Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa
File:                     0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa (raw, json)
Hash identifier:          x4Eq1JV5qx7XAVAjOr6U/C4VItWxNoIgW/7HcLpIMWU=
Subject key identifier:   D1:75:32:EB:1C:2D:C9:47:D9:39:AD:10:60:72:8D:AE:5F:12:45:BB
Certificate issuer:       /CN=aba81f07a493a3e643752e66bd8146f5771adf88
Certificate serial:       05AE6017
Authority key identifier: AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa
Signing time:             Sat 01 Jan 2022 05:04:16 +0000
ROA not before:           Sat 01 Jan 2022 05:04:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6663
IP address blocks:        185.63.4.0/22 maxlen: 24
                          93.114.100.0/22 maxlen: 24
                          85.204.32.0/22 maxlen: 24
                          89.238.192.0/18 maxlen: 24
                          81.24.16.0/20 maxlen: 24
                          93.113.104.0/22 maxlen: 24
                          85.204.100.0/22 maxlen: 24
                          2a02:2720::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 95313943 (0x5ae6017)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba81f07a493a3e643752e66bd8146f5771adf88
        Validity
            Not Before: Jan  1 05:04:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d17532eb1c2dc947d939ad1060728dae5f1245bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fb:66:dc:ba:86:3f:1b:3a:7b:00:dd:e2:15:
                    4d:ac:dd:f5:62:63:72:87:19:bf:ed:6d:3e:c3:a1:
                    c4:ad:b6:67:c1:38:8e:a9:8d:29:b0:60:e3:5a:3e:
                    46:25:8e:b8:a2:ae:b0:89:bc:a7:2d:bc:88:81:48:
                    46:92:dc:0e:10:31:62:28:7d:4d:a2:34:a0:47:c5:
                    4b:b0:9f:c9:94:54:38:74:89:15:45:64:f7:c6:18:
                    bb:e0:da:e5:13:d7:4b:e6:f8:1c:60:e0:26:b2:56:
                    75:96:32:88:22:ff:6c:7f:75:6a:64:a3:da:d8:35:
                    0e:d8:76:bf:63:33:46:d1:20:df:c9:44:15:cf:bd:
                    52:44:ed:54:57:43:38:d0:5d:67:4a:3e:f6:d7:6e:
                    29:3f:10:e5:94:3f:e4:4c:cb:c3:78:1c:0b:90:a8:
                    b9:b6:de:d2:89:e1:73:68:16:82:0e:1f:60:88:8a:
                    33:8b:6b:1a:cc:72:64:65:a8:6f:0f:fd:73:68:97:
                    80:90:5b:f8:e7:89:3a:76:12:53:ea:af:82:f9:16:
                    ad:20:f5:8a:f4:04:44:49:37:67:8d:89:03:b2:20:
                    83:b3:47:78:29:2f:77:51:91:2d:bc:98:f3:fc:a6:
                    36:04:ec:69:9f:76:d4:53:78:bc:2d:5c:72:a9:fc:
                    b8:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:75:32:EB:1C:2D:C9:47:D9:39:AD:10:60:72:8D:AE:5F:12:45:BB
            X509v3 Authority Key Identifier:
                keyid:AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.24.16.0/20
                  85.204.32.0/22
