Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/rn9JytwPSJ5yIsByDK7WlzbaiF0.roa
File:                     rn9JytwPSJ5yIsByDK7WlzbaiF0.roa (raw, json)
Hash identifier:          ZMembYh2Z6k5ZtTIVZxbSysTECw/ibUgKS+HQw7Q3oY=
Subject key identifier:   AE:7F:49:CA:DC:0F:48:9E:72:22:C0:72:0C:AE:D6:97:36:DA:88:5D
Certificate issuer:       /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial:       34A67B
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/rn9JytwPSJ5yIsByDK7WlzbaiF0.roa
Signing time:             Sat 30 Apr 2022 18:14:55 +0000
ROA not before:           Sat 30 Apr 2022 18:14:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8849
IP address blocks:        88.210.36.0/23 maxlen: 24
                          2a06:f902:4000::/36 maxlen: 36
                          2a06:f901:4000::/36 maxlen: 36
                          2a06:f901:8000::/36 maxlen: 36
                          2a06:f901:c000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3450491 (0x34a67b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
        Validity
            Not Before: Apr 30 18:14:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae7f49cadc0f489e7222c0720caed69736da885d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3a:de:8c:26:72:0f:21:73:04:f1:3b:1e:66:
                    b5:2a:1d:c1:01:21:df:f6:9e:dd:3a:99:3f:88:53:
                    40:95:1c:58:c3:76:f5:cf:94:e1:c1:08:f8:8a:11:
                    a8:8c:59:50:83:43:66:8a:ef:9d:0b:3b:15:7d:7c:
                    0a:0d:26:97:d4:46:74:92:e2:4b:15:2e:ff:ed:40:
                    eb:f6:5c:01:78:a5:8f:19:ac:5d:9b:4b:e1:5a:d8:
                    d7:62:ee:c6:7c:55:56:a3:e0:9f:5a:0e:9a:e7:ac:
                    63:46:1a:7a:06:df:f0:a1:35:b8:b7:a1:4c:fb:4c:
                    4a:d0:86:cd:a2:38:05:62:8a:52:80:ee:d1:9f:fb:
                    b2:21:56:cf:31:7c:e1:02:30:28:6b:8f:40:d0:11:
                    6a:d5:73:70:96:be:1c:e5:0c:ea:22:37:07:a7:c8:
                    30:b2:34:84:65:6e:c0:3f:43:47:fb:16:87:1e:fd:
                    47:1f:34:4b:b6:e0:04:81:16:a6:c3:9f:8a:bd:1e:
                    f1:17:c0:73:e6:46:34:30:8c:3e:6b:ec:5d:a1:4b:
                    72:96:9c:03:e0:eb:99:da:81:f8:33:32:e1:36:1f:
                    4c:af:4a:82:e5:c0:76:81:63:b6:e6:d5:68:74:8d:
                    f3:7a:e4:fd:64:10:cc:cc:bb:e1:c5:65:48:36:57:
                    99:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:7F:49:CA:DC:0F:48:9E:72:22:C0:72:0C:AE:D6:97:36:DA:88:5D
            X509v3 Authority Key Identifier:
                keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/rn9JytwPSJ5yIsByDK7WlzbaiF0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.210.36.0/23
                IPv6:
                  2a06:f901:4000::/36
                  2a06:f901:8000::/36
                  2a06:f901:c000::/36
                  2a06:f902:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         51:53:84:cd:56:39:d4:ab:cc:59:a0:05:61:96:6f:1e:a9:30:
         a8:d3:d4:62:99:0b:9a:36:ea:91:b9:bd:fc:a3:44:7f:eb:6d:
         62:5a:9a:f7:be:d5:7d:17:c2:56:58:2a:56:86:c6:b8:64:4b:
         60:5d:2f:d9:50:8d:7b:d5:35:c6:87:a1:32:b3:d1:95:b0:a1:
         04:46:75:10:51:ca:8e:83:1c:22:43:cd:f0:90:b1:a6:81:2d:
         e1:68:50:36:1c:7f:e8:a3:ed:63:1d:a1:16:4f:26:d5:e1:db:
         64:df:49:e3:4f:66:94:4a:95:1b:c8:7f:5a:6d:f6:b7:7a:11:
         e3:91:c6:cf:24:62:8b:0e:0b:44:fd:c1:48:8e:02:66:f5:b5:
         6d:33:35:f3:66:8b:a4:9c:27:8c:c8:7a:d1:f4:94:8d:76:3e:
         ca:d0:60:ce:e4:6f:5f:fe:8c:3e:90:4d:ed:32:4d:ca:1c:92:
         a2:70:30:bf:4e:86:c3:75:d1:86:02:13:42:04:ba:59:ac:ea:
         fd:3a:2f:81:8a:ca:4a:f1:39:c2:78:fe:10:da:54:95:55:59:
         02:76:23:b3:ed:bd:83:92:59:18:e6:da:9a:1f:fb:05:23:da:
         5c:6b:d0:69:d1:df:89:00:3a:b2:ec:ab:02:98:e0:84:0c:0a:
         9e:ed:54:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIDNKZ7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBm
ZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3NDIxYTYwHhcNMjIwNDMw
MTgxNDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZTdmNDljYWRjMGY0
ODllNzIyMmMwNzIwY2FlZDY5NzM2ZGE4ODVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnTrejCZyDyFzBPE7Hma1Kh3BASHf9p7dOpk/iFNAlRxYw3b1
z5ThwQj4ihGojFlQg0Nmiu+dCzsVfXwKDSaX1EZ0kuJLFS7/7UDr9lwBeKWPGaxd
m0vhWtjXYu7GfFVWo+CfWg6a56xjRhp6Bt/woTW4t6FM+0xK0IbNojgFYopSgO7R
n/uyIVbPMXzhAjAoa49A0BFq1XNwlr4c5QzqIjcHp8gwsjSEZW7AP0NH+xaHHv1H
HzRLtuAEgRamw5+KvR7xF8Bz5kY0MIw+a+xdoUtylpwD4OuZ2oH4MzLhNh9Mr0qC
5cB2gWO25tVodI3zeuT9ZBDMzLvhxWVINleZYQIDAQABo4ICMTCCAi0wHQYDVR0O
BBYEFK5/ScrcD0ieciLAcgyu1pc22ohdMB8GA1UdIwQYMBaAFA/r+/1vk3xa454+
OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQyLzEv
cm45Snl0d1BTSjV5SXNCeURLN1dsemJhaUYwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82
N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQyLzEvRC12N19XLVRmRnJq
bmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcG
CCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQBWNIkMCYEAgACMCADBgQqBvkBQAMG
BCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkqhkiG9w0BAQsFAAOCAQEAUVOEzVY5
1KvMWaAFYZZvHqkwqNPUYpkLmjbqkbm9/KNEf+ttYlqa977VfRfCVlgqVobGuGRL
YF0v2VCNe9U1xoehMrPRlbChBEZ1EFHKjoMcIkPN8JCxpoEt4WhQNhx/6KPtYx2h
Fk8m1eHbZN9J409mlEqVG8h/Wm32t3oR45HGzyRiiw4LRP3BSI4CZvW1bTM182aL
pJwnjMh60fSUjXY+ytBgzuRvX/6MPpBN7TJNyhySonAwv06Gw3XRhgITQgS6Wazq
/TovgYrKSvE5wnj+ENpUlVVZAnYjs+29g5JZGObamh/7BSPaXGvQadHfiQA6suyr
ApjghAwKnu1UEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org