Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/8dr2fzVMAJpkHwEqPRPbyMepV4M.roa
File:                     8dr2fzVMAJpkHwEqPRPbyMepV4M.roa (raw, json)
Hash identifier:          dhU9+wUnL9mx3lK6O94Odh8iUw1EGJ/OtuPyWh7o8HU=
Subject key identifier:   F1:DA:F6:7F:35:4C:00:9A:64:1F:01:2A:3D:13:DB:C8:C7:A9:57:83
Certificate issuer:       /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial:       0A735296
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/8dr2fzVMAJpkHwEqPRPbyMepV4M.roa
Signing time:             Thu 19 May 2022 10:59:29 +0000
ROA not before:           Thu 19 May 2022 10:59:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201210
IP address blocks:        185.82.38.0/24 maxlen: 32
                          185.82.36.0/22 maxlen: 24
                          185.82.36.0/24 maxlen: 32
                          185.82.39.0/24 maxlen: 32
                          2a05:8cc0::/29 maxlen: 29
                          2001:4d70::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 175329942 (0xa735296)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
        Validity
            Not Before: May 19 10:59:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1daf67f354c009a641f012a3d13dbc8c7a95783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:02:ad:2d:8a:6d:b9:f1:74:a7:3d:e3:a9:80:
                    e8:27:7e:74:a0:17:57:3c:38:7b:0d:23:cd:41:ec:
                    77:46:6f:34:70:72:f4:d7:7c:d8:b2:52:ec:06:73:
                    87:e1:6e:b5:85:2e:03:8d:8c:96:98:da:1a:90:2f:
                    b3:13:10:e4:12:3b:62:0a:95:bf:e7:45:17:da:ea:
                    33:0a:b6:21:ac:29:e0:3b:1a:51:84:5d:65:1a:3c:
                    3b:3f:e6:0f:26:67:14:dd:5d:f2:ad:2f:0b:46:1d:
                    e6:f4:c3:4f:0a:7c:f5:42:a6:ab:d4:e4:73:16:95:
                    e4:a9:58:2e:ca:ec:e3:c5:77:ea:ec:21:03:56:83:
                    00:c8:bf:21:f2:95:22:c9:18:90:3f:c4:98:d5:e3:
                    4d:46:88:3c:eb:ae:e5:3b:87:10:c6:e9:ca:43:d9:
                    7a:10:1a:a1:38:eb:ab:d6:ad:d7:06:cc:04:90:7f:
                    7a:85:de:6d:1b:0b:f6:c5:22:e6:34:3a:ab:19:02:
                    2e:30:49:f4:91:0d:34:35:d7:ef:01:50:dd:84:05:
                    65:fe:1a:4d:ab:94:2b:82:96:40:0b:7f:c7:26:80:
                    ac:59:0d:be:62:5c:44:65:16:4e:e7:9e:c5:78:dc:
                    b4:08:e4:33:1a:5c:ef:d0:63:e4:00:5f:a0:81:29:
                    d9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:DA:F6:7F:35:4C:00:9A:64:1F:01:2A:3D:13:DB:C8:C7:A9:57:83
            X509v3 Authority Key Identifier:
                keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/8dr2fzVMAJpkHwEqPRPbyMepV4M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.36.0/22
                IPv6:
