Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zc_o1ZAwTwGQc61Ha-qZGU3Nk8g.roa
File:                     zc_o1ZAwTwGQc61Ha-qZGU3Nk8g.roa (raw, json)
Hash identifier:          bcUiVCTzmGB8kTBy3Lgnp/zIDJmT/teCxGpOjvq6iMQ=
Subject key identifier:   CD:CF:E8:D5:90:30:4F:01:90:73:AD:47:6B:EA:99:19:4D:CD:93:C8
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01854E05345D978EA09DE6C7DF807A7EDB9A
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zc_o1ZAwTwGQc61Ha-qZGU3Nk8g.roa
Signing time:             Mon 26 Dec 2022 10:40:41 +0000
ROA not before:           Mon 26 Dec 2022 10:40:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202723
IP address blocks:        185.112.59.0/24 maxlen: 24
                          185.177.237.0/24 maxlen: 24
                          185.105.47.0/24 maxlen: 24
                          185.24.109.0/24 maxlen: 24
                          185.77.138.0/24 maxlen: 24
                          185.77.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:4e:05:34:5d:97:8e:a0:9d:e6:c7:df:80:7a:7e:db:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Dec 26 10:40:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdcfe8d590304f019073ad476bea99194dcd93c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:44:e9:eb:21:0e:08:24:e9:e5:1f:fb:b0:3c:
                    ce:72:8c:d6:7c:ce:36:04:ef:a8:ca:83:3b:be:cb:
                    8b:56:b7:49:7a:bf:65:79:7e:68:c3:a5:f0:c5:15:
                    22:b2:fe:0e:68:21:2e:d6:03:65:85:31:1c:e4:03:
                    e7:be:ba:e1:1b:ba:5d:7a:fc:16:90:87:87:d9:a1:
                    24:ce:e6:79:19:c5:96:6e:82:9b:d6:f2:24:b8:ac:
                    da:5c:33:05:0c:4d:a7:bb:2c:cf:35:46:c5:a8:72:
                    3c:58:9d:12:f6:0f:1c:30:3b:7c:ef:83:63:17:ef:
                    aa:51:ef:e8:86:20:c1:f2:a8:32:3d:89:20:ed:13:
                    e7:aa:59:d9:f5:ad:f5:95:3b:20:64:72:19:e0:64:
                    3b:8a:5f:df:11:ae:06:a0:a3:85:8f:e2:74:d6:83:
                    c1:81:f4:42:8f:49:32:68:33:c0:a9:60:1c:34:b3:
                    4a:e0:d1:99:5a:9c:65:99:80:4f:fc:e8:93:98:20:
                    35:6f:3c:53:9b:62:e7:cb:ce:c6:48:ad:01:14:ba:
                    e8:3c:b8:a8:4c:0e:9c:a7:1b:15:8f:60:ff:c5:38:
                    8a:73:8a:3d:2e:50:dd:d4:6d:7b:48:f0:35:f4:2b:
                    92:96:14:be:f9:5f:0f:c1:ba:52:c8:05:50:48:88:
                    be:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:CF:E8:D5:90:30:4F:01:90:73:AD:47:6B:EA:99:19:4D:CD:93:C8
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zc_o1ZAwTwGQc61Ha-qZGU3Nk8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.109.0/24
                  185.77.138.0/23
                  185.105.47.0/24
                  185.112.59.0/24
                  185.177.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:7b:86:60:2f:44:0b:c2:ec:1b:fa:62:b7:d0:58:3c:33:ab:
         07:60:21:ac:b4:cf:1f:12:0e:99:13:e7:65:ed:ff:78:d4:27:
         e7:02:43:3d:85:88:10:85:29:92:ed:df:3b:49:1c:41:d8:71:
         4c:29:76:9f:5d:c9:ca:5a:e5:01:a2:f6:c0:ff:d7:0b:2b:3d:
         8e:e7:64:05:d6:f7:c9:78:4c:72:fd:d4:49:f5:91:eb:6b:87:
         48:40:5b:bb:c9:ac:81:96:ea:88:c4:04:95:b0:7a:1a:7f:d8:
         c9:aa:5c:45:e4:1d:1b:24:14:7d:d2:47:38:e3:b0:3a:a6:b9:
         9a:72:13:b3:74:03:56:7b:7b:66:3b:7a:50:01:a6:e6:a9:4c:
         88:4a:47:59:8f:c6:f4:24:05:de:0f:11:20:a2:3c:d8:dc:69:
         38:b2:43:54:0b:a0:2f:1b:d9:82:5c:b2:56:b8:8f:e6:44:ca:
         c1:b7:18:af:c4:03:b7:a1:e7:6c:e3:5c:38:07:f3:ca:f4:75:
         c1:0f:15:08:eb:a0:91:0f:e7:cb:02:09:e0:08:2f:9c:c3:82:
         f5:e6:bd:66:3c:65:11:8b:3e:ba:3f:d7:28:9c:69:33:4f:a4:
         a9:ef:28:b9:69:6e:7c:3c:c5:7f:97:46:96:5f:c0:cf:3e:d6:
         c4:09:c5:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVOBTRdl46gnebH34B6ftuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIxMjI2MTA0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNmZThkNTkwMzA0ZjAxOTA3M2FkNDc2YmVhOTkxOTRkY2Q5M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnETp6yEOCCTp5R/7sDzOcozWfM42
BO+oyoM7vsuLVrdJer9leX5ow6XwxRUisv4OaCEu1gNlhTEc5APnvrrhG7pdevwW
kIeH2aEkzuZ5GcWWboKb1vIkuKzaXDMFDE2nuyzPNUbFqHI8WJ0S9g8cMDt874Nj
F++qUe/ohiDB8qgyPYkg7RPnqlnZ9a31lTsgZHIZ4GQ7il/fEa4GoKOFj+J01oPB
gfRCj0kyaDPAqWAcNLNK4NGZWpxlmYBP/OiTmCA1bzxTm2Lny87GSK0BFLroPLio
TA6cpxsVj2D/xTiKc4o9LlDd1G17SPA19CuSlhS++V8PwbpSyAVQSIi+KwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM3P6NWQME8BkHOtR2vqmRlNzZPIMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvemNfbzFaQXdUd0dRYzYxSGEtcVpHVTNOazhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuRhtAwQB
uU2KAwQAuWkvAwQAuXA7AwQAubHtMA0GCSqGSIb3DQEBCwUAA4IBAQACe4ZgL0QL
wuwb+mK30Fg8M6sHYCGstM8fEg6ZE+dl7f941CfnAkM9hYgQhSmS7d87SRxB2HFM
KXafXcnKWuUBovbA/9cLKz2O52QF1vfJeExy/dRJ9ZHra4dIQFu7yayBluqIxASV
sHoaf9jJqlxF5B0bJBR90kc447A6prmachOzdANWe3tmO3pQAabmqUyISkdZj8b0
JAXeDxEgojzY3Gk4skNUC6AvG9mCXLJWuI/mRMrBtxivxAO3oeds41w4B/PK9HXB
DxUI66CRD+fLAgngCC+cw4L15r1mPGURiz66P9conGkzT6Sp7yi5aW58PMV/l0aW
X8DPPtbECcUG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:00 2024 by rpki-client on console-fra.rpki-client.org