Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/tAE9m_WHOAIaOCWXqgjK82J4vvE.roa
File:                     tAE9m_WHOAIaOCWXqgjK82J4vvE.roa (raw, json)
Hash identifier:          2NUxWcMYMNj4f33o0Otw8AVb2+vCl3sn3iNwNM847K8=
Subject key identifier:   B4:01:3D:9B:F5:87:38:02:1A:38:25:97:AA:08:CA:F3:62:78:BE:F1
Certificate issuer:       /CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Certificate serial:       0983B610
Authority key identifier: 44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/tAE9m_WHOAIaOCWXqgjK82J4vvE.roa
Signing time:             Sat 01 Jan 2022 11:58:30 +0000
ROA not before:           Sat 01 Jan 2022 11:58:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28889
IP address blocks:        85.193.128.0/20 maxlen: 20
                          85.193.176.0/20 maxlen: 20
                          80.66.32.0/19 maxlen: 19
                          185.54.208.0/24 maxlen: 24
                          185.54.209.0/24 maxlen: 24
                          2a00:eb40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159626768 (0x983b610)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
        Validity
            Not Before: Jan  1 11:58:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4013d9bf58738021a382597aa08caf36278bef1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:cd:e6:03:d7:c9:e4:13:9f:b7:a6:b4:49:18:
                    ec:b0:1e:9e:88:73:24:26:00:cc:f1:44:25:ac:f6:
                    2d:2e:8a:4c:2a:0d:6c:14:2d:89:ce:4b:fb:8f:9e:
                    0d:23:f9:12:52:64:70:93:d9:e1:e6:95:56:cf:92:
                    f7:a3:4b:58:93:bc:2a:c5:33:6d:9d:14:54:e1:2a:
                    db:1e:5e:83:5e:cf:38:c3:97:9e:85:25:c6:13:ef:
                    49:b6:0c:56:34:f0:63:83:57:d7:67:5e:0c:86:88:
                    27:f8:36:ce:ee:b9:ea:89:f4:b4:96:fe:b1:85:ee:
                    77:09:09:11:48:5f:2c:27:9e:6a:bf:f7:2e:f7:4c:
                    fb:0a:ae:09:25:50:d8:be:03:d7:02:55:20:e8:95:
                    eb:5e:b9:b1:80:09:84:ea:6c:ec:08:c0:bc:80:6c:
                    b9:6f:6d:c1:3c:5a:ae:f9:0b:1f:6b:3a:69:b6:d4:
                    e1:c4:16:17:db:5c:a1:4a:74:ec:39:af:cd:5b:0a:
                    93:e2:83:a3:b3:4a:34:77:68:01:f5:97:51:e7:1f:
                    53:8b:30:e4:a8:53:3f:bc:6a:0c:e4:7f:fe:b1:da:
                    83:b0:3b:80:2c:a1:7f:81:6a:93:44:2d:e6:54:d6:
                    87:a2:49:ee:43:ac:3b:6e:44:52:5c:43:1b:a5:eb:
                    4d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:01:3D:9B:F5:87:38:02:1A:38:25:97:AA:08:CA:F3:62:78:BE:F1
            X509v3 Authority Key Identifier:
                keyid:44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/tAE9m_WHOAIaOCWXqgjK82J4vvE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.32.0/19
                  85.193.128.0/20
