Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/rOyQQ8iwzMW-Ro5FoERNd2Jgu4Q.roa
File:                     rOyQQ8iwzMW-Ro5FoERNd2Jgu4Q.roa (raw, json)
Hash identifier:          noLZ1birfxWUWKaAXS6DUDbx4BR5BC8LNmpo1MozlK0=
Subject key identifier:   AC:EC:90:43:C8:B0:CC:C5:BE:46:8E:45:A0:44:4D:77:62:60:BB:84
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       0864E38C
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/rOyQQ8iwzMW-Ro5FoERNd2Jgu4Q.roa
Signing time:             Mon 11 Apr 2022 10:04:57 +0000
ROA not before:           Mon 11 Apr 2022 10:04:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        193.37.196.0/22 maxlen: 24
                          88.214.52.0/22 maxlen: 24
                          178.239.28.0/22 maxlen: 24
                          2.58.232.0/22 maxlen: 24
                          45.67.200.0/22 maxlen: 24
                          45.87.44.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140829580 (0x864e38c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Apr 11 10:04:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=acec9043c8b0ccc5be468e45a0444d776260bb84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:07:f9:b3:64:7f:77:ef:33:1c:81:6f:1a:b8:
                    5a:1e:50:22:9c:e8:2e:30:37:c5:68:08:97:80:3b:
                    b6:f5:35:71:68:38:72:bc:76:2f:f5:79:08:ad:0c:
                    3a:a9:50:70:75:60:02:ea:f6:97:b2:91:0a:26:e0:
                    c7:a1:33:4a:3d:ca:45:b4:35:b4:30:bc:15:66:36:
                    87:32:5c:eb:03:9a:41:ff:fe:8f:c7:6d:30:aa:b2:
                    c2:2a:b2:99:32:29:b3:ae:72:5b:37:38:86:32:09:
                    f2:bd:52:d7:c7:d0:8a:a4:f8:ca:ef:28:33:7e:fc:
                    64:61:16:33:55:5a:e7:11:80:5a:af:d6:35:b2:a6:
                    23:67:82:05:14:be:2c:17:c2:81:ee:f6:ae:c3:97:
                    87:63:bf:1b:98:11:d6:e9:f4:3d:ac:79:4c:74:25:
                    42:ff:e7:8a:82:1d:b6:b1:52:0d:9c:24:92:77:d7:
                    e5:c6:28:35:08:ad:d8:77:7d:73:c8:da:05:44:e7:
                    63:0b:d1:30:75:40:51:e0:4d:6f:38:9e:82:77:54:
                    e0:19:c6:69:8b:10:80:a9:f0:48:cc:35:1f:2c:a8:
                    9e:32:9d:aa:94:39:98:c6:db:9f:49:12:fe:0b:d5:
                    96:c6:01:1f:a4:b3:78:1b:e0:ef:d9:84:a2:38:28:
                    4b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:EC:90:43:C8:B0:CC:C5:BE:46:8E:45:A0:44:4D:77:62:60:BB:84
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/rOyQQ8iwzMW-Ro5FoERNd2Jgu4Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.232.0/22
                  45.67.200.0/22
                  45.87.44.0/22
                  88.214.52.0/22
                  178.239.28.0/22
                  193.37.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:73:48:30:2f:6d:36:27:b6:60:f2:59:10:e4:c3:3c:75:7b:
         8b:5e:49:9b:2d:04:1a:77:47:91:92:75:b5:f5:fb:0f:6b:00:
         b0:e3:ed:a4:95:76:39:87:33:ad:f7:2a:18:e3:f4:4a:19:9f:
         c8:43:0f:6a:9a:aa:3c:aa:10:cc:b2:88:88:25:84:7e:9f:0c:
         12:dd:62:9c:7c:bb:08:af:ed:c8:73:a8:9f:8d:38:84:c0:c8:
         02:52:20:08:61:56:9a:aa:e5:45:10:6d:8c:2c:f9:0f:03:ad:
         3e:57:09:69:85:86:4d:4d:ef:da:34:6a:6c:59:2d:2c:72:89:
         83:19:a0:67:22:a7:63:cf:b9:7b:a4:1e:e9:9c:60:8e:bd:b2:
         89:20:d3:89:84:f0:a9:ab:a7:34:35:cd:d2:03:19:bf:6e:4f:
         80:42:60:42:6c:13:8d:a3:a0:4b:6d:ce:5a:c4:5e:d4:f9:ab:
         e2:99:e5:b6:10:5a:88:eb:95:53:6b:48:be:51:76:c7:a2:b8:
         9f:1e:1e:4a:bf:56:85:b7:15:f9:fb:6b:ce:55:a1:ac:cb:41:
         f6:a1:dd:f6:d3:07:6c:53:a1:ef:c9:c6:ab:0b:56:27:d0:76:
         08:66:bb:ee:41:e7:54:aa:0c:95:e6:31:fc:26:2f:4c:58:3e:
         9d:82:02:3f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECGTjjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzY3N2Q3Y2I5MjcxY2UzNjEyNTZlOTgzM2NjN2IxNGZkMDIzZWJlMB4XDTIyMDQx
MTEwMDQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNlYzkwNDNjOGIw
Y2NjNWJlNDY4ZTQ1YTA0NDRkNzc2MjYwYmI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUH+bNkf3fvMxyBbxq4Wh5QIpzoLjA3xWgIl4A7tvU1cWg4
crx2L/V5CK0MOqlQcHVgAur2l7KRCibgx6EzSj3KRbQ1tDC8FWY2hzJc6wOaQf/+
j8dtMKqywiqymTIps65yWzc4hjIJ8r1S18fQiqT4yu8oM378ZGEWM1Va5xGAWq/W
NbKmI2eCBRS+LBfCge72rsOXh2O/G5gR1un0Pax5THQlQv/nioIdtrFSDZwkknfX
5cYoNQit2Hd9c8jaBUTnYwvRMHVAUeBNbziegndU4BnGaYsQgKnwSMw1HyyonjKd
qpQ5mMbbn0kS/gvVlsYBH6SzeBvg79mEojgoS5cCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSs7JBDyLDMxb5GjkWgRE13YmC7hDAfBgNVHSMEGDAWgBSTZ318uScc42El
bpgzzHsU/QI+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syZDlmTGtuSE9OaEpXNllNOHg3RlAwQ1ByNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8x
L3JPeVFROGl3ek1XLVJvNUZvRVJOZDJKZ3U0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8xL2syZDlmTGtuSE9O
aEpXNllNOHg3RlAwQ1ByNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAgI66AMEAi1DyAMEAi1XLAMEAljW
NAMEArLvHAMEAsElxDANBgkqhkiG9w0BAQsFAAOCAQEAL3NIMC9tNie2YPJZEOTD
PHV7i15Jmy0EGndHkZJ1tfX7D2sAsOPtpJV2OYczrfcqGOP0ShmfyEMPapqqPKoQ
zLKIiCWEfp8MEt1inHy7CK/tyHOon404hMDIAlIgCGFWmqrlRRBtjCz5DwOtPlcJ
aYWGTU3v2jRqbFktLHKJgxmgZyKnY8+5e6Qe6Zxgjr2yiSDTiYTwqaunNDXN0gMZ
v25PgEJgQmwTjaOgS23OWsRe1Pmr4pnlthBaiOuVU2tIvlF2x6K4nx4eSr9WhbcV
+ftrzlWhrMtB9qHd9tMHbFOh78nGqwtWJ9B2CGa77kHnVKoMleYx/CYvTFg+nYIC
Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org