Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fnsZlm8vBSCvzAdMkwVFeFnD2I4.roa
File:                     fnsZlm8vBSCvzAdMkwVFeFnD2I4.roa (raw, json)
Hash identifier:          XcSPCAqPmNM5kS96R4mjhAvZp/l3KOsnHP6klr76jQI=
Subject key identifier:   7E:7B:19:96:6F:2F:05:20:AF:CC:07:4C:93:05:45:78:59:C3:D8:8E
Certificate issuer:       /CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
Certificate serial:       01E7F9
Authority key identifier: 0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fnsZlm8vBSCvzAdMkwVFeFnD2I4.roa
Signing time:             Thu 07 Apr 2022 05:52:07 +0000
ROA not before:           Thu 07 Apr 2022 05:52:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204804
IP address blocks:        185.239.145.0/24 maxlen: 24
                          89.20.48.0/24 maxlen: 24
                          193.162.28.0/24 maxlen: 24
                          185.239.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124921 (0x1e7f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
        Validity
            Not Before: Apr  7 05:52:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7e7b19966f2f0520afcc074c9305457859c3d88e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f1:ab:50:a1:79:25:d4:1c:11:aa:e6:01:6a:
                    75:09:e1:7b:3d:14:f9:95:f3:0b:be:30:67:25:2c:
                    a8:6e:83:ca:03:51:f1:ab:06:c2:82:ad:b2:19:8e:
                    71:4a:24:8f:a9:f2:68:48:d5:60:d5:56:28:14:cc:
                    53:c3:14:ba:af:32:b3:4b:c9:c8:20:6c:df:25:85:
                    b2:2c:32:0a:da:a9:97:eb:1c:05:ea:82:f4:78:e5:
                    14:1e:b2:c3:32:d8:a9:a3:77:ee:3e:3f:49:a1:79:
                    d8:ec:03:33:79:43:42:10:fe:92:da:46:90:97:7d:
                    47:7c:23:7a:09:0c:3c:f6:f3:9a:db:3a:49:2a:37:
                    f1:08:af:44:09:98:4a:d0:27:e3:c2:0a:11:1b:18:
                    54:69:f0:c5:a0:cb:5e:79:ef:f7:ed:ea:00:29:b7:
                    b2:2e:6a:2a:24:95:cb:de:c7:fe:f7:61:c7:ce:07:
                    92:2b:d8:fb:e9:fc:9c:04:6a:da:82:aa:db:42:1a:
                    7a:ff:fd:a1:3a:6e:ee:8b:e2:ab:71:ef:bb:ca:52:
                    46:d7:3f:5e:f3:81:23:dd:e8:98:d7:b9:2f:0e:54:
                    e8:85:44:f7:54:6a:d6:69:43:0c:6d:04:c3:15:50:
                    b5:74:b0:6c:de:81:df:b6:43:76:3e:05:90:a0:29:
                    34:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:7B:19:96:6F:2F:05:20:AF:CC:07:4C:93:05:45:78:59:C3:D8:8E
            X509v3 Authority Key Identifier:
                keyid:0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fnsZlm8vBSCvzAdMkwVFeFnD2I4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.20.48.0/24
                  185.239.145.0-185.239.146.255
