Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/bh4o6d5p5tjlrlYu_DkVzFexkzw.roa
File:                     bh4o6d5p5tjlrlYu_DkVzFexkzw.roa (raw, json)
Hash identifier:          HsKWglFH4rnOa8Eq56ZnVZyy1STfcD8bvqZJOtebewA=
Subject key identifier:   6E:1E:28:E9:DE:69:E6:D8:E5:AE:56:2E:FC:39:15:CC:57:B1:93:3C
Certificate issuer:       /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial:       018345A3095BAF63EB2546A5E5A134F61729
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/bh4o6d5p5tjlrlYu_DkVzFexkzw.roa
Signing time:             Fri 16 Sep 2022 09:30:56 +0000
ROA not before:           Fri 16 Sep 2022 09:30:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8280
IP address blocks:        185.82.36.0/24 maxlen: 32
                          185.82.38.0/24 maxlen: 32
                          185.82.36.0/22 maxlen: 24
                          185.82.37.0/24 maxlen: 32
                          185.82.39.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:a3:09:5b:af:63:eb:25:46:a5:e5:a1:34:f6:17:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
        Validity
            Not Before: Sep 16 09:30:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e1e28e9de69e6d8e5ae562efc3915cc57b1933c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:eb:53:60:b0:43:1b:55:e5:bb:7d:92:12:ae:
                    a5:45:c8:6e:64:70:0d:1c:4d:77:09:e5:64:a9:e2:
                    47:01:4e:12:c7:32:5d:cb:72:8a:cf:71:6c:cc:ee:
                    54:b2:26:6a:ca:79:08:1a:52:ca:9a:7e:54:ce:e4:
                    9b:f1:c8:4d:a0:fb:4e:0b:29:0c:19:c1:f1:2d:3d:
                    bc:ee:be:ac:7e:74:ba:30:f6:0e:8a:b0:1a:6b:0d:
                    91:ff:a7:33:7e:09:b2:69:d6:7e:e8:1d:ec:bf:04:
                    d2:9a:b7:72:95:7e:a1:e5:44:fe:b2:45:a0:d2:cc:
                    ac:e3:71:80:d3:2c:fb:40:6d:4f:e7:e8:82:e3:a4:
                    d7:b0:fd:8f:0d:87:74:0e:e3:a4:d5:b5:5e:95:49:
                    9e:e4:10:c8:3d:28:c8:60:db:1b:e0:b0:bd:c9:31:
                    ee:5a:cb:b4:ad:b7:08:89:d1:a1:64:ab:4a:65:02:
                    9f:0b:d8:57:ef:35:34:ee:4a:72:68:a7:74:e3:a8:
                    93:4b:73:12:49:be:17:ec:6b:22:fb:b2:9e:f2:b8:
                    68:fd:0f:d5:6a:a7:19:bd:96:ba:a9:f0:e7:d4:ad:
                    1c:5e:16:f4:ef:38:73:f5:0f:a5:24:9e:8b:fe:64:
                    67:4b:11:48:ce:df:c2:1b:02:51:cb:01:c1:0c:04:
                    ff:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:1E:28:E9:DE:69:E6:D8:E5:AE:56:2E:FC:39:15:CC:57:B1:93:3C
            X509v3 Authority Key Identifier:
                keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/bh4o6d5p5tjlrlYu_DkVzFexkzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:ef:d7:90:ed:76:6e:28:4a:c8:42:dd:eb:f9:eb:49:a5:49:
         cb:d9:21:80:03:a7:cc:5f:d6:00:92:14:0e:3f:c3:d8:a6:9e:
         42:69:1d:89:26:7f:2e:94:4c:d1:42:90:cb:5a:45:d8:83:e4:
         3e:bc:d1:51:3e:a9:b8:d4:61:7c:0f:84:98:69:37:4d:8a:30:
         55:55:0e:4b:9f:2a:02:99:e2:fc:5e:f0:61:62:26:9f:88:e6:
         00:21:5b:57:3f:39:41:74:88:e9:b0:b5:c0:9f:85:4e:dd:23:
         20:10:0b:ae:6a:a7:c4:49:9c:d1:98:a7:98:40:95:48:24:24:
         f0:87:12:6d:8a:3d:5e:09:26:0d:30:62:bf:8e:94:cf:c2:40:
         fe:dc:a7:cf:ef:55:a4:65:56:a2:bf:c9:55:03:ba:76:87:e6:
         f4:ac:41:65:cf:1a:09:d6:e6:52:fe:01:2a:52:81:8f:db:26:
         50:f8:22:cf:55:b6:46:94:a6:10:f6:d3:6e:eb:3c:b7:fb:b4:
         d0:9b:f4:25:23:9e:14:94:b3:d3:7a:8d:64:f5:56:31:e7:74:
         1c:3a:2b:79:0e:28:bd:69:3e:c8:96:f0:6e:1b:dd:64:83:b8:
         f6:64:ec:98:b4:5b:2c:e9:9d:40:1e:3d:20:48:34:07:4b:55:
         1f:e4:3c:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNFowlbr2PrJUal5aE09hcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjIwOTE2MDkzMDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFlMjhlOWRlNjllNmQ4ZTVhZTU2MmVmYzM5MTVjYzU3YjE5MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOtTYLBDG1Xlu32SEq6lRchuZHAN
HE13CeVkqeJHAU4SxzJdy3KKz3FszO5UsiZqynkIGlLKmn5UzuSb8chNoPtOCykM
GcHxLT287r6sfnS6MPYOirAaaw2R/6czfgmyadZ+6B3svwTSmrdylX6h5UT+skWg
0sys43GA0yz7QG1P5+iC46TXsP2PDYd0DuOk1bVelUme5BDIPSjIYNsb4LC9yTHu
Wsu0rbcIidGhZKtKZQKfC9hX7zU07kpyaKd046iTS3MSSb4X7Gsi+7Ke8rho/Q/V
aqcZvZa6qfDn1K0cXhb07zhz9Q+lJJ6L/mRnSxFIzt/CGwJRywHBDAT/nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4eKOneaebY5a5WLvw5FcxXsZM8MB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvYmg0bzZkNXA1dGpscmxZdV9Ea1Z6RmV4a3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVIkMA0G
CSqGSIb3DQEBCwUAA4IBAQBh79eQ7XZuKErIQt3r+etJpUnL2SGAA6fMX9YAkhQO
P8PYpp5CaR2JJn8ulEzRQpDLWkXYg+Q+vNFRPqm41GF8D4SYaTdNijBVVQ5LnyoC
meL8XvBhYiafiOYAIVtXPzlBdIjpsLXAn4VO3SMgEAuuaqfESZzRmKeYQJVIJCTw
hxJtij1eCSYNMGK/jpTPwkD+3KfP71WkZVaiv8lVA7p2h+b0rEFlzxoJ1uZS/gEq
UoGP2yZQ+CLPVbZGlKYQ9tNu6zy3+7TQm/QlI54UlLPTeo1k9VYx53QcOit5Dii9
aT7IlvBuG91kg7j2ZOyYtFss6Z1AHj0gSDQHS1Uf5Dwt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:07 2024 by rpki-client on console-fra.rpki-client.org