Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa
File:                     F-9YIWz90eXTHjSvwSoTGoVMpWM.roa (raw, json)
Hash identifier:          3cTRqct7oCAF+kEQiE6LRDHpBoIt6dJsNIcGb2w80WA=
Subject key identifier:   17:EF:58:21:6C:FD:D1:E5:D3:1E:34:AF:C1:2A:13:1A:85:4C:A5:63
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       0A08A3EF
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa
Signing time:             Wed 27 Apr 2022 19:18:49 +0000
ROA not before:           Wed 27 Apr 2022 19:18:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41313
IP address blocks:        185.40.164.0/22 maxlen: 24
                          46.35.160.0/19 maxlen: 24
                          80.95.16.0/21 maxlen: 24
                          80.95.22.0/24 maxlen: 24
                          93.175.244.0/23 maxlen: 23
                          185.18.228.0/22 maxlen: 24
                          212.21.128.0/19 maxlen: 24
                          151.252.192.0/20 maxlen: 24
                          79.110.120.0/21 maxlen: 24
                          95.158.128.0/18 maxlen: 24
                          2a00:e200::/32 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 168338415 (0xa08a3ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Apr 27 19:18:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17ef58216cfdd1e5d31e34afc12a131a854ca563
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:6f:5f:12:ac:79:94:f7:61:f0:d6:bf:45:ef:
                    1f:83:d4:f9:f3:a3:0e:0a:b6:ba:4d:41:49:d2:68:
                    82:bb:0d:51:64:6f:e2:06:1f:37:aa:18:4a:36:15:
                    2b:21:c8:4b:28:42:c6:94:6f:19:2a:e0:67:8b:e4:
                    e4:3a:66:be:ca:6e:63:1c:bc:4e:47:1d:f9:67:be:
                    84:50:bc:62:fb:b4:37:ef:e4:f4:b8:7b:c4:74:07:
                    e5:2c:89:29:09:7c:2e:3d:24:1a:6f:b3:fe:b0:4f:
                    ae:60:0d:7e:e4:f5:cb:fd:ce:d3:c6:61:6f:ca:02:
                    99:c8:41:16:e6:7d:2a:8b:e5:74:48:df:20:9a:f8:
                    6f:cc:a1:a9:fd:d1:b6:d7:ab:dc:30:16:39:5e:d8:
                    bb:80:5c:ea:7e:c2:d0:f1:7f:f3:13:74:6c:86:0e:
                    7f:0c:bf:8d:b7:11:72:84:3b:bc:d0:da:d8:97:f9:
                    ff:59:e6:03:c6:78:d7:92:7b:1f:bf:ac:0d:5a:83:
                    31:b9:8d:d4:80:a7:54:ad:50:e9:48:ea:8a:4e:73:
                    aa:57:b2:e3:18:9f:13:2d:be:d5:c9:ae:76:2d:49:
                    4d:af:24:20:8c:c2:bb:99:92:61:c4:0c:2c:8f:84:
                    e4:54:52:6f:32:e1:b4:5e:b9:1f:8b:8d:82:4f:f6:
                    39:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EF:58:21:6C:FD:D1:E5:D3:1E:34:AF:C1:2A:13:1A:85:4C:A5:63
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.35.160.0/19
                  79.110.120.0/21
                  80.95.16.0/21
                  93.175.244.0/23
                  95.158.128.0/18
                  151.252.192.0/20
                  185.18.228.0/22
                  185.40.164.0/22
                  212.21.128.0/19
                IPv6:
                  2a00:e200::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:cb:ab:b4:64:5a:08:28:d8:d4:a0:b9:6c:31:05:4b:28:9f:
         27:09:d0:5d:a4:3d:52:bf:c0:74:4f:79:e2:64:ab:55:5d:b9:
         3a:0c:7b:90:e8:1e:b5:6c:e5:5a:42:cd:5c:fd:4b:0e:29:5d:
         54:b6:c2:74:43:71:de:62:3f:ad:3f:29:61:d4:55:9b:db:55:
         1d:9a:9e:29:02:84:9a:68:c3:de:2b:1d:a9:a6:3a:e3:e3:ef:
         3f:d7:90:b1:e1:74:89:61:05:0f:28:43:08:c6:84:3c:f7:46:
         75:71:2c:5e:d0:26:46:58:89:08:c3:09:e3:da:93:6e:e1:be:
         b1:b9:39:c9:c2:fb:58:21:7a:32:9c:36:0c:06:56:a2:11:54:
         b1:e9:38:bf:88:23:ea:9c:17:50:fc:51:78:13:c3:59:4e:c4:
         0b:9c:9a:56:44:17:89:9c:1c:69:67:61:e6:ab:ee:2d:3e:80:
         7c:e6:4b:e0:11:94:82:6e:d5:e7:ce:22:51:31:3e:a3:9b:9b:
         7d:5f:99:80:96:df:73:09:06:c5:bd:0e:8f:a8:0b:9f:66:15:
         d7:5c:d8:59:3e:85:a8:b0:00:b6:35:02:5f:df:5d:ca:1d:ce:
         26:b3:d8:2e:15:f2:4f:f2:09:0e:bf:34:70:a2:d9:a6:84:af:
         f3:dd:54:97
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIECgij7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDQy
NzE5MTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdlZjU4MjE2Y2Zk
ZDFlNWQzMWUzNGFmYzEyYTEzMWE4NTRjYTU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtvXxKseZT3YfDWv0XvH4PU+fOjDgq2uk1BSdJogrsNUWRv
4gYfN6oYSjYVKyHISyhCxpRvGSrgZ4vk5DpmvspuYxy8Tkcd+We+hFC8Yvu0N+/k
9Lh7xHQH5SyJKQl8Lj0kGm+z/rBPrmANfuT1y/3O08Zhb8oCmchBFuZ9KovldEjf
IJr4b8yhqf3Rtter3DAWOV7Yu4Bc6n7C0PF/8xN0bIYOfwy/jbcRcoQ7vNDa2Jf5
/1nmA8Z415J7H7+sDVqDMbmN1ICnVK1Q6Ujqik5zqley4xifEy2+1cmudi1JTa8k
IIzCu5mSYcQMLI+E5FRSbzLhtF65H4uNgk/2OTsCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQX71ghbP3R5dMeNK/BKhMahUylYzAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L0YtOVlJV3o5MGVYVEhqU3Z3U29UR29WTXBXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBS4joAMEA09ueAMEA1BfEAMEAV2v
9AMEBl+egAMEBJf8wAMEArkS5AMEArkopAMEBdQVgDANBAIAAjAHAwUAKgDiADAN
BgkqhkiG9w0BAQsFAAOCAQEAisurtGRaCCjY1KC5bDEFSyifJwnQXaQ9Ur/AdE95
4mSrVV25Ogx7kOgetWzlWkLNXP1LDildVLbCdENx3mI/rT8pYdRVm9tVHZqeKQKE
mmjD3isdqaY64+PvP9eQseF0iWEFDyhDCMaEPPdGdXEsXtAmRliJCMMJ49qTbuG+
sbk5ycL7WCF6Mpw2DAZWohFUsek4v4gj6pwXUPxReBPDWU7EC5yaVkQXiZwcaWdh
5qvuLT6AfOZL4BGUgm7V584iUTE+o5ubfV+ZgJbfcwkGxb0Oj6gLn2YV11zYWT6F
qLAAtjUCX99dyh3OJrPYLhXyT/IJDr80cKLZpoSv891Ulw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org