Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/zrhFHcfHvcqhdG6I-QesJsz1fhE.roa
File:                     zrhFHcfHvcqhdG6I-QesJsz1fhE.roa (raw, json)
Hash identifier:          KvKiHzOKVgCyoCeLa/Clj+71zeZp3oqoos+jn15A2vk=
Subject key identifier:   CE:B8:45:1D:C7:C7:BD:CA:A1:74:6E:88:F9:07:AC:26:CC:F5:7E:11
Certificate issuer:       /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial:       039847FD
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/zrhFHcfHvcqhdG6I-QesJsz1fhE.roa
Signing time:             Mon 21 Mar 2022 03:28:00 +0000
ROA not before:           Mon 21 Mar 2022 03:28:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44636
IP address blocks:        92.63.200.0/23 maxlen: 23
                          185.176.24.0/24 maxlen: 24
                          185.148.104.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60311549 (0x39847fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
        Validity
            Not Before: Mar 21 03:28:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ceb8451dc7c7bdcaa1746e88f907ac26ccf57e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f9:9d:d9:dc:a9:9d:a2:47:45:5f:3e:8c:a9:
                    46:f6:be:74:4e:1b:a5:66:8a:e5:6b:e2:1e:17:1b:
                    60:52:f4:bd:2b:7a:69:96:c4:80:4e:b2:58:7c:fa:
                    7a:0f:95:ce:fc:cc:47:a8:b6:a1:9f:d0:3d:25:9d:
                    cd:e8:4a:dc:eb:86:17:d1:5f:1b:66:82:8f:fb:35:
                    96:42:0f:bc:f3:33:58:df:96:7e:c3:2a:cb:48:e8:
                    9a:44:8b:ed:d9:3f:92:d1:5d:d6:c2:52:e2:95:c4:
                    03:fa:a5:1a:23:b5:e2:07:6f:38:55:88:77:d3:c1:
                    2d:e0:db:50:b5:19:6e:19:48:ac:45:60:fe:db:30:
                    fe:85:8d:07:96:d6:ef:b2:32:b6:b9:17:e8:5f:77:
                    40:ea:ee:37:76:3a:50:31:a7:e1:cb:b4:ff:78:8b:
                    3a:ca:6a:ae:1d:dc:ea:f8:e9:df:ac:84:19:4f:af:
                    97:f9:5c:63:f9:35:68:26:8f:65:4e:45:1c:01:56:
                    69:8e:3a:da:25:57:e3:30:b0:63:6c:5c:9d:10:fc:
                    e4:c1:45:0d:14:ff:d0:82:f9:e9:4a:5d:4c:1b:01:
                    ae:45:b3:3a:6f:ea:d2:78:24:b9:3a:60:b7:66:6f:
                    e0:39:9a:7d:61:ee:5f:43:5b:e9:82:22:80:fb:55:
                    98:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B8:45:1D:C7:C7:BD:CA:A1:74:6E:88:F9:07:AC:26:CC:F5:7E:11
            X509v3 Authority Key Identifier:
                keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/zrhFHcfHvcqhdG6I-QesJsz1fhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.63.200.0/23
                  185.148.104.0/22
                  185.176.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:88:fa:27:9c:d8:15:7c:8c:0a:f7:43:ff:79:48:b2:cd:fd:
         b2:9b:ce:08:87:c3:52:ee:cf:7f:3c:c8:20:4b:b3:5c:2e:33:
         b1:70:fc:99:58:ae:c6:cc:6f:0b:9f:0b:f4:88:1f:fa:89:41:
         7b:8d:cd:58:30:7c:f0:ce:22:01:af:62:6c:95:f8:da:9a:5c:
         b7:12:4a:bc:5f:3c:51:fb:3b:13:3f:52:47:d8:0f:1b:8a:1c:
         91:c2:b4:44:4d:b1:b0:ea:ec:68:d3:7e:92:64:79:20:62:5c:
         39:3b:2c:4f:32:26:1e:88:c0:f4:d2:9b:b0:65:e4:0e:d7:24:
         0d:6b:56:87:bd:57:ae:4f:e2:1e:9c:14:14:32:53:c9:38:1f:
         97:dc:c2:28:fe:88:c0:d9:24:d1:8d:b3:2d:f6:77:5b:c9:49:
         d5:e6:57:30:9d:33:a0:fe:95:f1:af:64:3e:b9:7b:f4:87:c9:
         18:0f:f8:6c:fd:f6:de:b5:e2:9a:2a:5b:d8:b5:04:e8:18:dc:
         75:d3:79:53:f9:18:7e:d9:06:6e:e4:3f:4b:ca:ac:e8:ed:42:
         09:a2:eb:ff:cd:bb:3c:79:81:55:2a:36:c5:0f:73:f8:24:a4:
         15:4d:32:2f:8e:76:f7:b3:4d:2b:4f:6e:02:04:44:0f:0a:54:
         c8:53:c1:1f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA5hH/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWFmMTJmNWNhNzVjOTIyYTRhYTVkYWNiNDljMDRhOTMyMzdmNGVkMB4XDTIyMDMy
MTAzMjgwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2ViODQ1MWRjN2M3
YmRjYWExNzQ2ZTg4ZjkwN2FjMjZjY2Y1N2UxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL5ndncqZ2iR0VfPoypRva+dE4bpWaK5WviHhcbYFL0vSt6
aZbEgE6yWHz6eg+VzvzMR6i2oZ/QPSWdzehK3OuGF9FfG2aCj/s1lkIPvPMzWN+W
fsMqy0jomkSL7dk/ktFd1sJS4pXEA/qlGiO14gdvOFWId9PBLeDbULUZbhlIrEVg
/tsw/oWNB5bW77IytrkX6F93QOruN3Y6UDGn4cu0/3iLOspqrh3c6vjp36yEGU+v
l/lcY/k1aCaPZU5FHAFWaY462iVX4zCwY2xcnRD85MFFDRT/0IL56UpdTBsBrkWz
Om/q0ngkuTpgt2Zv4DmafWHuX0Nb6YIigPtVmO8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTOuEUdx8e9yqF0boj5B6wmzPV+ETAfBgNVHSMEGDAWgBSxrxL1ynXJIqSq
Xay0nASpMjf07TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhOFM5Y3AxeVNLa3FsMnN0SndFcVRJMzlPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvY2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8x
L3pyaEZIY2ZIdmNxaGRHNkktUWVzSnN6MWZoRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
Y2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8xL3NhOFM5Y3AxeVNL
a3FsMnN0SndFcVRJMzlPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVw/yAMEArmUaAMEALmwGDANBgkq
hkiG9w0BAQsFAAOCAQEAGYj6J5zYFXyMCvdD/3lIss39spvOCIfDUu7PfzzIIEuz
XC4zsXD8mViuxsxvC58L9Igf+olBe43NWDB88M4iAa9ibJX42ppctxJKvF88Ufs7
Ez9SR9gPG4ockcK0RE2xsOrsaNN+kmR5IGJcOTssTzImHojA9NKbsGXkDtckDWtW
h71Xrk/iHpwUFDJTyTgfl9zCKP6IwNkk0Y2zLfZ3W8lJ1eZXMJ0zoP6V8a9kPrl7
9IfJGA/4bP323rXimipb2LUE6BjcddN5U/kYftkGbuQ/S8qs6O1CCaLr/827PHmB
VSo2xQ9z+CSkFU0yL45297NNK09uAgREDwpUyFPBHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:59 2024 by rpki-client on console-fra.rpki-client.org