Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/i44SqfYO5KhAz5e_esjHugjlL1Q.roa
File:                     i44SqfYO5KhAz5e_esjHugjlL1Q.roa (raw, json)
Hash identifier:          brZZ7iHfvF+vB7qbxvrEUqPjOlwlESHfnxZ4PhVVlwM=
Subject key identifier:   8B:8E:12:A9:F6:0E:E4:A8:40:CF:97:BF:7A:C8:C7:BA:08:E5:2F:54
Certificate issuer:       /CN=f19655b59a864cad73cc295f4f78ff83cae86aac
Certificate serial:       38772346
Authority key identifier: F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/i44SqfYO5KhAz5e_esjHugjlL1Q.roa
Signing time:             Sat 01 Jan 2022 00:51:57 +0000
ROA not before:           Sat 01 Jan 2022 00:51:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47777
IP address blocks:        46.19.56.0/21 maxlen: 24
                          94.125.24.0/21 maxlen: 24
                          185.15.180.0/22 maxlen: 22
                          185.15.183.0/24 maxlen: 24
                          2a00:1b40::/32 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 947331910 (0x38772346)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f19655b59a864cad73cc295f4f78ff83cae86aac
        Validity
            Not Before: Jan  1 00:51:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b8e12a9f60ee4a840cf97bf7ac8c7ba08e52f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:47:8b:49:f1:77:f6:3f:b3:04:ff:22:f3:eb:
                    d9:f2:73:a7:c3:ca:eb:d1:40:61:77:b6:0e:84:ff:
                    1d:32:33:2c:a9:1b:5c:32:2f:9e:ca:b5:35:d0:03:
                    bc:1a:a5:48:74:36:b8:85:e5:e0:13:ca:c7:59:e6:
                    6c:7f:dc:ce:82:6b:88:a4:26:fa:cb:d3:6b:5b:f6:
                    e8:fb:a1:b3:4b:8c:73:1e:40:a9:1f:e0:b3:96:b9:
                    8d:e8:4d:7f:c7:c6:5e:0b:92:f4:e4:68:df:6f:76:
                    03:a7:06:c8:60:4e:fe:3a:df:c9:05:88:d4:44:21:
                    e8:d9:8f:dd:03:84:54:19:f6:66:ff:b9:92:f6:1b:
                    db:07:7d:72:9a:24:c3:d2:26:64:02:c9:76:1c:ad:
                    5f:7a:87:41:ea:0f:2f:f6:fa:6c:0b:fe:d0:b3:3c:
                    fc:e6:0a:2d:b3:cd:f6:16:f8:ca:c2:53:a1:0f:84:
                    d6:1d:15:48:6e:89:c7:33:70:e5:80:b1:8c:d1:13:
                    b3:e1:29:49:c2:f1:ea:b6:c4:fc:5e:b2:33:08:64:
                    ce:27:c4:f7:33:65:30:03:b3:57:05:99:49:4f:2a:
                    42:25:72:98:b8:0e:16:58:44:57:b0:3a:fe:43:aa:
                    b3:41:9c:57:ab:f1:bd:2d:7a:46:4e:ca:37:1f:67:
                    e3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:8E:12:A9:F6:0E:E4:A8:40:CF:97:BF:7A:C8:C7:BA:08:E5:2F:54
            X509v3 Authority Key Identifier:
                keyid:F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/i44SqfYO5KhAz5e_esjHugjlL1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/8ZZVtZqGTK1zzClfT3j_g8roaqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.19.56.0/21
