Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/BzoMkHslm4Ovzk8hDl6miAGlii8.roa
File:                     BzoMkHslm4Ovzk8hDl6miAGlii8.roa (raw, json)
Hash identifier:          UcQhxWnk3jCkySs5U+bUjhU24263NkvHJtBmdeU6Lb0=
Subject key identifier:   07:3A:0C:90:7B:25:9B:83:AF:CE:4F:21:0E:5E:A6:88:01:A5:8A:2F
Certificate issuer:       /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial:       040DCC19
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/BzoMkHslm4Ovzk8hDl6miAGlii8.roa
Signing time:             Thu 20 Jan 2022 14:04:16 +0000
ROA not before:           Thu 20 Jan 2022 14:04:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30742
IP address blocks:        185.115.80.0/22 maxlen: 22
                          176.118.180.0/22 maxlen: 24
                          82.198.192.0/19 maxlen: 24
                          80.245.132.0/22 maxlen: 22
                          185.48.224.0/22 maxlen: 22
                          80.245.136.0/21 maxlen: 21
                          185.43.24.0/22 maxlen: 22
                          2a01:9b60::/32 maxlen: 32
                          2a03:9980::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68013081 (0x40dcc19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
        Validity
            Not Before: Jan 20 14:04:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=073a0c907b259b83afce4f210e5ea68801a58a2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:09:81:90:4a:10:b7:34:50:21:3e:d0:d5:a8:
                    ab:55:5d:92:ca:d8:72:43:a7:eb:b5:3b:8d:f1:4f:
                    db:37:04:b3:6f:8e:42:9b:76:37:88:8c:67:96:d9:
                    9b:b5:8e:38:42:59:1e:8d:c1:17:95:75:24:4e:57:
                    56:3c:8f:0b:df:5a:4c:c5:89:a9:75:62:46:7d:71:
                    8f:2f:52:36:fb:ef:ec:00:08:4e:e7:25:68:0a:0f:
                    ad:41:bd:6d:14:03:b1:a7:1c:f9:9b:0e:c7:f7:b1:
                    d9:7b:3e:8c:47:cb:88:a6:d4:60:e1:61:bc:e7:af:
                    a9:e2:30:9f:98:4f:98:73:53:f5:f9:81:02:93:d9:
                    62:97:d3:95:8f:d9:7c:a3:31:d7:0f:7e:ea:bd:05:
                    c7:1c:b1:cb:db:cb:61:14:eb:ef:94:87:02:69:83:
                    f1:c1:9b:e8:30:c8:bc:d8:05:98:de:76:36:26:2f:
                    44:c9:5b:ad:2c:0a:69:29:d3:37:73:5c:18:e9:6a:
                    2b:cc:10:df:40:eb:f0:7b:a5:09:be:b3:12:c4:92:
                    1e:65:58:a9:9a:4d:b2:c8:0b:0b:a9:8e:1b:73:c9:
                    2e:c1:56:cd:7a:32:74:3a:5f:ac:bb:4d:87:6f:98:
                    f4:34:78:95:61:19:ce:6a:b0:b8:31:6b:d2:5e:98:
                    c5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3A:0C:90:7B:25:9B:83:AF:CE:4F:21:0E:5E:A6:88:01:A5:8A:2F
            X509v3 Authority Key Identifier:
                keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/BzoMkHslm4Ovzk8hDl6miAGlii8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.245.132.0-80.245.143.255
                  82.198.192.0/19
