Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/C79aYa3InkjWKdAmcn32tKUZuE4.roa
File:                     C79aYa3InkjWKdAmcn32tKUZuE4.roa (raw, json)
Hash identifier:          PYCl6MDSSWmvEOKWBy+6bReJh3i4VkqdvoVM8F6iqH0=
Subject key identifier:   0B:BF:5A:61:AD:C8:9E:48:D6:29:D0:26:72:7D:F6:B4:A5:19:B8:4E
Certificate issuer:       /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial:       169A3F0A
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/C79aYa3InkjWKdAmcn32tKUZuE4.roa
Signing time:             Mon 27 Jun 2022 13:23:40 +0000
ROA not before:           Mon 27 Jun 2022 13:23:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60032
IP address blocks:        193.56.168.0/22 maxlen: 22
                          45.152.184.0/22 maxlen: 22
                          194.36.137.0/24 maxlen: 24
                          45.129.48.0/22 maxlen: 22
                          185.107.84.0/22 maxlen: 24
                          185.61.144.0/22 maxlen: 22
                          109.70.16.0/21 maxlen: 22
                          45.85.176.0/22 maxlen: 22
                          45.11.148.0/22 maxlen: 22
                          194.36.221.0/24 maxlen: 24
                          80.240.176.0/20 maxlen: 21
                          185.163.60.0/22 maxlen: 22
                          45.90.224.0/22 maxlen: 22
                          185.203.180.0/22 maxlen: 22
                          194.36.169.0/24 maxlen: 24
                          5.252.60.0/22 maxlen: 22
                          194.36.167.0/24 maxlen: 24
                          188.92.64.0/21 maxlen: 22
                          5.252.88.0/22 maxlen: 22
                          185.13.180.0/22 maxlen: 22
                          95.214.44.0/22 maxlen: 22
                          2.59.68.0/22 maxlen: 22
                          2.59.72.0/22 maxlen: 22
                          193.8.116.0/22 maxlen: 22
                          185.229.176.0/22 maxlen: 22
                          128.127.16.0/21 maxlen: 22
                          185.253.36.0/22 maxlen: 22
                          212.104.240.0/20 maxlen: 20
                          185.128.140.0/22 maxlen: 23
                          194.182.112.0/20 maxlen: 22
                          2a06:4280::/29 maxlen: 32
                          2a02:cfc0::/29 maxlen: 32
                          2a02:79e0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 379207434 (0x169a3f0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
        Validity
            Not Before: Jun 27 13:23:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0bbf5a61adc89e48d629d026727df6b4a519b84e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:53:3c:aa:60:51:bd:e4:48:2f:90:4a:8f:97:
                    9a:d0:26:24:b1:db:dd:77:36:f6:a0:e4:5a:8c:2a:
                    c6:a8:1b:65:9c:45:d0:f0:85:da:6a:5c:38:56:15:
                    bb:4e:c8:95:37:55:d7:a6:50:22:50:46:78:dd:22:
                    85:29:c1:44:69:22:0b:54:00:de:ee:56:73:77:7e:
                    ab:15:f1:45:a3:57:0c:61:57:54:73:8d:02:44:62:
                    10:43:d1:6e:9a:68:c4:0f:ea:8f:cf:e3:f4:4a:1d:
                    0a:f5:c2:6b:33:9e:c0:92:d9:e1:63:13:c4:51:ea:
                    c7:ef:f1:90:09:26:a6:79:42:fa:3d:a8:aa:88:7c:
                    f2:d0:ef:95:c8:ef:8f:5b:02:2e:93:8a:89:fb:8d:
                    5e:96:cb:63:dd:54:91:44:53:28:8c:35:d4:80:c8:
                    bf:bf:74:fa:29:bd:e0:b6:8a:b9:cf:3f:4d:98:57:
                    a9:78:7c:64:f0:c2:53:3a:b9:cc:b0:5f:5b:a1:e7:
                    31:84:b6:37:dd:31:73:3f:6b:36:86:1e:d1:8d:54:
                    12:51:ab:71:22:f5:d7:52:6f:86:17:58:29:90:79:
                    26:7b:d2:68:34:5f:52:3c:64:56:bf:77:42:db:97:
                    d1:c6:0a:c1:5f:1a:2d:7e:88:26:88:fd:34:71:28:
                    5f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:BF:5A:61:AD:C8:9E:48:D6:29:D0:26:72:7D:F6:B4:A5:19:B8:4E
            X509v3 Authority Key Identifier:
                keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/C79aYa3InkjWKdAmcn32tKUZuE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.68.0-2.59.75.255
