Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/y4AQ5XtqMnrWCjjbh6Zpf2o2S98.roa
File:                     y4AQ5XtqMnrWCjjbh6Zpf2o2S98.roa (raw, json)
Hash identifier:          lQVAo1C87p/o/pnIqH5kZbqcl89Iw+Ydk6Sxmk/t+DA=
Subject key identifier:   CB:80:10:E5:7B:6A:32:7A:D6:0A:38:DB:87:A6:69:7F:6A:36:4B:DF
Certificate issuer:       /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial:       0181DD54158FD962738372C6561D8630D963
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/y4AQ5XtqMnrWCjjbh6Zpf2o2S98.roa
Signing time:             Fri 08 Jul 2022 10:21:24 +0000
ROA not before:           Fri 08 Jul 2022 10:21:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.48.0/24 maxlen: 24
                          185.1.47.0/24 maxlen: 24
                          185.1.46.0/24 maxlen: 24
                          80.81.192.0/21 maxlen: 21
                          80.81.203.0/24 maxlen: 24
                          80.81.202.0/24 maxlen: 24
                          185.1.8.0/24 maxlen: 24
                          185.1.119.0/24 maxlen: 24
                          185.1.131.0/24 maxlen: 24
                          185.1.170.0/23 maxlen: 23
                          185.1.244.0/24 maxlen: 24
                          185.1.246.0/24 maxlen: 24
                          185.1.183.0/24 maxlen: 24
                          185.1.182.0/24 maxlen: 24
                          185.1.187.0/24 maxlen: 24
                          185.1.192.0/23 maxlen: 23
                          185.1.197.0/24 maxlen: 24
                          185.1.210.0/23 maxlen: 23
                          185.1.208.0/23 maxlen: 23
                          185.1.220.0/24 maxlen: 24
                          2001:7f8:10a::/48 maxlen: 48
                          2001:7f8:9e::/48 maxlen: 48
                          2001:7f8:32::/48 maxlen: 48
                          2001:7f8:106::/48 maxlen: 48
                          2001:7f8:44::/48 maxlen: 48
                          2001:7f8:3f::/48 maxlen: 48
                          2001:7f8:d5::/48 maxlen: 48
                          2001:7f8:73::/48 maxlen: 48
                          2001:7f8:3d::/48 maxlen: 48
                          2001:7f8:a0::/48 maxlen: 48
                          2001:7f8::/48 maxlen: 48
                          2001:7f8:36::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:dd:54:15:8f:d9:62:73:83:72:c6:56:1d:86:30:d9:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
        Validity
            Not Before: Jul  8 10:21:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cb8010e57b6a327ad60a38db87a6697f6a364bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2a:6b:7b:66:7d:64:c0:a6:d0:a8:7f:83:ef:
                    f3:d6:30:12:8d:84:62:00:fc:49:30:17:12:2d:2d:
                    89:01:52:a5:ca:e8:14:1a:67:93:50:ce:75:7f:92:
                    5e:4e:a7:c1:bf:2d:3d:d8:78:d0:66:aa:95:75:c4:
                    2a:a9:02:fb:dd:42:d5:8f:62:67:53:5f:8b:2a:cc:
                    ce:1d:03:38:a6:29:28:b1:14:6d:76:74:09:24:29:
                    22:d5:01:2c:fd:f2:35:bb:12:93:53:2b:7f:48:03:
                    2a:32:92:25:3b:93:38:73:9f:c3:dc:2c:67:f0:6c:
                    94:b0:90:f0:42:ca:51:aa:98:f5:76:29:bc:5e:18:
                    8f:99:ff:a4:49:c3:0a:c6:02:43:12:73:73:8c:b8:
                    f6:17:be:64:9e:05:14:b2:f9:9d:75:20:06:ff:fa:
                    df:c6:e1:75:19:37:9f:1a:1f:fe:28:6b:2f:f2:29:
                    8e:76:fd:d0:58:f3:90:9f:34:93:7c:9d:d6:35:e8:
                    9a:ce:3b:52:39:ef:af:78:1e:f7:be:b1:16:9b:90:
                    16:58:80:d3:02:4a:dd:b9:ad:65:ad:46:7c:8b:bf:
                    9b:71:d5:84:78:7d:6a:70:f1:10:bb:b8:a0:85:3e:
                    cd:dc:d0:27:89:fb:19:3e:fb:a7:85:7b:52:dc:dc:
