Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa
File:                     hSbr5yWZKFBjE_xWqSR_y4pKads.roa (raw, json)
Hash identifier:          izT42JT8qGmQJiYAZ4rPUrkAPSKQnf1LuHA2vvZZyxs=
Subject key identifier:   85:26:EB:E7:25:99:28:50:63:13:FC:56:A9:24:7F:CB:8A:4A:69:DB
Certificate issuer:       /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial:       088D3D81
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa
Signing time:             Thu 05 May 2022 19:05:40 +0000
ROA not before:           Thu 05 May 2022 19:05:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24663
IP address blocks:        94.127.216.0/21 maxlen: 24
                          178.23.224.0/21 maxlen: 24
                          80.250.224.0/20 maxlen: 24
                          37.200.120.0/21 maxlen: 24
                          45.150.204.0/23 maxlen: 24
                          45.150.207.0/24 maxlen: 24
                          185.30.228.0/22 maxlen: 24
                          2a03:8080::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143474049 (0x88d3d81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
        Validity
            Not Before: May  5 19:05:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8526ebe7259928506313fc56a9247fcb8a4a69db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:17:d2:d1:c2:9d:eb:e2:be:ea:a9:bd:23:68:
                    65:6a:26:10:28:8e:93:3f:8f:c6:8d:5b:46:37:75:
                    f5:db:e3:99:37:60:14:3e:91:39:a9:27:b1:b2:cd:
                    2d:4a:c2:25:38:df:ae:ff:e2:88:b8:d2:ab:97:aa:
                    f1:80:ee:64:17:07:43:52:e8:ae:9c:97:d0:79:a3:
                    90:68:08:db:cf:c5:32:25:b1:42:2e:ed:41:99:51:
                    ce:81:a2:8e:20:75:66:54:6b:00:dc:6f:0b:fc:df:
                    47:00:f9:e4:99:ef:0b:22:49:82:9f:96:a3:d3:7c:
                    1d:61:f1:68:37:13:53:69:fe:4f:dc:8f:63:db:09:
                    3d:17:f0:a9:62:a2:94:76:1e:60:c4:aa:60:0a:6b:
                    e7:d3:b6:90:c8:f9:1f:5d:e6:87:26:18:09:b6:af:
                    6f:1a:93:cf:dd:f2:16:2f:58:bc:83:87:96:9e:24:
                    5b:41:a4:0d:b0:e9:f5:ee:e0:d3:f2:6b:72:f5:6f:
                    ed:80:4f:19:ac:0e:6d:47:e4:74:e6:17:1f:d8:57:
                    37:33:00:25:bd:b8:ca:60:17:4a:42:d6:56:05:7a:
                    f6:cb:e8:85:e0:b6:73:4e:c0:4a:05:3b:65:54:5c:
                    43:de:30:e9:38:15:79:c3:5a:d1:0e:ae:64:c3:4a:
                    ea:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:26:EB:E7:25:99:28:50:63:13:FC:56:A9:24:7F:CB:8A:4A:69:DB
            X509v3 Authority Key Identifier:
                keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.200.120.0/21
                  45.150.204.0/23
                  45.150.207.0/24
                  80.250.224.0/20
                  94.127.216.0/21
                  178.23.224.0/21
                  185.30.228.0/22
                IPv6:
                  2a03:8080::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:ac:8c:72:cf:45:c0:4e:79:d8:7d:21:81:d5:4f:aa:08:c7:
         7c:4d:e9:f1:3b:3c:cb:a2:f6:0a:ef:dd:fc:59:39:ee:69:57:
         82:d2:6f:65:10:c0:d6:51:31:6e:a5:8c:09:e8:ab:b0:f1:a9:
         01:18:2a:46:22:22:12:ce:43:0f:06:32:56:3f:34:19:d7:42:
         18:5f:9a:2b:3f:87:22:c4:c5:17:07:0a:44:b2:37:2c:22:5c:
         a2:11:4a:5d:6e:03:4f:43:ca:6a:51:ea:9c:38:95:13:46:3c:
         ed:dc:48:ad:79:5b:1c:01:bf:12:dd:cc:57:c7:9c:bb:15:f1:
         5f:f9:9e:67:0c:77:c8:12:62:fe:84:a9:da:6b:84:38:d3:2f:
         4e:76:d1:36:a7:83:c5:ae:e7:40:47:91:9c:7b:70:7f:c4:14:
         07:5d:fa:51:d2:22:e1:5d:9c:d1:23:1e:95:4b:70:79:68:83:
         9a:4e:fa:27:08:00:8e:53:84:15:5e:fe:d2:a5:e8:d5:94:78:
         47:80:c7:04:ca:78:22:a3:a8:22:2f:70:9f:37:f5:6d:81:4b:
         9b:5c:40:11:69:dd:6f:74:ff:f9:b4:6e:66:f9:7e:6e:85:94:
         1e:4a:0f:92:aa:21:c2:42:2f:c6:31:dd:79:99:bd:28:c1:08:
         f8:ef:91:bc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECI09gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDUw
NTE5MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUyNmViZTcyNTk5
Mjg1MDYzMTNmYzU2YTkyNDdmY2I4YTRhNjlkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkX0tHCnevivuqpvSNoZWomECiOkz+Pxo1bRjd19dvjmTdg
FD6ROaknsbLNLUrCJTjfrv/iiLjSq5eq8YDuZBcHQ1LorpyX0HmjkGgI28/FMiWx
Qi7tQZlRzoGijiB1ZlRrANxvC/zfRwD55JnvCyJJgp+Wo9N8HWHxaDcTU2n+T9yP
Y9sJPRfwqWKilHYeYMSqYApr59O2kMj5H13mhyYYCbavbxqTz93yFi9YvIOHlp4k
W0GkDbDp9e7g0/JrcvVv7YBPGawObUfkdOYXH9hXNzMAJb24ymAXSkLWVgV69svo
heC2c07ASgU7ZVRcQ94w6TgVecNa0Q6uZMNK6g0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSFJuvnJZkoUGMT/FapJH/Likpp2zAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L2hTYnI1eVdaS0ZCakVfeFdxU1JfeTRwS2Fkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyXIeAMEAS2WzAMEAC2WzwMEBFD6
4AMEA15/2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsF
AAOCAQEAGayMcs9FwE552H0hgdVPqgjHfE3p8Ts8y6L2Cu/d/Fk57mlXgtJvZRDA
1lExbqWMCeirsPGpARgqRiIiEs5DDwYyVj80GddCGF+aKz+HIsTFFwcKRLI3LCJc
ohFKXW4DT0PKalHqnDiVE0Y87dxIrXlbHAG/Et3MV8ecuxXxX/meZwx3yBJi/oSp
2muEONMvTnbRNqeDxa7nQEeRnHtwf8QUB136UdIi4V2c0SMelUtweWiDmk76JwgA
jlOEFV7+0qXo1ZR4R4DHBMp4IqOoIi9wnzf1bYFLm1xAEWndb3T/+bRuZvl+boWU
HkoPkqohwkIvxjHdeZm9KMEI+O+RvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org