Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/_0A-iqY5cgW_UTlsw0flMWDUezs.roa
File:                     _0A-iqY5cgW_UTlsw0flMWDUezs.roa (raw, json)
Hash identifier:          17+03jDqe7iypT/hynZAVo3DymQiuJymvIfcmtEFuPQ=
Subject key identifier:   FF:40:3E:8A:A6:39:72:05:BF:51:39:6C:C3:47:E5:31:60:D4:7B:3B
Certificate issuer:       /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial:       03E9D9A9
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/_0A-iqY5cgW_UTlsw0flMWDUezs.roa
Signing time:             Sat 01 Jan 2022 13:57:30 +0000
ROA not before:           Sat 01 Jan 2022 13:57:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39729
IP address blocks:        195.110.100.0/23 maxlen: 24
                          195.110.102.0/23 maxlen: 24
                          195.110.104.0/23 maxlen: 24
                          195.110.112.0/24 maxlen: 24
                          195.110.107.0/24 maxlen: 24
                          195.110.118.0/23 maxlen: 24
                          195.110.120.0/23 maxlen: 24
                          195.110.122.0/23 maxlen: 24
                          195.110.124.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65657257 (0x3e9d9a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
        Validity
            Not Before: Jan  1 13:57:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ff403e8aa6397205bf51396cc347e53160d47b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:94:b0:49:e1:55:3c:2a:e0:9e:76:bf:6c:eb:
                    f7:c7:d8:28:d9:25:04:c8:2b:34:54:f1:81:5d:85:
                    b5:37:97:6f:53:ab:6a:7c:77:cd:80:4a:f7:b8:9a:
                    4d:3f:6f:26:a6:02:fa:8e:19:b9:15:cb:f5:9b:ce:
                    17:d7:61:54:fe:40:ec:d8:87:80:67:2c:a6:be:e7:
                    32:46:6d:4b:6b:8a:40:7f:89:4b:ac:5e:be:5c:16:
                    e1:fe:94:4c:56:5c:55:70:ed:19:82:f7:24:1d:89:
                    66:8e:0c:61:6a:0d:58:6c:c8:dc:5a:5e:8a:00:ef:
                    04:d2:82:75:fc:b3:61:41:fe:e3:19:af:94:7d:1f:
                    af:f7:e3:87:8e:cd:b7:9f:34:59:fb:82:55:b2:92:
                    9f:00:b9:41:fa:ea:e6:bd:a0:e5:0c:4d:47:ee:4f:
                    86:35:27:2c:10:10:9f:5e:8b:1b:cf:75:d4:b8:01:
                    1b:8c:68:42:9b:50:c5:99:9a:7f:7c:5e:82:08:e7:
                    d8:2e:f1:66:fb:0d:dd:ce:a3:2f:1b:78:e6:c8:cc:
                    19:94:9e:37:08:73:05:2b:5b:fd:0a:e2:5b:a4:26:
                    da:92:84:81:84:62:7f:48:38:87:77:5f:e7:5b:f9:
                    c1:17:c0:e3:63:1e:df:59:8a:50:b4:10:8e:9a:b3:
                    18:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:40:3E:8A:A6:39:72:05:BF:51:39:6C:C3:47:E5:31:60:D4:7B:3B
            X509v3 Authority Key Identifier:
                keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/_0A-iqY5cgW_UTlsw0flMWDUezs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.110.100.0-195.110.105.255
