Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa
File:                     CvK7TZHEdyCZqSt6s3sQINt6c4c.roa (raw, json)
Hash identifier:          tskiI9bR9Bp8b3AGzPcpAacmSEY07N8Zi6HKbEhHYGs=
Subject key identifier:   0A:F2:BB:4D:91:C4:77:20:99:A9:2B:7A:B3:7B:10:20:DB:7A:73:87
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01827C91C13FE79B12A558EC97B2B2F9DCC1
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa
Signing time:             Mon 08 Aug 2022 08:28:23 +0000
ROA not before:           Mon 08 Aug 2022 08:28:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        89.19.56.0/22 maxlen: 24
                          185.175.224.0/23 maxlen: 24
                          185.68.244.0/23 maxlen: 24
                          213.170.223.0/24 maxlen: 24
                          185.100.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7c:91:c1:3f:e7:9b:12:a5:58:ec:97:b2:b2:f9:dc:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Aug  8 08:28:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0af2bb4d91c4772099a92b7ab37b1020db7a7387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:35:cd:52:1e:03:2a:a1:92:d9:14:cf:c0:13:
                    f6:6c:1e:1e:1c:d4:21:90:cb:90:27:c8:3f:2e:c2:
                    d5:de:2f:25:01:27:0f:a0:7f:91:20:a1:0e:82:66:
                    78:ec:01:d3:68:1c:25:9f:71:8f:af:d6:63:ba:92:
                    1d:09:1c:e6:63:9b:dd:f1:0f:a7:e4:82:32:56:40:
                    14:2c:f7:c7:e8:2c:dd:71:a3:e5:93:ef:fe:04:e0:
                    43:9b:31:99:17:89:28:3a:09:58:5b:4a:98:d6:2e:
                    65:d0:43:34:d2:93:70:f7:c9:97:b9:23:53:c1:f3:
                    f7:e2:50:ae:9a:8d:6e:f8:f7:aa:89:6f:46:aa:3a:
                    4b:3b:cf:50:ae:83:fa:ec:ac:74:5f:cb:e4:34:65:
                    7d:0f:af:43:58:1f:8c:ad:69:cb:b1:24:ce:5d:ff:
                    7f:67:ae:ee:69:ac:6f:5b:a3:48:2a:c1:8b:54:2c:
                    7e:02:58:5b:14:eb:79:13:f0:e8:57:1a:64:06:90:
                    bb:56:7b:ef:85:3b:78:bd:0e:9b:39:cc:17:bc:08:
                    43:fc:bd:2b:8a:fa:59:06:e0:85:76:2f:bf:41:bb:
                    46:65:f6:c5:37:31:ab:87:ef:f1:12:5b:05:3e:e0:
                    af:07:66:01:90:51:57:cc:8d:63:12:00:01:04:df:
                    25:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:F2:BB:4D:91:C4:77:20:99:A9:2B:7A:B3:7B:10:20:DB:7A:73:87
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.56.0/22
                  185.68.244.0/23
                  185.100.159.0/24
                  185.175.224.0/23
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:77:79:be:17:cd:b6:a5:90:be:69:37:54:78:b9:78:ca:2f:
         05:5c:b9:f3:e9:47:0e:2b:08:5f:9b:3e:a9:9c:c7:9d:c6:8e:
         6d:8f:10:9a:2f:cc:3c:85:e2:c4:60:10:6d:46:29:65:49:e4:
         a6:10:c3:43:8f:8c:e3:d2:fd:03:89:b4:60:65:38:d3:db:98:
         8f:3d:e6:6e:d9:d9:38:0a:d0:77:97:28:58:ac:e8:c0:84:15:
         3b:7a:ee:0a:c9:85:96:67:58:ee:23:d3:f9:47:3d:aa:2f:37:
         bc:32:d2:d6:e2:16:79:9c:4b:2a:85:e1:cd:06:b1:62:7a:bb:
         42:fd:f3:69:d0:ea:72:02:06:f9:ac:7a:3f:5d:0f:82:9e:3b:
         61:51:44:b5:5e:60:34:43:1b:76:42:14:54:79:55:08:cb:94:
         a0:af:a1:72:3b:5e:2c:e5:38:a2:4f:1a:64:b9:4e:2f:a5:ee:
         47:53:e6:cf:74:3a:ff:fb:60:5d:56:ee:87:35:2d:da:a8:b2:
         bb:39:98:98:a2:9c:12:0d:77:e8:81:8c:ad:03:a4:ad:53:0e:
         5f:de:e7:fe:88:55:aa:cb:c4:a9:aa:f1:8d:92:a7:e6:75:3f:
         f3:e6:c5:d0:dd:a5:de:3e:9f:54:73:e2:ff:7a:d2:43:08:ff:
         9f:26:ff:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJ8kcE/55sSpVjsl7Ky+dzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwODA4MDgyODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYyYmI0ZDkxYzQ3NzIwOTlhOTJiN2FiMzdiMTAyMGRiN2E3Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijXNUh4DKqGS2RTPwBP2bB4eHNQh
kMuQJ8g/LsLV3i8lAScPoH+RIKEOgmZ47AHTaBwln3GPr9ZjupIdCRzmY5vd8Q+n
5IIyVkAULPfH6CzdcaPlk+/+BOBDmzGZF4koOglYW0qY1i5l0EM00pNw98mXuSNT
wfP34lCumo1u+PeqiW9GqjpLO89QroP67Kx0X8vkNGV9D69DWB+MrWnLsSTOXf9/
Z67uaaxvW6NIKsGLVCx+AlhbFOt5E/DoVxpkBpC7VnvvhTt4vQ6bOcwXvAhD/L0r
ivpZBuCFdi+/QbtGZfbFNzGrh+/xElsFPuCvB2YBkFFXzI1jEgABBN8lHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAryu02RxHcgmakrerN7ECDbenOHMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvQ3ZLN1RaSEVkeUNacVN0NnMzc1FJTnQ2YzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCWRM4AwQB
uUT0AwQAuWSfAwQBua/gAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQCCd3m+F822
pZC+aTdUeLl4yi8FXLnz6UcOKwhfmz6pnMedxo5tjxCaL8w8heLEYBBtRillSeSm
EMNDj4zj0v0DibRgZTjT25iPPeZu2dk4CtB3lyhYrOjAhBU7eu4KyYWWZ1juI9P5
Rz2qLze8MtLW4hZ5nEsqheHNBrFiertC/fNp0OpyAgb5rHo/XQ+CnjthUUS1XmA0
Qxt2QhRUeVUIy5Sgr6FyO14s5TiiTxpkuU4vpe5HU+bPdDr/+2BdVu6HNS3aqLK7
OZiYopwSDXfogYytA6StUw5f3uf+iFWqy8SpqvGNkqfmdT/z5sXQ3aXePp9Uc+L/
etJDCP+fJv9b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org