Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/bFbkQ9_bNruE8ijDySJgodECM9w.roa
File:                     bFbkQ9_bNruE8ijDySJgodECM9w.roa (raw, json)
Hash identifier:          RsIyD+OhX+x7FX4CQjvxAEZ0ZYn+NYuW7gBsuDTZOus=
Subject key identifier:   6C:56:E4:43:DF:DB:36:BB:84:F2:28:C3:C9:22:60:A1:D1:02:33:DC
Certificate issuer:       /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial:       0184FCE116C1857EEFE47A96E04FE860AA68
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/bFbkQ9_bNruE8ijDySJgodECM9w.roa
Signing time:             Sat 10 Dec 2022 16:32:00 +0000
ROA not before:           Sat 10 Dec 2022 16:32:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210083
IP address blocks:        199.231.235.0/24 maxlen: 24
                          185.130.44.0/24 maxlen: 24
                          185.130.47.0/24 maxlen: 24
                          185.130.45.0/24 maxlen: 24
                          185.130.46.0/24 maxlen: 24
                          2a07:e00:a::/48 maxlen: 48
                          2a07:e00::/48 maxlen: 48
                          2a07:e00:b::/48 maxlen: 48
                          2a07:e00:bb::/48 maxlen: 48
                          2a07:e03::/32 maxlen: 48
                          2a07:e02:41::/48 maxlen: 48
                          2a07:e00:ff::/48 maxlen: 48
                          2a07:e00:19f::/48 maxlen: 48
                          2a07:e02:1000::/36 maxlen: 40
                          2a07:e02:a00::/40 maxlen: 40
                          2a07:e02:b00::/40 maxlen: 56
                          2a07:e00:bc::/48 maxlen: 48
                          2a07:e00:ac::/48 maxlen: 48
                          2a07:e00:c::/48 maxlen: 48
                          2a07:e01::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:fc:e1:16:c1:85:7e:ef:e4:7a:96:e0:4f:e8:60:aa:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
        Validity
            Not Before: Dec 10 16:32:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c56e443dfdb36bb84f228c3c92260a1d10233dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f4:23:af:ca:f3:d1:df:4f:1a:1a:98:3d:0f:
                    09:e9:da:70:2b:32:82:66:e6:c6:6e:1e:d5:6d:d2:
                    f2:97:d7:70:4c:87:1f:8e:ba:75:3f:de:5b:98:0e:
                    82:c3:1c:28:b3:c0:51:7d:98:18:69:66:1a:ff:f2:
                    d5:3c:8a:66:b2:3f:77:72:d7:d7:12:c4:07:74:f7:
                    88:98:ca:2b:9e:d2:8f:d9:f0:38:c4:1e:c1:8f:8c:
                    c9:5c:b3:92:99:92:e7:df:56:6c:7a:b5:3c:aa:67:
                    17:4a:a9:0c:75:e5:6e:71:a0:d6:48:b1:bb:40:a0:
                    65:b3:4b:0d:55:1c:4d:a3:3c:6e:b4:fa:81:39:dd:
                    6c:f0:71:e1:29:8b:3e:73:6c:7d:6f:f0:30:c2:32:
                    cf:69:e8:ed:fa:c6:88:05:8a:fd:bf:17:10:1b:fc:
                    b3:f5:f3:a9:80:83:c3:9a:68:5e:95:bb:f7:7d:49:
                    dc:e5:9f:95:c9:be:26:b2:91:40:3b:e5:a5:6e:b3:
                    9a:5a:87:a5:35:7f:23:bc:51:b4:3e:7c:b2:fe:ef:
                    54:10:fb:6f:d3:80:15:28:d2:69:ae:68:e1:fe:40:
                    96:33:83:c1:b0:c3:89:4e:be:df:3a:94:cb:bc:9b:
                    16:40:c4:85:93:cb:d6:9d:de:84:8d:95:a4:2b:98:
                    a9:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:56:E4:43:DF:DB:36:BB:84:F2:28:C3:C9:22:60:A1:D1:02:33:DC
