Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUIo1mTFRaXQkvOQVtQ8hZi-PW0.roa
File:                     zUIo1mTFRaXQkvOQVtQ8hZi-PW0.roa (raw, json)
Hash identifier:          3C8vPR2yEJ+cqv0lL6/H0gOSXDwnsNEnq/FCMfeM6cE=
Subject key identifier:   CD:42:28:D6:64:C5:45:A5:D0:92:F3:90:56:D4:3C:85:98:BE:3D:6D
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0CCC27DF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUIo1mTFRaXQkvOQVtQ8hZi-PW0.roa
Signing time:             Sat 01 Jan 2022 05:05:11 +0000
ROA not before:           Sat 01 Jan 2022 05:05:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     263824
IP address blocks:        178.238.12.0/22 maxlen: 24
                          80.67.32.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214706143 (0xccc27df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 05:05:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd4228d664c545a5d092f39056d43c8598be3d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:49:c2:a0:43:c8:61:97:58:ed:86:7a:24:fd:
                    86:0b:0e:b8:30:cd:0a:ee:98:f0:ff:35:22:d7:8d:
                    c3:30:98:53:e0:f9:99:9c:73:12:80:76:6f:e3:01:
                    97:81:dc:11:f5:d7:89:f0:f9:80:5f:8e:e4:37:b5:
                    d6:18:59:7e:28:0c:2c:25:25:ad:83:de:f3:13:e4:
                    f1:62:a9:3b:79:a2:c3:bd:66:b7:e9:f6:73:bb:5e:
                    d6:3f:af:03:69:c0:20:19:ec:87:de:ed:40:40:4d:
                    54:2b:81:23:fa:13:b9:06:69:c6:1d:c0:73:5f:13:
                    ed:ef:79:ee:a0:83:f4:9c:27:d7:5f:46:76:cf:bc:
                    7c:42:d7:6a:cf:c7:f0:4b:31:d1:80:3a:6f:61:17:
                    05:10:86:6d:ab:60:7f:6d:96:64:50:59:53:53:a6:
                    59:e0:1f:f1:fa:dc:80:bc:0a:32:b0:30:e4:e4:cc:
                    60:00:b9:d4:9c:1a:e9:34:c9:ae:b4:14:e5:62:a1:
                    3a:0f:b9:df:c3:05:f4:d6:b5:f8:bc:55:3e:15:30:
                    b1:6a:03:22:99:f4:2a:30:90:d5:39:87:67:20:7e:
                    f3:5a:e4:9b:0d:4d:e8:f2:cd:52:a2:04:86:18:d8:
                    a6:64:42:45:b0:8f:2d:98:e9:1e:95:b6:76:a3:3a:
                    a2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:42:28:D6:64:C5:45:A5:D0:92:F3:90:56:D4:3C:85:98:BE:3D:6D
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUIo1mTFRaXQkvOQVtQ8hZi-PW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.67.32.0/22
                  178.238.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:5a:95:1b:cb:90:bc:4c:25:28:64:f9:a8:d8:7e:e2:94:45:
         6d:a8:e2:2d:5f:74:d5:8f:7a:23:d5:93:66:5b:66:f3:4b:f1:
         81:43:c8:e0:91:49:12:82:3d:d4:ba:41:75:fe:87:3d:ce:60:
         ad:f9:20:1f:c2:1f:3b:c5:d9:2b:aa:f6:31:25:63:4e:9a:3f:
         33:23:e3:66:f1:ae:c7:15:6d:75:01:f2:b5:c0:24:47:d2:b2:
         14:71:27:c5:af:23:f2:1a:a9:05:10:46:4e:ae:f0:43:ac:f4:
         4f:ce:7a:70:28:7b:e6:17:9d:13:b2:49:1b:92:5d:98:15:71:
         88:4b:66:03:78:68:e5:bf:e4:b3:0b:24:45:6a:e7:d5:19:89:
         59:42:01:16:dd:da:a5:7c:ae:d0:8f:01:4f:51:06:c2:16:21:
         9d:b0:af:34:2f:5b:f2:a2:be:a0:ae:aa:5b:20:22:ea:c7:0a:
         0e:22:00:1d:74:d6:ae:38:08:96:81:08:03:e5:57:ec:2b:d1:
         c5:45:7f:53:52:d6:85:e4:2a:7f:c6:eb:8b:93:12:76:a8:fe:
         1c:78:37:b7:a0:f1:c2:bf:6e:3a:c6:7d:94:09:19:ea:4c:73:
         d8:94:a1:f3:3a:07:56:45:b5:13:98:42:27:e7:40:06:88:d1:
         e2:fe:c0:7a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDMwn3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q0MjI4ZDY2NGM1
NDVhNWQwOTJmMzkwNTZkNDNjODU5OGJlM2Q2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdJwqBDyGGXWO2GeiT9hgsOuDDNCu6Y8P81IteNwzCYU+D5
mZxzEoB2b+MBl4HcEfXXifD5gF+O5De11hhZfigMLCUlrYPe8xPk8WKpO3miw71m
t+n2c7te1j+vA2nAIBnsh97tQEBNVCuBI/oTuQZpxh3Ac18T7e957qCD9Jwn119G
ds+8fELXas/H8Esx0YA6b2EXBRCGbatgf22WZFBZU1OmWeAf8frcgLwKMrAw5OTM
YAC51Jwa6TTJrrQU5WKhOg+538MF9Na1+LxVPhUwsWoDIpn0KjCQ1TmHZyB+81rk
mw1N6PLNUqIEhhjYpmRCRbCPLZjpHpW2dqM6ousCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTNQijWZMVFpdCS85BW1DyFmL49bTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L3pVSW8xbVRGUmFYUWt2T1FWdFE4aFppLVBXMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlBDIAMEArLuDDANBgkqhkiG9w0B
AQsFAAOCAQEATlqVG8uQvEwlKGT5qNh+4pRFbajiLV901Y96I9WTZltm80vxgUPI
4JFJEoI91LpBdf6HPc5grfkgH8IfO8XZK6r2MSVjTpo/MyPjZvGuxxVtdQHytcAk
R9KyFHEnxa8j8hqpBRBGTq7wQ6z0T856cCh75hedE7JJG5JdmBVxiEtmA3ho5b/k
swskRWrn1RmJWUIBFt3apXyu0I8BT1EGwhYhnbCvNC9b8qK+oK6qWyAi6scKDiIA
HXTWrjgIloEIA+VX7CvRxUV/U1LWheQqf8bri5MSdqj+HHg3t6Dxwr9uOsZ9lAkZ
6kxz2JSh8zoHVkW1E5hCJ+dABojR4v7Aeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org