Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa
File:                     Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa (raw, json)
Hash identifier:          tXUXEa0+183PPsII5qNoSWbotE6QTVfNR1EOx3sKcqc=
Subject key identifier:   1E:4D:B2:62:71:A5:08:6F:31:27:08:E3:24:50:73:A2:AA:41:C6:7F
Certificate issuer:       /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial:       08306294
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa
Signing time:             Mon 21 Mar 2022 16:05:55 +0000
ROA not before:           Mon 21 Mar 2022 16:05:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24663
IP address blocks:        178.23.224.0/21 maxlen: 21
                          178.23.224.0/22 maxlen: 22
                          178.23.228.0/22 maxlen: 22
                          37.200.124.0/22 maxlen: 22
                          45.150.205.0/24 maxlen: 24
                          37.200.120.0/22 maxlen: 22
                          37.200.120.0/21 maxlen: 21
                          45.150.204.0/23 maxlen: 23
                          45.150.204.0/24 maxlen: 24
                          45.150.207.0/24 maxlen: 24
                          94.127.216.0/22 maxlen: 22
                          94.127.216.0/21 maxlen: 21
                          94.127.220.0/22 maxlen: 22
                          80.250.224.0/21 maxlen: 21
                          80.250.224.0/20 maxlen: 20
                          80.250.232.0/21 maxlen: 21
                          185.30.230.0/23 maxlen: 23
                          185.30.228.0/22 maxlen: 22
                          185.30.228.0/23 maxlen: 23
                          2a03:8080::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137388692 (0x8306294)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
        Validity
            Not Before: Mar 21 16:05:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e4db26271a5086f312708e3245073a2aa41c67f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2d:81:1a:06:c3:8c:bb:14:3d:65:79:9e:de:
                    4a:5c:b0:14:e8:55:2c:85:f5:e1:d8:e0:8a:b1:d4:
                    9f:3a:01:7c:47:0a:43:30:c0:ed:72:38:43:f1:d7:
                    f9:a4:a7:aa:cc:0b:26:bc:a5:6c:7f:93:7e:43:b3:
                    1a:4b:59:22:32:22:13:d1:a4:cc:1f:99:c1:5e:2d:
                    82:27:ab:e1:c1:55:84:c0:f5:bd:8b:2b:50:12:30:
                    73:a7:8a:86:a6:54:70:42:22:d7:c5:de:fd:72:08:
                    fe:22:b7:17:af:d9:74:fc:ac:cf:c8:16:f9:39:f8:
                    44:ce:83:d6:b5:8a:d9:e5:55:0e:47:35:ba:cd:02:
                    87:b0:53:c3:ed:83:75:74:46:6b:13:92:fe:b7:fb:
                    3e:5b:0e:d1:7d:b1:d9:69:cd:32:5d:f6:49:6e:65:
                    43:d5:e5:4c:91:83:ef:a9:a3:81:ff:c1:4f:e4:68:
                    3f:8b:fe:2a:49:d9:61:b6:2d:19:01:2a:2d:c1:74:
                    2f:e5:8a:2c:bd:40:c7:c7:fb:e5:5b:e5:61:81:b5:
                    7f:35:14:2d:7f:24:ee:e5:52:74:94:85:8f:d5:b5:
                    d7:e5:a4:c2:bd:2b:c9:8b:66:d9:b1:65:e0:49:ab:
                    a5:30:42:ff:57:fa:e1:c1:ac:60:cb:63:a4:e1:92:
                    e9:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4D:B2:62:71:A5:08:6F:31:27:08:E3:24:50:73:A2:AA:41:C6:7F
            X509v3 Authority Key Identifier:
                keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.200.120.0/21
                  45.150.204.0/23
                  45.150.207.0/24
                  80.250.224.0/20
                  94.127.216.0/21
                  178.23.224.0/21
                  185.30.228.0/22
                IPv6:
                  2a03:8080::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:66:a7:ea:02:7e:c4:67:32:d1:b2:0f:6b:19:49:c3:be:96:
         12:ff:2b:7a:98:3b:b6:c9:bc:3e:de:5d:96:17:75:f4:c0:cc:
         1e:fb:bc:88:b9:69:d2:67:d7:cc:7f:1e:b6:f3:8e:da:74:60:
         de:07:a9:56:e8:80:01:5a:70:b2:18:c0:28:15:bd:3b:0a:98:
         31:fc:15:d2:1d:4a:ae:7f:02:81:c9:29:aa:f8:84:0c:62:50:
         fa:bd:de:d5:03:df:86:f8:cc:b8:d6:df:76:7a:80:d6:a0:12:
         9b:c4:04:fc:fd:b0:51:ef:31:8e:cd:d6:60:49:15:84:1f:53:
         e9:73:23:c5:74:38:31:05:83:79:03:ad:5f:29:b0:e5:e0:1c:
         e4:82:08:4a:19:a5:0c:dc:7a:00:eb:cb:d3:7b:40:c3:c1:a1:
         d5:83:0c:2d:fd:e7:07:80:ad:88:18:50:21:99:fd:2d:a9:0b:
         7f:52:7f:45:5b:08:8a:e7:e6:27:5a:01:08:ce:62:af:94:75:
         dc:85:e5:fe:82:86:f2:1f:b2:0c:ab:1b:7d:93:8c:94:a2:43:
         1c:9a:7f:93:3c:8f:f9:9a:26:ee:43:57:0b:9c:03:1e:9d:1d:
         b1:02:eb:5b:61:5e:af:32:28:17:38:ba:84:06:bb:b4:c7:fb:
         d8:33:92:28
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECDBilDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDMy
MTE2MDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU0ZGIyNjI3MWE1
MDg2ZjMxMjcwOGUzMjQ1MDczYTJhYTQxYzY3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQtgRoGw4y7FD1leZ7eSlywFOhVLIX14djgirHUnzoBfEcK
QzDA7XI4Q/HX+aSnqswLJrylbH+TfkOzGktZIjIiE9GkzB+ZwV4tgier4cFVhMD1
vYsrUBIwc6eKhqZUcEIi18Xe/XII/iK3F6/ZdPysz8gW+Tn4RM6D1rWK2eVVDkc1
us0Ch7BTw+2DdXRGaxOS/rf7PlsO0X2x2WnNMl32SW5lQ9XlTJGD76mjgf/BT+Ro
P4v+KknZYbYtGQEqLcF0L+WKLL1Ax8f75VvlYYG1fzUULX8k7uVSdJSFj9W11+Wk
wr0ryYtm2bFl4EmrpTBC/1f64cGsYMtjpOGS6W0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQeTbJicaUIbzEnCOMkUHOiqkHGfzAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L0hrMnlZbkdsQ0c4eEp3ampKRkJ6b3FwQnhuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyXIeAMEAS2WzAMEAC2WzwMEBFD6
4AMEA15/2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsF
AAOCAQEAa2an6gJ+xGcy0bIPaxlJw76WEv8repg7tsm8Pt5dlhd19MDMHvu8iLlp
0mfXzH8etvOO2nRg3gepVuiAAVpwshjAKBW9OwqYMfwV0h1Krn8CgckpqviEDGJQ
+r3e1QPfhvjMuNbfdnqA1qASm8QE/P2wUe8xjs3WYEkVhB9T6XMjxXQ4MQWDeQOt
Xymw5eAc5IIIShmlDNx6AOvL03tAw8Gh1YMMLf3nB4CtiBhQIZn9LakLf1J/RVsI
iufmJ1oBCM5ir5R13IXl/oKG8h+yDKsbfZOMlKJDHJp/kzyP+Zom7kNXC5wDHp0d
sQLrW2FerzIoFzi6hAa7tMf72DOSKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org