Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa
File:                     rPMcF6604xF2yY5V8ALqywdYftU.roa (raw, json)
Hash identifier:          RFtsbc9B32WNIoCeVGdQAxDYYHIY7w+ISZ6XY1CAoHw=
Subject key identifier:   AC:F3:1C:17:AE:B4:E3:11:76:C9:8E:55:F0:02:EA:CB:07:58:7E:D5
Certificate issuer:       /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial:       0233A9
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa
Signing time:             Thu 14 Apr 2022 08:53:53 +0000
ROA not before:           Thu 14 Apr 2022 08:53:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15594
IP address blocks:        217.116.112.0/20 maxlen: 25
                          212.9.32.0/19 maxlen: 25
                          217.10.64.0/20 maxlen: 25
                          82.116.96.0/19 maxlen: 25
                          95.174.128.0/19 maxlen: 25
                          2001:ab0::/29 maxlen: 48
                          2001:ab7:f000::/36 maxlen: 49
                          2001:ab7:3000::/36 maxlen: 49
                          2001:ab7:2000::/36 maxlen: 49
                          2001:ab7:1000::/36 maxlen: 49
                          2001:ab7::/36 maxlen: 49
                          2001:ab0::/36 maxlen: 49

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 144297 (0x233a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
        Validity
            Not Before: Apr 14 08:53:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=acf31c17aeb4e31176c98e55f002eacb07587ed5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7b:cc:c9:ba:dc:f2:ee:bf:ec:b4:6d:f3:bf:
                    ed:bd:e3:47:fb:fa:0a:49:b2:dc:23:55:ff:e9:42:
                    be:ed:47:c5:26:a2:d2:82:b4:32:c6:f7:af:aa:da:
                    1a:2b:4c:cb:86:e5:8e:a5:02:08:d0:e7:4f:55:91:
                    9a:36:c1:78:89:06:fd:9a:a6:ed:cb:e7:52:cd:08:
                    eb:31:01:be:8d:6b:4a:5a:72:6c:2c:91:4a:dc:87:
                    a4:f1:16:de:8e:cf:49:72:13:f7:72:7b:58:37:ab:
                    e5:cf:c9:f6:a7:f8:ba:5e:6b:86:e0:4a:73:da:c0:
                    63:ca:ec:4f:3b:25:1c:47:54:29:1b:f1:3b:be:9a:
                    15:e0:7f:74:7b:0b:59:fc:3c:ab:d9:89:2b:60:86:
                    cf:b2:b5:a4:19:97:b8:c6:66:d5:4a:e0:67:9e:15:
                    3c:7d:90:63:35:cc:5c:4a:67:12:cd:e3:47:77:e5:
                    1e:62:ed:b7:87:4e:74:2e:6f:58:7e:96:0f:36:8c:
                    6b:a2:05:3a:41:ef:63:df:8f:6b:ac:2d:3e:ce:dd:
                    fc:64:e5:53:52:23:bc:12:72:af:eb:d8:65:2d:cb:
                    7d:fa:c1:5a:c7:a8:30:1c:fc:35:3b:f8:2d:80:c6:
                    cc:c4:83:9e:03:a9:c6:89:db:16:96:5b:33:e6:06:
                    4c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:F3:1C:17:AE:B4:E3:11:76:C9:8E:55:F0:02:EA:CB:07:58:7E:D5
            X509v3 Authority Key Identifier:
                keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rPMcF6604xF2yY5V8ALqywdYftU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.116.96.0/19
                  95.174.128.0/19
                  212.9.32.0/19
                  217.10.64.0/20
                  217.116.112.0/20
                IPv6:
                  2001:ab0::/29

    Signature Algorithm: sha256WithRSAEncryption
         35:12:c6:17:cb:25:10:67:9a:91:84:35:c3:db:01:ee:da:d8:
         e8:d7:a4:b5:7d:98:9b:4d:09:7a:92:50:0a:21:56:fa:6d:dd:
         1c:c9:83:88:40:d1:cc:77:45:76:94:ac:c4:c9:41:b9:dc:60:
         ad:86:be:95:89:ea:84:35:13:f6:87:74:ff:08:b7:27:e0:f6:
         b8:87:47:39:67:ee:27:92:51:01:c1:d3:b3:56:bd:b7:97:76:
         a5:b0:7c:73:10:47:13:b0:0b:02:d7:45:d9:0c:0b:2e:6b:ec:
         ea:50:6f:00:27:ef:e1:a4:c8:07:5e:08:78:ae:3d:9a:a8:9a:
         ac:7c:c5:69:dd:e6:6b:1b:13:56:c9:93:36:7d:06:24:39:02:
         41:3d:10:43:97:a9:8b:a0:57:0f:77:5c:d2:2c:1e:bc:f6:9b:
         d2:ac:9c:f6:23:5f:98:23:44:dd:2a:c2:63:32:11:ed:29:7c:
         62:1b:09:86:54:ba:b2:16:0d:9f:97:3a:bd:f0:aa:f7:2e:91:
         ee:43:22:d9:35:38:9e:c7:5d:50:7b:39:7f:a0:f1:e4:bc:b5:
         7b:0c:64:f5:b7:29:5b:51:88:4f:40:1a:f0:7c:0b:cd:4a:c6:
         a7:20:2e:5e:84:d9:1f:68:7a:a4:db:8f:e2:53:33:97:c3:77:
         5c:55:76:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDAjOpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUz
ZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0MmY1MGQwHhcNMjIwNDE0
MDg1MzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhY2YzMWMxN2FlYjRl
MzExNzZjOThlNTVmMDAyZWFjYjA3NTg3ZWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5nvMybrc8u6/7LRt87/tveNH+/oKSbLcI1X/6UK+7UfFJqLS
grQyxvevqtoaK0zLhuWOpQII0OdPVZGaNsF4iQb9mqbty+dSzQjrMQG+jWtKWnJs
LJFK3Iek8Rbejs9JchP3cntYN6vlz8n2p/i6XmuG4Epz2sBjyuxPOyUcR1QpG/E7
vpoV4H90ewtZ/Dyr2YkrYIbPsrWkGZe4xmbVSuBnnhU8fZBjNcxcSmcSzeNHd+Ue
Yu23h050Lm9YfpYPNoxrogU6Qe9j349rrC0+zt38ZOVTUiO8EnKv69hlLct9+sFa
x6gwHPw1O/gtgMbMxIOeA6nGidsWllsz5gZMdwIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFKzzHBeutOMRdsmOVfAC6ssHWH7VMB8GA1UdIwQYMBaAFOP3Bwb2wM+9nHOn
89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJlLzEv
clBNY0Y2NjA0eEYyeVk1VjhBTHF5d2RZZnRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8y
ODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJlLzEvNF9jSEJ2YkF6NzJj
YzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQFX66AAwQF1AkgAwQE2QpA
AwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEBCwUAA4IBAQA1EsYXyyUQ
Z5qRhDXD2wHu2tjo16S1fZibTQl6klAKIVb6bd0cyYOIQNHMd0V2lKzEyUG53GCt
hr6VieqENRP2h3T/CLcn4Pa4h0c5Z+4nklEBwdOzVr23l3alsHxzEEcTsAsC10XZ
DAsua+zqUG8AJ+/hpMgHXgh4rj2aqJqsfMVp3eZrGxNWyZM2fQYkOQJBPRBDl6mL
oFcPd1zSLB689pvSrJz2I1+YI0TdKsJjMhHtKXxiGwmGVLqyFg2flzq98Kr3LpHu
QyLZNTiex11Qezl/oPHkvLV7DGT1tylbUYhPQBrwfAvNSsanIC5ehNkfaHqk24/i
UzOXw3dcVXar
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:50 2024 by rpki-client on console-fra.rpki-client.org