Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa
File:                     IpPQhowY4hvDPBTWGTliFJLhQ-0.roa (raw, json)
Hash identifier:          G5/VaX56CcDEyOaIdusCZxfHmYWaLhMIXehNqI6FbtA=
Subject key identifier:   22:93:D0:86:8C:18:E2:1B:C3:3C:14:D6:19:39:62:14:92:E1:43:ED
Certificate issuer:       /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial:       018225BCC02168AF73625550D08734642617
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa
Signing time:             Fri 22 Jul 2022 11:48:23 +0000
ROA not before:           Fri 22 Jul 2022 11:48:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14537
IP address blocks:        193.33.228.0/23 maxlen: 24
                          193.31.208.0/20 maxlen: 24
                          109.202.112.0/21 maxlen: 24
                          45.85.4.0/22 maxlen: 24
                          78.24.208.0/21 maxlen: 24
                          5.62.80.0/20 maxlen: 24
                          66.84.64.0/20 maxlen: 24
                          185.28.72.0/22 maxlen: 24
                          94.125.56.0/21 maxlen: 24
                          2a03:9e00::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:bc:c0:21:68:af:73:62:55:50:d0:87:34:64:26:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
        Validity
            Not Before: Jul 22 11:48:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2293d0868c18e21bc33c14d61939621492e143ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:38:12:5b:42:a0:10:e3:7d:e8:d0:5e:e1:d2:
                    8f:4c:8d:5f:a6:c8:c7:d1:73:a3:47:2d:c5:17:fe:
                    59:22:88:3a:8c:df:a7:5f:43:6f:a4:cf:5a:de:40:
                    7f:37:66:79:0c:d9:fd:77:4e:3d:1b:21:b3:70:0b:
                    8c:0d:06:05:4f:16:48:f8:36:b1:c2:40:3b:32:64:
                    8b:d7:79:ea:9c:18:e7:9b:ae:f1:f9:7d:b2:7f:82:
                    3b:ba:2c:fc:93:5c:67:63:7c:9b:d4:b0:0e:cc:33:
                    eb:d4:89:18:0d:3c:f9:55:2d:81:23:bb:2b:b4:6a:
                    46:0a:d6:bc:45:7c:b0:b3:0e:5c:71:b9:ca:ec:3d:
                    6c:0f:cd:6d:ed:b7:b0:99:eb:d6:7f:4d:91:49:1a:
                    23:17:38:99:af:7b:f3:94:1b:b9:ec:5d:92:e4:93:
                    a0:a7:77:0d:73:17:e8:e8:2d:c7:6a:ed:91:3f:a6:
                    c2:23:2e:95:ae:fd:37:ae:92:53:85:e6:9b:17:ef:
                    f9:e6:9f:2a:72:b8:75:89:cc:4f:83:75:10:26:15:
                    ed:aa:06:0b:4c:21:45:1b:90:ac:22:75:a9:53:91:
                    a8:08:45:ca:ce:16:97:86:bd:3b:52:b1:48:4c:d2:
                    00:12:f0:a1:54:0a:41:b0:d2:9e:51:ab:47:30:40:
                    cf:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:93:D0:86:8C:18:E2:1B:C3:3C:14:D6:19:39:62:14:92:E1:43:ED
            X509v3 Authority Key Identifier:
                keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IpPQhowY4hvDPBTWGTliFJLhQ-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.62.80.0/20
                  45.85.4.0/22
                  66.84.64.0/20
                  78.24.208.0/21
                  94.125.56.0/21
                  109.202.112.0/21
                  185.28.72.0/22
                  193.31.208.0/20
                  193.33.228.0/23
                IPv6:
                  2a03:9e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         17:2d:5e:69:83:66:c2:7c:7f:28:f7:b6:78:ab:f6:73:3f:5c:
         f6:2e:4e:c1:a7:f5:08:b3:26:63:8d:e5:89:e7:c3:09:c4:82:
         7d:91:15:88:a8:e1:11:93:ca:ee:07:3d:08:33:5c:01:b1:4d:
         ba:f1:88:f6:b5:b7:e0:ad:4a:e1:97:a6:40:9f:0f:db:a0:f3:
         92:83:3d:5f:bc:de:75:af:56:75:99:3c:c0:89:a4:07:a3:c3:
         59:49:99:30:0f:11:bb:11:b3:79:f5:71:ce:33:15:56:76:d0:
         cc:ce:b4:c8:a7:e0:c2:a5:41:e9:61:c0:d6:10:b9:0b:62:eb:
         13:ba:70:1e:21:48:e7:57:08:58:06:13:37:d2:db:81:8f:2d:
         39:b2:90:ec:2f:63:bb:0b:e0:d8:56:94:51:12:c6:fa:fd:04:
         5c:ac:75:17:27:5a:00:dc:4a:60:75:88:d7:27:1f:bb:84:b2:
         d3:c2:86:1b:18:7d:77:c4:19:16:e0:2b:08:94:71:30:69:85:
         b6:ba:29:2a:a9:af:99:a6:7b:22:b4:07:bd:e5:92:4d:49:bf:
         43:41:6d:77:ab:2a:ee:24:84:30:6b:43:20:fa:db:89:b4:79:
         ae:8f:a4:84:da:f0:3e:da:52:64:23:af:df:5c:42:cd:89:e3:
         9c:b9:c6:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYIlvMAhaK9zYlVQ0Ic0ZCYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjIwNzIyMTE0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjkzZDA4NjhjMThlMjFiYzMzYzE0ZDYxOTM5NjIxNDkyZTE0M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTgSW0KgEON96NBe4dKPTI1fpsjH
0XOjRy3FF/5ZIog6jN+nX0NvpM9a3kB/N2Z5DNn9d049GyGzcAuMDQYFTxZI+Dax
wkA7MmSL13nqnBjnm67x+X2yf4I7uiz8k1xnY3yb1LAOzDPr1IkYDTz5VS2BI7sr
tGpGCta8RXywsw5ccbnK7D1sD81t7bewmevWf02RSRojFziZr3vzlBu57F2S5JOg
p3cNcxfo6C3Hau2RP6bCIy6Vrv03rpJTheabF+/55p8qcrh1icxPg3UQJhXtqgYL
TCFFG5CsInWpU5GoCEXKzhaXhr07UrFITNIAEvChVApBsNKeUatHMEDPfQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCKT0IaMGOIbwzwU1hk5YhSS4UPtMB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvSXBQUWhvd1k0aHZEUEJUV0dUbGlGSkxoUS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEtN2I5NmE5OTk3NzE4
LzEvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEBT5QAwQC
LVUEAwQEQlRAAwQDThjQAwQDXn04AwQDbcpwAwQCuRxIAwQEwR/QAwQBwSHkMA0E
AgACMAcDBQAqA54AMA0GCSqGSIb3DQEBCwUAA4IBAQAXLV5pg2bCfH8o97Z4q/Zz
P1z2Lk7Bp/UIsyZjjeWJ58MJxIJ9kRWIqOERk8ruBz0IM1wBsU268Yj2tbfgrUrh
l6ZAnw/boPOSgz1fvN51r1Z1mTzAiaQHo8NZSZkwDxG7EbN59XHOMxVWdtDMzrTI
p+DCpUHpYcDWELkLYusTunAeIUjnVwhYBhM30tuBjy05spDsL2O7C+DYVpRREsb6
/QRcrHUXJ1oA3EpgdYjXJx+7hLLTwoYbGH13xBkW4CsIlHEwaYW2uikqqa+Zpnsi
tAe95ZJNSb9DQW13qyruJIQwa0Mg+tuJtHmuj6SE2vA+2lJkI6/fXELNieOcucZg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org