                  176.118.180.0/22
                  185.43.24.0/22
                  185.48.224.0/22
                  185.115.80.0/22
                IPv6:
                  2a01:9b60::/32
                  2a03:9980::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:9d:a6:4f:00:f5:97:a5:3c:e3:23:f3:7e:b3:9e:25:d3:dc:
         fb:e9:5b:26:6d:f4:29:f8:9f:73:af:46:37:38:94:ea:a7:cb:
         63:69:0c:ac:3d:2b:6b:d6:6d:fe:2b:63:75:03:a2:19:05:ba:
         a3:6a:de:ff:78:11:47:91:e1:dd:c8:a4:6d:46:c9:2f:00:d2:
         76:ad:b0:df:8b:64:9f:14:5c:bb:3e:e1:6e:c8:5f:87:9c:13:
         d7:d2:e7:bb:05:7b:25:52:12:e7:52:84:e6:4d:b3:38:88:70:
         9e:b7:22:9f:a4:2a:43:e8:b9:1e:07:2b:00:5c:20:73:7a:2a:
         38:50:06:f2:65:df:46:60:b3:34:6d:6b:7c:4b:dc:d1:a7:18:
         66:ea:f7:98:51:70:b3:29:18:c4:e5:57:6d:5e:32:74:37:b3:
         0e:f8:4b:06:bf:bd:20:a1:3e:62:da:39:22:15:0f:c3:4f:0e:
         09:3f:32:94:4a:55:47:81:15:8b:1d:b7:d3:75:ac:e2:c6:3c:
         c3:ac:e0:fa:b4:8e:2b:c0:bb:33:e0:19:69:39:04:e9:17:40:
         5b:02:56:18:55:7e:d0:b0:5f:da:86:05:a2:9c:10:8b:c4:a3:
         d9:3c:63:c2:d0:35:02:04:f7:ce:76:98:9d:e9:f0:87:6a:04:
         17:33:8f:ae
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBA3MGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZWM0YTY3ZGJlZDc0NDRkZGQyN2U4MDBmYjZjMjEwMTNhNWIxMWM2MB4XDTIyMDEy
MDE0MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDczYTBjOTA3YjI1
OWI4M2FmY2U0ZjIxMGU1ZWE2ODgwMWE1OGEyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcJgZBKELc0UCE+0NWoq1VdksrYckOn67U7jfFP2zcEs2+O
Qpt2N4iMZ5bZm7WOOEJZHo3BF5V1JE5XVjyPC99aTMWJqXViRn1xjy9SNvvv7AAI
TuclaAoPrUG9bRQDsacc+ZsOx/ex2Xs+jEfLiKbUYOFhvOevqeIwn5hPmHNT9fmB
ApPZYpfTlY/ZfKMx1w9+6r0Fxxyxy9vLYRTr75SHAmmD8cGb6DDIvNgFmN52NiYv
RMlbrSwKaSnTN3NcGOlqK8wQ30Dr8HulCb6zEsSSHmVYqZpNssgLC6mOG3PJLsFW
zXoydDpfrLtNh2+Y9DR4lWEZzmqwuDFr0l6YxScCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQHOgyQeyWbg6/OTyEOXqaIAaWKLzAfBgNVHSMEGDAWgBSOxKZ9vtdETd0n
6AD7bCEBOlsRxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pzU21mYjdYUkUzZEotZ0EtMndoQVRwYkVjWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZTdhMmYxLTJlMTAtNGViZS05MWIzLTBjZWY1MTJmNTAwOS8x
L0J6b01rSHNsbTRPdnprOGhEbDZtaUFHbGlpOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZTdhMmYxLTJlMTAtNGViZS05MWIzLTBjZWY1MTJmNTAwOS8xL2pzU21mYjdYUkUz
ZEotZ0EtMndoQVRwYkVjWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowMgQCAAEwLDAMAwQCUPWEAwQEUPWAAwQFUsbAAwQC
sHa0AwQCuSsYAwQCuTDgAwQCuXNQMBQEAgACMA4DBQAqAZtgAwUAKgOZgDANBgkq
hkiG9w0BAQsFAAOCAQEAFp2mTwD1l6U84yPzfrOeJdPc++lbJm30Kfifc69GNziU
6qfLY2kMrD0ra9Zt/itjdQOiGQW6o2re/3gRR5Hh3cikbUbJLwDSdq2w34tknxRc
uz7hbshfh5wT19LnuwV7JVIS51KE5k2zOIhwnrcin6QqQ+i5HgcrAFwgc3oqOFAG
8mXfRmCzNG1rfEvc0acYZur3mFFwsykYxOVXbV4ydDezDvhLBr+9IKE+Yto5IhUP
w08OCT8ylEpVR4EVix2303Ws4sY8w6zg+rSOK8C7M+AZaTkE6RdAWwJWGFV+0LBf
2oYFopwQi8Sj2TxjwtA1AgT3znaYnenwh2oEFzOPrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org