Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P9uYQRvF-VRH_qF1PT9QwdHHc9w.roa
File:                     P9uYQRvF-VRH_qF1PT9QwdHHc9w.roa (raw, json)
Hash identifier:          dQL+4Z5Argbl1Hqglnjj7M5axChUnyyg7mNEJdwSuas=
Subject key identifier:   3F:DB:98:41:1B:C5:F9:54:47:FE:A1:75:3D:3F:50:C1:D1:C7:73:DC
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       1B669BEE
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P9uYQRvF-VRH_qF1PT9QwdHHc9w.roa
Signing time:             Sat 01 Jan 2022 10:02:38 +0000
ROA not before:           Sat 01 Jan 2022 10:02:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41313
IP address blocks:        195.228.11.0/24 maxlen: 24
                          84.1.240.0/24 maxlen: 24
                          84.1.240.0/21 maxlen: 21
                          84.1.246.0/24 maxlen: 24
                          84.1.44.0/22 maxlen: 22
                          84.1.42.0/23 maxlen: 23
                          84.1.44.0/24 maxlen: 24
                          195.228.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 459709422 (0x1b669bee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  1 10:02:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3fdb98411bc5f95447fea1753d3f50c1d1c773dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f3:07:40:1b:52:5f:f1:f8:f1:50:b3:ef:60:
                    54:bc:da:43:bb:87:af:b8:6b:29:e5:e5:c9:a4:e0:
                    77:18:c6:e4:b9:d0:3a:91:11:e6:13:9f:5c:38:37:
                    15:77:d1:7f:51:b3:55:ee:d0:b6:d4:f3:df:00:55:
                    3c:6d:1f:ef:8f:b7:ad:8c:b4:58:82:07:b4:b5:c1:
                    7a:ea:a6:fc:54:5a:69:6d:6b:53:83:29:74:10:15:
                    43:26:7b:d0:58:10:ec:96:23:79:26:9c:4f:f2:86:
                    75:7e:e0:b2:a9:f0:3f:68:7f:bd:e1:14:bd:f6:a3:
                    03:ed:ee:81:42:03:cf:54:31:7d:a1:b8:77:97:03:
                    06:99:cd:dc:91:5c:a8:46:0b:f5:eb:1a:e4:fb:59:
                    b9:38:22:67:78:70:b0:3c:9f:46:2a:b9:bd:1b:6f:
                    9a:be:5f:35:55:13:e7:2d:aa:1e:9b:bb:f7:1e:73:
                    6a:40:b7:8e:14:40:0d:67:72:b0:4c:69:67:4a:6b:
                    0b:99:04:72:68:7f:77:78:d0:00:49:8b:f6:d4:00:
                    1b:67:c7:4b:29:50:5a:3c:1b:f5:97:76:45:96:6a:
                    c4:ee:b8:7a:4c:d4:1e:41:7a:fa:cd:fc:b4:46:d5:
                    1b:fb:55:e4:7c:4d:6d:dc:71:ee:2b:15:da:cf:94:
                    1c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:DB:98:41:1B:C5:F9:54:47:FE:A1:75:3D:3F:50:C1:D1:C7:73:DC
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P9uYQRvF-VRH_qF1PT9QwdHHc9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.1.42.0-84.1.47.255
                  84.1.240.0/21
                  195.228.11.0/24
                  195.228.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:42:5c:0e:cc:79:ed:2c:fb:92:52:17:21:65:43:54:d3:d8:
         f3:27:cc:2d:dc:76:a5:c2:cb:46:0a:65:2e:11:15:f4:23:19:
         5a:b5:4f:4e:bb:61:dd:52:29:dd:37:52:7b:f7:4d:9b:ae:67:
         7d:c7:28:7c:6d:b9:64:5d:a2:6b:d3:1e:aa:2c:ba:d1:7a:35:
         71:4d:65:eb:59:ae:2c:6c:b2:a5:53:8b:d7:b4:c8:e4:2c:6e:
         f0:77:9b:3b:b2:d9:6e:6c:e5:6f:c9:09:b2:cb:41:b5:50:72:
         50:b0:f9:03:0d:2f:60:4b:1b:77:d8:01:3b:1e:a0:fe:18:19:
         ff:11:09:22:76:cb:cf:92:66:14:ba:84:09:c7:29:9d:68:ae:
         51:bd:80:ba:fd:b4:f7:fc:ee:cc:dc:44:66:5f:80:32:f5:29:
         13:76:2a:02:ae:0b:8e:66:cc:a2:c4:0b:d0:f9:56:67:a5:9d:
         11:2d:e1:fe:98:da:30:8b:42:89:94:dc:44:5d:cb:65:21:7e:
         21:0b:3a:0f:77:de:19:4d:7f:a4:6b:0b:7c:e5:62:fd:c2:94:
         85:fb:56:0b:02:82:56:6f:29:cf:18:92:40:c4:fa:3c:ab:31:
         ef:d6:9f:28:f8:d0:2d:55:10:c5:b7:69:0d:e2:49:fe:c2:5e:
         12:45:96:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEG2ab7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZkYjk4NDExYmM1
Zjk1NDQ3ZmVhMTc1M2QzZjUwYzFkMWM3NzNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjzB0AbUl/x+PFQs+9gVLzaQ7uHr7hrKeXlyaTgdxjG5LnQ
OpER5hOfXDg3FXfRf1GzVe7QttTz3wBVPG0f74+3rYy0WIIHtLXBeuqm/FRaaW1r
U4MpdBAVQyZ70FgQ7JYjeSacT/KGdX7gsqnwP2h/veEUvfajA+3ugUIDz1QxfaG4
d5cDBpnN3JFcqEYL9esa5PtZuTgiZ3hwsDyfRiq5vRtvmr5fNVUT5y2qHpu79x5z
akC3jhRADWdysExpZ0prC5kEcmh/d3jQAEmL9tQAG2fHSylQWjwb9Zd2RZZqxO64
ekzUHkF6+s38tEbVG/tV5HxNbdxx7isV2s+UHOkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQ/25hBG8X5VEf+oXU9P1DB0cdz3DAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
L1A5dVlRUnZGLVZSSF9xRjFQVDlRd2RISGM5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQBVAEqAwQEVAEgAwQDVAHwAwQA
w+QLAwQAw+QrMA0GCSqGSIb3DQEBCwUAA4IBAQAgQlwOzHntLPuSUhchZUNU09jz
J8wt3HalwstGCmUuERX0IxlatU9Ou2HdUindN1J7902brmd9xyh8bblkXaJr0x6q
LLrRejVxTWXrWa4sbLKlU4vXtMjkLG7wd5s7stlubOVvyQmyy0G1UHJQsPkDDS9g
Sxt32AE7HqD+GBn/EQkidsvPkmYUuoQJxymdaK5RvYC6/bT3/O7M3ERmX4Ay9SkT
dioCrguOZsyixAvQ+VZnpZ0RLeH+mNowi0KJlNxEXctlIX4hCzoPd94ZTX+kawt8
5WL9wpSF+1YLAoJWbynPGJJAxPo8qzHv1p8o+NAtVRDFt2kN4kn+wl4SRZZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org