Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa
File:                     Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa (raw, json)
Hash identifier:          ik6fXWIQU/f3StGAkKIDfstxyKJq+BUHoUQimM6Gtug=
Subject key identifier:   65:DC:74:61:A2:AF:C7:DC:C8:67:EB:C5:33:E8:70:BD:BD:7B:32:01
Certificate issuer:       /CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Certificate serial:       132740
Authority key identifier: A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa
Signing time:             Fri 11 Mar 2022 11:24:36 +0000
ROA not before:           Fri 11 Mar 2022 11:24:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57457
IP address blocks:        185.210.203.0/24 maxlen: 24
                          185.210.200.0/24 maxlen: 24
                          185.210.201.0/24 maxlen: 24
                          185.210.202.0/24 maxlen: 24
                          91.232.64.0/24 maxlen: 24
                          91.232.65.0/24 maxlen: 24
                          91.232.69.0/24 maxlen: 24
                          91.232.66.0/24 maxlen: 24
                          91.232.67.0/24 maxlen: 24
                          91.232.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1255232 (0x132740)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
        Validity
            Not Before: Mar 11 11:24:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65dc7461a2afc7dcc867ebc533e870bdbd7b3201
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3b:a2:29:af:77:0e:66:ef:6d:d1:8d:de:17:
                    0e:02:cf:5d:13:1d:fc:95:a8:15:f9:89:16:7c:be:
                    29:51:7f:68:75:c2:ee:b6:5b:97:a0:61:7b:ef:84:
                    b1:c6:bc:ac:d6:31:6d:af:c7:c6:5b:68:1b:72:d5:
                    88:ec:ed:79:06:b6:6b:28:e5:6a:bf:20:6f:4a:e3:
                    98:21:09:02:df:de:ec:aa:6a:dd:9e:85:b1:8c:22:
                    f8:dc:c2:12:c6:07:14:20:4f:30:d0:eb:25:33:47:
                    a4:a6:5f:bb:01:75:5a:85:2a:1d:66:aa:07:4c:ae:
                    84:f6:b8:89:07:4b:5f:60:6b:34:45:43:9a:ad:8a:
                    62:9e:70:b5:40:cc:fd:e7:ad:03:df:42:dc:98:71:
                    c1:bf:a8:b8:ac:33:c1:f3:b0:bd:50:74:bb:40:50:
                    aa:4e:2a:c8:05:22:08:4a:df:0d:ad:5e:63:d3:2d:
                    4d:f0:03:44:ec:89:74:38:79:45:c7:f4:69:af:a4:
                    6e:b4:34:1b:e5:cc:3a:0c:8e:ba:d7:3e:63:98:51:
                    00:b3:43:11:b3:b2:65:ec:3c:b7:d4:fe:20:87:3c:
                    a5:35:9d:47:07:b7:3d:73:f0:2f:9b:42:b5:e6:71:
                    61:0a:72:ee:33:94:81:24:4f:d7:df:ca:f2:95:e3:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:DC:74:61:A2:AF:C7:DC:C8:67:EB:C5:33:E8:70:BD:BD:7B:32:01
            X509v3 Authority Key Identifier:
                keyid:A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/Zdx0YaKvx9zIZ-vFM-hwvb17MgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.64.0-91.232.69.255
                  185.210.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bf:c9:3a:c1:68:73:ac:86:10:a9:0a:80:6a:02:98:ac:e2:19:
         1f:aa:b4:97:5c:bb:91:72:24:16:71:53:47:b5:1a:dd:77:fb:
         17:11:99:52:a6:24:66:6d:7a:36:62:74:d1:7f:4b:ad:8f:87:
         9d:17:30:df:02:40:be:67:93:fd:58:96:6b:de:80:60:a3:4a:
         50:01:48:ba:ae:8a:8c:2b:12:4e:c0:75:a5:31:3d:f4:f8:19:
         c3:7e:54:31:2a:74:9d:4f:37:63:ee:a4:7a:c2:f3:8f:9f:fd:
         61:0d:e6:e2:5a:f7:d1:e2:fe:09:9a:9a:61:63:90:77:96:bc:
         6c:b3:b3:15:6a:75:90:fb:15:fa:c7:ce:33:ae:31:0d:f6:7e:
         bb:0d:5c:7d:84:bb:aa:5d:8a:aa:04:5a:ec:92:57:b6:31:b6:
         6c:09:a8:d3:05:52:24:fa:6a:49:c6:0c:4b:cc:b8:a8:9d:a9:
         bf:38:dc:26:6b:c5:8e:1f:2b:f7:f6:24:59:d8:7b:34:29:91:
         bf:2f:d2:86:8c:f2:fd:ff:cc:57:51:48:81:c3:7e:07:1e:8b:
         ee:ce:37:f8:42:1c:70:42:cc:fb:98:0a:00:1a:bb:da:03:49:
         29:a3:ad:df:fc:5d:df:c9:8c:27:50:a5:e6:7b:e8:9c:7e:c2:
         5f:14:72:4f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIDEydAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
NDM4ZWFjZjRkMDY0ZTg3YTc2YmI0NjJkM2I0YjJjYzM4NThhNGMwHhcNMjIwMzEx
MTEyNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NWRjNzQ2MWEyYWZj
N2RjYzg2N2ViYzUzM2U4NzBiZGJkN2IzMjAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuzuiKa93DmbvbdGN3hcOAs9dEx38lagV+YkWfL4pUX9odcLu
tluXoGF774Sxxrys1jFtr8fGW2gbctWI7O15BrZrKOVqvyBvSuOYIQkC397sqmrd
noWxjCL43MISxgcUIE8w0OslM0ekpl+7AXVahSodZqoHTK6E9riJB0tfYGs0RUOa
rYpinnC1QMz9560D30LcmHHBv6i4rDPB87C9UHS7QFCqTirIBSIISt8NrV5j0y1N
8ANE7Il0OHlFx/Rpr6RutDQb5cw6DI661z5jmFEAs0MRs7Jl7Dy31P4ghzylNZ1H
B7c9c/Avm0K15nFhCnLuM5SBJE/X38ryleOmzwIDAQABo4ICFzCCAhMwHQYDVR0O
BBYEFGXcdGGir8fcyGfrxTPocL29ezIBMB8GA1UdIwQYMBaAFKhDjqz00GToena7
Ri07SyzDhYpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEv
WmR4MFlhS3Z4OXpJWi12Rk0taHd2YjE3TWdFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84
ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEvcUVPT3JQVFFaT2g2
ZHJ0R0xUdExMTU9GaWt3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0G
CCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZb6EADBAFb6EQDBAK50sgwDQYJ
KoZIhvcNAQELBQADggEBAL/JOsFoc6yGEKkKgGoCmKziGR+qtJdcu5FyJBZxU0e1
Gt13+xcRmVKmJGZtejZidNF/S62Ph50XMN8CQL5nk/1YlmvegGCjSlABSLquiowr
Ek7AdaUxPfT4GcN+VDEqdJ1PN2PupHrC84+f/WEN5uJa99Hi/gmammFjkHeWvGyz
sxVqdZD7FfrHzjOuMQ32frsNXH2Eu6pdiqoEWuySV7YxtmwJqNMFUiT6aknGDEvM
uKidqb843CZrxY4fK/f2JFnYezQpkb8v0oaM8v3/zFdRSIHDfgcei+7ON/hCHHBC
zPuYCgAau9oDSSmjrd/8Xd/JjCdQpeZ76Jx+wl8Uck8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org