7a:72:48:43:58:e1:6a:75:
                    e7:5b:3d:9d:63:71:65:3c:50:10:5b:70:ad:b0:71:
                    e7:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:8A:0C:AB:C7:3E:DB:63:89:83:EF:A4:DC:F4:BE:16:2E:7C:EE:68
            X509v3 Authority Key Identifier:
                keyid:93:49:59:AD:EB:F7:DE:94:35:55:BC:A2:50:88:07:EB:91:3C:E6:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0lZrev33pQ1VbyiUIgH65E85vI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/k0lZrev33pQ1VbyiUIgH65E85vI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.0.0/22
                  185.22.252.0/22
                  185.65.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a8:4e:e3:3d:df:32:96:fb:23:a0:96:81:5e:21:9f:21:f1:94:
         e2:ad:7d:06:33:ab:78:40:66:8d:e8:67:fb:6b:77:3f:3b:41:
         c9:9a:6d:3e:eb:f2:f0:7e:5b:80:6e:4d:94:8e:5a:05:48:b3:
         33:ec:8c:fd:43:3b:d0:ea:0c:a4:21:e0:b2:be:d2:e8:76:bf:
         4c:90:43:c3:e1:79:6f:ca:db:d0:40:93:3a:a3:ef:90:1d:0f:
         f2:6d:14:a0:67:c8:88:23:6c:fc:f0:83:2c:da:81:46:8e:95:
         f9:a6:9a:b5:4b:4d:e0:79:19:d2:08:d4:34:5a:69:bd:38:e6:
         10:d6:af:66:5a:71:cc:ad:6b:ec:a0:6f:f1:df:c1:c9:89:27:
         30:77:5d:87:ab:d1:0b:31:d2:1d:30:cf:de:6c:f6:e1:d6:66:
         98:ce:6d:42:f8:18:48:7d:7b:18:5b:31:47:c7:4e:b0:2a:12:
         e4:19:79:97:93:dc:29:db:ba:09:4c:32:ca:33:84:9e:b0:e8:
         7a:62:5b:e1:93:2f:aa:eb:82:a4:b6:79:cf:88:11:b5:81:d5:
         11:dd:72:5b:37:f6:3f:ff:e0:3d:56:a1:d6:44:b7:8f:36:35:
         eb:86:f9:54:dd:d7:20:0e:f4:98:32:f0:33:09:00:67:c7:ec:
         8f:ba:4d:25
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFelI/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzQ5NTlhZGViZjdkZTk0MzU1NWJjYTI1MDg4MDdlYjkxM2NlNmYyMB4XDTIyMDEw
MTAwNTIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4YTBjYWJjNzNl
ZGI2Mzg5ODNlZmE0ZGNmNGJlMTYyZTdjZWU2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOso2mH1HWbNIB0PL5i4Akg0prH3Ngd7gBUtWIqhwkpIRBnh
RoqX5DeubMpmltrwgmUJ6qUVkt/8I0c0AAmGviAO3W4mjAbeGAUuUIY58l0lf6xj
CZEWegXJtyYb0HKsH6fprf1Uq/WveDrpAavJKVjnr05yjC+20GwqICJt2ZV3Odvw
pXnutRx08L0fdRFI6f+kJdsHVGIM3ZVRA5dajT8scv1ExQYaKCQburM8cjUMWNem
HaUSh/zdIhAu97GlON5wb9IzhFx45yHTtx62I4kgye0M/uSdoERDwYpfHyf4OOM6
P389dnpySENY4Wp151s9nWNxZTxQEFtwrbBx520CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSGigyrxz7bY4mD76Tc9L4WLnzuaDAfBgNVHSMEGDAWgBSTSVmt6/felDVV
vKJQiAfrkTzm8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2swbFpyZXYzM3BRMVZieWlVSWdINjVFODV2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMTc1NzYyLTY5MjktNGU3MC1iM2ViLWZiMGVlNWY5OTdkYS8x
L2hvb01xOGMtMjJPSmctLWszUFMtRmk1ODdtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MTc1NzYyLTY5MjktNGU3MC1iM2ViLWZiMGVlNWY5OTdkYS8xL2swbFpyZXYzM3BR
MVZieWlVSWdINjVFODV2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2YAAMEArkW/AMEArlBbDANBgkq
hkiG9w0BAQsFAAOCAQEAqE7jPd8ylvsjoJaBXiGfIfGU4q19BjOreEBmjehn+2t3
PztByZptPuvy8H5bgG5NlI5aBUizM+yM/UM70OoMpCHgsr7S6Ha/TJBDw+F5b8rb
0ECTOqPvkB0P8m0UoGfIiCNs/PCDLNqBRo6V+aaatUtN4HkZ0gjUNFppvTjmENav
ZlpxzK1r7KBv8d/ByYknMHddh6vRCzHSHTDP3mz24dZmmM5tQvgYSH17GFsxR8dO
sCoS5Bl5l5PcKdu6CUwyyjOEnrDoemJb4ZMvquuCpLZ5z4gRtYHVEd1yWzf2P//g
PVah1kS3jzY164b5VN3XIA70mDLwMwkAZ8fsj7pNJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org