                  2001:4d70::/32
                  2a05:8cc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:0c:75:85:f1:3b:55:8b:c7:f7:76:5e:48:33:8b:e3:64:30:
         53:92:1d:36:eb:69:dc:4b:85:c1:b3:c6:17:67:22:f6:d6:81:
         f4:1b:27:ad:05:09:eb:63:49:92:a5:29:1b:88:4c:05:77:43:
         31:0a:94:57:3a:0c:99:be:f0:ce:f3:f9:e6:ba:1a:8c:ca:27:
         c2:b6:51:f0:f5:08:ba:67:ae:64:7b:f0:04:67:16:50:93:c9:
         33:66:9d:4f:b7:47:c5:fa:ed:4b:9e:82:b4:f2:c1:0c:08:97:
         a4:7f:e3:1a:cc:d8:14:d2:72:9f:c3:c0:bb:4e:c3:d2:0b:5a:
         60:f6:74:ff:fa:8a:e9:5e:e2:f4:ad:4e:9b:99:53:ed:e0:07:
         72:12:84:a3:fd:7b:85:9c:5d:44:e1:1e:c5:ec:35:6e:d4:fe:
         ad:0a:e7:b2:26:09:76:8c:51:87:37:b0:25:1f:30:90:48:6a:
         5e:8c:11:7c:5c:38:cd:be:0c:39:98:30:6a:bb:3d:b2:e8:8c:
         15:85:34:d9:84:85:49:de:fc:e2:aa:8a:14:8f:27:33:f2:82:
         2b:5f:08:f1:59:b9:d0:ee:3f:88:e3:c7:4f:e0:59:e0:fc:b0:
         25:bb:0b:b0:8b:ef:d9:f9:4a:a3:e4:97:fd:da:36:7a:f4:b4:
         41:99:02:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECnNSljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzkyMDQyMGY3MjJmN2Q3ZjNjNGIyNWE4MGUxN2Q3MjkwMTcxMTgwMB4XDTIyMDUx
OTEwNTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFkYWY2N2YzNTRj
MDA5YTY0MWYwMTJhM2QxM2RiYzhjN2E5NTc4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkCrS2KbbnxdKc946mA6Cd+dKAXVzw4ew0jzUHsd0ZvNHBy
9Nd82LJS7AZzh+FutYUuA42MlpjaGpAvsxMQ5BI7YgqVv+dFF9rqMwq2Iawp4Dsa
UYRdZRo8Oz/mDyZnFN1d8q0vC0Yd5vTDTwp89UKmq9TkcxaV5KlYLsrs48V36uwh
A1aDAMi/IfKVIskYkD/EmNXjTUaIPOuu5TuHEMbpykPZehAaoTjrq9at1wbMBJB/
eoXebRsL9sUi5jQ6qxkCLjBJ9JENNDXX7wFQ3YQFZf4aTauUK4KWQAt/xyaArFkN
vmJcRGUWTueexXjctAjkMxpc79Bj5ABfoIEp2dkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTx2vZ/NUwAmmQfASo9E9vIx6lXgzAfBgNVHSMEGDAWgBRnkgQg9yL31/PE
slqA4X1ykBcRgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1SUVJUGNpOTlmenhMSmFnT0Y5Y3BBWEVZQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMjdjYTE2LWY0NmItNGY4ZS1iOTJlLTVlZDA4OWMxYWZlZC8x
LzhkcjJmelZNQUpwa0h3RXFQUlBieU1lcFY0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MjdjYTE2LWY0NmItNGY4ZS1iOTJlLTVlZDA4OWMxYWZlZC8xL1o1SUVJUGNpOTlm
enhMSmFnT0Y5Y3BBWEVZQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEArlSJDAUBAIAAjAOAwUAIAFNcAMF
AyoFjMAwDQYJKoZIhvcNAQELBQADggEBAFMMdYXxO1WLx/d2Xkgzi+NkMFOSHTbr
adxLhcGzxhdnIvbWgfQbJ60FCetjSZKlKRuITAV3QzEKlFc6DJm+8M7z+ea6GozK
J8K2UfD1CLpnrmR78ARnFlCTyTNmnU+3R8X67UuegrTywQwIl6R/4xrM2BTScp/D
wLtOw9ILWmD2dP/6iule4vStTpuZU+3gB3IShKP9e4WcXUThHsXsNW7U/q0K57Im
CXaMUYc3sCUfMJBIal6MEXxcOM2+DDmYMGq7PbLojBWFNNmEhUne/OKqihSPJzPy
gitfCPFZudDuP4jjx0/gWeD8sCW7C7CL79n5SqPkl/3aNnr0tEGZAvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:50 2024 by rpki-client on console-ams.rpki-client.org