Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/zSJDeOKoYCGTqOkk_2rQPk026Ik.roa
File:                     zSJDeOKoYCGTqOkk_2rQPk026Ik.roa (raw, json)
Hash identifier:          CJ11ajhxKX6wHjy9WxX0SJZ5yLdT/2Q1ilw1dG7P+6U=
Subject key identifier:   CD:22:43:78:E2:A8:60:21:93:A8:E9:24:FF:6A:D0:3E:4D:36:E8:89
Certificate issuer:       /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial:       055E33A3
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/zSJDeOKoYCGTqOkk_2rQPk026Ik.roa
Signing time:             Tue 22 Mar 2022 10:03:33 +0000
ROA not before:           Tue 22 Mar 2022 10:03:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20803
IP address blocks:        80.66.65.0/24 maxlen: 24
                          80.66.70.0/24 maxlen: 24
                          80.66.66.0/24 maxlen: 24
                          80.66.77.0/24 maxlen: 24
                          80.66.78.0/23 maxlen: 23
                          80.66.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90059683 (0x55e33a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
        Validity
            Not Before: Mar 22 10:03:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd224378e2a8602193a8e924ff6ad03e4d36e889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:76:13:bc:b4:87:2b:e1:62:f3:a2:92:00:47:
                    c1:17:55:ae:82:da:38:20:6d:6f:af:d6:59:0a:8b:
                    5f:71:5f:e4:75:6a:44:fb:b1:ef:e7:b7:55:ce:c2:
                    59:fc:7e:1a:b5:87:ab:e1:a9:58:09:98:23:39:95:
                    05:b8:c9:6c:2c:b7:6e:e0:c2:ce:77:c3:76:db:0f:
                    3c:5c:98:fe:b3:04:bf:96:80:c9:6b:5f:68:46:16:
                    a0:ee:b1:1b:fb:69:97:3c:31:56:db:2f:01:7e:61:
                    92:4b:95:2c:7b:d1:5b:b8:28:96:62:b0:ba:41:d0:
                    c5:f1:fe:8e:46:62:e7:92:a4:18:12:ea:3d:47:b5:
                    9f:be:a5:4a:b2:8a:dd:90:27:c6:58:c0:94:4c:44:
                    97:e8:85:82:42:48:84:26:e4:32:00:72:9c:4f:f6:
                    27:b9:91:0b:8e:59:f3:6a:8a:9b:77:30:50:8d:66:
                    d3:4b:5a:74:d4:97:94:5b:f9:d6:6c:20:78:10:f8:
                    41:c3:be:b4:c2:55:29:f9:0c:5f:56:7d:9a:aa:56:
                    24:99:18:67:18:e2:93:66:e7:ba:37:ae:3a:4c:92:
                    21:99:38:2f:57:d2:61:83:6a:90:10:7b:0b:29:71:
                    89:5e:54:0d:6a:fa:fa:05:8c:fe:f1:27:1e:df:e9:
                    a4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:22:43:78:E2:A8:60:21:93:A8:E9:24:FF:6A:D0:3E:4D:36:E8:89
            X509v3 Authority Key Identifier:
                keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/zSJDeOKoYCGTqOkk_2rQPk026Ik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.65.0-80.66.66.255
