Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/h6Ze5weKwt7JDTmZyL5slgyh1L0.roa
File:                     h6Ze5weKwt7JDTmZyL5slgyh1L0.roa (raw, json)
Hash identifier:          qc9g4stfp7xoABKmlA9flcRp55EPt2StcVvKJYwJ0hU=
Subject key identifier:   87:A6:5E:E7:07:8A:C2:DE:C9:0D:39:99:C8:BE:6C:96:0C:A1:D4:BD
Certificate issuer:       /CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Certificate serial:       01E52086
Authority key identifier: FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/h6Ze5weKwt7JDTmZyL5slgyh1L0.roa
Signing time:             Sat 01 Jan 2022 04:03:14 +0000
ROA not before:           Sat 01 Jan 2022 04:03:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200611
IP address blocks:        80.210.80.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31793286 (0x1e52086)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
        Validity
            Not Before: Jan  1 04:03:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87a65ee7078ac2dec90d3999c8be6c960ca1d4bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:53:41:bd:49:c0:23:2b:20:d2:eb:79:f9:
                    59:23:9d:a3:71:be:b8:23:f9:af:85:d7:b9:59:d4:
                    36:10:9d:16:9b:1b:e6:9f:2f:ba:10:bb:22:d0:1e:
                    f9:9d:b3:b4:2e:cf:98:43:9a:07:89:ee:f2:0d:77:
                    46:ff:6d:10:53:28:76:b4:a0:8f:97:24:20:24:22:
                    1f:9f:04:6b:74:86:2d:fb:ee:6b:f5:d2:57:3b:4d:
                    bc:a7:3b:50:7a:0c:aa:72:2b:85:c5:35:ef:65:c9:
                    f9:96:5b:3a:1f:55:2e:68:25:e5:a3:bb:2f:64:81:
                    26:ca:c1:17:9a:07:a3:e7:18:56:2a:44:bc:02:42:
                    05:0a:d8:eb:9c:5c:03:8b:99:68:e4:a6:44:3f:2d:
                    44:76:44:7a:d1:ed:0b:26:e2:4c:7d:20:87:13:e5:
                    af:26:4e:9b:2e:38:4c:bb:33:0e:4b:9d:80:c2:44:
                    1c:a3:fd:cd:20:54:fd:6a:ff:dd:6d:49:58:c1:4a:
                    5a:58:9b:20:24:59:22:71:0a:61:58:94:34:ec:a3:
                    fa:bd:db:6b:5a:18:e1:93:1c:e7:8f:db:6c:3d:86:
                    dc:9f:82:f6:9a:1b:b0:76:05:8c:5f:e4:9d:7b:d5:
                    f4:89:98:9a:8f:b2:fc:88:1c:88:fe:28:3c:48:a0:
                    02:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:A6:5E:E7:07:8A:C2:DE:C9:0D:39:99:C8:BE:6C:96:0C:A1:D4:BD
            X509v3 Authority Key Identifier:
                keyid:FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/h6Ze5weKwt7JDTmZyL5slgyh1L0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.210.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         81:3c:37:e7:ff:de:fe:c7:39:54:11:ce:fa:eb:6b:6a:99:ce:
         73:63:03:1b:aa:70:93:27:e2:06:62:05:ef:f8:2f:c7:0e:b0:
         af:ae:6e:2e:c8:fe:fd:84:9a:40:ba:93:f8:1b:b5:52:5a:5d:
         b2:64:d7:87:d0:35:9c:bc:c6:00:96:3a:06:ed:91:f3:23:14:
         a8:08:48:20:a9:ea:96:1b:d5:70:a0:05:06:42:a4:ff:e7:76:
         1d:20:95:2e:1f:af:24:7a:16:0a:19:ce:86:13:99:bd:ce:e9:
         b9:aa:42:74:27:86:70:62:d0:9c:0e:3f:37:e0:b0:3d:b1:f0:
         d0:a7:1a:1a:6c:7d:11:bc:ec:f8:2e:c4:a6:bb:3f:20:fb:90:
         6c:7f:4d:cb:44:35:16:c9:6e:ab:92:ae:69:87:ce:e5:5e:ba:
         57:38:4e:95:64:c3:74:5f:89:e6:e4:bb:bd:09:36:8d:31:71:
         9f:e4:b8:d6:46:3f:70:e0:05:d7:e2:ee:cf:bd:0b:3a:45:7a:
         90:92:23:77:fc:a9:e2:76:a4:93:cd:89:c3:23:30:4b:81:67:
         41:38:ad:e8:9a:41:e1:0b:42:43:e0:c5:92:19:aa:7f:a0:35:
         a4:15:7f:48:f2:16:0b:63:24:72:ad:ee:25:3f:d2:ff:87:af:
         7a:e6:99:c1
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAeUghjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjIzNmIyMTNkNTY0OTNmM2IwNzdlNmI0MWY0MmU0ZjNkZjhjZGNlMB4XDTIyMDEw
MTA0MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdhNjVlZTcwNzhh
YzJkZWM5MGQzOTk5YzhiZTZjOTYwY2ExZDRiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMnU0G9ScAjKyDS63n5WSOdo3G+uCP5r4XXuVnUNhCdFpsb
5p8vuhC7ItAe+Z2ztC7PmEOaB4nu8g13Rv9tEFModrSgj5ckICQiH58Ea3SGLfvu
a/XSVztNvKc7UHoMqnIrhcU172XJ+ZZbOh9VLmgl5aO7L2SBJsrBF5oHo+cYVipE
vAJCBQrY65xcA4uZaOSmRD8tRHZEetHtCybiTH0ghxPlryZOmy44TLszDkudgMJE
HKP9zSBU/Wr/3W1JWMFKWlibICRZInEKYViUNOyj+r3ba1oY4ZMc54/bbD2G3J+C
9pobsHYFjF/knXvV9ImYmo+y/IgciP4oPEigApcCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSHpl7nB4rC3skNOZnIvmyWDKHUvTAfBgNVHSMEGDAWgBT7I2shPVZJPzsH
fmtB9C5PPfjNzjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteU5ySVQxV1NUODdCMzVyUWZRdVR6MzR6YzQuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzg1LzIwZjRhYy04MGQ5LTQwZTItYTllNi0xYzg4ZWViZWIyOTMv
MS9oNlplNXdlS3d0N0pEVG1aeUw1c2xneWgxTDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1
LzIwZjRhYy04MGQ5LTQwZTItYTllNi0xYzg4ZWViZWIyOTMvMS8xLXlOcklUMVdT
VDg3QjM1clFmUXVUejM0emM0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUNJQMA0GCSqGSIb3DQEBCwUA
A4IBAQCBPDfn/97+xzlUEc7662tqmc5zYwMbqnCTJ+IGYgXv+C/HDrCvrm4uyP79
hJpAupP4G7VSWl2yZNeH0DWcvMYAljoG7ZHzIxSoCEggqeqWG9VwoAUGQqT/53Yd
IJUuH68kehYKGc6GE5m9zum5qkJ0J4ZwYtCcDj834LA9sfDQpxoabH0RvOz4LsSm
uz8g+5Bsf03LRDUWyW6rkq5ph87lXrpXOE6VZMN0X4nm5Lu9CTaNMXGf5LjWRj9w
4AXX4u7PvQs6RXqQkiN3/KnidqSTzYnDIzBLgWdBOK3omkHhC0JD4MWSGap/oDWk
FX9I8hYLYyRyre4lP9L/h6965pnB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:19 2024 by rpki-client on console-ams.rpki-client.org