Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TqQFfFul0x1g-Yn0AJkcwj0HPYo.roa
File:                     TqQFfFul0x1g-Yn0AJkcwj0HPYo.roa (raw, json)
Hash identifier:          FI3VG+hvSh91mCib3Y9itsFIUqjYWmQmAJBJhg8NSao=
Subject key identifier:   4E:A4:05:7C:5B:A5:D3:1D:60:F9:89:F4:00:99:1C:C2:3D:07:3D:8A
Certificate issuer:       /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial:       068E814E
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TqQFfFul0x1g-Yn0AJkcwj0HPYo.roa
Signing time:             Thu 10 Feb 2022 06:32:27 +0000
ROA not before:           Thu 10 Feb 2022 06:32:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.66.203.0/24 maxlen: 24
                          185.66.202.0/24 maxlen: 24
                          185.237.7.0/24 maxlen: 24
                          82.115.214.0/24 maxlen: 24
                          2a07:e3c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110002510 (0x68e814e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
        Validity
            Not Before: Feb 10 06:32:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ea4057c5ba5d31d60f989f400991cc23d073d8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:18:36:d4:04:d7:d2:df:59:6a:b0:f0:52:e1:
                    8d:c8:ab:db:09:fb:ac:00:b4:fd:82:ed:bf:a2:80:
                    e0:3c:78:4f:76:85:75:ae:10:71:dd:c8:9b:42:bb:
                    36:48:4a:f7:49:49:24:a1:41:2b:b9:db:7a:a9:5b:
                    bf:54:fd:66:35:ca:92:12:ee:55:26:3d:39:81:3d:
                    57:52:70:0b:e1:b7:a5:b6:5c:a2:67:69:71:09:08:
                    ec:7f:0b:e1:7e:80:9f:8e:2e:31:42:f2:fd:39:34:
                    67:26:11:e0:0c:1f:03:08:57:ad:f8:be:f3:98:86:
                    73:c6:03:d8:c0:01:fa:d0:dc:bd:95:b0:60:26:56:
                    d2:0c:74:ce:c5:ee:db:91:4a:31:d6:e3:e4:da:87:
                    f5:7a:cf:ed:9e:33:74:98:75:57:da:34:95:89:76:
                    3c:81:b1:ac:a8:97:34:db:26:51:8b:10:d9:e1:36:
                    86:d2:d3:b8:a3:89:89:d7:44:28:07:78:d1:aa:da:
                    96:c2:5f:ea:5f:42:e2:b9:1b:58:58:31:f7:67:f8:
                    bb:3e:e7:a7:8d:46:5f:35:70:5f:5f:19:07:52:d9:
                    2f:71:ee:0a:d5:5a:16:da:cb:57:e5:45:9f:88:d6:
                    c0:b7:1d:4c:ca:8c:f9:0d:f5:5d:b5:56:21:a2:b9:
                    24:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:A4:05:7C:5B:A5:D3:1D:60:F9:89:F4:00:99:1C:C2:3D:07:3D:8A
            X509v3 Authority Key Identifier:
                keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/TqQFfFul0x1g-Yn0AJkcwj0HPYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.214.0/24
                  185.66.202.0/23
                  185.237.7.0/24
                IPv6:
