Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/YoHd52HicxUB0r0NZztgGltosoQ.roa
File:                     YoHd52HicxUB0r0NZztgGltosoQ.roa (raw, json)
Hash identifier:          o9QYCLFur3FOZJTThx6MIqDrHjFOkUUHkfuOaSZVr9M=
Subject key identifier:   62:81:DD:E7:61:E2:73:15:01:D2:BD:0D:67:3B:60:1A:5B:68:B2:84
Certificate issuer:       /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial:       0CD044EF
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/YoHd52HicxUB0r0NZztgGltosoQ.roa
Signing time:             Thu 02 Jun 2022 10:01:20 +0000
ROA not before:           Thu 02 Jun 2022 10:01:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2872
IP address blocks:        2.58.41.0/24 maxlen: 24
                          185.123.0.0/22 maxlen: 22
                          185.123.0.0/24 maxlen: 24
                          2.58.40.0/24 maxlen: 24
                          185.123.3.0/24 maxlen: 24
                          2.58.40.0/22 maxlen: 22
                          185.123.2.0/24 maxlen: 24
                          2.58.42.0/24 maxlen: 24
                          185.123.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214975727 (0xcd044ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
        Validity
            Not Before: Jun  2 10:01:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6281dde761e2731501d2bd0d673b601a5b68b284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d9:f1:99:55:5c:c8:5d:75:b2:f3:e0:67:41:
                    30:d0:11:89:26:84:f1:66:84:f9:2a:3c:d0:23:b5:
                    63:bf:0a:ce:82:67:e7:94:bd:dc:42:af:69:52:ae:
                    48:06:71:9d:3c:bc:d5:a7:cd:62:16:f5:51:f9:4d:
                    68:ce:ed:7f:b8:1f:a2:71:06:f7:bc:29:a3:29:71:
                    91:8f:93:87:d0:c1:8b:13:bb:70:95:93:85:21:dc:
                    d8:4a:12:6c:b3:c0:c7:ee:03:e7:65:9a:70:05:7a:
                    b2:ad:0a:db:5b:86:09:06:8e:69:58:14:81:dc:63:
                    c0:e4:23:6b:b9:fa:17:a3:62:f0:57:ec:87:c8:c7:
                    35:b3:fc:0b:86:90:30:f7:73:bc:04:2a:24:07:0f:
                    55:b1:8d:26:d6:84:db:75:51:fb:e7:e5:2f:ff:fd:
                    8e:1d:2a:a8:19:74:78:1b:be:34:51:cb:53:29:55:
                    60:ec:8a:f5:16:e1:31:52:90:a5:22:4a:bb:1c:16:
                    5e:64:b7:57:c8:de:4a:62:87:0c:c0:4a:76:f0:94:
                    7d:11:91:29:6a:bf:35:e4:10:57:1e:19:1a:c8:7a:
                    f5:a8:19:21:3b:e0:c9:b9:f4:0e:bb:be:f2:76:91:
                    82:e5:20:b5:17:8f:54:f5:73:7b:96:e4:3a:0b:78:
                    94:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:81:DD:E7:61:E2:73:15:01:D2:BD:0D:67:3B:60:1A:5B:68:B2:84
            X509v3 Authority Key Identifier:
                keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/YoHd52HicxUB0r0NZztgGltosoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.40.0/22
                  185.123.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:64:da:35:7c:9a:25:a3:90:d4:c9:d5:92:02:bb:14:bd:f8:
         66:10:11:62:9e:1c:84:a6:24:12:d7:d6:60:70:1c:6d:42:86:
         a3:9c:3a:95:ab:59:b0:7c:42:b5:95:6e:93:91:f5:99:d5:b7:
         90:d6:23:a6:9f:ee:ec:b1:1c:5e:e6:2f:75:6a:43:c6:ac:66:
         09:af:9d:6d:63:b6:30:93:0b:46:9f:eb:84:8a:de:88:82:1c:
         63:c5:03:9a:78:07:91:2e:fe:87:7c:0b:fd:19:26:06:56:ad:
         8b:a8:3f:39:b0:92:2f:9d:50:f6:ec:bb:18:f1:74:2f:03:c7:
         e7:f8:7e:1d:da:eb:6e:97:05:f1:47:2b:99:c3:cb:60:6d:3d:
         91:15:5e:57:07:ba:dc:90:7d:7b:23:19:45:76:6f:f8:e6:22:
         bf:cf:8e:ed:4c:d3:ed:a9:d1:c6:22:04:a4:65:ef:8c:10:d0:
         cc:4d:af:eb:84:8f:7f:ad:19:1b:18:49:4c:80:7f:f2:61:27:
         92:ea:d9:6c:45:6f:62:05:c1:16:a5:00:cc:8d:92:84:c4:02:
         46:b5:83:0a:d8:36:ae:cf:d1:75:f9:11:a2:20:0e:a4:bf:b1:
         56:b1:ee:80:e0:b3:7e:32:c0:20:91:82:ce:07:6c:66:b1:69:
         48:92:75:8a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDNBE7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDhmNTQzODA3M2E2MjFhZWE3NzJmNWNiN2E0ZWZkNThjNmI3NzRjMB4XDTIyMDYw
MjEwMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI4MWRkZTc2MWUy
NzMxNTAxZDJiZDBkNjczYjYwMWE1YjY4YjI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzZ8ZlVXMhddbLz4GdBMNARiSaE8WaE+So80CO1Y78KzoJn
55S93EKvaVKuSAZxnTy81afNYhb1UflNaM7tf7gfonEG97wpoylxkY+Th9DBixO7
cJWThSHc2EoSbLPAx+4D52WacAV6sq0K21uGCQaOaVgUgdxjwOQja7n6F6Ni8Ffs
h8jHNbP8C4aQMPdzvAQqJAcPVbGNJtaE23VR++flL//9jh0qqBl0eBu+NFHLUylV
YOyK9RbhMVKQpSJKuxwWXmS3V8jeSmKHDMBKdvCUfRGRKWq/NeQQVx4ZGsh69agZ
ITvgybn0Dru+8naRguUgtRePVPVze5bkOgt4lA0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRigd3nYeJzFQHSvQ1nO2AaW2iyhDAfBgNVHSMEGDAWgBStj1Q4BzpiGup3
L1y3pO/VjGt3TDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JZOVVPQWM2WWhycWR5OWN0NlR2MVl4cmQwdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvZDE0ZWY1LWY0ZGItNDNiYy04Y2NmLTE3NzhiYTI1ZDhiOS8x
L1lvSGQ1MkhpY3hVQjByME5aenRnR2x0b3NvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
ZDE0ZWY1LWY0ZGItNDNiYy04Y2NmLTE3NzhiYTI1ZDhiOS8xL3JZOVVPQWM2WWhy
cWR5OWN0NlR2MVl4cmQwdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgI6KAMEArl7ADANBgkqhkiG9w0B
AQsFAAOCAQEAf2TaNXyaJaOQ1MnVkgK7FL34ZhARYp4chKYkEtfWYHAcbUKGo5w6
latZsHxCtZVuk5H1mdW3kNYjpp/u7LEcXuYvdWpDxqxmCa+dbWO2MJMLRp/rhIre
iIIcY8UDmngHkS7+h3wL/RkmBlati6g/ObCSL51Q9uy7GPF0LwPH5/h+HdrrbpcF
8UcrmcPLYG09kRVeVwe63JB9eyMZRXZv+OYiv8+O7UzT7anRxiIEpGXvjBDQzE2v
64SPf60ZGxhJTIB/8mEnkurZbEVvYgXBFqUAzI2ShMQCRrWDCtg2rs/RdfkRoiAO
pL+xVrHugOCzfjLAIJGCzgdsZrFpSJJ1ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org