Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sclcUp6TNAeCAaPavykO3KImGgY.roa
File:                     sclcUp6TNAeCAaPavykO3KImGgY.roa (raw, json)
Hash identifier:          jVpKodgicTZe2BhL1/5zLOE1hc+B1hjhJp3kdHYFlxg=
Subject key identifier:   B1:C9:5C:52:9E:93:34:07:82:01:A3:DA:BF:29:0E:DC:A2:26:1A:06
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0183C1274A936089FD5AD48E8112D0A0BFD7
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sclcUp6TNAeCAaPavykO3KImGgY.roa
Signing time:             Mon 10 Oct 2022 09:08:41 +0000
ROA not before:           Mon 10 Oct 2022 09:08:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51765
IP address blocks:        185.204.1.0/24 maxlen: 24
                          185.103.110.0/24 maxlen: 24
                          185.112.82.0/24 maxlen: 24
                          185.212.149.0/24 maxlen: 24
                          185.117.118.0/24 maxlen: 24
                          185.217.196.0/23 maxlen: 23
                          82.115.220.0/24 maxlen: 24
                          185.221.163.0/24 maxlen: 24
                          194.53.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c1:27:4a:93:60:89:fd:5a:d4:8e:81:12:d0:a0:bf:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Oct 10 09:08:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1c95c529e9334078201a3dabf290edca2261a06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:13:f5:4c:c2:c7:01:d1:5b:0d:33:e6:19:b4:
                    9d:75:b0:b0:93:b7:e7:12:9f:ce:07:2e:8a:dc:77:
                    e0:db:82:bc:5c:81:f4:86:dc:7a:a1:7f:f9:be:c9:
                    53:af:18:b3:c2:67:55:9c:4a:d3:46:12:4a:1d:f1:
                    e4:41:74:bb:bc:ca:f2:00:e6:be:93:43:f6:79:60:
                    55:ca:f3:62:a6:4f:bd:c4:21:20:0d:87:50:24:30:
                    9e:d2:59:d9:16:c4:56:a8:4f:65:d2:ca:51:6c:2b:
                    32:71:ab:16:62:72:ff:8c:2d:40:2b:6c:b4:35:5d:
                    35:2a:27:21:c8:9d:a1:2f:75:5f:b9:54:72:6d:0f:
                    36:8e:49:4d:f4:24:95:37:fa:ae:db:e9:6d:41:d1:
                    18:69:c9:c8:b9:14:df:aa:70:ff:03:2d:26:e4:a4:
                    1b:f4:cd:ec:38:d9:dc:a9:54:a9:a0:d8:91:9d:10:
                    88:a9:a6:0a:f0:73:c7:f6:d7:df:37:99:00:0e:3f:
                    6a:af:0b:8f:c6:0c:17:12:d7:c9:d1:71:19:69:ad:
                    ca:36:84:15:1b:9e:ff:4f:55:40:11:91:ba:da:44:
                    3e:b1:62:e0:58:31:eb:5c:a5:83:eb:35:25:ea:c4:
                    9e:a1:e5:a3:7b:fc:3c:15:16:49:84:cd:4e:04:87:
                    06:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C9:5C:52:9E:93:34:07:82:01:A3:DA:BF:29:0E:DC:A2:26:1A:06
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sclcUp6TNAeCAaPavykO3KImGgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.220.0/24
                  185.103.110.0/24
                  185.112.82.0/24
                  185.117.118.0/24
                  185.204.1.0/24
                  185.212.149.0/24
                  185.217.196.0/23
                  185.221.163.0/24
                  194.53.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:4d:e8:26:58:8c:7d:e3:a4:6a:aa:b4:a6:45:ab:94:a1:8f:
         df:f3:dc:3d:e9:ff:c7:eb:2c:e1:ef:c2:11:79:62:d5:8b:1a:
         b2:b6:fa:71:eb:89:03:a6:74:0e:45:79:37:69:61:ee:13:64:
         3f:f2:63:ad:dc:81:1a:1d:39:0e:67:d6:11:54:a9:76:63:3e:
         76:d6:cd:42:e4:12:43:f4:0e:83:b6:65:f1:32:e5:0d:ee:55:
         57:f7:5c:10:80:66:96:ec:28:3c:b0:2e:b5:e4:b1:23:c0:1f:
         90:a7:20:96:37:de:95:2e:9b:09:c1:11:f2:96:29:53:6b:34:
         07:04:20:f8:f2:11:ae:6a:23:0d:50:bf:78:8b:af:8f:d0:f5:
         16:27:07:63:d3:6b:cc:a2:53:8e:41:8c:1f:7f:a5:90:fc:ba:
         b9:61:3e:56:75:f1:d6:d1:ac:dc:b7:ca:ab:cf:de:34:23:13:
         1a:fb:31:54:a2:b8:9b:ce:ba:dd:10:a2:91:6a:fd:f2:c2:58:
         96:0e:0e:b8:82:8a:c7:14:4c:e9:66:4b:80:d5:fd:9a:f0:c6:
         25:fa:31:59:6b:31:f7:df:77:5d:80:1c:8b:52:c2:45:c3:95:
         f0:a2:a9:76:60:0f:ed:7c:37:12:95:a9:ae:b8:15:19:d7:6a:
         80:0a:9f:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYPBJ0qTYIn9WtSOgRLQoL/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMDEwMDkwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM5NWM1MjllOTMzNDA3ODIwMWEzZGFiZjI5MGVkY2EyMjYxYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxP1TMLHAdFbDTPmGbSddbCwk7fn
Ep/OBy6K3Hfg24K8XIH0htx6oX/5vslTrxizwmdVnErTRhJKHfHkQXS7vMryAOa+
k0P2eWBVyvNipk+9xCEgDYdQJDCe0lnZFsRWqE9l0spRbCsycasWYnL/jC1AK2y0
NV01KichyJ2hL3VfuVRybQ82jklN9CSVN/qu2+ltQdEYacnIuRTfqnD/Ay0m5KQb
9M3sONncqVSpoNiRnRCIqaYK8HPH9tffN5kADj9qrwuPxgwXEtfJ0XEZaa3KNoQV
G57/T1VAEZG62kQ+sWLgWDHrXKWD6zUl6sSeoeWje/w8FRZJhM1OBIcGcwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLHJXFKekzQHggGj2r8pDtyiJhoGMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvc2NsY1VwNlROQWVDQWFQYXZ5a08zS0ltR2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQBudnEAwQAud2jAwQAwjU0MA0G
CSqGSIb3DQEBCwUAA4IBAQCATegmWIx946RqqrSmRauUoY/f89w96f/H6yzh78IR
eWLVixqytvpx64kDpnQORXk3aWHuE2Q/8mOt3IEaHTkOZ9YRVKl2Yz521s1C5BJD
9A6DtmXxMuUN7lVX91wQgGaW7Cg8sC615LEjwB+QpyCWN96VLpsJwRHylilTazQH
BCD48hGuaiMNUL94i6+P0PUWJwdj02vMolOOQYwff6WQ/Lq5YT5WdfHW0azct8qr
z940IxMa+zFUoribzrrdEKKRav3ywliWDg64gorHFEzpZkuA1f2a8MYl+jFZazH3
33ddgByLUsJFw5Xwoql2YA/tfDcSlamuuBUZ12qACp8J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org