Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cf9c10-c85c-4bbf-a25d-8060c503d86e/1/bZZXyV8Svgst2OcmmdQWTR3zX2g.roa
File:                     bZZXyV8Svgst2OcmmdQWTR3zX2g.roa (raw, json)
Hash identifier:          vwvxOj7Nl/nYY/DbO5AK7gpK2MuENprerqeucfl/xYw=
Subject key identifier:   6D:96:57:C9:5F:12:BE:0B:2D:D8:E7:26:99:D4:16:4D:1D:F3:5F:68
Certificate issuer:       /CN=fe2e22cc15859ed4a0784bfd08584b3c8fb29f9a
Certificate serial:       098223
Authority key identifier: FE:2E:22:CC:15:85:9E:D4:A0:78:4B:FD:08:58:4B:3C:8F:B2:9F:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_i4izBWFntSgeEv9CFhLPI-yn5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/cf9c10-c85c-4bbf-a25d-8060c503d86e/1/bZZXyV8Svgst2OcmmdQWTR3zX2g.roa
Signing time:             Mon 04 Jul 2022 06:19:25 +0000
ROA not before:           Mon 04 Jul 2022 06:19:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1547
IP address blocks:        80.94.246.0/24 maxlen: 24
                          80.94.244.0/24 maxlen: 24
                          80.94.245.0/24 maxlen: 24
                          80.94.243.0/24 maxlen: 24
                          80.94.241.0/24 maxlen: 24
                          80.94.242.0/24 maxlen: 24
                          80.94.253.0/24 maxlen: 24
                          80.94.247.0/24 maxlen: 24
                          80.94.251.0/24 maxlen: 24
                          80.94.252.0/24 maxlen: 24
                          80.94.249.0/24 maxlen: 24
                          80.94.250.0/24 maxlen: 24
                          80.94.248.0/24 maxlen: 24
                          80.94.254.0/24 maxlen: 24
                          80.94.255.0/24 maxlen: 24
                          80.94.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 623139 (0x98223)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe2e22cc15859ed4a0784bfd08584b3c8fb29f9a
        Validity
            Not Before: Jul  4 06:19:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d9657c95f12be0b2dd8e72699d4164d1df35f68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d2:71:d4:1a:b4:da:fe:7f:3a:24:b0:dc:d3:
                    7d:f8:dd:e3:57:f1:ea:6c:1c:56:05:a1:f5:bb:60:
                    93:16:86:8b:5f:05:44:b7:75:42:84:de:f1:8b:4d:
                    09:ea:a9:01:90:c8:6c:8d:04:c9:cf:09:96:37:c0:
                    af:00:09:2e:ce:d3:e4:2d:6a:05:11:af:d6:27:44:
                    9a:ac:3f:0c:7f:2e:c0:78:3a:50:e5:04:bb:6b:27:
                    4d:77:a0:29:90:83:2f:0f:b4:3d:b2:0b:45:db:77:
                    a5:b9:d1:07:0f:7e:ab:92:bf:d3:18:2d:ec:93:fd:
                    f2:70:9e:ce:3f:3f:0f:ab:6c:a7:7a:a0:59:be:2c:
                    12:24:84:7e:8f:d2:6b:ef:66:bb:60:57:79:97:ca:
                    f3:df:57:39:2b:f5:c7:89:47:00:f8:4d:23:b4:9a:
                    71:2a:62:90:9d:92:84:70:70:c8:a7:21:71:cd:48:
                    05:9c:c6:e4:ef:eb:11:8c:2f:fb:41:8d:e1:9e:25:
                    0f:87:c4:f6:df:b8:5c:8f:f2:35:98:70:76:f5:ba:
                    95:46:89:00:56:f4:47:4a:dd:87:e4:b9:93:11:54:
                    c6:8c:06:fc:5f:37:31:58:87:91:97:5d:79:17:59:
                    5b:1f:9f:9c:25:98:ef:6e:93:83:a5:bd:55:ee:c2:
                    4e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:96:57:C9:5F:12:BE:0B:2D:D8:E7:26:99:D4:16:4D:1D:F3:5F:68
