Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/0IpoTnq7Avb_YB4m9P32b0OFbVk.roa
File:                     0IpoTnq7Avb_YB4m9P32b0OFbVk.roa (raw, json)
Hash identifier:          RIVTxeWcJ+yZa64NgqgLqVHoGJfqrlEwNd024UnleHs=
Subject key identifier:   D0:8A:68:4E:7A:BB:02:F6:FF:60:1E:26:F4:FD:F6:6F:43:85:6D:59
Certificate issuer:       /CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Certificate serial:       0AEEA589
Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/0IpoTnq7Avb_YB4m9P32b0OFbVk.roa
Signing time:             Sat 01 Jan 2022 15:07:30 +0000
ROA not before:           Sat 01 Jan 2022 15:07:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31742
IP address blocks:        185.119.20.0/22 maxlen: 22
                          93.191.24.0/21 maxlen: 21
                          46.255.248.0/21 maxlen: 21
                          212.85.252.0/22 maxlen: 22
                          83.137.224.0/21 maxlen: 21
                          2a00:d300::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 183412105 (0xaeea589)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611
        Validity
            Not Before: Jan  1 15:07:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d08a684e7abb02f6ff601e26f4fdf66f43856d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:94:82:ff:43:3d:77:bf:c2:b2:16:0f:5f:4c:
                    4b:12:a0:cd:35:24:bf:1e:82:9c:a5:25:92:b0:5d:
                    24:30:2e:ad:2c:4f:3a:6e:0e:13:74:3f:39:0c:49:
                    f5:cb:df:3a:6a:18:ce:f5:f4:71:f5:b7:9f:61:ce:
                    d5:5b:7c:92:9a:8a:66:31:eb:d8:ad:7f:4a:e4:05:
                    ff:90:5b:de:9f:78:6f:0b:d2:80:3b:d9:ac:60:8e:
                    32:78:df:e4:df:4f:69:cf:87:f4:9e:21:01:df:31:
                    6a:7b:21:51:2f:14:6a:aa:0b:37:5e:cc:96:05:54:
                    f9:38:32:35:21:0c:ca:1e:7a:77:e0:0e:4e:8c:70:
                    0e:0d:a5:17:07:9e:e4:41:ee:39:29:3b:5d:03:d0:
                    f6:0b:77:e7:ff:c6:0b:00:51:bc:ba:19:4c:48:57:
                    80:86:38:0b:e2:97:65:25:89:fa:ea:c0:74:7c:f0:
                    51:ee:fb:6b:f6:b1:73:93:fa:75:8d:2c:31:e7:63:
                    3b:7e:c3:03:a6:08:4a:44:8b:71:f3:6b:7a:df:dd:
                    73:99:5d:34:63:f6:d6:9c:62:ed:80:d3:d9:3e:06:
                    99:0a:94:ed:b6:3d:d6:f3:a0:f8:7b:59:b0:27:a0:
                    55:44:ab:82:6d:b1:43:f5:0c:ad:46:8c:a3:9e:e8:
                    88:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:8A:68:4E:7A:BB:02:F6:FF:60:1E:26:F4:FD:F6:6F:43:85:6D:59
            X509v3 Authority Key Identifier:
                keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/0IpoTnq7Avb_YB4m9P32b0OFbVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.255.248.0/21
                  83.137.224.0/21
                  93.191.24.0/21
