Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7PX1SpQfFbaNaYydESzGYSLEcNk.roa
File:                     7PX1SpQfFbaNaYydESzGYSLEcNk.roa (raw, json)
Hash identifier:          INs1vLJZ1NJMX7YIqQg9JzqOC0oYjZRTEqn16dJu75o=
Subject key identifier:   EC:F5:F5:4A:94:1F:15:B6:8D:69:8C:9D:11:2C:C6:61:22:C4:70:D9
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       1B316A97
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7PX1SpQfFbaNaYydESzGYSLEcNk.roa
Signing time:             Wed 22 Jun 2022 12:18:29 +0000
ROA not before:           Wed 22 Jun 2022 12:18:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56534
IP address blocks:        92.255.96.0/21 maxlen: 21
                          185.47.52.0/22 maxlen: 22
                          185.47.54.0/24 maxlen: 24
                          92.255.60.0/24 maxlen: 24
                          89.223.80.0/21 maxlen: 21
                          92.255.88.0/21 maxlen: 32
                          2a04:ac00::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 456223383 (0x1b316a97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jun 22 12:18:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecf5f54a941f15b68d698c9d112cc66122c470d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a8:4e:e8:2a:d9:0f:69:fd:41:e8:55:79:2e:
                    44:15:d8:8f:a4:25:f5:8b:2a:6b:ad:b3:75:65:54:
                    3f:12:ab:75:be:44:f6:8e:4c:e8:08:f8:64:12:41:
                    f1:6f:62:1f:cb:d9:db:17:23:cc:72:a0:8c:7b:cc:
                    d7:07:f0:a9:9e:41:08:d4:db:dc:b3:6f:6d:8e:db:
                    b0:21:96:ca:53:7b:cf:9b:ba:c0:6f:36:0e:eb:8a:
                    86:be:c3:d5:58:e9:7a:5e:22:e8:55:4a:2d:18:c5:
                    98:5e:ca:f0:2b:d3:53:d4:79:e5:84:0d:38:49:c3:
                    0c:bb:75:64:b8:e1:aa:da:e7:b1:1b:bd:60:89:5b:
                    86:31:9b:c4:1b:8f:29:da:64:ac:0c:53:d8:1e:88:
                    8a:09:11:8d:48:5e:60:d3:ef:cd:f4:4a:b5:f7:5d:
                    f7:cc:c1:e5:ae:42:8f:4e:ee:98:84:85:03:d0:c0:
                    ea:3d:0c:39:66:dc:b7:67:87:48:70:cb:30:01:40:
                    bd:22:02:c1:f1:00:4e:69:86:c4:f5:1d:e8:60:4c:
                    91:e9:f6:42:cf:69:57:75:e4:8a:33:33:92:be:cb:
                    eb:11:dd:9c:9d:a2:f8:26:4c:3f:c1:d9:7f:0f:3c:
                    98:11:7a:d8:bb:1c:bd:57:2b:b4:c0:dc:61:c7:25:
                    83:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F5:F5:4A:94:1F:15:B6:8D:69:8C:9D:11:2C:C6:61:22:C4:70:D9
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7PX1SpQfFbaNaYydESzGYSLEcNk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.223.80.0/21
                  92.255.60.0/24
                  92.255.88.0-92.255.103.255