            X509v3 Authority Key Identifier:
                keyid:FE:2E:22:CC:15:85:9E:D4:A0:78:4B:FD:08:58:4B:3C:8F:B2:9F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_i4izBWFntSgeEv9CFhLPI-yn5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cf9c10-c85c-4bbf-a25d-8060c503d86e/1/bZZXyV8Svgst2OcmmdQWTR3zX2g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cf9c10-c85c-4bbf-a25d-8060c503d86e/1/_i4izBWFntSgeEv9CFhLPI-yn5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.94.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         49:e5:bc:ce:be:ba:46:79:1e:19:3a:1c:3e:f2:3f:ab:20:75:
         6f:9e:95:8d:a6:ba:f7:5d:07:9d:c6:78:40:09:c6:ce:b2:1f:
         af:9b:51:41:49:0d:dd:5a:3b:46:bf:b0:62:d5:30:c2:18:3a:
         a3:05:0d:77:78:51:3f:c4:25:c9:88:6c:1c:5a:4f:2e:59:b8:
         16:e9:5e:56:f9:77:d9:d2:76:14:28:b2:bc:42:81:73:88:0e:
         66:40:e6:c3:c7:63:60:31:19:17:b8:59:f9:21:df:1b:6b:c7:
         6f:c2:fe:ae:f7:00:8e:06:d1:b5:0f:c8:0d:2a:fb:2f:24:10:
         21:12:9f:b8:3a:3e:64:8e:0a:5d:81:da:c0:da:00:d2:b3:82:
         e6:fe:5d:42:dd:05:5f:6d:68:26:87:4f:7e:ff:29:1d:91:f9:
         84:af:f4:a3:71:e1:74:b0:2c:17:31:61:7d:9e:65:af:ef:9a:
         39:60:0b:35:5f:b9:0e:22:ae:1a:8c:bd:3a:16:01:fb:91:32:
         1c:33:66:bb:d8:ff:3d:48:9e:26:9d:89:80:72:6a:c8:4f:e9:
         bb:c7:56:bd:74:44:8c:a9:ef:dd:63:c7:40:1e:24:46:14:f4:
         8e:d1:b9:58:72:3e:3e:c7:95:5a:89:74:bc:3a:22:2f:ed:d5:
         54:b0:21:58
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCYIjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZl
MmUyMmNjMTU4NTllZDRhMDc4NGJmZDA4NTg0YjNjOGZiMjlmOWEwHhcNMjIwNzA0
MDYxOTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZDk2NTdjOTVmMTJi
ZTBiMmRkOGU3MjY5OWQ0MTY0ZDFkZjM1ZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAltJx1Bq02v5/OiSw3NN9+N3jV/HqbBxWBaH1u2CTFoaLXwVE
t3VChN7xi00J6qkBkMhsjQTJzwmWN8CvAAkuztPkLWoFEa/WJ0SarD8Mfy7AeDpQ
5QS7aydNd6ApkIMvD7Q9sgtF23eludEHD36rkr/TGC3sk/3ycJ7OPz8Pq2yneqBZ
viwSJIR+j9Jr72a7YFd5l8rz31c5K/XHiUcA+E0jtJpxKmKQnZKEcHDIpyFxzUgF
nMbk7+sRjC/7QY3hniUPh8T237hcj/I1mHB29bqVRokAVvRHSt2H5LmTEVTGjAb8
XzcxWIeRl115F1lbH5+cJZjvbpODpb1V7sJOMQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFG2WV8lfEr4LLdjnJpnUFk0d819oMB8GA1UdIwQYMBaAFP4uIswVhZ7UoHhL
/QhYSzyPsp+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
X2k0aXpCV0ZudFNnZUV2OUNGaExQSS15bjVvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OC9jZjljMTAtYzg1Yy00YmJmLWEyNWQtODA2MGM1MDNkODZlLzEv
YlpaWHlWOFN2Z3N0Mk9jbW1kUVdUUjN6WDJnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9j
ZjljMTAtYzg1Yy00YmJmLWEyNWQtODA2MGM1MDNkODZlLzEvX2k0aXpCV0ZudFNn
ZUV2OUNGaExQSS15bjVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUF7wMA0GCSqGSIb3DQEBCwUAA4IB
AQBJ5bzOvrpGeR4ZOhw+8j+rIHVvnpWNprr3XQedxnhACcbOsh+vm1FBSQ3dWjtG
v7Bi1TDCGDqjBQ13eFE/xCXJiGwcWk8uWbgW6V5W+XfZ0nYUKLK8QoFziA5mQObD
x2NgMRkXuFn5Id8ba8dvwv6u9wCOBtG1D8gNKvsvJBAhEp+4Oj5kjgpdgdrA2gDS
s4Lm/l1C3QVfbWgmh09+/ykdkfmEr/SjceF0sCwXMWF9nmWv75o5YAs1X7kOIq4a
jL06FgH7kTIcM2a72P89SJ4mnYmAcmrIT+m7x1a9dESMqe/dY8dAHiRGFPSO0blY
cj4+x5VaiXS8OiIv7dVUsCFY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:51 2024 by rpki-client on console-ams.rpki-client.org