Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/Td5y-UDtmGkcdUARRwtzP1JWR6c.roa
File:                     Td5y-UDtmGkcdUARRwtzP1JWR6c.roa (raw, json)
Hash identifier:          aN7P7J18QZGpI5awgKe/nSsr85b5n11NHIfubY+bHTo=
Subject key identifier:   4D:DE:72:F9:40:ED:98:69:1C:75:40:11:47:0B:73:3F:52:56:47:A7
Certificate issuer:       /CN=74198f7022b9560501db448af60301fa285e9236
Certificate serial:       0185108ED0A4E9DB42DF3E5B8DC6615E8109
Authority key identifier: 74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/Td5y-UDtmGkcdUARRwtzP1JWR6c.roa
Signing time:             Wed 14 Dec 2022 12:14:33 +0000
ROA not before:           Wed 14 Dec 2022 12:14:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3342
IP address blocks:        185.98.96.0/22 maxlen: 22
                          92.241.192.0/20 maxlen: 20
                          178.72.16.0/21 maxlen: 21
                          212.237.250.0/23 maxlen: 23
                          92.241.216.0/21 maxlen: 21
                          2a06:b00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:10:8e:d0:a4:e9:db:42:df:3e:5b:8d:c6:61:5e:81:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74198f7022b9560501db448af60301fa285e9236
        Validity
            Not Before: Dec 14 12:14:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4dde72f940ed98691c754011470b733f525647a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4f:07:32:2a:61:30:f1:3c:cd:0d:7c:1d:c6:
                    b7:e3:b3:19:74:f6:d0:21:b8:39:61:4c:54:e4:cd:
                    26:d0:55:53:f8:d9:4c:b8:9b:ed:d1:e7:d5:1e:8a:
                    2b:5d:83:b2:3e:d4:66:4b:37:50:ce:a6:59:b2:ee:
                    da:dc:d3:99:f8:91:32:9d:84:96:6b:e6:a8:e1:06:
                    d1:cb:67:1c:1e:18:62:88:1b:e7:2d:8b:80:3e:5f:
                    dd:41:2c:43:c8:ee:2a:a9:58:a1:0b:08:f8:ac:13:
                    6b:ae:df:d3:4c:bf:e8:f3:58:ea:42:15:9f:12:d9:
                    31:94:0c:fc:82:fe:83:db:5a:aa:3d:2c:b3:06:48:
                    cc:89:35:56:5b:ab:c2:48:38:05:1a:fc:0f:8d:e2:
                    87:00:05:52:61:dc:15:69:6a:d6:1a:5b:30:7b:b2:
                    50:00:60:67:7c:5b:96:63:d9:e2:9a:a2:38:d0:92:
                    2b:96:38:10:41:d3:9c:af:7b:43:b5:6e:d5:37:1a:
                    1b:38:fb:e6:e9:8a:7f:f7:21:38:8e:33:69:65:5e:
                    39:49:a3:e5:69:3f:de:2e:c9:0e:dd:24:04:b4:fc:
                    5d:55:66:ed:51:8e:51:1f:da:d7:6c:37:b2:0b:e9:
                    87:da:5d:e6:d5:3d:35:18:e0:93:52:3c:09:77:d2:
                    f6:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:DE:72:F9:40:ED:98:69:1C:75:40:11:47:0B:73:3F:52:56:47:A7
            X509v3 Authority Key Identifier:
                keyid:74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/Td5y-UDtmGkcdUARRwtzP1JWR6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.241.192.0/20