                    d2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:80:10:E5:7B:6A:32:7A:D6:0A:38:DB:87:A6:69:7F:6A:36:4B:DF
            X509v3 Authority Key Identifier:
                keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/y4AQ5XtqMnrWCjjbh6Zpf2o2S98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.81.192.0/21
                  80.81.202.0/23
                  185.1.8.0/24
                  185.1.46.0-185.1.48.255
                  185.1.119.0/24
                  185.1.131.0/24
                  185.1.170.0/23
                  185.1.182.0/23
                  185.1.187.0/24
                  185.1.192.0/23
                  185.1.197.0/24
                  185.1.208.0/22
                  185.1.220.0/24
                  185.1.244.0/24
                  185.1.246.0/24
                IPv6:
                  2001:7f8::/48
                  2001:7f8:32::/48
                  2001:7f8:36::/48
                  2001:7f8:3d::/48
                  2001:7f8:3f::/48
                  2001:7f8:44::/48
                  2001:7f8:73::/48
                  2001:7f8:9e::/48
                  2001:7f8:a0::/48
                  2001:7f8:d5::/48
                  2001:7f8:106::/48
                  2001:7f8:10a::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:0d:c0:62:e8:55:85:1f:7b:0b:e2:96:d8:de:be:83:d1:e1:
         8a:f6:4a:62:1d:d3:04:91:63:2b:9b:45:aa:5b:5b:13:06:ed:
         61:f7:0f:5f:2b:43:87:e2:78:ac:7e:70:79:b1:41:6d:24:4e:
         c4:2a:0f:f7:4f:82:28:b2:24:64:41:30:f9:9e:dc:8a:65:3a:
         b4:52:5f:d3:a3:f5:48:5a:99:87:31:f2:ad:40:59:e7:1f:54:
         9b:e1:0b:a2:b8:91:fb:72:cc:8c:f8:9f:72:38:ef:f6:92:c0:
         3c:ad:be:af:83:e9:da:03:84:6c:28:d3:74:cb:23:5d:4f:04:
         74:dc:eb:09:59:6f:ef:35:16:e4:06:73:34:ec:bc:79:3a:0b:
         50:98:3f:b9:81:0d:6f:37:10:bb:68:51:8f:85:d7:c8:e9:02:
         c1:ae:f7:3a:12:9d:0d:a5:e6:08:1d:d8:0b:aa:b5:68:3b:6a:
         58:bc:0c:98:39:b4:aa:24:3a:72:3a:df:2e:64:62:a4:80:5d:
         02:e3:b0:9c:76:fa:07:63:f4:bf:63:09:30:6a:bb:7d:ef:d3:
         3b:ba:4c:65:e3:e1:48:f7:2c:3c:1a:6f:5d:0d:34:f8:6a:9d:
         48:e3:cd:84:4e:47:d4:e3:d2:39:de:6c:4d:f6:5a:47:b4:0e:
         8c:f7:40:70
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYHdVBWP2WJzg3LGVh2GMNljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjIwNzA4MTAyMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjgwMTBlNTdiNmEzMjdhZDYwYTM4ZGI4N2E2Njk3ZjZhMzY0YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCpre2Z9ZMCm0Kh/g+/z1jASjYRi
APxJMBcSLS2JAVKlyugUGmeTUM51f5JeTqfBvy092HjQZqqVdcQqqQL73ULVj2Jn
U1+LKszOHQM4pikosRRtdnQJJCki1QEs/fI1uxKTUyt/SAMqMpIlO5M4c5/D3Cxn
8GyUsJDwQspRqpj1dim8XhiPmf+kScMKxgJDEnNzjLj2F75kngUUsvmddSAG//rf
xuF1GTefGh/+KGsv8imOdv3QWPOQnzSTfJ3WNeiazjtSOe+veB73vrEWm5AWWIDT
Akrdua1lrUZ8i7+bcdWEeH1qcPEQu7ighT7N3NAnifsZPvunhXtS3NzSBwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFMuAEOV7ajJ61go424emaX9qNkvfMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEveTRBUTVYdHFNbnJXQ2pqYmg2WnBmMm8yUzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jBoBAIAATBiAwQDUFHA
AwQBUFHKAwQAuQEIMAwDBAG5AS4DBAC5ATADBAC5AXcDBAC5AYMDBAG5AaoDBAG5
AbYDBAC5AbsDBAG5AcADBAC5AcUDBAK5AdADBAC5AdwDBAC5AfQDBAC5AfYwcgQC
AAIwbAMHACABB/gAAAMHACABB/gAMgMHACABB/gANgMHACABB/gAPQMHACABB/gA
PwMHACABB/gARAMHACABB/gAcwMHACABB/gAngMHACABB/gAoAMHACABB/gA1QMH
ACABB/gBBgMHACABB/gBCjANBgkqhkiG9w0BAQsFAAOCAQEAIg3AYuhVhR97C+KW
2N6+g9HhivZKYh3TBJFjK5tFqltbEwbtYfcPXytDh+J4rH5webFBbSROxCoP90+C
KLIkZEEw+Z7cimU6tFJf06P1SFqZhzHyrUBZ5x9Um+ELoriR+3LMjPifcjjv9pLA
PK2+r4Pp2gOEbCjTdMsjXU8EdNzrCVlv7zUW5AZzNOy8eToLUJg/uYENbzcQu2hR
j4XXyOkCwa73OhKdDaXmCB3YC6q1aDtqWLwMmDm0qiQ6cjrfLmRipIBdAuOwnHb6
B2P0v2MJMGq7fe/TO7pMZePhSPcsPBpvXQ00+GqdSOPNhE5H1OPSOd5sTfZaR7QO
jPdAcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:51 2024 by rpki-client on console-ams.rpki-client.org