Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa
File:                     CP0L82nHktpo2m2I5oiMbBUlDPk.roa (raw, json)
Hash identifier:          VgwP1ycAZ0kwbeF1tHtj5QCFfYPwH8n7hreuVkb+Pos=
Subject key identifier:   08:FD:0B:F3:69:C7:92:DA:68:DA:6D:88:E6:88:8C:6C:15:25:0C:F9
Certificate issuer:       /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial:       09E07D26
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa
Signing time:             Sat 01 Jan 2022 05:53:30 +0000
ROA not before:           Sat 01 Jan 2022 05:53:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.43.192.0/24 maxlen: 24
                          185.43.193.0/24 maxlen: 24
                          185.43.194.0/24 maxlen: 24
                          185.43.195.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165707046 (0x9e07d26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
        Validity
            Not Before: Jan  1 05:53:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08fd0bf369c792da68da6d88e6888c6c15250cf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4b:26:49:1f:66:8a:1b:66:36:e4:5c:a3:c8:
                    f2:d5:3b:5a:3e:9d:ce:d2:72:99:92:3e:c5:18:ee:
                    96:84:2d:a0:c6:65:9b:d4:77:4d:8e:2e:1c:db:5a:
                    47:d6:1b:fd:1b:a5:27:89:8f:f1:55:ee:a4:ba:33:
                    2e:16:43:c2:a1:cb:a4:2d:06:52:40:25:25:c7:b5:
                    1e:11:c8:b6:99:0b:79:69:4c:7f:0b:a3:ec:25:2e:
                    76:2f:72:a1:5a:e9:33:62:48:67:0f:f7:a0:d4:21:
                    74:a5:02:62:3e:0e:3c:f9:ee:39:67:0f:5e:e7:a3:
                    b4:80:73:f7:c7:11:98:ce:9c:37:9c:e0:4f:01:39:
                    e5:8c:16:d0:0b:6d:53:9f:c3:e2:54:ef:f2:b9:a4:
                    dd:02:f9:cf:44:4c:83:d1:88:33:74:43:3d:4f:6b:
                    2b:39:d7:33:05:02:62:45:80:76:06:53:a5:c8:ba:
                    e4:3b:47:1e:ef:68:1a:6c:eb:72:14:b4:ff:18:47:
                    63:56:3b:d4:d2:33:89:4f:5d:6e:ff:15:bb:66:04:
                    32:64:a0:67:c2:74:5e:a6:0c:bd:6c:b0:89:e1:84:
                    a2:9d:fd:9b:4d:53:f4:8a:2b:3a:2d:1c:0c:9d:28:
                    d0:0f:66:30:77:5b:c4:30:72:a0:6c:66:59:ed:63:
                    20:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:FD:0B:F3:69:C7:92:DA:68:DA:6D:88:E6:88:8C:6C:15:25:0C:F9
            X509v3 Authority Key Identifier:
                keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:fa:2c:92:68:b6:0e:02:3a:44:28:d0:26:80:4e:f5:c5:04:
         31:22:1b:9a:6d:67:72:e3:39:43:41:37:01:3d:20:c7:a6:3b:
         90:5d:46:4c:65:6e:1e:8d:27:f8:b6:bc:10:f1:af:8e:3f:a0:
         9b:f4:66:50:eb:a1:f8:4a:0a:fd:0c:77:a2:38:94:35:b7:0c:
         38:e8:01:fd:ab:da:49:00:d3:6a:15:a5:3b:69:02:c2:60:aa:
         92:40:6a:55:1b:6b:2c:d3:72:13:f3:b0:53:2c:19:f5:c5:f2:
         1c:66:56:99:4f:a4:24:61:fa:8a:bd:0c:b3:b6:a0:73:f1:91:
         d0:a7:19:5a:9b:7c:33:29:50:e6:3f:6a:eb:de:09:5f:ab:c5:
         0c:00:b5:8b:5b:bc:bf:a5:71:96:0e:d3:75:d2:24:b3:96:18:
         cb:b9:1d:a9:43:00:de:b7:8c:eb:2c:7f:eb:e1:80:61:6d:8a:
         b4:c3:9c:12:39:7d:14:ee:da:bc:27:04:b8:82:35:18:bf:02:
         6a:ae:00:94:e6:56:85:8a:eb:6d:20:18:d3:81:c0:3e:5f:9f:
         4a:1d:e2:e7:cc:9a:3b:b8:08:e4:62:48:b3:70:7f:f7:be:6d:
         83:0c:22:04:35:92:cf:1c:e6:e8:98:a9:6d:5a:1b:6b:1a:db:
         b1:36:32:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeB9JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWQyNzIxZjJlMmJkMDExYjhhNjg2MGFkMjU3MmM0MDVjMGI1NDBmMB4XDTIyMDEw
MTA1NTMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhmZDBiZjM2OWM3
OTJkYTY4ZGE2ZDg4ZTY4ODhjNmMxNTI1MGNmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlLJkkfZoobZjbkXKPI8tU7Wj6dztJymZI+xRjuloQtoMZl
m9R3TY4uHNtaR9Yb/RulJ4mP8VXupLozLhZDwqHLpC0GUkAlJce1HhHItpkLeWlM
fwuj7CUudi9yoVrpM2JIZw/3oNQhdKUCYj4OPPnuOWcPXuejtIBz98cRmM6cN5zg
TwE55YwW0AttU5/D4lTv8rmk3QL5z0RMg9GIM3RDPU9rKznXMwUCYkWAdgZTpci6
5DtHHu9oGmzrchS0/xhHY1Y71NIziU9dbv8Vu2YEMmSgZ8J0XqYMvWywieGEop39
m01T9IorOi0cDJ0o0A9mMHdbxDByoGxmWe1jIE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQI/QvzaceS2mjabYjmiIxsFSUM+TAfBgNVHSMEGDAWgBTp0nIfLivQEbim
hgrSVyxAXAtUDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZkSnlIeTRyMEJHNHBvWUswbGNzUUZ3TFZBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvMzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8x
L0NQMEw4Mm5Ia3RwbzJtMkk1b2lNYkJVbERQay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
MzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8xLzZkSnlIeTRyMEJH
NHBvWUswbGNzUUZ3TFZBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkrwDANBgkqhkiG9w0BAQsFAAOC
AQEAgvoskmi2DgI6RCjQJoBO9cUEMSIbmm1ncuM5Q0E3AT0gx6Y7kF1GTGVuHo0n
+La8EPGvjj+gm/RmUOuh+EoK/Qx3ojiUNbcMOOgB/avaSQDTahWlO2kCwmCqkkBq
VRtrLNNyE/OwUywZ9cXyHGZWmU+kJGH6ir0Ms7agc/GR0KcZWpt8MylQ5j9q694J
X6vFDAC1i1u8v6Vxlg7TddIks5YYy7kdqUMA3reM6yx/6+GAYW2KtMOcEjl9FO7a
vCcEuII1GL8Caq4AlOZWhYrrbSAY04HAPl+fSh3i58yaO7gI5GJIs3B/975tgwwi
BDWSzxzm6JipbVobaxrbsTYyfQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:02 2023 by rpki-client on console-fra.rpki-client.org