Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/cY6iuMShpSGibgf6Fyc_HF5aEYI.roa
File:                     cY6iuMShpSGibgf6Fyc_HF5aEYI.roa (raw, json)
Hash identifier:          BnEj8a9q65fveCm48SZ+Er3eJE7+1BWCP0sH/FAG6ek=
Subject key identifier:   71:8E:A2:B8:C4:A1:A5:21:A2:6E:07:FA:17:27:3F:1C:5E:5A:11:82
Certificate issuer:       /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial:       15ECF83A
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/cY6iuMShpSGibgf6Fyc_HF5aEYI.roa
Signing time:             Sat 01 Jan 2022 04:01:39 +0000
ROA not before:           Sat 01 Jan 2022 04:01:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20850
IP address blocks:        193.189.96.0/23 maxlen: 24
                          95.69.248.0/22 maxlen: 23
                          95.69.250.0/23 maxlen: 24
                          188.230.118.0/23 maxlen: 24
                          188.230.120.0/22 maxlen: 23
                          188.230.124.0/24 maxlen: 24
                          188.230.126.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 367851578 (0x15ecf83a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
        Validity
            Not Before: Jan  1 04:01:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=718ea2b8c4a1a521a26e07fa17273f1c5e5a1182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:30:8a:c6:ba:6c:25:6a:30:ae:b0:9a:2b:1a:
                    69:75:15:2a:cf:58:df:73:73:de:77:04:06:0c:a7:
                    7e:b1:1d:de:9c:20:e3:5d:88:76:8d:8e:7f:e2:2b:
                    ba:2d:9e:39:46:ac:b8:04:43:c5:da:12:a3:f1:6e:
                    50:8d:77:3b:7d:fa:54:01:26:9d:9f:53:86:54:d6:
                    e1:50:08:09:ed:18:b1:91:0c:85:e3:b5:85:3c:67:
                    91:c2:6a:dd:bb:a1:42:47:d6:63:9e:87:b9:06:97:
                    83:40:33:31:d2:24:d0:39:7a:9b:84:a5:0e:d0:bf:
                    0f:c4:6f:61:3c:89:db:ef:3f:f7:44:8f:55:26:fb:
                    f3:d3:9c:5f:b1:88:a9:d4:07:a0:30:75:39:70:d2:
                    66:9c:e2:05:d3:fc:48:72:cf:2e:fd:d3:33:bc:74:
                    53:37:93:89:ff:ee:2e:ba:26:1a:83:4a:61:78:23:
                    a7:99:e8:38:ae:2d:be:64:10:b5:c3:69:2a:90:74:
                    98:1e:eb:2b:27:93:3a:0d:c2:89:30:4a:f8:1e:12:
                    53:58:30:19:82:d7:40:52:ac:50:b0:eb:ef:db:38:
                    f3:e6:a4:37:f3:d5:33:4f:2e:38:23:60:ac:38:67:
                    ef:aa:63:b0:44:7b:b8:13:33:4e:28:09:69:19:2d:
                    c0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:8E:A2:B8:C4:A1:A5:21:A2:6E:07:FA:17:27:3F:1C:5E:5A:11:82
            X509v3 Authority Key Identifier:
                keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/cY6iuMShpSGibgf6Fyc_HF5aEYI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.69.248.0/22