                  85.204.100.0/22
                  89.238.192.0/18
                  93.113.104.0/22
                  93.114.100.0/22
                  185.63.4.0/22
                IPv6:
                  2a02:2720::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:f2:cd:80:ed:f7:f4:52:09:e6:c3:dd:81:6d:9e:4e:61:4c:
         68:9b:3a:23:3a:b3:be:dc:f7:fd:03:42:f7:0b:5a:d9:54:ba:
         aa:dd:88:a0:0b:60:32:0e:df:22:78:4f:df:c3:ee:87:58:4d:
         6a:83:95:a0:59:7b:32:3c:92:32:87:3a:bc:c2:5b:94:d1:bd:
         8e:3b:91:ec:a4:b5:34:fb:10:d1:ae:97:13:da:c2:d1:f5:cd:
         1c:5e:fd:c6:10:5c:03:73:fa:6c:2c:2a:50:ff:d8:3d:ac:42:
         fe:6a:55:3d:54:6d:fa:b1:38:3f:0d:05:5a:37:65:f7:81:98:
         58:f1:2d:ff:02:52:ea:4b:e3:65:77:b3:ea:ca:13:26:9f:fa:
         1f:68:eb:dd:cc:91:7f:44:2b:75:dc:e6:49:6b:06:95:86:64:
         94:90:1e:ff:68:96:4d:3c:83:19:22:a5:7d:12:24:ce:5c:5d:
         47:75:e1:96:06:26:8c:9c:e5:b9:2a:a9:41:58:1b:d8:11:03:
         25:a1:85:e8:b6:d8:cd:1d:cd:70:79:9f:5a:7f:10:09:09:d8:
         12:b1:05:c2:93:2d:c6:a5:df:4d:65:9c:ca:f5:2c:3a:e1:b6:
         b2:6e:72:83:f8:d3:0b:ba:49:b4:27:af:ed:a1:82:68:8d:75:
         ed:fb:2f:26
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBa5gFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmE4MWYwN2E0OTNhM2U2NDM3NTJlNjZiZDgxNDZmNTc3MWFkZjg4MB4XDTIyMDEw
MTA1MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE3NTMyZWIxYzJk
Yzk0N2Q5MzlhZDEwNjA3MjhkYWU1ZjEyNDViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMf7Zty6hj8bOnsA3eIVTazd9WJjcocZv+1tPsOhxK22Z8E4
jqmNKbBg41o+RiWOuKKusIm8py28iIFIRpLcDhAxYih9TaI0oEfFS7CfyZRUOHSJ
FUVk98YYu+Da5RPXS+b4HGDgJrJWdZYyiCL/bH91amSj2tg1Dth2v2MzRtEg38lE
Fc+9UkTtVFdDONBdZ0o+9tduKT8Q5ZQ/5EzLw3gcC5Coubbe0onhc2gWgg4fYIiK
M4trGsxyZGWobw/9c2iXgJBb+OeJOnYSU+qvgvkWrSD1ivQEREk3Z42JA7Igg7NH
eCkvd1GRLbyY8/ymNgTsaZ921FN4vC1ccqn8uLsCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTRdTLrHC3JR9k5rRBgco2uXxJFuzAfBgNVHSMEGDAWgBSrqB8HpJOj5kN1
Lma9gUb1dxrfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E2Z2ZCNlNUby1aRGRTNW12WUZHOVhjYTM0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8x
LzBYVXk2eHd0eVVmWk9hMFFZSEtOcmw4U1Jicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8xL3E2Z2ZCNlNUby1a
RGRTNW12WUZHOVhjYTM0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBFEYEAMEAlXMIAMEAlXMZAMEBlnu
wAMEAl1xaAMEAl1yZAMEArk/BDANBAIAAjAHAwUAKgInIDANBgkqhkiG9w0BAQsF
AAOCAQEAAvLNgO339FIJ5sPdgW2eTmFMaJs6Izqzvtz3/QNC9wta2VS6qt2IoAtg
Mg7fInhP38Puh1hNaoOVoFl7MjySMoc6vMJblNG9jjuR7KS1NPsQ0a6XE9rC0fXN
HF79xhBcA3P6bCwqUP/YPaxC/mpVPVRt+rE4Pw0FWjdl94GYWPEt/wJS6kvjZXez
6soTJp/6H2jr3cyRf0QrddzmSWsGlYZklJAe/2iWTTyDGSKlfRIkzlxdR3XhlgYm
jJzluSqpQVgb2BEDJaGF6LbYzR3NcHmfWn8QCQnYErEFwpMtxqXfTWWcyvUsOuG2
sm5yg/jTC7pJtCev7aGCaI117fsvJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org