Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8aZZwz1cZCKg8mF1ABtDpMZYGiE.roa
File:                     8aZZwz1cZCKg8mF1ABtDpMZYGiE.roa (raw, json)
Hash identifier:          9R1H441FGXmsu45iS644exRmL6+HNY4FUMIUxBDt2gA=
Subject key identifier:   F1:A6:59:C3:3D:5C:64:22:A0:F2:61:75:00:1B:43:A4:C6:58:1A:21
Certificate issuer:       /CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Certificate serial:       05B61F7E
Authority key identifier: F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8aZZwz1cZCKg8mF1ABtDpMZYGiE.roa
Signing time:             Sat 01 Jan 2022 10:54:05 +0000
ROA not before:           Sat 01 Jan 2022 10:54:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205823
IP address blocks:        193.32.105.0/24 maxlen: 24
                          193.32.104.0/23 maxlen: 23
                          193.32.104.0/24 maxlen: 24
                          193.32.116.0/24 maxlen: 24
                          193.32.116.0/23 maxlen: 23
                          193.32.117.0/24 maxlen: 24
                          185.205.57.0/24 maxlen: 24
                          185.205.56.0/22 maxlen: 22
                          185.205.56.0/24 maxlen: 24
                          185.205.58.0/24 maxlen: 24
                          185.205.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 95821694 (0x5b61f7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f258b3a9741b431d7becd64286b9e6bce0e975da
        Validity
            Not Before: Jan  1 10:54:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1a659c33d5c6422a0f26175001b43a4c6581a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:13:1c:50:4c:23:dc:41:af:80:62:84:5f:e7:
                    cd:99:10:c1:f9:ab:18:76:6c:31:09:99:18:39:02:
                    a0:5d:46:dc:f7:51:2c:f5:9e:95:58:34:2d:1a:82:
                    84:30:27:08:9e:0a:29:09:02:35:56:d1:e8:23:87:
                    c0:1d:a9:5f:59:04:58:25:12:8a:6b:30:b9:2f:30:
                    af:22:5a:ee:89:79:fe:35:2e:79:7f:ca:5f:0d:09:
                    8a:97:7f:5f:54:98:df:6d:31:00:ec:c7:41:3d:8c:
                    c5:7a:0c:e4:7e:a3:c9:78:39:8f:4c:9b:70:a9:80:
                    2d:d8:52:c3:94:e3:79:1f:1a:d4:2d:c6:5a:24:d8:
                    f1:76:5c:04:9c:7a:bc:15:dd:4d:de:22:9c:14:12:
                    43:3d:0c:6b:09:ce:ee:ff:55:d1:5a:a9:dc:81:5a:
                    ee:1f:d7:c9:07:21:94:94:93:aa:17:a5:e2:ab:7c:
                    3b:4a:d7:18:4c:07:d0:d2:f8:6f:4d:88:c8:72:f0:
                    75:78:21:37:19:f0:48:c9:55:35:b4:fa:24:d4:61:
                    c4:9d:fc:cb:c6:45:70:2d:d0:6a:9e:5e:c4:34:24:
                    ba:92:bb:fd:69:9d:f5:28:08:15:d8:8c:a8:e7:e0:
                    4a:63:90:0d:af:41:77:f1:ef:b3:41:d8:b4:da:f8:
                    cb:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:A6:59:C3:3D:5C:64:22:A0:F2:61:75:00:1B:43:A4:C6:58:1A:21
            X509v3 Authority Key Identifier:
                keyid:F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8aZZwz1cZCKg8mF1ABtDpMZYGiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.205.56.0/22
                  193.32.104.0/23
                  193.32.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:32:69:ed:d8:0b:ce:d4:2c:71:6f:f3:5f:c4:2d:49:8b:df:
         08:4d:fb:61:af:95:9f:b2:fe:69:a7:9e:b8:b7:f4:37:bd:14:
         a9:85:f1:72:a5:fe:e4:d4:c4:9f:28:a8:39:04:36:52:81:2e:
         95:81:ce:be:9c:74:21:0a:fb:06:fd:42:a9:ef:94:4b:0e:02:
         b1:9b:9b:5c:4a:44:9c:b0:b9:dd:ec:f3:3b:67:c0:c2:8d:d6:
         62:da:b4:f8:e1:3e:ab:ae:6a:db:11:21:53:3f:c0:8d:0e:d7:
         1a:7e:66:5e:ec:14:16:d7:a8:71:36:4b:60:45:a0:c3:84:e7:
         be:88:b1:d8:39:44:2f:f0:9f:75:63:79:9a:ca:2a:5d:5d:ef:
         8f:0c:91:96:bc:f1:4d:e6:bd:3f:ed:7c:60:f9:b2:c6:60:13:
         8c:2c:68:17:a9:28:f7:6c:8c:6a:6d:49:74:45:18:8f:13:bb:
         d4:ce:f1:77:77:69:de:2f:ae:ca:54:08:8e:08:73:d2:06:b7:
         dd:e2:b3:13:b2:0b:27:02:04:26:bb:49:85:f0:3e:17:63:0c:
         76:b7:81:ee:74:14:ad:a7:d4:58:ef:7e:c6:03:44:2a:18:fa:
         7e:47:22:45:c5:2d:ac:5e:ed:e3:e3:18:9d:83:92:f1:27:7d:
         10:43:c7:c1
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBbYffjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjU4YjNhOTc0MWI0MzFkN2JlY2Q2NDI4NmI5ZTZiY2UwZTk3NWRhMB4XDTIyMDEw
MTEwNTQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFhNjU5YzMzZDVj
NjQyMmEwZjI2MTc1MDAxYjQzYTRjNjU4MWEyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQTHFBMI9xBr4BihF/nzZkQwfmrGHZsMQmZGDkCoF1G3PdR
LPWelVg0LRqChDAnCJ4KKQkCNVbR6COHwB2pX1kEWCUSimswuS8wryJa7ol5/jUu
eX/KXw0Jipd/X1SY320xAOzHQT2MxXoM5H6jyXg5j0ybcKmALdhSw5TjeR8a1C3G
WiTY8XZcBJx6vBXdTd4inBQSQz0MawnO7v9V0Vqp3IFa7h/XyQchlJSTqhel4qt8
O0rXGEwH0NL4b02IyHLwdXghNxnwSMlVNbT6JNRhxJ38y8ZFcC3Qap5exDQkupK7
/Wmd9SgIFdiMqOfgSmOQDa9Bd/Hvs0HYtNr4y/kCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTxplnDPVxkIqDyYXUAG0OkxlgaITAfBgNVHSMEGDAWgBTyWLOpdBtDHXvs
1kKGuea84Ol12jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhsaXpxWFFiUXgxNzdOWkNocm5tdk9EcGRkby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvMDk1ZDVmLTI2OTMtNDE4Mi05Mzk3LWNkYTk0ZmI3OTZkMS8x
LzhhWlp3ejFjWkNLZzhtRjFBQnREcE1aWUdpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
MDk1ZDVmLTI2OTMtNDE4Mi05Mzk3LWNkYTk0ZmI3OTZkMS8xLzhsaXpxWFFiUXgx
NzdOWkNocm5tdk9EcGRkby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArnNOAMEAcEgaAMEAcEgdDANBgkq
hkiG9w0BAQsFAAOCAQEAWTJp7dgLztQscW/zX8QtSYvfCE37Ya+Vn7L+aaeeuLf0
N70UqYXxcqX+5NTEnyioOQQ2UoEulYHOvpx0IQr7Bv1Cqe+USw4CsZubXEpEnLC5
3ezzO2fAwo3WYtq0+OE+q65q2xEhUz/AjQ7XGn5mXuwUFteocTZLYEWgw4Tnvoix
2DlEL/CfdWN5msoqXV3vjwyRlrzxTea9P+18YPmyxmATjCxoF6ko92yMam1JdEUY
jxO71M7xd3dp3i+uylQIjghz0ga33eKzE7ILJwIEJrtJhfA+F2MMdreB7nQUrafU
WO9+xgNEKhj6fkciRcUtrF7t4+MYnYOS8Sd9EEPHwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org