Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa
File:                     Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa (raw, json)
Hash identifier:          yg32YhWPUZSzDqSo5c+DlNXDtpWIcYK6kTcLN/U4yiM=
Subject key identifier:   06:8E:80:59:7F:27:B6:7A:29:59:F6:B3:43:8B:A3:72:C0:8D:95:FE
Certificate issuer:       /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial:       077722CF
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa
Signing time:             Sat 01 Jan 2022 15:04:33 +0000
ROA not before:           Sat 01 Jan 2022 15:04:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24663
IP address blocks:        178.23.224.0/21 maxlen: 21
                          178.23.224.0/22 maxlen: 22
                          178.23.228.0/22 maxlen: 22
                          37.200.124.0/22 maxlen: 22
                          45.150.205.0/24 maxlen: 24
                          37.200.120.0/22 maxlen: 22
                          37.200.120.0/21 maxlen: 21
                          45.150.204.0/23 maxlen: 23
                          45.150.204.0/24 maxlen: 24
                          94.127.216.0/22 maxlen: 22
                          94.127.216.0/21 maxlen: 21
                          94.127.220.0/22 maxlen: 22
                          80.250.224.0/20 maxlen: 20
                          80.250.224.0/21 maxlen: 21
                          80.250.232.0/21 maxlen: 21
                          185.30.230.0/23 maxlen: 23
                          185.30.228.0/22 maxlen: 22
                          185.30.228.0/23 maxlen: 23
                          2a03:8080::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125248207 (0x77722cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
        Validity
            Not Before: Jan  1 15:04:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=068e80597f27b67a2959f6b3438ba372c08d95fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a3:20:f0:14:3e:7d:5e:b8:77:80:55:ca:c3:
                    30:43:dc:ec:33:21:9c:2d:e3:6c:ba:b0:e4:58:a9:
                    99:21:97:b1:cc:74:41:4b:62:b5:3d:43:fd:dd:1d:
                    69:6a:8e:3d:8e:cf:8b:0f:99:87:39:57:96:d3:f8:
                    f5:af:9b:25:b9:30:d1:07:66:ec:8a:b3:2c:62:30:
                    1e:b7:68:c7:9f:0a:28:10:4a:e1:a8:0f:64:b1:8d:
                    33:5d:3a:1c:54:c0:e6:6a:bb:a9:67:95:06:f9:66:
                    43:4e:48:0c:4a:a9:be:e9:a6:a1:af:4f:f9:55:a5:
                    5d:48:eb:0b:0c:34:5b:b1:9e:74:fd:38:fe:03:2f:
                    a8:57:2e:9d:14:d5:c8:4e:ef:55:2f:b6:25:dc:b4:
                    00:bb:5e:e7:3d:44:2d:33:e9:76:73:dc:95:0f:3f:
                    9d:59:a7:c3:61:de:38:8e:4e:9d:ca:2b:da:15:df:
                    c1:66:59:2d:a9:43:64:27:04:64:9b:ba:55:3f:7b:
                    82:23:f6:26:6c:e5:5c:6e:dc:db:0c:cb:b2:9d:0a:
                    76:b1:ba:5c:79:8b:bf:5d:67:74:42:2c:74:93:64:
                    b8:5d:24:ea:d8:f2:12:85:95:45:c3:d5:8f:81:8c:
                    92:d0:a5:2c:03:0b:20:ed:73:4e:85:2a:92:fb:71:
                    94:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:8E:80:59:7F:27:B6:7A:29:59:F6:B3:43:8B:A3:72:C0:8D:95:FE
            X509v3 Authority Key Identifier:
                keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.200.120.0/21
                  45.150.204.0/23
                  80.250.224.0/20
                  94.127.216.0/21
                  178.23.224.0/21
                  185.30.228.0/22
                IPv6:
                  2a03:8080::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:19:97:d0:8a:34:c8:da:c2:5e:9e:ee:3c:92:13:28:a8:64:
         98:8a:d0:ac:37:e2:e5:7c:e6:97:3e:83:a0:c5:8e:9b:a0:f0:
         d8:8c:31:34:ef:16:06:37:dd:67:96:9f:21:1d:37:1f:84:54:
         72:95:ba:10:4f:11:5c:cd:ce:23:c0:21:56:e3:ec:e4:70:8e:
         6b:f8:14:5a:8e:bf:de:59:1a:8e:d3:a0:1c:ed:f8:6c:92:09:
         cf:b2:99:02:66:c1:c2:28:04:58:7c:45:d8:34:16:9a:e8:7e:
         ab:3f:2e:c5:af:dc:64:06:1e:b9:5d:a5:09:26:f2:36:66:cc:
         71:c2:5e:6d:b8:f2:3c:2f:78:68:ac:55:ca:89:0e:fa:b5:74:
         2d:cd:89:78:7f:20:d0:d8:c8:f8:c6:8f:c2:f6:6b:16:fb:90:
         7c:10:44:0a:cc:16:12:ba:85:16:18:dc:4d:26:e7:0f:cb:6a:
         96:d0:d8:13:cd:9c:0f:12:8f:26:26:25:46:6c:a6:5e:d9:0b:
         67:b4:18:1b:f4:25:49:75:b4:12:17:b5:9f:74:6b:bc:bd:3e:
         a8:12:5a:0e:04:e5:03:92:9a:b2:06:1a:c9:ba:2e:f2:52:6a:
         4d:2f:4f:1b:d0:37:7f:64:4d:31:7d:b3:5d:0c:12:79:5b:46:
         4b:81:52:2d
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEB3cizzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDEw
MTE1MDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY4ZTgwNTk3ZjI3
YjY3YTI5NTlmNmIzNDM4YmEzNzJjMDhkOTVmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKujIPAUPn1euHeAVcrDMEPc7DMhnC3jbLqw5FipmSGXscx0
QUtitT1D/d0daWqOPY7Piw+ZhzlXltP49a+bJbkw0Qdm7IqzLGIwHrdox58KKBBK
4agPZLGNM106HFTA5mq7qWeVBvlmQ05IDEqpvummoa9P+VWlXUjrCww0W7GedP04
/gMvqFcunRTVyE7vVS+2Jdy0ALte5z1ELTPpdnPclQ8/nVmnw2HeOI5Oncor2hXf
wWZZLalDZCcEZJu6VT97giP2JmzlXG7c2wzLsp0KdrG6XHmLv11ndEIsdJNkuF0k
6tjyEoWVRcPVj4GMktClLAMLIO1zToUqkvtxlKkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQGjoBZfye2eilZ9rNDi6NywI2V/jAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L0JvNkFXWDhudG5vcFdmYXpRNHVqY3NDTmxmNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyXIeAMEAS2WzAMEBFD64AMEA15/
2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsFAAOCAQEA
YxmX0Io0yNrCXp7uPJITKKhkmIrQrDfi5Xzmlz6DoMWOm6Dw2IwxNO8WBjfdZ5af
IR03H4RUcpW6EE8RXM3OI8AhVuPs5HCOa/gUWo6/3lkajtOgHO34bJIJz7KZAmbB
wigEWHxF2DQWmuh+qz8uxa/cZAYeuV2lCSbyNmbMccJebbjyPC94aKxVyokO+rV0
Lc2JeH8g0NjI+MaPwvZrFvuQfBBECswWErqFFhjcTSbnD8tqltDYE82cDxKPJiYl
RmymXtkLZ7QYG/QlSXW0Ehe1n3RrvL0+qBJaDgTlA5KasgYaybou8lJqTS9PG9A3
f2RNMX2zXQwSeVtGS4FSLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org