Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hRmukKCSGvwW9THrQMCFW_3JOE4.roa
File:                     hRmukKCSGvwW9THrQMCFW_3JOE4.roa (raw, json)
Hash identifier:          5/L5U/aY+9xILmhnIujBauuyrLJ0LhB7ewKc7bbtUA4=
Subject key identifier:   85:19:AE:90:A0:92:1A:FC:16:F5:31:EB:40:C0:85:5B:FD:C9:38:4E
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       052DBD43
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hRmukKCSGvwW9THrQMCFW_3JOE4.roa
Signing time:             Mon 31 Jan 2022 20:30:34 +0000
ROA not before:           Mon 31 Jan 2022 20:30:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        185.61.219.0/24 maxlen: 24
                          185.61.218.0/24 maxlen: 24
                          185.61.221.0/24 maxlen: 24
                          147.78.182.0/24 maxlen: 24
                          185.61.222.0/24 maxlen: 24
                          93.177.118.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86883651 (0x52dbd43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan 31 20:30:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8519ae90a0921afc16f531eb40c0855bfdc9384e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f6:63:a3:80:a9:55:1a:92:bd:d5:70:17:f6:
                    f4:f8:ed:f8:70:70:ad:07:38:66:69:87:2c:83:bb:
                    82:52:a0:44:9c:d2:65:3c:2e:11:60:69:7f:35:25:
                    d6:08:95:1d:7e:8b:90:54:8b:59:9e:66:c4:74:8e:
                    e0:9c:c0:4d:26:f5:92:8c:69:0a:4d:b1:6b:ad:8e:
                    f5:f4:7e:69:1d:ea:1c:41:d1:b5:f1:9d:be:65:7d:
                    2d:ea:41:e1:03:d3:69:aa:ce:4f:a2:12:1b:de:d7:
                    c7:c7:be:b6:b6:56:8c:32:b7:d0:91:4a:cb:83:b9:
                    80:01:b0:14:4c:a9:78:d0:38:10:64:cc:11:c1:83:
                    5b:57:cf:ab:f9:70:fa:e9:e1:d5:8c:e9:34:d7:5d:
                    8d:fa:21:13:e2:09:b2:d6:15:51:fe:9a:c7:f3:5d:
                    aa:ca:c2:f6:83:0f:05:45:7a:32:d3:c8:c8:4a:06:
                    86:df:0e:90:2b:d1:02:ea:b9:f5:78:83:b3:c5:82:
                    f3:f2:93:d7:77:71:88:7b:4f:9b:f2:1c:0d:bf:cc:
                    2e:e5:46:5b:cc:73:95:12:07:e2:2c:66:86:2c:a3:
                    3d:0d:c8:04:d9:7b:12:be:93:58:a1:2c:24:cf:8b:
                    0d:64:69:ee:42:f1:5e:a7:1c:04:73:6b:29:f9:68:
                    7b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:19:AE:90:A0:92:1A:FC:16:F5:31:EB:40:C0:85:5B:FD:C9:38:4E
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/hRmukKCSGvwW9THrQMCFW_3JOE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.177.118.0/23
                  147.78.182.0/24
                  185.61.218.0/23
                  185.61.221.0-185.61.222.255

    Signature Algorithm: sha256WithRSAEncryption
         60:89:fd:81:66:d4:be:05:2b:de:0a:73:db:fe:bd:29:aa:6f:
         ae:ba:d0:f5:7f:fb:c5:54:05:d2:a2:85:68:cf:08:d1:dd:07:
         7f:b7:8b:99:cf:26:43:61:19:a2:7a:4b:3f:f0:64:00:b8:32:
         66:b7:de:17:05:4f:55:ee:bd:f7:4d:03:22:dc:ab:82:89:42:
         92:c9:00:ce:a4:48:ee:8a:e8:6f:e9:ea:bd:93:d0:58:71:a3:
         3b:3e:9e:bd:b6:8a:66:a3:32:48:f6:cf:e4:a6:ca:91:49:ea:
         0d:cb:16:23:0e:5d:3f:03:1b:e5:52:f7:d6:c1:95:84:36:a6:
         e5:62:b6:80:81:59:e8:2c:d7:73:84:9d:77:dd:34:67:9d:a6:
         c2:fd:12:46:e7:de:a1:8b:61:6b:8c:78:30:e1:74:cd:bc:73:
         99:a3:b3:28:40:2b:2a:ee:e6:22:0d:89:ec:d2:72:54:2d:a3:
         03:2a:64:86:b3:89:64:b8:f1:43:2d:cc:e3:3d:99:92:65:30:
         5e:31:86:c0:ef:15:bb:e1:6e:65:1a:d1:e0:96:e0:dc:07:4c:
         0b:1e:0a:b0:60:b1:59:83:16:20:68:77:cc:15:fb:ad:92:fa:
         bb:b1:a0:31:c9:2d:46:9b:74:80:25:84:c2:8a:3f:38:2a:bd:
         7d:52:2a:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBS29QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDEz
MTIwMzAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUxOWFlOTBhMDky
MWFmYzE2ZjUzMWViNDBjMDg1NWJmZGM5Mzg0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT2Y6OAqVUakr3VcBf29Pjt+HBwrQc4ZmmHLIO7glKgRJzS
ZTwuEWBpfzUl1giVHX6LkFSLWZ5mxHSO4JzATSb1koxpCk2xa62O9fR+aR3qHEHR
tfGdvmV9LepB4QPTaarOT6ISG97Xx8e+trZWjDK30JFKy4O5gAGwFEypeNA4EGTM
EcGDW1fPq/lw+unh1YzpNNddjfohE+IJstYVUf6ax/NdqsrC9oMPBUV6MtPIyEoG
ht8OkCvRAuq59XiDs8WC8/KT13dxiHtPm/IcDb/MLuVGW8xzlRIH4ixmhiyjPQ3I
BNl7Er6TWKEsJM+LDWRp7kLxXqccBHNrKfloe/MCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSFGa6QoJIa/Bb1MetAwIVb/ck4TjAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L2hSbXVrS0NTR3Z3VzlUSHJRTUNGV18zSk9FNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAV2xdgMEAJNOtgMEAbk92jAMAwQA
uT3dAwQAuT3eMA0GCSqGSIb3DQEBCwUAA4IBAQBgif2BZtS+BSveCnPb/r0pqm+u
utD1f/vFVAXSooVozwjR3Qd/t4uZzyZDYRmieks/8GQAuDJmt94XBU9V7r33TQMi
3KuCiUKSyQDOpEjuiuhv6eq9k9BYcaM7Pp69topmozJI9s/kpsqRSeoNyxYjDl0/
AxvlUvfWwZWENqblYraAgVnoLNdzhJ133TRnnabC/RJG596hi2FrjHgw4XTNvHOZ
o7MoQCsq7uYiDYns0nJULaMDKmSGs4lkuPFDLczjPZmSZTBeMYbA7xW74W5lGtHg
luDcB0wLHgqwYLFZgxYgaHfMFfutkvq7saAxyS1Gm3SAJYTCij84Kr19Uipe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org