Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/4lIYUwDA4v7Y3LzmNbewDni93r8.roa
File:                     4lIYUwDA4v7Y3LzmNbewDni93r8.roa (raw, json)
Hash identifier:          vV5xbQ+IW752Agj3EWzjRVdj5ZHPuss61Wdv7Th160A=
Subject key identifier:   E2:52:18:53:00:C0:E2:FE:D8:DC:BC:E6:35:B7:B0:0E:78:BD:DE:BF
Certificate issuer:       /CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
Certificate serial:       04F04E4A
Authority key identifier: A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/4lIYUwDA4v7Y3LzmNbewDni93r8.roa
Signing time:             Wed 27 Apr 2022 14:42:27 +0000
ROA not before:           Wed 27 Apr 2022 14:42:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209620
IP address blocks:        193.58.88.0/22 maxlen: 24
                          193.58.91.0/24 maxlen: 24
                          194.55.240.0/22 maxlen: 24
                          2a0c:94c0::/29 maxlen: 48
                          2a0c:cbc0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82857546 (0x4f04e4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
        Validity
            Not Before: Apr 27 14:42:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e252185300c0e2fed8dcbce635b7b00e78bddebf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d6:b5:fb:9c:6e:11:02:7f:5c:78:09:78:d7:
                    ab:5e:10:93:24:fa:85:26:aa:7b:67:1d:1a:a9:be:
                    a8:72:b2:d0:33:db:6a:7c:f6:d7:0e:1f:9e:df:e7:
                    1a:68:b1:0d:1c:47:4a:4a:46:75:e7:75:bb:0a:08:
                    59:ac:ca:7f:a7:60:52:16:12:bf:7e:e0:5b:0e:d9:
                    4e:c4:1f:73:a8:3f:77:33:61:73:ee:15:14:4c:d2:
                    9b:44:c0:de:ce:08:26:3b:11:42:d0:b8:63:a5:6a:
                    2f:95:dc:38:dd:b4:be:82:4a:25:4f:c9:fb:cb:07:
                    76:ab:d6:0d:cb:f7:f5:dd:d4:a0:77:fe:3e:66:c4:
                    e0:19:f5:44:0d:99:01:7d:3d:21:37:8b:6a:f2:35:
                    9c:4f:cb:09:23:59:82:eb:f4:de:84:d2:b1:14:62:
                    9e:36:d6:29:7c:40:d8:39:e7:61:be:85:65:83:c7:
                    55:63:29:a5:cf:8b:ca:c8:2d:ef:e4:2b:e8:d8:8a:
                    09:7a:07:c5:5f:3f:41:93:47:f0:e1:ea:79:27:f6:
                    fc:92:9c:da:36:ad:bf:cc:d7:45:54:18:e0:f1:72:
                    e9:87:14:a8:a8:d9:83:21:e4:d5:6a:12:ec:ce:df:
                    30:21:cc:36:c2:d3:47:23:8d:d5:df:77:52:be:68:
                    06:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:52:18:53:00:C0:E2:FE:D8:DC:BC:E6:35:B7:B0:0E:78:BD:DE:BF
            X509v3 Authority Key Identifier:
                keyid:A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/4lIYUwDA4v7Y3LzmNbewDni93r8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/qCP-ba2K1P2u5t1pg8HlXN6EgqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.88.0/22
                  194.55.240.0/22