                  195.110.107.0/24
                  195.110.112.0/24
                  195.110.118.0-195.110.127.255

    Signature Algorithm: sha256WithRSAEncryption
         22:48:3e:a7:d1:58:dd:df:e6:ac:74:72:eb:8d:69:fb:5e:0b:
         6b:ea:4a:ad:57:fe:1b:fc:70:5e:1d:9f:e1:ad:f0:b8:ea:08:
         93:17:25:0f:b1:7b:d9:41:1f:c8:28:c3:44:e3:37:f2:c8:95:
         40:44:0a:f8:71:9e:45:73:d0:59:ff:43:15:82:77:41:e1:d7:
         86:3b:ea:6c:08:2a:ad:06:22:90:95:f8:f3:b0:c0:1f:1e:d4:
         c2:5f:c0:f6:c9:53:00:43:14:5c:2d:93:d4:95:9d:62:0b:2f:
         12:88:0d:f9:dd:f8:87:5e:fe:23:66:11:e0:f3:58:29:60:a2:
         62:33:ad:6a:3d:1e:68:e7:08:18:93:62:60:61:c0:a4:58:56:
         f0:85:2d:d5:3d:be:51:3b:ec:96:48:90:d8:fa:b3:a7:eb:66:
         11:ba:96:82:78:3c:77:6e:c0:11:ea:7b:21:d2:6c:0e:22:ea:
         b1:1a:b1:bb:5e:1b:b0:97:59:36:59:7e:8f:3a:4a:23:2d:c0:
         a1:95:e1:29:8f:b9:ab:92:ac:ed:e5:12:f2:2e:d4:57:b1:9f:
         d4:c5:e1:45:01:c3:bc:e0:b1:62:43:4e:4e:6f:44:fa:ff:8e:
         85:ba:a8:ab:1a:81:42:33:0d:33:33:d9:66:3f:8d:ae:1d:74:
         23:0e:64:fe
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEA+nZqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGRiNzQ3YjI4OTcxN2EwNjg0Y2Q2YWM4MjMwN2FhNjdiYjJkN2JiMB4XDTIyMDEw
MTEzNTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY0MDNlOGFhNjM5
NzIwNWJmNTEzOTZjYzM0N2U1MzE2MGQ0N2IzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOaUsEnhVTwq4J52v2zr98fYKNklBMgrNFTxgV2FtTeXb1Or
anx3zYBK97iaTT9vJqYC+o4ZuRXL9ZvOF9dhVP5A7NiHgGcspr7nMkZtS2uKQH+J
S6xevlwW4f6UTFZcVXDtGYL3JB2JZo4MYWoNWGzI3FpeigDvBNKCdfyzYUH+4xmv
lH0fr/fjh47Nt580WfuCVbKSnwC5Qfrq5r2g5QxNR+5PhjUnLBAQn16LG8911LgB
G4xoQptQxZmaf3xeggjn2C7xZvsN3c6jLxt45sjMGZSeNwhzBStb/QriW6Qm2pKE
gYRif0g4h3df51v5wRfA42Me31mKULQQjpqzGPkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBT/QD6KpjlyBb9ROWzDR+UxYNR7OzAfBgNVHSMEGDAWgBSE23R7KJcXoGhM
1qyCMHqme7LXuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hOdDBleWlYRjZCb1ROYXNnakI2cG51eTE3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNzE0MmIxLTcwOTEtNGQzYS1iZDZkLTlmZTdlZTljMDM2OC8x
L18wQS1pcVk1Y2dXX1VUbHN3MGZsTVdEVWV6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NzE0MmIxLTcwOTEtNGQzYS1iZDZkLTlmZTdlZTljMDM2OC8xL2hOdDBleWlYRjZC
b1ROYXNnakI2cG51eTE3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQCw25kAwQBw25oAwQAw25rAwQA
w25wMAwDBAHDbnYDBAfDbgAwDQYJKoZIhvcNAQELBQADggEBACJIPqfRWN3f5qx0
cuuNafteC2vqSq1X/hv8cF4dn+Gt8LjqCJMXJQ+xe9lBH8gow0TjN/LIlUBECvhx
nkVz0Fn/QxWCd0Hh14Y76mwIKq0GIpCV+POwwB8e1MJfwPbJUwBDFFwtk9SVnWIL
LxKIDfnd+Ide/iNmEeDzWClgomIzrWo9HmjnCBiTYmBhwKRYVvCFLdU9vlE77JZI
kNj6s6frZhG6loJ4PHduwBHqeyHSbA4i6rEasbteG7CXWTZZfo86SiMtwKGV4SmP
uauSrO3lEvIu1Fexn9TF4UUBw7zgsWJDTk5vRPr/joW6qKsagUIzDTMz2WY/ja4d
dCMOZP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:02 2024 by rpki-client on console-fra.rpki-client.org