Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa
File:                     4L8LLJMSqaEU8mvNaJpgI--dOik.roa (raw, json)
Hash identifier:          2V437+HXy1ozN0IwatmgdDX9FfNKzmxsIvUmnAB/d34=
Subject key identifier:   E0:BF:0B:2C:93:12:A9:A1:14:F2:6B:CD:68:9A:60:23:EF:9D:3A:29
Certificate issuer:       /CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Certificate serial:       0183858B63D24732955E629E4B5B091B3247
Authority key identifier: 0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa
Signing time:             Wed 28 Sep 2022 19:20:48 +0000
ROA not before:           Wed 28 Sep 2022 19:20:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205367
IP address blocks:        185.220.181.0/24 maxlen: 24
                          185.220.180.0/24 maxlen: 24
                          185.220.183.0/24 maxlen: 24
                          185.220.180.0/22 maxlen: 22
                          185.220.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:85:8b:63:d2:47:32:95:5e:62:9e:4b:5b:09:1b:32:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
        Validity
            Not Before: Sep 28 19:20:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0bf0b2c9312a9a114f26bcd689a6023ef9d3a29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:18:a0:dc:1a:71:26:fd:5c:9a:06:b3:e9:9e:
                    0c:ed:3a:aa:54:56:a9:98:f4:fb:81:c2:7c:ad:55:
                    0e:96:49:87:3e:74:f4:59:ab:db:6c:27:6b:43:80:
                    0f:ab:e9:17:b4:e7:0e:a6:9f:2b:fc:43:57:ae:e5:
                    d5:47:d4:91:25:2a:25:12:ba:0d:bc:9d:6c:7a:78:
                    a7:6d:56:eb:7f:7a:f1:70:9e:6c:50:81:21:ce:26:
                    37:e5:15:11:7a:58:ae:06:eb:42:22:2a:7b:d8:46:
                    55:37:e7:7c:07:8b:f9:8e:75:11:17:74:44:4c:2d:
                    49:a9:e6:88:49:83:d9:5d:dc:40:60:e7:38:bf:2a:
                    97:40:71:19:3f:3a:36:06:e2:7b:4e:71:29:b7:22:
                    9c:ec:f3:1f:55:92:d5:29:6a:9d:25:4b:5b:ab:aa:
                    50:b2:a0:81:36:37:5d:0a:10:82:fb:f4:4e:82:95:
                    63:06:08:fe:4e:61:d0:ca:77:9a:24:80:4a:e8:12:
                    f1:a2:62:ff:74:69:04:1b:40:fc:9f:12:66:1a:04:
                    88:eb:bb:6d:3b:3a:fb:1f:32:f4:90:6b:9a:7a:f0:
                    78:15:49:47:f8:ed:c6:58:c6:06:4a:d4:42:ce:fd:
                    a9:82:23:1b:c7:69:b7:c4:c6:38:ab:11:52:fc:08:
                    ee:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BF:0B:2C:93:12:A9:A1:14:F2:6B:CD:68:9A:60:23:EF:9D:3A:29
            X509v3 Authority Key Identifier:
                keyid:0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:5b:58:d6:2d:67:e6:bd:d4:16:5a:6d:7a:eb:f1:90:95:90:
         99:e7:68:a0:e6:67:44:c3:39:0f:4e:e8:17:12:f2:06:29:53:
         40:31:ef:a4:71:68:bd:6a:8f:dc:c9:39:37:ea:cc:d2:ba:fa:
         cb:56:a8:5d:be:14:4b:23:d6:0d:c8:a1:d8:ab:27:ce:43:96:
         c3:4d:e4:db:73:bd:c4:d5:5b:3b:f6:54:1b:38:30:65:70:0c:
         de:3d:d9:99:af:9e:fc:2d:f1:cb:60:0e:53:35:33:c6:07:92:
         92:ce:96:b0:2c:06:07:ad:f7:4c:01:a0:d3:65:e7:67:9a:ba:
         bf:02:50:1b:33:c7:c2:a4:a4:ff:a9:39:c7:00:c5:63:e7:93:
         90:e3:4a:32:c8:ef:f8:26:31:74:ca:34:b9:38:9c:ab:31:e8:
         97:6c:ed:0c:e7:6b:33:a4:a1:4d:12:e5:bc:59:37:4f:ae:79:
         88:e2:11:20:95:05:e2:8d:3a:fd:32:b2:94:35:56:98:f7:f0:
         29:f9:2c:85:96:d7:48:a2:93:8b:4d:e5:1c:d8:1e:5b:8c:49:
         df:94:0d:8e:dd:ee:82:fe:43:51:01:0e:02:3e:45:9b:46:e8:
         1a:b0:6d:9e:19:b3:39:85:8b:bb:97:25:71:85:b3:ce:cf:dc:
         19:2f:34:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOFi2PSRzKVXmKeS1sJGzJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTQyNzEwMWNiMmUyYmQ1NjUwODRkZTY0NzFmNmViNDhk
MjRmOTYwHhcNMjIwOTI4MTkyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJmMGIyYzkzMTJhOWExMTRmMjZiY2Q2ODlhNjAyM2VmOWQzYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRig3BpxJv1cmgaz6Z4M7TqqVFap
mPT7gcJ8rVUOlkmHPnT0WavbbCdrQ4APq+kXtOcOpp8r/ENXruXVR9SRJSolEroN
vJ1seninbVbrf3rxcJ5sUIEhziY35RUReliuButCIip72EZVN+d8B4v5jnURF3RE
TC1JqeaISYPZXdxAYOc4vyqXQHEZPzo2BuJ7TnEptyKc7PMfVZLVKWqdJUtbq6pQ
sqCBNjddChCC+/ROgpVjBgj+TmHQyneaJIBK6BLxomL/dGkEG0D8nxJmGgSI67tt
Ozr7HzL0kGuaevB4FUlH+O3GWMYGStRCzv2pgiMbx2m3xMY4qxFS/AjuNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOC/CyyTEqmhFPJrzWiaYCPvnTopMB8GA1UdIwQY
MBaAFArkJxAcsuK9VlCE3mRx9utI0k+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUt
N2M5ZTY4NGNjY2UyLzEvNEw4TExKTVNxYUVVOG12TmFKcGdJLS1kT2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUtN2M5ZTY4NGNjY2Uy
LzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudy0MA0G
CSqGSIb3DQEBCwUAA4IBAQBLW1jWLWfmvdQWWm166/GQlZCZ52ig5mdEwzkPTugX
EvIGKVNAMe+kcWi9ao/cyTk36szSuvrLVqhdvhRLI9YNyKHYqyfOQ5bDTeTbc73E
1Vs79lQbODBlcAzePdmZr578LfHLYA5TNTPGB5KSzpawLAYHrfdMAaDTZednmrq/
AlAbM8fCpKT/qTnHAMVj55OQ40oyyO/4JjF0yjS5OJyrMeiXbO0M52szpKFNEuW8
WTdPrnmI4hEglQXijTr9MrKUNVaY9/Ap+SyFltdIopOLTeUc2B5bjEnflA2O3e6C
/kNRAQ4CPkWbRugasG2eGbM5hYu7lyVxhbPOz9wZLzSS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:53 2024 by rpki-client on console-ams.rpki-client.org