                IPv6:
                  2a0c:94c0::/29
                  2a0c:cbc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         56:df:f0:6c:78:3c:19:3c:8e:6a:00:40:2c:46:7c:e8:c6:d7:
         d5:c5:60:b8:5c:de:bb:96:3e:80:18:db:39:8c:93:aa:e6:ab:
         ae:ad:fc:37:c3:e9:71:1d:5e:e5:b7:46:85:55:57:26:63:ba:
         22:71:b0:0c:4e:7f:58:f3:14:4f:85:a9:0d:d5:d7:66:2e:b4:
         2e:a9:f7:57:4b:89:08:b6:c3:15:74:22:9c:87:88:92:a1:a5:
         28:34:4c:10:83:7c:cc:b5:7c:56:00:18:29:c9:71:13:57:55:
         f3:c5:05:74:2d:f8:90:7e:f0:f0:71:ec:d1:78:48:03:3b:12:
         48:8c:db:7c:07:7f:c7:30:26:33:95:aa:d1:b8:8d:c5:fb:8b:
         cd:ca:dc:f6:e8:6e:1b:a2:df:62:9b:7c:a4:4d:97:ef:46:88:
         07:c5:cb:57:f9:f4:41:75:09:7c:1a:13:e7:7a:93:74:fc:2d:
         87:ed:76:8c:12:7b:47:73:a3:79:d7:7e:c7:c4:90:d7:e5:0c:
         a0:96:e0:77:53:d0:bb:06:11:38:9b:d9:30:22:15:fc:cf:ae:
         7a:24:17:7f:7f:76:bb:6c:53:ad:7a:73:be:bd:e2:c0:03:0e:
         c4:a2:e0:93:1d:d8:50:2c:fe:44:7e:2c:8c:06:af:1e:da:02:
         4b:17:43:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBPBOSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODIzZmU2ZGFkOGFkNGZkYWVlNmRkNjk4M2MxZTU1Y2RlODQ4MmEyMB4XDTIyMDQy
NzE0NDIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI1MjE4NTMwMGMw
ZTJmZWQ4ZGNiY2U2MzViN2IwMGU3OGJkZGViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3WtfucbhECf1x4CXjXq14QkyT6hSaqe2cdGqm+qHKy0DPb
anz21w4fnt/nGmixDRxHSkpGded1uwoIWazKf6dgUhYSv37gWw7ZTsQfc6g/dzNh
c+4VFEzSm0TA3s4IJjsRQtC4Y6VqL5XcON20voJKJU/J+8sHdqvWDcv39d3UoHf+
PmbE4Bn1RA2ZAX09ITeLavI1nE/LCSNZguv03oTSsRRinjbWKXxA2DnnYb6FZYPH
VWMppc+Lysgt7+Qr6NiKCXoHxV8/QZNH8OHqeSf2/JKc2jatv8zXRVQY4PFy6YcU
qKjZgyHk1WoS7M7fMCHMNsLTRyON1d93Ur5oBs0CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTiUhhTAMDi/tjcvOY1t7AOeL3evzAfBgNVHSMEGDAWgBSoI/5trYrU/a7m
3WmDweVc3oSCojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FDUC1iYTJLMVAydTV0MXBnOEhsWE42RWdxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMDM4NTYwLTI2ZDYtNDU1ZC1hOGY0LTliZmRmMjI1MTI2Ny8x
LzRsSVlVd0RBNHY3WTNMem1OYmV3RG5pOTNyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MDM4NTYwLTI2ZDYtNDU1ZC1hOGY0LTliZmRmMjI1MTI2Ny8xL3FDUC1iYTJLMVAy
dTV0MXBnOEhsWE42RWdxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAsE6WAMEAsI38DAUBAIAAjAOAwUD
KgyUwAMFAyoMy8AwDQYJKoZIhvcNAQELBQADggEBAFbf8Gx4PBk8jmoAQCxGfOjG
19XFYLhc3ruWPoAY2zmMk6rmq66t/DfD6XEdXuW3RoVVVyZjuiJxsAxOf1jzFE+F
qQ3V12YutC6p91dLiQi2wxV0IpyHiJKhpSg0TBCDfMy1fFYAGCnJcRNXVfPFBXQt
+JB+8PBx7NF4SAM7EkiM23wHf8cwJjOVqtG4jcX7i83K3Pbobhui32KbfKRNl+9G
iAfFy1f59EF1CXwaE+d6k3T8LYftdowSe0dzo3nXfsfEkNflDKCW4HdT0LsGETib
2TAiFfzPrnokF39/drtsU616c7694sADDsSi4JMd2FAs/kR+LIwGrx7aAksXQ9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:17 2024 by rpki-client on console-fra.rpki-client.org