Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/MuhyqN7nU5Rfp-7ZlpnKbGFnv0E.roa
File:                     MuhyqN7nU5Rfp-7ZlpnKbGFnv0E.roa (raw, json)
Hash identifier:          t9s9qZF+gN5nyWXoX8xCPXeRVnO72Ov90kR2XCObgBo=
Subject key identifier:   32:E8:72:A8:DE:E7:53:94:5F:A7:EE:D9:96:99:CA:6C:61:67:BF:41
Certificate issuer:       /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial:       01EC9E14
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/MuhyqN7nU5Rfp-7ZlpnKbGFnv0E.roa
Signing time:             Mon 14 Mar 2022 15:50:35 +0000
ROA not before:           Mon 14 Mar 2022 15:50:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        91.226.224.0/24 maxlen: 24
                          91.226.225.0/24 maxlen: 24
                          194.26.117.0/24 maxlen: 24
                          31.40.2.0/24 maxlen: 24
                          31.40.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32284180 (0x1ec9e14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
        Validity
            Not Before: Mar 14 15:50:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32e872a8dee753945fa7eed99699ca6c6167bf41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fc:84:b4:ad:8b:86:d4:fb:6e:3d:2c:21:6c:
                    4f:88:66:61:a4:d1:c2:c8:c0:46:a8:dc:ea:91:78:
                    7b:d3:26:13:88:87:46:54:0d:9f:ab:fd:a1:2b:97:
                    a6:59:3d:6c:b3:ee:b8:a7:c7:c2:0c:b1:74:d0:1c:
                    50:e4:d6:cd:15:af:b6:50:29:5a:d3:d2:0f:bd:6d:
                    ed:3e:37:3c:d9:32:3b:75:df:6d:be:1f:e3:45:e4:
                    e2:21:90:4f:0f:93:7f:47:55:9b:07:d8:37:9a:53:
                    11:7d:ee:87:08:9e:f6:53:7c:3d:ad:87:c2:02:a2:
                    ba:fc:ee:0d:3a:7c:a5:f5:af:0d:b1:66:0a:45:6d:
                    46:b3:20:7b:ff:31:cc:cd:2e:72:34:2a:5d:a4:4e:
                    c3:6d:b5:ed:c6:b7:f4:fc:92:46:ef:e7:22:50:22:
                    d2:73:f4:ea:17:10:3e:08:8a:70:0b:9d:a7:03:ec:
                    ba:3a:d3:f1:69:db:a3:6f:80:2d:36:6f:38:b6:e9:
                    3b:55:49:4e:65:27:a4:cc:ac:3c:7a:28:98:0e:5b:
                    7c:56:51:65:3b:80:2f:6b:22:cb:b6:83:20:02:ea:
                    d9:f5:f7:9e:b4:b9:34:56:95:29:20:40:d5:71:fe:
                    85:1e:fd:b9:58:de:e8:5d:e3:d2:aa:d8:0c:63:33:
                    1b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E8:72:A8:DE:E7:53:94:5F:A7:EE:D9:96:99:CA:6C:61:67:BF:41
            X509v3 Authority Key Identifier:
                keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/MuhyqN7nU5Rfp-7ZlpnKbGFnv0E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.40.2.0/23
                  91.226.224.0/23
                  194.26.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:b3:86:f2:d9:50:3c:5a:21:f6:61:33:11:d8:6c:fd:c3:f6:
         5e:51:fc:5a:0b:91:64:73:22:74:c4:58:f1:8c:43:93:0f:8b:
         71:b9:6a:27:ce:5a:17:64:c7:1f:85:2b:22:6b:63:bf:11:98:
         fc:31:ae:90:47:36:16:fc:c0:0c:2d:1c:0c:f3:e2:75:26:5a:
         8f:89:a3:43:5b:e2:a3:ee:52:3f:62:50:3c:f0:5c:59:67:ee:
         2e:88:09:e1:8d:eb:d5:88:23:aa:8a:18:0d:b6:28:04:d1:a1:
         58:c1:a9:a5:9d:44:a8:df:36:73:4b:f5:3d:21:ea:99:e2:12:
         e3:9c:48:80:63:14:94:0a:9e:af:34:51:0b:31:4b:a9:c0:a9:
         f0:5b:71:5d:48:24:31:98:58:8b:b8:d4:0a:86:52:d1:76:63:
         99:d8:23:ab:b5:11:a5:3a:69:45:4d:e5:32:ca:29:0c:f9:37:
         74:67:72:b7:a1:00:54:35:db:c1:50:d0:af:6e:58:24:01:11:
         e2:4b:7c:e8:74:2d:4f:1c:94:32:7f:f7:d5:c4:82:87:03:77:
         32:da:49:8b:d0:38:3d:f1:98:3d:03:ed:4e:06:f5:f3:6c:fd:
         33:08:20:4f:c5:76:74:7f:12:91:bf:53:7b:8c:00:08:34:d8:
         be:52:94:99
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAeyeFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmUwMmI3ZWVkZmZjMzhhYjVlYWI0NDE2MTcyZTdkODhlOWFkMWUyMB4XDTIyMDMx
NDE1NTAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJlODcyYThkZWU3
NTM5NDVmYTdlZWQ5OTY5OWNhNmM2MTY3YmY0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMr8hLSti4bU+249LCFsT4hmYaTRwsjARqjc6pF4e9MmE4iH
RlQNn6v9oSuXplk9bLPuuKfHwgyxdNAcUOTWzRWvtlApWtPSD71t7T43PNkyO3Xf
bb4f40Xk4iGQTw+Tf0dVmwfYN5pTEX3uhwie9lN8Pa2HwgKiuvzuDTp8pfWvDbFm
CkVtRrMge/8xzM0ucjQqXaROw2217ca39PySRu/nIlAi0nP06hcQPgiKcAudpwPs
ujrT8Wnbo2+ALTZvOLbpO1VJTmUnpMysPHoomA5bfFZRZTuAL2siy7aDIALq2fX3
nrS5NFaVKSBA1XH+hR79uVje6F3j0qrYDGMzG50CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQy6HKo3udTlF+n7tmWmcpsYWe/QTAfBgNVHSMEGDAWgBSP4Ct+7f/DirXq
tEFhcufYjprR4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2otQXJmdTNfdzRxMTZyUkJZWExuMkk2YTBlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8x
L011aHlxTjduVTVSZnAtN1pscG5LYkdGbnYwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8xL2otQXJmdTNfdzRx
MTZyUkJZWExuMkk2YTBlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAR8oAgMEAVvi4AMEAMIadTANBgkq
hkiG9w0BAQsFAAOCAQEAMrOG8tlQPFoh9mEzEdhs/cP2XlH8WguRZHMidMRY8YxD
kw+LcblqJ85aF2THH4UrImtjvxGY/DGukEc2FvzADC0cDPPidSZaj4mjQ1vio+5S
P2JQPPBcWWfuLogJ4Y3r1YgjqooYDbYoBNGhWMGppZ1EqN82c0v1PSHqmeIS45xI
gGMUlAqerzRRCzFLqcCp8FtxXUgkMZhYi7jUCoZS0XZjmdgjq7URpTppRU3lMsop
DPk3dGdyt6EAVDXbwVDQr25YJAER4kt86HQtTxyUMn/31cSChwN3MtpJi9A4PfGY
PQPtTgb182z9MwggT8V2dH8Skb9Te4wACDTYvlKUmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org