                  80.66.70.0/24
                  80.66.75.0/24
                  80.66.77.0-80.66.79.255

    Signature Algorithm: sha256WithRSAEncryption
         43:a0:a7:d7:d4:6c:92:a5:c7:9b:4b:0d:88:bd:a0:92:49:08:
         8a:c1:6a:89:06:07:6e:1a:88:d4:3b:59:07:8e:9d:14:65:05:
         0c:46:80:b2:e1:ba:e3:28:f5:33:50:1f:38:47:87:43:58:b6:
         84:98:38:b9:9c:d1:5f:d8:07:27:a7:a1:88:58:dd:69:12:d0:
         60:08:42:c6:5f:7b:14:3c:a4:33:ad:3d:3c:68:17:b1:93:39:
         e2:3d:cc:34:d9:15:58:5f:99:f2:08:1d:c9:16:79:75:22:75:
         ba:a3:d3:5b:c7:70:6d:06:9e:e1:3e:92:db:58:ba:75:e1:20:
         28:c6:ed:85:ee:2e:cd:81:5c:d1:9d:b8:52:03:7d:29:94:f6:
         d0:9a:52:e1:c5:a1:7f:8b:4e:3a:c8:b2:d0:7b:73:66:fb:9e:
         77:3d:63:0c:78:c3:71:94:ef:90:a8:10:d2:fd:ea:9d:31:09:
         c3:ce:69:d5:f3:45:dd:cb:00:18:c5:db:29:7a:56:73:80:63:
         df:0a:1d:a1:b3:8e:06:c6:b3:8a:11:17:6d:ef:ef:f5:c5:95:
         b1:fc:3c:10:7a:d5:0c:2a:29:d2:fd:0a:b3:e5:5d:7f:84:7c:
         26:91:6b:1e:84:d8:41:8e:32:38:c2:41:29:9f:2e:7b:fd:a4:
         89:78:fe:8f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBV4zozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzNiNGMxMjQ4YzRiY2YyMmIwNTc3ZGZjYTliMTRkOTA2M2MyOGMwMB4XDTIyMDMy
MjEwMDMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QyMjQzNzhlMmE4
NjAyMTkzYThlOTI0ZmY2YWQwM2U0ZDM2ZTg4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMF2E7y0hyvhYvOikgBHwRdVroLaOCBtb6/WWQqLX3Ff5HVq
RPux7+e3Vc7CWfx+GrWHq+GpWAmYIzmVBbjJbCy3buDCznfDdtsPPFyY/rMEv5aA
yWtfaEYWoO6xG/tplzwxVtsvAX5hkkuVLHvRW7golmKwukHQxfH+jkZi55KkGBLq
PUe1n76lSrKK3ZAnxljAlExEl+iFgkJIhCbkMgBynE/2J7mRC45Z82qKm3cwUI1m
00tadNSXlFv51mwgeBD4QcO+tMJVKfkMX1Z9mqpWJJkYZxjik2bnujeuOkySIZk4
L1fSYYNqkBB7CylxiV5UDWr6+gWM/vEnHt/ppIECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTNIkN44qhgIZOo6ST/atA+TTboiTAfBgNVHSMEGDAWgBQHO0wSSMS88isF
d9/KmxTZBjwowDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J6dE1Fa2pFdlBJckJYZmZ5cHNVMlFZOEtNQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8x
L3pTSkRlT0tvWUNHVHFPa2tfMnJRUGswMjZJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8xL0J6dE1Fa2pFdlBJ
ckJYZmZ5cHNVMlFZOEtNQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAUEJBAwQAUEJCAwQAUEJGAwQA
UEJLMAwDBABQQk0DBARQQkAwDQYJKoZIhvcNAQELBQADggEBAEOgp9fUbJKlx5tL
DYi9oJJJCIrBaokGB24aiNQ7WQeOnRRlBQxGgLLhuuMo9TNQHzhHh0NYtoSYOLmc
0V/YByenoYhY3WkS0GAIQsZfexQ8pDOtPTxoF7GTOeI9zDTZFVhfmfIIHckWeXUi
dbqj01vHcG0GnuE+kttYunXhICjG7YXuLs2BXNGduFIDfSmU9tCaUuHFoX+LTjrI
stB7c2b7nnc9Ywx4w3GU75CoENL96p0xCcPOadXzRd3LABjF2yl6VnOAY98KHaGz
jgbGs4oRF23v7/XFlbH8PBB61QwqKdL9CrPlXX+EfCaRax6E2EGOMjjCQSmfLnv9
pIl4/o8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:38 2024 by rpki-client on console-fra.rpki-client.org