                  5.252.60.0/22
                  5.252.88.0/22
                  45.11.148.0/22
                  45.85.176.0/22
                  45.90.224.0/22
                  45.129.48.0/22
                  45.152.184.0/22
                  80.240.176.0/20
                  95.214.44.0/22
                  109.70.16.0/21
                  128.127.16.0/21
                  185.13.180.0/22
                  185.61.144.0/22
                  185.107.84.0/22
                  185.128.140.0/22
                  185.163.60.0/22
                  185.203.180.0/22
                  185.229.176.0/22
                  185.253.36.0/22
                  188.92.64.0/21
                  193.8.116.0/22
                  193.56.168.0/22
                  194.36.137.0/24
                  194.36.167.0/24
                  194.36.169.0/24
                  194.36.221.0/24
                  194.182.112.0/20
                  212.104.240.0/20
                IPv6:
                  2a02:79e0::/32
                  2a02:cfc0::/29
                  2a06:4280::/29

    Signature Algorithm: sha256WithRSAEncryption
         af:fe:ee:12:d2:dc:22:bb:63:32:49:ed:1e:69:f7:a7:0d:ed:
         ea:a1:d3:95:3c:a3:a8:51:8e:47:8f:5d:aa:24:bf:f3:e6:48:
         2c:62:0b:12:3b:ab:ec:7b:91:65:8a:2d:42:d3:c4:07:da:3c:
         0e:12:46:6a:c3:34:7f:ad:d6:17:6a:eb:d3:45:e6:d5:82:ad:
         34:8b:b5:61:9d:ee:0a:0d:9b:67:d0:de:df:51:2b:a6:56:d3:
         1c:7d:ea:4c:98:43:15:7e:0e:08:0a:78:7b:69:15:ba:20:1c:
         36:3c:be:70:0b:31:e6:ef:30:9d:78:54:2f:a4:44:b2:99:f9:
         30:ff:d8:d3:9a:3c:0b:6e:53:77:fa:8c:68:75:31:76:3b:1d:
         6d:59:86:b1:ef:a0:e1:6c:c3:35:0e:a2:48:86:dc:54:e7:f6:
         99:3a:9f:5b:ac:02:68:63:5d:73:83:76:af:f5:d3:5a:d1:0e:
         9e:15:89:10:69:1c:cc:54:cc:c8:bc:2b:a5:89:0a:18:57:5a:
         b8:4f:2a:53:c0:c6:8c:1a:11:b0:78:31:af:74:ce:d1:52:ab:
         9c:d1:7c:f0:f8:d6:53:76:0f:6e:cc:be:6b:8c:cb:c3:b9:15:
         db:36:1e:37:05:36:81:75:53:ee:2b:34:cc:7c:e3:fb:bd:66:
         45:cf:a2:f7
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIEFpo/CjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODY4Y2E4MjE0N2VkMjI3N2I0YmNjNjlhNTI4NWJhZTczNWYyZTQ0MB4XDTIyMDYy
NzEzMjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJiZjVhNjFhZGM4
OWU0OGQ2MjlkMDI2NzI3ZGY2YjRhNTE5Yjg0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhTPKpgUb3kSC+QSo+XmtAmJLHb3Xc29qDkWowqxqgbZZxF
0PCF2mpcOFYVu07IlTdV16ZQIlBGeN0ihSnBRGkiC1QA3u5Wc3d+qxXxRaNXDGFX
VHONAkRiEEPRbppoxA/qj8/j9EodCvXCazOewJLZ4WMTxFHqx+/xkAkmpnlC+j2o
qoh88tDvlcjvj1sCLpOKifuNXpbLY91UkURTKIw11IDIv790+im94LaKuc8/TZhX
qXh8ZPDCUzq5zLBfW6HnMYS2N90xcz9rNoYe0Y1UElGrcSL111JvhhdYKZB5JnvS
aDRfUjxkVr93QtuX0cYKwV8aLX6IJoj9NHEoX+kCAwEAAaOCAtswggLXMB0GA1Ud
DgQWBBQLv1phrcieSNYp0CZyffa0pRm4TjAfBgNVHSMEGDAWgBTIaMqCFH7SJ3tL
zGmlKFuuc18uRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lHaktnaFItMGlkN1M4eHBwU2hicm5OZkxrUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMDQyYzMzLWFiNmItNDhiZS1hNDkyLTY2ODQ5MDE5NjI3ZS8x
L0M3OWFZYTNJbmtqV0tkQW1jbjMydEtVWnVFNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MDQyYzMzLWFiNmItNDhiZS1hNDkyLTY2ODQ5MDE5NjI3ZS8xL3lHaktnaFItMGlk
N1M4eHBwU2hicm5OZkxrUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8AYIKwYBBQUHAQcBAf8EgeAwgd0wgb0EAgABMIG2MAwDBAICO0QDBAICO0gDBAIF
/DwDBAIF/FgDBAItC5QDBAItVbADBAItWuADBAItgTADBAItmLgDBARQ8LADBAJf
1iwDBANtRhADBAOAfxADBAK5DbQDBAK5PZADBAK5a1QDBAK5gIwDBAK5ozwDBAK5
y7QDBAK55bADBAK5/SQDBAO8XEADBALBCHQDBALBOKgDBADCJIkDBADCJKcDBADC
JKkDBADCJN0DBATCtnADBATUaPAwGwQCAAIwFQMFACoCeeADBQMqAs/AAwUDKgZC
gDANBgkqhkiG9w0BAQsFAAOCAQEAr/7uEtLcIrtjMkntHmn3pw3t6qHTlTyjqFGO
R49dqiS/8+ZILGILEjur7HuRZYotQtPEB9o8DhJGasM0f63WF2rr00Xm1YKtNIu1
YZ3uCg2bZ9De31ErplbTHH3qTJhDFX4OCAp4e2kVuiAcNjy+cAsx5u8wnXhUL6RE
spn5MP/Y05o8C25Td/qMaHUxdjsdbVmGse+g4WzDNQ6iSIbcVOf2mTqfW6wCaGNd
c4N2r/XTWtEOnhWJEGkczFTMyLwrpYkKGFdauE8qU8DGjBoRsHgxr3TO0VKrnNF8
8PjWU3YPbsy+a4zLw7kV2zYeNwU2gXVT7is0zHzj+71mRc+i9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org