            X509v3 Authority Key Identifier:
                keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/bFbkQ9_bNruE8ijDySJgodECM9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.44.0/22
                  199.231.235.0/24
                IPv6:
                  2a07:e00::/48
                  2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
                  2a07:e00:ac::/48
                  2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
                  2a07:e00:ff::/48
                  2a07:e00:19f::/48
                  2a07:e01::/32
                  2a07:e02:41::/48
                  2a07:e02:a00::/39
                  2a07:e02:1000::/36
                  2a07:e03::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:a0:f8:9a:3b:6e:54:73:c7:50:e8:29:3f:a9:4c:15:86:77:
         7f:16:21:e6:05:87:43:52:6f:4b:83:cb:30:15:19:aa:9e:ec:
         00:d4:27:a3:d1:c3:ba:66:18:f2:be:3f:ba:d0:9c:cb:aa:e5:
         05:ff:24:1c:43:fd:fa:0f:41:b0:d6:32:40:04:1c:f1:c7:3b:
         4a:bc:a9:a5:4a:92:43:f4:c1:21:34:c1:47:a0:65:e9:bb:64:
         8e:35:ca:fc:e5:3c:db:93:0d:94:83:d7:b3:8a:b5:a2:16:53:
         43:69:10:b0:19:39:a0:c6:e0:0f:47:20:34:58:ce:73:3f:a7:
         c3:f9:f8:af:c6:2f:dd:71:7c:a7:d8:75:ef:c2:4a:29:df:b5:
         3e:fa:83:29:95:5e:62:73:b4:48:28:4d:19:6c:da:e8:8e:99:
         c5:cd:83:07:ac:af:a6:91:3f:9c:21:16:61:6a:03:38:a6:93:
         fa:3d:48:00:27:d4:11:6d:72:e0:8e:22:d0:ef:e7:f7:67:85:
         0a:4c:e6:fe:37:f8:09:14:20:e7:2a:76:57:77:22:5b:a9:16:
         89:f2:8a:de:e1:b3:c2:3f:21:70:04:b5:77:53:5c:28:35:50:
         94:63:c3:e9:72:a9:63:8f:14:6b:7c:de:53:76:30:37:2e:f4:
         4e:24:d9:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYT84RbBhX7v5HqW4E/oYKpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjIxMjEwMTYzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU2ZTQ0M2RmZGIzNmJiODRmMjI4YzNjOTIyNjBhMWQxMDIzM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Qjr8rz0d9PGhqYPQ8J6dpwKzKC
ZubGbh7VbdLyl9dwTIcfjrp1P95bmA6Cwxwos8BRfZgYaWYa//LVPIpmsj93ctfX
EsQHdPeImMorntKP2fA4xB7Bj4zJXLOSmZLn31ZserU8qmcXSqkMdeVucaDWSLG7
QKBls0sNVRxNozxutPqBOd1s8HHhKYs+c2x9b/AwwjLPaejt+saIBYr9vxcQG/yz
9fOpgIPDmmhelbv3fUnc5Z+Vyb4mspFAO+WlbrOaWoelNX8jvFG0Pnyy/u9UEPtv
04AVKNJprmjh/kCWM4PBsMOJTr7fOpTLvJsWQMSFk8vWnd6EjZWkK5ipOwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFGxW5EPf2za7hPIow8kiYKHRAjPcMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvYkZia1E5X2JOcnVFOGlqRHlTSmdvZEVDTTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzASBAIAATAMAwQCuYIs
AwQAx+frMHkEAgACMHMDBwAqBw4AAAAwEgMHASoHDgAACgMHACoHDgAADAMHACoH
DgAArDASAwcAKgcOAAC7AwcAKgcOAAC8AwcAKgcOAAD/AwcAKgcOAAGfAwUAKgcO
AQMHACoHDgIAQQMGASoHDgIKAwYEKgcOAhADBQAqBw4DMA0GCSqGSIb3DQEBCwUA
A4IBAQCboPiaO25Uc8dQ6Ck/qUwVhnd/FiHmBYdDUm9Lg8swFRmqnuwA1Cej0cO6
Zhjyvj+60JzLquUF/yQcQ/36D0Gw1jJABBzxxztKvKmlSpJD9MEhNMFHoGXpu2SO
Ncr85Tzbkw2Ug9ezirWiFlNDaRCwGTmgxuAPRyA0WM5zP6fD+fivxi/dcXyn2HXv
wkop37U++oMplV5ic7RIKE0ZbNrojpnFzYMHrK+mkT+cIRZhagM4ppP6PUgAJ9QR
bXLgjiLQ7+f3Z4UKTOb+N/gJFCDnKnZXdyJbqRaJ8ore4bPCPyFwBLV3U1woNVCU
Y8PpcqljjxRrfN5TdjA3LvROJNk5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:14 2024 by rpki-client on console-ams.rpki-client.org