Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aZYsf8FTM2iqc0NANKS8dFkD0cY.roa
File:                     aZYsf8FTM2iqc0NANKS8dFkD0cY.roa (raw, json)
Hash identifier:          sX11S0QrMJNuPjmQg3B7o6tDxpzpTEj9vy7cN502Ybw=
Subject key identifier:   69:96:2C:7F:C1:53:33:68:AA:73:43:40:34:A4:BC:74:59:03:D1:C6
Certificate issuer:       /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial:       1D32E57F
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aZYsf8FTM2iqc0NANKS8dFkD0cY.roa
Signing time:             Fri 13 May 2022 14:08:40 +0000
ROA not before:           Fri 13 May 2022 14:08:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199366
IP address blocks:        185.114.192.0/24 maxlen: 24
                          185.114.194.0/24 maxlen: 24
                          185.114.193.0/24 maxlen: 24
                          185.114.195.0/24 maxlen: 24
                          185.19.94.0/24 maxlen: 24
                          185.19.93.0/24 maxlen: 24
                          185.19.95.0/24 maxlen: 24
                          185.19.92.0/24 maxlen: 24
                          185.59.31.0/24 maxlen: 24
                          185.59.28.0/24 maxlen: 24
                          185.59.30.0/24 maxlen: 24
                          185.59.29.0/24 maxlen: 24
                          2.56.62.0/24 maxlen: 24
                          2.56.63.0/24 maxlen: 24
                          2.56.61.0/24 maxlen: 24
                          2.56.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 489874815 (0x1d32e57f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
        Validity
            Not Before: May 13 14:08:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69962c7fc1533368aa73434034a4bc745903d1c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e8:db:03:09:aa:9a:e0:97:a7:26:f5:de:b5:
                    8d:9f:06:f6:12:b9:47:51:6b:28:83:13:dd:0a:6e:
                    1d:a1:2b:6f:87:fa:a6:5f:db:09:18:31:30:b8:19:
                    fc:ae:b7:52:29:43:0c:6b:2b:7a:b7:7c:25:77:f4:
                    30:5d:39:85:92:a8:01:af:92:37:0e:5e:a6:42:90:
                    e4:ed:22:20:b1:b6:23:c8:72:d7:bf:73:5e:7d:f6:
                    73:57:cc:17:c5:82:5d:fa:ec:85:5b:70:ba:e9:d9:
                    31:65:18:e1:a8:ed:3d:af:13:0d:36:af:f1:cb:36:
                    14:b9:40:23:e7:c6:5c:99:1c:7e:e0:ad:29:c4:91:
                    0f:79:b4:23:45:ef:10:aa:c6:d6:98:db:a6:d6:12:
                    58:fe:1f:8c:a8:13:1e:74:11:6c:6e:02:07:00:12:
                    a3:4c:8b:99:d8:e9:f5:db:52:8c:7e:7f:a0:ce:df:
                    a4:78:c7:53:71:c7:01:ef:5b:d4:80:a5:b2:c4:21:
                    39:da:a3:3d:d1:9b:55:36:d5:67:92:45:f8:32:69:
                    ed:ff:1b:ea:78:46:6c:cc:1e:5b:2f:28:31:0a:a8:
                    ee:d0:8f:f9:b3:b3:03:9d:c0:9e:2c:00:5c:82:61:
                    85:9d:08:48:26:78:5a:66:27:f2:1c:53:3e:c4:e7:
                    75:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:96:2C:7F:C1:53:33:68:AA:73:43:40:34:A4:BC:74:59:03:D1:C6