                  185.119.20.0/22
                  212.85.252.0/22
                IPv6:
                  2a00:d300::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:f1:73:a9:ff:6e:92:c0:b7:37:0b:47:1c:88:ae:87:23:1b:
         8c:11:56:06:19:17:c5:b2:ae:01:4e:e0:f0:d3:6d:7e:38:a2:
         e3:90:78:db:6a:4e:7f:85:b5:c0:e9:a9:dc:a3:df:20:a8:57:
         a5:8e:61:e7:29:73:f0:66:a1:a2:e3:79:d4:72:35:1a:b3:49:
         90:e9:e8:73:ff:a7:86:bb:01:c9:ee:18:51:2a:f8:c0:b5:19:
         7c:44:94:63:d0:bb:10:25:c2:c1:95:3b:47:d2:79:3f:ee:65:
         61:8a:1f:bc:0f:cb:e2:20:3b:7c:58:18:e5:54:8d:e2:3c:d8:
         da:1e:94:56:21:bb:04:0f:e9:6c:d8:98:ee:36:75:a8:07:32:
         96:02:98:93:67:c5:58:ae:87:08:c2:bd:19:5a:26:32:52:dd:
         af:70:1b:86:c3:eb:2d:c2:96:1b:a6:0b:b2:01:2a:44:8e:37:
         77:69:de:b4:cf:d0:fd:28:41:0c:f5:f0:57:6f:24:2a:5e:07:
         4e:52:89:74:22:26:d2:7f:c6:fa:06:bf:7a:e2:1e:91:82:02:
         b2:b2:f7:8c:97:8c:95:1e:73:87:66:a6:a3:5c:42:75:7e:d0:
         ac:02:f3:67:64:4b:38:50:79:35:8c:b9:07:e0:88:b8:54:b7:
         2e:ab:7f:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECu6liTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjY2MjI0YmNmYjhiODJkZWFhYmFjOGM0Y2EyNTAzNzFiOTc0NjExMB4XDTIyMDEw
MTE1MDczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA4YTY4NGU3YWJi
MDJmNmZmNjAxZTI2ZjRmZGY2NmY0Mzg1NmQ1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJeUgv9DPXe/wrIWD19MSxKgzTUkvx6CnKUlkrBdJDAurSxP
Om4OE3Q/OQxJ9cvfOmoYzvX0cfW3n2HO1Vt8kpqKZjHr2K1/SuQF/5Bb3p94bwvS
gDvZrGCOMnjf5N9Pac+H9J4hAd8xanshUS8UaqoLN17MlgVU+TgyNSEMyh56d+AO
ToxwDg2lFwee5EHuOSk7XQPQ9gt35//GCwBRvLoZTEhXgIY4C+KXZSWJ+urAdHzw
Ue77a/axc5P6dY0sMedjO37DA6YISkSLcfNret/dc5ldNGP21pxi7YDT2T4GmQqU
7bY91vOg+HtZsCegVUSrgm2xQ/UMrUaMo57oiLkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTQimhOersC9v9gHib0/fZvQ4VtWTAfBgNVHSMEGDAWgBTPZiJLz7i4Leqr
rIxMolA3G5dGETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3oyWWlTOC00dUMzcXE2eU1US0pRTnh1WFJoRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMTk2YjcxLTU4N2UtNDA5OS1iZGIyLWI5NTRjNTBmZGJiMC8x
LzBJcG9UbnE3QXZiX1lCNG05UDMyYjBPRmJWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MTk2YjcxLTU4N2UtNDA5OS1iZGIyLWI5NTRjNTBmZGJiMC8xL3oyWWlTOC00dUMz
cXE2eU1US0pRTnh1WFJoRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy7/+AMEA1OJ4AMEA12/GAMEArl3
FAMEAtRV/DANBAIAAjAHAwUAKgDTADANBgkqhkiG9w0BAQsFAAOCAQEAU/Fzqf9u
ksC3NwtHHIiuhyMbjBFWBhkXxbKuAU7g8NNtfjii45B422pOf4W1wOmp3KPfIKhX
pY5h5ylz8GahouN51HI1GrNJkOnoc/+nhrsBye4YUSr4wLUZfESUY9C7ECXCwZU7
R9J5P+5lYYofvA/L4iA7fFgY5VSN4jzY2h6UViG7BA/pbNiY7jZ1qAcylgKYk2fF
WK6HCMK9GVomMlLdr3AbhsPrLcKWG6YLsgEqRI43d2netM/Q/ShBDPXwV28kKl4H
TlKJdCIm0n/G+ga/euIekYICsrL3jJeMlR5zh2amo1xCdX7QrALzZ2RLOFB5NYy5
B+CIuFS3Lqt//g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:41 2024 by rpki-client on console-ams.rpki-client.org