Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/83aaEdq-66IwWTdHxDDUuJUiwWQ.roa
File:                     83aaEdq-66IwWTdHxDDUuJUiwWQ.roa (raw, json)
Hash identifier:          llxhBUVbbjVgbnMcvJuFRBQJJKTTY1NnS/PiUuXXpA8=
Subject key identifier:   F3:76:9A:11:DA:BE:EB:A2:30:59:37:47:C4:30:D4:B8:95:22:C1:64
Certificate issuer:       /CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
Certificate serial:       07DF1672
Authority key identifier: 11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/83aaEdq-66IwWTdHxDDUuJUiwWQ.roa
Signing time:             Sat 01 Jan 2022 15:59:22 +0000
ROA not before:           Sat 01 Jan 2022 15:59:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9121
IP address blocks:        185.152.21.0/24 maxlen: 24
                          185.152.22.0/24 maxlen: 24
                          185.152.23.0/24 maxlen: 24
                          185.152.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132060786 (0x7df1672)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
        Validity
            Not Before: Jan  1 15:59:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f3769a11dabeeba230593747c430d4b89522c164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:10:10:31:1a:5b:62:f7:c5:35:ec:8d:41:dc:
                    d7:3f:16:1e:33:79:45:46:bb:f3:b8:6b:bf:92:1d:
                    11:96:b9:ca:47:f0:53:c2:06:04:c3:97:3d:58:a9:
                    ea:e5:55:48:db:b8:6b:0f:25:87:54:ad:9c:3f:82:
                    b7:f5:e6:58:27:1b:6c:e6:03:3a:bb:17:5f:53:1b:
                    5a:89:ea:3c:0a:ff:2f:fc:23:e9:36:35:c6:b7:27:
                    6b:53:ad:38:04:08:6e:9b:93:cb:f9:6b:52:39:db:
                    2e:ec:fd:9e:e8:3d:d7:3b:06:68:f1:10:5e:81:06:
                    0d:9f:48:b9:0f:77:bd:a4:16:b9:ca:08:61:5e:5a:
                    38:0e:f0:2e:3b:4c:b2:ac:66:c8:92:da:0a:16:f5:
                    50:05:ea:3c:92:0a:36:89:76:7c:86:f3:29:3e:1f:
                    95:56:54:0e:ed:3e:f6:5f:cc:ab:9b:c6:8e:ea:fb:
                    9e:2f:e9:a0:cb:c1:44:e6:66:7a:3c:88:ac:22:92:
                    0d:05:b2:d9:b0:7e:95:5f:a0:99:df:b0:8d:42:03:
                    11:0d:5d:62:84:b8:4a:4d:56:f6:4c:bf:98:bb:db:
                    76:70:b4:ac:dc:6b:b2:bd:81:96:e0:00:54:fe:a8:
                    95:89:63:e6:f0:8f:d8:8a:33:5b:83:e1:2f:53:de:
                    0e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:76:9A:11:DA:BE:EB:A2:30:59:37:47:C4:30:D4:B8:95:22:C1:64
            X509v3 Authority Key Identifier:
                keyid:11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/83aaEdq-66IwWTdHxDDUuJUiwWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/Ee_b1yf7W9U87GlXoptHwsNKg0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.152.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:f4:03:46:e8:10:fc:61:77:f1:08:fd:35:c3:de:6c:46:63:
         e4:ee:07:ad:68:f6:40:6b:07:1d:e0:a0:91:fa:14:b3:f4:64:
         e3:bf:70:22:16:bb:14:11:61:80:80:b5:8b:46:16:49:b2:10:
         54:fc:29:18:02:58:03:11:99:43:fa:b1:a0:94:cd:93:94:61:
         17:93:2c:b1:1d:4f:c6:c1:c8:2e:86:3d:6a:3e:68:b4:c7:4d:
         71:98:fa:ae:44:ec:63:a1:aa:32:17:1c:91:37:98:15:ed:c3:
         9d:46:23:a6:12:57:4d:39:7e:af:7f:0f:89:d9:9d:3f:65:6c:
         18:9f:66:86:46:f3:ce:13:65:e5:69:cb:b6:02:5c:7e:44:d0:
         7a:f7:87:d4:9c:6b:54:62:a2:9d:82:57:49:6b:e5:73:c1:4d:
         bb:70:5d:78:8c:50:ba:6d:b8:3c:02:de:44:1b:fd:fa:e4:24:
         8b:e4:ff:f0:71:ad:7e:87:99:35:76:3a:42:b1:db:cc:c2:a4:
         9f:7c:ae:0b:30:de:97:e7:b8:c5:b4:86:8b:67:cc:f5:a8:98:
         03:1d:0e:d6:94:a4:db:40:d3:ad:b1:e0:4f:ae:19:76:b0:f3:
         4a:f9:19:d0:d2:0d:56:ca:cf:0d:56:51:e8:63:5c:3b:65:f8:
         53:da:20:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB98WcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWVmZGJkNzI3ZmI1YmQ1M2NlYzY5NTdhMjliNDdjMmMzNGE4MzRjMB4XDTIyMDEw
MTE1NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM3NjlhMTFkYWJl
ZWJhMjMwNTkzNzQ3YzQzMGQ0Yjg5NTIyYzE2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcQEDEaW2L3xTXsjUHc1z8WHjN5RUa787hrv5IdEZa5ykfw
U8IGBMOXPVip6uVVSNu4aw8lh1StnD+Ct/XmWCcbbOYDOrsXX1MbWonqPAr/L/wj
6TY1xrcna1OtOAQIbpuTy/lrUjnbLuz9nug91zsGaPEQXoEGDZ9IuQ93vaQWucoI
YV5aOA7wLjtMsqxmyJLaChb1UAXqPJIKNol2fIbzKT4flVZUDu0+9l/Mq5vGjur7
ni/poMvBROZmejyIrCKSDQWy2bB+lV+gmd+wjUIDEQ1dYoS4Sk1W9ky/mLvbdnC0
rNxrsr2BluAAVP6olYlj5vCP2IozW4PhL1PeDnUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzdpoR2r7rojBZN0fEMNS4lSLBZDAfBgNVHSMEGDAWgBQR79vXJ/tb1Tzs
aVeim0fCw0qDTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlX2IxeWY3VzlVODdHbFhvcHRId3NOS2cwdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMDQ3Y2U0LTQ0YWUtNDI3My05NGZhLWRjNjM0ZThhYTJhMy8x
LzgzYWFFZHEtNjZJd1dUZEh4RERVdUpVaXdXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MDQ3Y2U0LTQ0YWUtNDI3My05NGZhLWRjNjM0ZThhYTJhMy8xL0VlX2IxeWY3VzlV
ODdHbFhvcHRId3NOS2cwdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmYFDANBgkqhkiG9w0BAQsFAAOC
AQEARPQDRugQ/GF38Qj9NcPebEZj5O4HrWj2QGsHHeCgkfoUs/Rk479wIha7FBFh
gIC1i0YWSbIQVPwpGAJYAxGZQ/qxoJTNk5RhF5MssR1PxsHILoY9aj5otMdNcZj6
rkTsY6GqMhcckTeYFe3DnUYjphJXTTl+r38PidmdP2VsGJ9mhkbzzhNl5WnLtgJc
fkTQeveH1JxrVGKinYJXSWvlc8FNu3BdeIxQum24PALeRBv9+uQki+T/8HGtfoeZ
NXY6QrHbzMKkn3yuCzDel+e4xbSGi2fM9aiYAx0O1pSk20DTrbHgT64ZdrDzSvkZ
0NINVsrPDVZR6GNcO2X4U9ogaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org