            X509v3 Authority Key Identifier:
                keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aZYsf8FTM2iqc0NANKS8dFkD0cY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.60.0/22
                  185.19.92.0/22
                  185.59.28.0/22
                  185.114.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:e8:83:da:b9:6a:78:a1:7d:da:fd:99:a8:f1:40:81:1d:1f:
         3b:47:86:65:fa:92:47:5f:8e:e1:a8:8d:35:05:17:de:db:f8:
         69:32:e2:2e:46:92:56:80:ab:53:b0:9c:ab:e6:a3:1b:04:bb:
         de:ec:68:c4:fd:ac:73:0b:d0:18:7d:b9:7d:a8:91:ff:7e:71:
         90:3d:02:aa:bd:cd:96:72:94:0b:fc:03:9f:40:90:88:39:c7:
         69:08:d5:56:2c:6d:c0:62:e0:a2:7b:93:50:03:c2:80:7c:ba:
         e6:55:22:46:90:92:5f:b4:1f:1b:6a:32:62:39:45:c7:6f:d5:
         52:75:6e:75:0f:64:9f:aa:b7:4c:8d:3a:22:be:d6:9e:60:a8:
         6d:ab:1f:57:c3:5c:66:50:28:83:ce:ff:07:59:a9:00:3a:9d:
         b8:10:bd:c0:b6:a2:ba:b6:a4:88:e7:89:c1:33:55:a0:cc:53:
         14:9c:e9:a6:96:5e:5f:c5:74:62:08:1c:06:e1:3b:02:64:84:
         63:eb:4e:e0:a9:36:78:48:a3:c1:f1:32:e9:f2:16:e8:0e:31:
         97:34:77:29:61:70:8b:24:04:f3:45:0d:3f:cf:63:82:c6:6c:
         67:28:99:1a:99:63:c2:f5:f2:6e:5e:ea:be:3d:d0:4e:71:76:
         d1:52:b1:85
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHTLlfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODY5ZWU2NjE2NGQzY2I0MWRiZDJkZjU0MTc4MTdjMzJmNGNlYTA1MB4XDTIyMDUx
MzE0MDg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk5NjJjN2ZjMTUz
MzM2OGFhNzM0MzQwMzRhNGJjNzQ1OTAzZDFjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzo2wMJqprgl6cm9d61jZ8G9hK5R1FrKIMT3QpuHaErb4f6
pl/bCRgxMLgZ/K63UilDDGsrerd8JXf0MF05hZKoAa+SNw5epkKQ5O0iILG2I8hy
179zXn32c1fMF8WCXfrshVtwuunZMWUY4ajtPa8TDTav8cs2FLlAI+fGXJkcfuCt
KcSRD3m0I0XvEKrG1pjbptYSWP4fjKgTHnQRbG4CBwASo0yLmdjp9dtSjH5/oM7f
pHjHU3HHAe9b1IClssQhOdqjPdGbVTbVZ5JF+DJp7f8b6nhGbMweWy8oMQqo7tCP
+bOzA53AniwAXIJhhZ0ISCZ4WmYn8hxTPsTndbsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRplix/wVMzaKpzQ0A0pLx0WQPRxjAfBgNVHSMEGDAWgBS4ae5mFk08tB29
LfVBeBfDL0zqBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VHbnVaaFpOUExRZHZTMzFRWGdYd3k5TTZnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMWQ1ZWUxLWFjY2YtNDc0Zi1hNTg5LWNkMWZhNDg0NDExYi8x
L2FaWXNmOEZUTTJpcWMwTkFOS1M4ZEZrRDBjWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MWQ1ZWUxLWFjY2YtNDc0Zi1hNTg5LWNkMWZhNDg0NDExYi8xL3VHbnVaaFpOUExR
ZHZTMzFRWGdYd3k5TTZnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgI4PAMEArkTXAMEArk7HAMEArly
wDANBgkqhkiG9w0BAQsFAAOCAQEAlOiD2rlqeKF92v2ZqPFAgR0fO0eGZfqSR1+O
4aiNNQUX3tv4aTLiLkaSVoCrU7Ccq+ajGwS73uxoxP2scwvQGH25faiR/35xkD0C
qr3NlnKUC/wDn0CQiDnHaQjVVixtwGLgonuTUAPCgHy65lUiRpCSX7QfG2oyYjlF
x2/VUnVudQ9kn6q3TI06Ir7WnmCobasfV8NcZlAog87/B1mpADqduBC9wLaiurak
iOeJwTNVoMxTFJzpppZeX8V0YggcBuE7AmSEY+tO4Kk2eEijwfEy6fIW6A4xlzR3
KWFwiyQE80UNP89jgsZsZyiZGpljwvXybl7qvj3QTnF20VKxhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org