                  193.162.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:18:33:9f:36:ff:77:05:76:66:06:1f:a5:c9:c2:21:d5:b9:
         96:8a:6b:46:bb:1b:f8:00:a6:69:e7:68:1a:93:c8:c4:df:c6:
         de:67:49:e7:f8:eb:01:e0:2a:8b:b4:23:39:7e:ec:0a:8e:96:
         b0:7b:23:5a:24:a3:02:78:6a:ac:d2:7f:02:6f:8d:bc:dd:b4:
         93:25:b7:4d:68:b6:7a:ed:1e:55:8a:0e:b7:b5:94:11:8b:d6:
         b4:59:55:8f:78:ea:cd:22:02:47:03:16:15:66:09:43:a0:48:
         38:05:0d:f7:64:bd:a3:f1:4e:90:00:79:dc:19:92:56:00:fe:
         0c:42:67:2d:29:12:91:6c:66:d8:88:a0:8f:6a:78:55:9b:24:
         13:5b:1a:29:83:c8:d6:c4:c1:f3:03:d1:14:f4:8e:2c:53:d3:
         b0:43:8d:16:1d:85:98:bd:3a:a5:23:3b:83:c0:72:ef:ef:c9:
         2f:64:17:10:fb:bf:00:f6:c0:50:b5:89:0f:26:3d:01:1c:2d:
         71:17:ad:1b:87:d2:8f:d4:69:4b:29:2d:0d:46:e0:f0:91:47:
         cf:63:94:3f:4e:bf:21:6c:9e:82:fa:87:00:85:d6:a0:e0:2c:
         fa:dc:d7:6b:54:27:34:41:84:b7:4c:63:1b:67:c1:85:13:f4:
         11:16:dd:1e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIDAef5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
OWE1YzMyODNhNmExNmI0ZDIwNWE3YzU2NGEzODI2NDFjZDg2OTEwHhcNMjIwNDA3
MDU1MjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZTdiMTk5NjZmMmYw
NTIwYWZjYzA3NGM5MzA1NDU3ODU5YzNkODhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqvGrUKF5JdQcEarmAWp1CeF7PRT5lfMLvjBnJSyoboPKA1Hx
qwbCgq2yGY5xSiSPqfJoSNVg1VYoFMxTwxS6rzKzS8nIIGzfJYWyLDIK2qmX6xwF
6oL0eOUUHrLDMtipo3fuPj9JoXnY7AMzeUNCEP6S2kaQl31HfCN6CQw89vOa2zpJ
KjfxCK9ECZhK0CfjwgoRGxhUafDFoMteee/37eoAKbeyLmoqJJXL3sf+92HHzgeS
K9j76fycBGragqrbQhp6//2hOm7ui+Krce+7ylJG1z9e84Ej3eiY17kvDlTohUT3
VGrWaUMMbQTDFVC1dLBs3oHftkN2PgWQoCk0wwIDAQABo4ICHTCCAhkwHQYDVR0O
BBYEFH57GZZvLwUgr8wHTJMFRXhZw9iOMB8GA1UdIwQYMBaAFA6aXDKDpqFrTSBa
fFZKOCZBzYaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RHBwY01vT21vV3ROSUZwOFZrbzRKa0hOaHBFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85ZC9kZjZmNWYtZTFlYy00MzQzLTlhMjEtYTVjZWUxMWJiYWU4LzEv
Zm5zWmxtOHZCU0N2ekFkTWt3VkZlRm5EMkk0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9k
ZjZmNWYtZTFlYy00MzQzLTlhMjEtYTVjZWUxMWJiYWU4LzEvRHBwY01vT21vV3RO
SUZwOFZrbzRKa0hOaHBFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMG
CCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRQwMAwDBAC575EDBAC575IDBADB
ohwwDQYJKoZIhvcNAQELBQADggEBAHEYM582/3cFdmYGH6XJwiHVuZaKa0a7G/gA
pmnnaBqTyMTfxt5nSef46wHgKou0Izl+7AqOlrB7I1okowJ4aqzSfwJvjbzdtJMl
t01otnrtHlWKDre1lBGL1rRZVY946s0iAkcDFhVmCUOgSDgFDfdkvaPxTpAAedwZ
klYA/gxCZy0pEpFsZtiIoI9qeFWbJBNbGimDyNbEwfMD0RT0jixT07BDjRYdhZi9
OqUjO4PAcu/vyS9kFxD7vwD2wFC1iQ8mPQEcLXEXrRuH0o/UaUspLQ1G4PCRR89j
lD9OvyFsnoL6hwCF1qDgLPrc12tUJzRBhLdMYxtnwYUT9BEW3R4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:18 2024 by rpki-client on console-ams.rpki-client.org