                  188.230.118.0-188.230.124.255
                  188.230.126.0/23
                  193.189.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:c2:09:9d:f0:3c:a0:05:fb:35:c4:12:d8:a0:59:c9:6f:82:
         a0:41:52:1a:95:ef:ab:e1:7e:7f:5a:b2:d4:7b:43:ac:ff:ad:
         7c:0d:90:4d:40:87:45:77:9c:e2:2e:04:45:d0:5a:77:7c:d8:
         d7:da:e7:6e:52:42:bd:9f:4c:c8:8d:db:14:7b:13:9e:e1:8b:
         c9:9e:ed:3e:e4:2c:5e:45:27:9e:ba:f7:c1:43:d0:6a:f8:e3:
         81:1c:df:4a:d4:07:94:ec:2a:45:7f:3b:77:d1:72:6e:53:f1:
         c8:e4:db:a9:05:26:23:6d:83:7f:db:7f:dc:68:72:70:51:95:
         5b:00:4e:56:2c:8d:17:19:9f:c4:b3:3e:af:84:9f:c2:76:0b:
         1e:86:75:e2:09:19:a8:e8:dd:d0:7d:b2:81:55:e2:fe:19:df:
         d4:d6:20:1a:c0:ab:bb:f0:35:84:0b:1a:81:a4:dd:7b:8d:98:
         e3:f7:5d:b0:20:03:7c:e0:23:c1:f7:63:41:ef:56:fd:f6:e8:
         e2:bd:14:c5:6b:b7:e6:11:3f:4d:f6:05:b1:85:de:9f:cb:4d:
         23:8c:0f:86:2b:75:e7:b1:10:a9:59:2b:fc:f8:c4:b6:81:90:
         b1:3d:3a:e6:a8:7f:16:6a:04:24:b7:65:f8:b4:ea:11:c6:53:
         d0:a7:a0:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEFez4OjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDVlZGEwYTFlNzQ3OWM0Y2E3OGZlNDFjNThkMTdlOWQxM2I2N2FhMB4XDTIyMDEw
MTA0MDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE4ZWEyYjhjNGEx
YTUyMWEyNmUwN2ZhMTcyNzNmMWM1ZTVhMTE4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQwisa6bCVqMK6wmisaaXUVKs9Y33Nz3ncEBgynfrEd3pwg
412Ido2Of+Irui2eOUasuARDxdoSo/FuUI13O336VAEmnZ9ThlTW4VAICe0YsZEM
heO1hTxnkcJq3buhQkfWY56HuQaXg0AzMdIk0Dl6m4SlDtC/D8RvYTyJ2+8/90SP
VSb789OcX7GIqdQHoDB1OXDSZpziBdP8SHLPLv3TM7x0UzeTif/uLromGoNKYXgj
p5noOK4tvmQQtcNpKpB0mB7rKyeTOg3CiTBK+B4SU1gwGYLXQFKsULDr79s48+ak
N/PVM08uOCNgrDhn76pjsER7uBMzTigJaRktwOsCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRxjqK4xKGlIaJuB/oXJz8cXloRgjAfBgNVHSMEGDAWgBStXtoKHnR5xMp4
/kHFjRfp0TtnqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JWN2FDaDUwZWNUS2VQNUJ4WTBYNmRFN1o2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZmViYjE4LWU3OGEtNGQxMi04MGEyLTk0NGNlN2VlYjE1NC8x
L2NZNml1TVNocFNHaWJnZjZGeWNfSEY1YUVZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZmViYjE4LWU3OGEtNGQxMi04MGEyLTk0NGNlN2VlYjE1NC8xL3JWN2FDaDUwZWNU
S2VQNUJ4WTBYNmRFN1o2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAl9F+DAMAwQBvOZ2AwQAvOZ8AwQB
vOZ+AwQBwb1gMA0GCSqGSIb3DQEBCwUAA4IBAQA0wgmd8DygBfs1xBLYoFnJb4Kg
QVIale+r4X5/WrLUe0Os/618DZBNQIdFd5ziLgRF0Fp3fNjX2uduUkK9n0zIjdsU
exOe4YvJnu0+5CxeRSeeuvfBQ9Bq+OOBHN9K1AeU7CpFfzt30XJuU/HI5NupBSYj
bYN/23/caHJwUZVbAE5WLI0XGZ/Esz6vhJ/CdgsehnXiCRmo6N3QfbKBVeL+Gd/U
1iAawKu78DWECxqBpN17jZjj912wIAN84CPB92NB71b99ujivRTFa7fmET9N9gWx
hd6fy00jjA+GK3XnsRCpWSv8+MS2gZCxPTrmqH8WagQkt2X4tOoRxlPQp6BV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:35 2024 by rpki-client on console-fra.rpki-client.org