                  185.47.52.0/22
                IPv6:
                  2a04:ac00::/29

    Signature Algorithm: sha256WithRSAEncryption
         a0:4a:97:b0:75:9d:8e:1e:b7:5f:56:38:2a:a7:84:68:cd:1a:
         dd:5e:14:50:ff:72:f3:fa:18:05:f4:89:99:84:f5:79:78:c9:
         c0:cb:78:c3:5b:51:82:c0:7f:b2:cc:79:38:fa:d4:05:a3:fc:
         46:46:c4:cb:5c:b8:42:9e:d2:f0:2c:aa:22:91:7b:58:d7:b8:
         46:fb:6d:08:0a:70:db:47:d1:c2:be:05:05:6d:39:5d:1b:c5:
         19:67:1e:20:87:e2:2b:8c:d3:14:ad:45:82:8f:d2:3f:f2:b8:
         2c:db:40:60:11:ef:6a:9d:bf:94:0d:3c:a5:8d:36:d3:46:58:
         d5:cc:d8:c9:2c:f8:d8:c2:c2:91:53:d1:a7:77:0c:85:57:c9:
         99:14:c1:6f:6e:53:29:23:67:bb:9a:d5:dd:ba:f8:1f:e9:6e:
         2a:8e:1d:96:39:1c:7a:d3:5c:d6:00:58:d6:06:ad:0f:68:32:
         f1:38:0c:44:3c:cb:a3:c2:2a:a7:15:69:77:d2:a7:b3:52:8b:
         93:d2:ed:1d:4a:c0:b8:90:b8:f2:f9:61:c4:d9:b0:bd:8f:64:
         bf:5d:e7:e0:98:4f:74:0d:74:2a:e8:4c:0a:ff:41:04:06:2a:
         8d:e8:b2:81:1a:66:f7:29:2d:e0:40:79:83:84:d9:fa:17:06:
         82:f5:99:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGzFqlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDgzMTNlNDFlNjQ2YTA5Y2QwMWUyZTZmNDczOWQzYmQyMzZjNGZmMB4XDTIyMDYy
MjEyMTgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNmNWY1NGE5NDFm
MTViNjhkNjk4YzlkMTEyY2M2NjEyMmM0NzBkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+oTugq2Q9p/UHoVXkuRBXYj6Ql9Ysqa62zdWVUPxKrdb5E
9o5M6Aj4ZBJB8W9iH8vZ2xcjzHKgjHvM1wfwqZ5BCNTb3LNvbY7bsCGWylN7z5u6
wG82DuuKhr7D1Vjpel4i6FVKLRjFmF7K8CvTU9R55YQNOEnDDLt1ZLjhqtrnsRu9
YIlbhjGbxBuPKdpkrAxT2B6IigkRjUheYNPvzfRKtfdd98zB5a5Cj07umISFA9DA
6j0MOWbct2eHSHDLMAFAvSICwfEATmmGxPUd6GBMken2Qs9pV3XkijMzkr7L6xHd
nJ2i+CZMP8HZfw88mBF62LscvVcrtMDcYcclg9UCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTs9fVKlB8Vto1pjJ0RLMZhIsRw2TAfBgNVHSMEGDAWgBTNgxPkHmRqCc0B
4ub0c5070jbE/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pZTVQ1QjVrYWduTkFlTG05SE9kTzlJMnhQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8x
LzdQWDFTcFFmRmJhTmFZeWRFU3pHWVNMRWNOay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8xL3pZTVQ1QjVrYWdu
TkFlTG05SE9kTzlJMnhQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEA1nfUAMEAFz/PDAMAwQDXP9YAwQD
XP9gAwQCuS80MA0EAgACMAcDBQMqBKwAMA0GCSqGSIb3DQEBCwUAA4IBAQCgSpew
dZ2OHrdfVjgqp4RozRrdXhRQ/3Lz+hgF9ImZhPV5eMnAy3jDW1GCwH+yzHk4+tQF
o/xGRsTLXLhCntLwLKoikXtY17hG+20ICnDbR9HCvgUFbTldG8UZZx4gh+IrjNMU
rUWCj9I/8rgs20BgEe9qnb+UDTyljTbTRljVzNjJLPjYwsKRU9GndwyFV8mZFMFv
blMpI2e7mtXduvgf6W4qjh2WORx601zWAFjWBq0PaDLxOAxEPMujwiqnFWl30qez
UouT0u0dSsC4kLjy+WHE2bC9j2S/XefgmE90DXQq6EwK/0EEBiqN6LKBGmb3KS3g
QHmDhNn6FwaC9Zl3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org