                  92.241.216.0/21
                  178.72.16.0/21
                  185.98.96.0/22
                  212.237.250.0/23
                IPv6:
                  2a06:b00::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:ca:39:95:9c:25:c3:38:59:3f:48:60:e8:06:d3:86:e3:45:
         4c:60:f5:37:b6:10:44:ac:c2:f4:7c:d4:ee:38:88:73:ed:49:
         08:80:61:48:2f:de:f9:8a:2f:11:ad:9d:5e:ef:0d:ad:cd:76:
         fe:82:01:5d:42:0c:24:d5:3a:70:54:2e:a3:75:8b:64:1a:76:
         85:c0:a2:da:16:12:e8:1b:31:ea:b3:98:63:9c:5b:08:a1:91:
         3e:39:7c:3a:3f:3c:b2:ec:2c:6d:b7:5b:23:73:a8:8f:c3:49:
         97:49:b1:a5:f4:0b:44:8f:de:f4:ba:1b:23:c2:43:01:16:a3:
         bd:00:fe:79:11:37:3e:6e:1a:57:f1:5e:2e:4b:8c:35:e4:3e:
         e3:39:ea:91:aa:2b:63:d4:1b:21:fa:d8:ff:a6:4f:26:f9:0a:
         72:47:05:b5:fc:ef:61:a5:e8:57:85:63:05:d8:7e:a2:bb:f5:
         6d:45:77:83:b9:09:d0:0d:3a:c0:a2:3a:2a:6c:35:20:02:f3:
         af:be:ff:74:4d:c9:2d:ff:3f:31:c9:36:ad:d9:ee:1f:bb:eb:
         76:c9:b0:6a:35:d4:9f:c3:b2:40:d8:a0:70:fa:ba:cd:e7:3d:
         ad:ea:8d:d0:fc:0f:b8:e6:e4:43:f5:54:c5:82:0e:f1:89:5f:
         40:3f:62:65
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUQjtCk6dtC3z5bjcZhXoEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTk4ZjcwMjJiOTU2MDUwMWRiNDQ4YWY2MDMwMWZhMjg1
ZTkyMzYwHhcNMjIxMjE0MTIxNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRlNzJmOTQwZWQ5ODY5MWM3NTQwMTE0NzBiNzMzZjUyNTY0N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE8HMiphMPE8zQ18Hca347MZdPbQ
Ibg5YUxU5M0m0FVT+NlMuJvt0efVHoorXYOyPtRmSzdQzqZZsu7a3NOZ+JEynYSW
a+ao4QbRy2ccHhhiiBvnLYuAPl/dQSxDyO4qqVihCwj4rBNrrt/TTL/o81jqQhWf
EtkxlAz8gv6D21qqPSyzBkjMiTVWW6vCSDgFGvwPjeKHAAVSYdwVaWrWGlswe7JQ
AGBnfFuWY9nimqI40JIrljgQQdOcr3tDtW7VNxobOPvm6Yp/9yE4jjNpZV45SaPl
aT/eLskO3SQEtPxdVWbtUY5RH9rXbDeyC+mH2l3m1T01GOCTUjwJd9L2JQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE3ecvlA7ZhpHHVAEUcLcz9SVkenMB8GA1UdIwQY
MBaAFHQZj3AiuVYFAdtEivYDAfooXpI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWIt
NmYxNjM5NjZhZjhiLzEvVGQ1eS1VRHRtR2tjZFVBUlJ3dHpQMUpXUjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWItNmYxNjM5NjZhZjhi
LzEvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEXPHAAwQD
XPHYAwQDskgQAwQCuWJgAwQB1O36MA0EAgACMAcDBQMqBgsAMA0GCSqGSIb3DQEB
CwUAA4IBAQBfyjmVnCXDOFk/SGDoBtOG40VMYPU3thBErML0fNTuOIhz7UkIgGFI
L975ii8RrZ1e7w2tzXb+ggFdQgwk1TpwVC6jdYtkGnaFwKLaFhLoGzHqs5hjnFsI
oZE+OXw6Pzyy7Cxtt1sjc6iPw0mXSbGl9AtEj970uhsjwkMBFqO9AP55ETc+bhpX
8V4uS4w15D7jOeqRqitj1Bsh+tj/pk8m+QpyRwW1/O9hpehXhWMF2H6iu/VtRXeD
uQnQDTrAojoqbDUgAvOvvv90Tckt/z8xyTat2e4fu+t2ybBqNdSfw7JA2KBw+rrN
5z2t6o3Q/A+45uRD9VTFgg7xiV9AP2Jl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:14 2024 by rpki-client on console-ams.rpki-client.org