                  94.125.24.0/21
                  185.15.180.0/22
                IPv6:
                  2a00:1b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:4e:10:98:1d:3a:e6:8d:ba:51:53:7e:73:c0:6c:c1:c7:a6:
         39:8e:2a:5e:3a:0f:5a:40:e9:8c:ed:44:9f:b1:89:cb:0c:d4:
         e7:4b:fa:9e:7d:0c:6d:18:6d:49:46:33:a9:f4:ba:74:b0:54:
         40:72:37:f4:9b:3a:e7:c0:2a:74:ad:d8:77:e9:fc:69:d4:86:
         31:07:17:51:cf:96:d3:d0:47:1d:82:d7:3c:f0:aa:4d:e0:6a:
         91:ea:68:22:d3:e3:3b:66:59:bd:d6:aa:c6:67:01:95:6b:ea:
         67:4d:11:38:31:76:53:45:96:df:06:a1:77:7c:85:03:20:97:
         8c:90:f9:78:1d:f2:54:6a:83:76:a9:3f:8a:f2:39:15:68:90:
         b0:73:cc:3a:df:f7:0b:2f:be:b3:61:27:4a:91:02:4a:c0:3e:
         f2:35:0c:58:91:f4:8a:71:2e:c4:9f:2d:1b:33:be:51:be:73:
         ae:ba:36:4e:02:3c:bb:17:9e:db:e0:96:67:dd:46:98:54:13:
         61:f1:68:ef:1c:17:11:d2:e7:fb:29:63:d8:e2:fd:b4:c7:ed:
         cc:db:88:96:d9:f1:bf:7a:69:da:17:49:43:d3:c0:83:ae:29:
         88:c1:35:66:ea:b2:fc:f5:3d:20:55:6f:0d:df:04:8b:a8:42:
         58:63:a5:9a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEOHcjRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTk2NTViNTlhODY0Y2FkNzNjYzI5NWY0Zjc4ZmY4M2NhZTg2YWFjMB4XDTIyMDEw
MTAwNTE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI4ZTEyYTlmNjBl
ZTRhODQwY2Y5N2JmN2FjOGM3YmEwOGU1MmY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBHi0nxd/Y/swT/IvPr2fJzp8PK69FAYXe2DoT/HTIzLKkb
XDIvnsq1NdADvBqlSHQ2uIXl4BPKx1nmbH/czoJriKQm+svTa1v26Puhs0uMcx5A
qR/gs5a5jehNf8fGXguS9ORo3292A6cGyGBO/jrfyQWI1EQh6NmP3QOEVBn2Zv+5
kvYb2wd9cpokw9ImZALJdhytX3qHQeoPL/b6bAv+0LM8/OYKLbPN9hb4ysJToQ+E
1h0VSG6JxzNw5YCxjNETs+EpScLx6rbE/F6yMwhkzifE9zNlMAOzVwWZSU8qQiVy
mLgOFlhEV7A6/kOqs0GcV6vxvS16Rk7KNx9n44UCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSLjhKp9g7kqEDPl796yMe6COUvVDAfBgNVHSMEGDAWgBTxllW1moZMrXPM
KV9PeP+DyuhqrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhaWlZ0WnFHVEsxenpDbGZUM2pfZzhyb2Fxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvMmJkMWRjLWFkZTEtNDZjOS1iOWMwLTMzOWVlNzAwYWY2Zi8x
L2k0NFNxZllPNUtoQXo1ZV9lc2pIdWdqbEwxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
MmJkMWRjLWFkZTEtNDZjOS1iOWMwLTMzOWVlNzAwYWY2Zi8xLzhaWlZ0WnFHVEsx
enpDbGZUM2pfZzhyb2Fxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy4TOAMEA159GAMEArkPtDANBAIA
AjAHAwUAKgAbQDANBgkqhkiG9w0BAQsFAAOCAQEAb04QmB065o26UVN+c8Bswcem
OY4qXjoPWkDpjO1En7GJywzU50v6nn0MbRhtSUYzqfS6dLBUQHI39Js658AqdK3Y
d+n8adSGMQcXUc+W09BHHYLXPPCqTeBqkepoItPjO2ZZvdaqxmcBlWvqZ00RODF2
U0WW3wahd3yFAyCXjJD5eB3yVGqDdqk/ivI5FWiQsHPMOt/3Cy++s2EnSpECSsA+
8jUMWJH0inEuxJ8tGzO+Ub5zrro2TgI8uxee2+CWZ91GmFQTYfFo7xwXEdLn+ylj
2OL9tMftzNuIltnxv3pp2hdJQ9PAg64piME1Zuqy/PU9IFVvDd8Ei6hCWGOlmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:46 2024 by rpki-client on console-ams.rpki-client.org