Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TQBPjbt2NQSQxP6woDxyvoT-8VI.roa
File:                     TQBPjbt2NQSQxP6woDxyvoT-8VI.roa (raw, json)
Hash identifier:          Gr9T5b3efMO46b5kZuGPGsHBK8iMTvilUBjWGECxols=
Subject key identifier:   4D:00:4F:8D:BB:76:35:04:90:C4:FE:B0:A0:3C:72:BE:84:FE:F1:52
Certificate issuer:       /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial:       068DECD6
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TQBPjbt2NQSQxP6woDxyvoT-8VI.roa
Signing time:             Thu 10 Feb 2022 06:32:26 +0000
ROA not before:           Thu 10 Feb 2022 06:32:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.66.203.0/24 maxlen: 24
                          185.66.202.0/24 maxlen: 24
                          185.237.7.0/24 maxlen: 24
                          82.115.214.0/24 maxlen: 24
                          2a07:e3c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109964502 (0x68decd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
        Validity
            Not Before: Feb 10 06:32:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d004f8dbb76350490c4feb0a03c72be84fef152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:53:75:6a:fc:ef:38:cb:f1:31:f0:fd:50:
                    99:6f:bd:b6:55:e3:1d:76:ac:4d:d7:af:49:e3:fd:
                    91:6b:a7:10:d9:0c:16:a1:46:e3:f6:aa:7a:7c:10:
                    9a:c6:18:1f:85:8c:ab:c8:9e:a7:a1:16:b4:6a:32:
                    f2:b4:51:9b:ed:06:a4:24:6d:db:9b:69:77:68:da:
                    65:27:02:76:53:84:86:56:ff:e7:cc:fc:d6:d5:5c:
                    40:5f:c9:97:56:9a:0d:86:fb:b4:c2:aa:0f:39:1a:
                    4c:b6:1a:a8:52:3b:38:58:66:a9:65:1a:76:be:7d:
                    72:e3:b2:aa:0e:4c:16:23:e0:61:fc:a2:dd:cb:b6:
                    9c:f5:1c:85:f6:94:b5:31:35:6e:f3:20:d6:cf:54:
                    ad:e0:c7:74:3b:d2:3e:fb:a4:ff:f6:c0:84:4c:08:
                    67:cd:ba:40:6b:f4:d0:31:f0:0b:9c:85:43:34:69:
                    8b:5d:6f:ec:70:f9:77:69:e5:ed:50:7e:e3:26:cd:
                    4c:88:6a:49:4e:1c:82:0b:51:87:73:85:ed:6a:aa:
                    cd:94:ec:e0:90:5d:7d:3e:52:0b:ec:c7:27:9d:c1:
                    3d:ad:50:6d:58:e4:51:11:be:d5:95:98:71:49:09:
                    7a:33:09:60:0f:22:a0:2e:91:d9:da:1c:92:a0:27:
                    a1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:00:4F:8D:BB:76:35:04:90:C4:FE:B0:A0:3C:72:BE:84:FE:F1:52
            X509v3 Authority Key Identifier:
                keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TQBPjbt2NQSQxP6woDxyvoT-8VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.214.0/24
                  185.66.202.0/23
                  185.237.7.0/24
                IPv6:
                  2a07:e3c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:3f:8d:c4:33:5e:98:4a:a3:77:52:a5:13:e5:bb:1f:1a:17:
         d1:2a:af:6d:92:2e:00:ee:49:5a:57:5d:90:a1:00:e6:1a:4f:
         dc:7b:79:3b:e2:f1:1f:ad:40:2e:6f:d3:08:86:3c:07:ce:da:
         0c:93:97:f0:d5:8d:d9:dd:e5:9e:af:18:43:44:17:e0:6b:b6:
         da:7c:02:e5:96:f6:2f:26:cc:51:c9:b7:1e:34:c5:f6:04:8e:
         99:d9:52:ae:a3:81:2f:c5:58:23:44:ea:b8:4f:c5:cb:2b:c9:
         eb:47:4d:0a:cf:d8:3b:a2:47:72:ad:23:30:81:05:6a:07:d1:
         ac:21:8c:7f:7a:13:c8:cc:08:b1:6c:14:ee:de:24:a2:52:fd:
         1c:ce:8c:8f:a8:00:6a:51:f8:4d:9f:0a:a3:f2:c1:a5:9f:6c:
         a7:2e:a7:d0:ef:68:3e:10:ea:12:c4:a9:65:c3:dc:9e:76:60:
         f3:ed:49:5e:e7:62:af:b1:db:dd:14:d7:d9:1f:ef:bd:c4:db:
         ba:c4:83:d8:37:4f:37:f8:44:37:49:ad:23:0d:7d:5c:89:b6:
         c9:e0:e2:5e:a3:6b:55:6c:27:5a:d1:aa:a9:68:97:a3:29:40:
         61:d3:11:bf:b4:b7:aa:73:51:ea:01:dd:cd:a1:f0:24:55:e9:
         d7:1b:41:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBo3s1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODgwMWJlMjM2M2YyMTFiZDJmNTc4MThhZGVhZjljMGRiZTE0YmRiMB4XDTIyMDIx
MDA2MzIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQwMDRmOGRiYjc2
MzUwNDkwYzRmZWIwYTAzYzcyYmU4NGZlZjE1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyBU3Vq/O84y/Ex8P1QmW+9tlXjHXasTdevSeP9kWunENkM
FqFG4/aqenwQmsYYH4WMq8iep6EWtGoy8rRRm+0GpCRt25tpd2jaZScCdlOEhlb/
58z81tVcQF/Jl1aaDYb7tMKqDzkaTLYaqFI7OFhmqWUadr59cuOyqg5MFiPgYfyi
3cu2nPUchfaUtTE1bvMg1s9UreDHdDvSPvuk//bAhEwIZ826QGv00DHwC5yFQzRp
i11v7HD5d2nl7VB+4ybNTIhqSU4cggtRh3OF7WqqzZTs4JBdfT5SC+zHJ53BPa1Q
bVjkURG+1ZWYcUkJejMJYA8ioC6R2dockqAnobMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRNAE+Nu3Y1BJDE/rCgPHK+hP7xUjAfBgNVHSMEGDAWgBSogBviNj8hG9L1
eBit6vnA2+FL2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FJQWI0allfSVJ2UzlYZ1lyZXI1d052aFM5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8x
L1RRQlBqYnQyTlFTUXhQNndvRHh5dm9ULThWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8xL3FJQWI0allfSVJ2
UzlYZ1lyZXI1d052aFM5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFJz1gMEAblCygMEALntBzAPBAIA
AjAJAwcAKgfjwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCXP43EM16YSqN3UqUT5bsf
GhfRKq9tki4A7klaV12QoQDmGk/ce3k74vEfrUAub9MIhjwHztoMk5fw1Y3Z3eWe
rxhDRBfga7bafALllvYvJsxRybceNMX2BI6Z2VKuo4EvxVgjROq4T8XLK8nrR00K
z9g7okdyrSMwgQVqB9GsIYx/ehPIzAixbBTu3iSiUv0czoyPqABqUfhNnwqj8sGl
n2ynLqfQ72g+EOoSxKllw9yedmDz7Ule52KvsdvdFNfZH++9xNu6xIPYN083+EQ3
Sa0jDX1cibbJ4OJeo2tVbCda0aqpaJejKUBh0xG/tLeqc1HqAd3NofAkVenXG0Gk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:45 2024 by rpki-client on console-fra.rpki-client.org