                  2a07:e3c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:97:4b:f2:93:a3:85:8c:e7:a7:11:0e:4f:e9:66:b3:4d:1c:
         66:24:7a:e1:3c:15:d0:4f:c3:77:98:f5:52:8e:e8:e3:f4:cb:
         c3:8b:39:b1:66:23:3d:78:35:29:0b:3e:f7:8c:f9:40:16:75:
         47:3c:af:29:15:c6:8d:43:0e:0a:18:b0:2e:18:26:c3:38:8d:
         3d:4e:c5:a7:7c:b3:5c:36:7a:ac:64:d2:0f:1c:c5:80:48:2f:
         01:17:b4:66:26:11:1a:47:04:d0:53:38:07:08:2f:30:64:ff:
         e3:85:7c:23:73:02:9a:e1:7d:8c:f4:f0:f4:54:c3:3c:a5:a2:
         b0:fe:9f:86:8c:61:92:b8:f5:35:c2:ca:3d:c9:05:4f:6f:1d:
         2c:2f:5a:23:e9:cd:b1:70:55:af:5b:2d:71:02:19:48:b7:13:
         fd:8a:e3:28:f7:c4:dc:9f:ce:b1:ec:2c:b6:f1:bc:c9:6e:1f:
         01:8c:0f:56:fa:47:53:ec:f8:c1:ad:f1:98:e6:0b:29:dc:a1:
         00:18:0d:f7:32:99:e1:5f:45:e1:d1:d8:a8:c9:49:07:cd:e7:
         e4:0f:b0:46:fd:57:4a:4c:75:b0:52:2a:16:31:c0:1e:0b:8d:
         17:5b:fd:85:ac:d4:2b:8d:a0:c7:0f:1a:f2:3d:4a:85:4b:84:
         a9:04:fb:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBo6BTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODgwMWJlMjM2M2YyMTFiZDJmNTc4MThhZGVhZjljMGRiZTE0YmRiMB4XDTIyMDIx
MDA2MzIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVhNDA1N2M1YmE1
ZDMxZDYwZjk4OWY0MDA5OTFjYzIzZDA3M2Q4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUYNtQE19LfWWqw8FLhjcir2wn7rAC0/YLtv6KA4Dx4T3aF
da4Qcd3Im0K7NkhK90lJJKFBK7nbeqlbv1T9ZjXKkhLuVSY9OYE9V1JwC+G3pbZc
omdpcQkI7H8L4X6An44uMULy/Tk0ZyYR4AwfAwhXrfi+85iGc8YD2MAB+tDcvZWw
YCZW0gx0zsXu25FKMdbj5NqH9XrP7Z4zdJh1V9o0lYl2PIGxrKiXNNsmUYsQ2eE2
htLTuKOJiddEKAd40aralsJf6l9C4rkbWFgx92f4uz7np41GXzVwX18ZB1LZL3Hu
CtVaFtrLV+VFn4jWwLcdTMqM+Q31XbVWIaK5JIUCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBROpAV8W6XTHWD5ifQAmRzCPQc9ijAfBgNVHSMEGDAWgBSogBviNj8hG9L1
eBit6vnA2+FL2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FJQWI0allfSVJ2UzlYZ1lyZXI1d052aFM5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8x
L1RxUUZmRnVsMHgxZy1ZbjBBSmtjd2owSFBZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ODExZTczLWNmMzAtNDk0ZC1hY2FjLTg0MjBhZTllMDYyMi8xL3FJQWI0allfSVJ2
UzlYZ1lyZXI1d052aFM5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFJz1gMEAblCygMEALntBzAPBAIA
AjAJAwcAKgfjwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCHl0vyk6OFjOenEQ5P6Waz
TRxmJHrhPBXQT8N3mPVSjujj9MvDizmxZiM9eDUpCz73jPlAFnVHPK8pFcaNQw4K
GLAuGCbDOI09TsWnfLNcNnqsZNIPHMWASC8BF7RmJhEaRwTQUzgHCC8wZP/jhXwj
cwKa4X2M9PD0VMM8paKw/p+GjGGSuPU1wso9yQVPbx0sL1oj6c2xcFWvWy1xAhlI
txP9iuMo98Tcn86x7Cy28bzJbh8BjA9W+kdT7PjBrfGY5gsp3KEAGA33MpnhX0Xh
0dioyUkHzefkD7BG/VdKTHWwUioWMcAeC40XW/2FrNQrjaDHDxryPUqFS4SpBPvA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:45 2024 by rpki-client on console-fra.rpki-client.org