                  85.193.176.0/20
                  185.54.208.0/23
                IPv6:
                  2a00:eb40::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:08:96:0e:37:af:0c:0a:48:e9:3a:87:f6:c4:8b:e2:c6:7a:
         26:a8:d2:ec:f6:1f:83:54:a4:2b:c0:5a:5a:53:97:a4:79:63:
         87:dc:bf:31:03:4b:3d:5d:92:d0:80:97:66:d1:1c:7d:7e:73:
         83:62:7f:d9:e0:83:9e:77:6c:de:64:6e:fc:73:88:55:92:76:
         06:77:65:b5:b6:ea:a1:9b:96:ac:a8:61:26:98:cc:ea:08:b5:
         67:d4:7c:5c:62:0c:8b:5e:5f:a3:41:15:59:32:e1:d3:ed:b0:
         e8:95:23:95:14:b2:05:ff:0b:7e:7b:79:e4:e8:54:11:93:1c:
         83:b1:09:28:f0:4c:be:37:ed:0e:95:1b:64:6b:41:97:89:fb:
         d2:a0:13:f3:0a:cc:9f:d6:81:d4:96:b9:56:50:87:d6:cc:9f:
         3e:0c:89:4d:9d:4d:34:01:5f:b9:41:c7:23:55:73:d2:d8:5e:
         d4:96:45:d8:d0:0c:3d:8b:83:c8:64:38:1e:33:ba:74:c6:19:
         49:25:9a:f4:cb:cf:f7:28:c7:72:88:ba:dd:ae:80:39:1e:e3:
         9d:5c:80:38:ad:14:ab:b0:56:54:c6:94:4a:fd:e1:03:13:22:
         13:9a:07:6e:fb:ba:49:17:8f:89:66:6b:20:87:72:80:de:9f:
         d5:f2:b6:5a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECYO2EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGNlYjYxZTcxYTYxOWYyMzE0ZTlkOTg0NmVjNjdiYzg4YTEyNDRjMB4XDTIyMDEw
MTExNTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQwMTNkOWJmNTg3
MzgwMjFhMzgyNTk3YWEwOGNhZjM2Mjc4YmVmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOzN5gPXyeQTn7emtEkY7LAenohzJCYAzPFEJaz2LS6KTCoN
bBQtic5L+4+eDSP5ElJkcJPZ4eaVVs+S96NLWJO8KsUzbZ0UVOEq2x5eg17POMOX
noUlxhPvSbYMVjTwY4NX12deDIaIJ/g2zu656on0tJb+sYXudwkJEUhfLCeear/3
LvdM+wquCSVQ2L4D1wJVIOiV6165sYAJhOps7AjAvIBsuW9twTxarvkLH2s6abbU
4cQWF9tcoUp07DmvzVsKk+KDo7NKNHdoAfWXUecfU4sw5KhTP7xqDOR//rHag7A7
gCyhf4Fqk0Qt5lTWh6JJ7kOsO25EUlxDG6XrTYECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS0AT2b9Yc4Aho4JZeqCMrzYni+8TAfBgNVHSMEGDAWgBREzrYecaYZ8jFO
nZhG7Ge8iKEkTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JNNjJIbkdtR2ZJeFRwMllSdXhudklpaEpFdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMDdlYWM3LTRkNTItNDZkOS1iYTQ0LTg5NDU4NjBkNTIzOC8x
L3RBRTltX1dIT0FJYU9DV1hxZ2pLODJKNHZ2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MDdlYWM3LTRkNTItNDZkOS1iYTQ0LTg5NDU4NjBkNTIzOC8xL1JNNjJIbkdtR2ZJ
eFRwMllSdXhudklpaEpFdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVBCIAMEBFXBgAMEBFXBsAMEAbk2
0DANBAIAAjAHAwUAKgDrQDANBgkqhkiG9w0BAQsFAAOCAQEAGwiWDjevDApI6TqH
9sSL4sZ6JqjS7PYfg1SkK8BaWlOXpHljh9y/MQNLPV2S0ICXZtEcfX5zg2J/2eCD
nnds3mRu/HOIVZJ2BndltbbqoZuWrKhhJpjM6gi1Z9R8XGIMi15fo0EVWTLh0+2w
6JUjlRSyBf8Lfnt55OhUEZMcg7EJKPBMvjftDpUbZGtBl4n70qAT8wrMn9aB1Ja5
VlCH1syfPgyJTZ1NNAFfuUHHI1Vz0the1JZF2NAMPYuDyGQ4HjO6dMYZSSWa9MvP
9yjHcoi63a6AOR7jnVyAOK0Uq7BWVMaUSv3hAxMiE5oHbvu6SRePiWZrIIdygN6f
1fK2Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:36 2024 by rpki-client on console-ams.rpki-client.org