Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/98dxklD86wzYbv9U4uo1me13xEs.roa
File:                     98dxklD86wzYbv9U4uo1me13xEs.roa (raw, json)
Hash identifier:          dkQ33hfWhuJs8UnBntSIEm44jOzQMhtMTha1jb+EA1w=
Subject key identifier:   F7:C7:71:92:50:FC:EB:0C:D8:6E:FF:54:E2:EA:35:99:ED:77:C4:4B
Certificate issuer:       /CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
Certificate serial:       0184BDD89EA1B377FA53F70A815C577DFF07
Authority key identifier: 8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/98dxklD86wzYbv9U4uo1me13xEs.roa
Signing time:             Mon 28 Nov 2022 10:46:40 +0000
ROA not before:           Mon 28 Nov 2022 10:46:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25598
IP address blocks:        193.135.4.0/22 maxlen: 22
                          193.135.4.0/23 maxlen: 24
                          193.5.126.0/23 maxlen: 23
                          195.245.237.0/24 maxlen: 24
                          193.200.144.0/24 maxlen: 24
                          2a03:8780::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:d8:9e:a1:b3:77:fa:53:f7:0a:81:5c:57:7d:ff:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
        Validity
            Not Before: Nov 28 10:46:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7c7719250fceb0cd86eff54e2ea3599ed77c44b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b4:5c:d1:7f:c7:30:9f:4c:65:31:72:fa:af:
                    63:eb:bc:d2:29:be:fe:d0:3d:01:c3:8f:10:b9:68:
                    ae:f2:35:93:0b:4c:c6:fc:71:03:e1:1a:43:a6:69:
                    54:e0:7b:bf:c5:5d:a0:07:ab:60:92:98:44:b5:c4:
                    4c:28:5a:45:35:e9:f4:06:17:82:9f:ec:4e:1d:30:
                    09:ce:09:c4:75:7f:7d:f4:8b:f0:95:e6:b7:06:a7:
                    74:4d:28:3c:57:4a:c9:06:86:cb:85:69:5a:63:6c:
                    cd:eb:32:e4:2f:bc:ea:7c:65:5e:47:66:d3:c0:a6:
                    fe:20:e3:5b:af:58:b4:bf:d9:c2:af:c3:53:d5:3c:
                    a7:12:22:9b:25:69:e7:20:ea:fd:f4:29:8b:34:53:
                    87:24:89:85:bb:24:c4:d9:1d:8d:e6:b3:d7:4a:d8:
                    67:f9:28:f9:9f:cd:7b:40:99:48:01:47:1c:25:3c:
                    90:2a:11:58:42:f9:a2:01:62:0d:0a:b3:92:b2:61:
                    16:f1:88:26:c4:cf:39:63:36:81:31:68:43:0d:fa:
                    60:09:4a:55:9f:69:a5:bf:96:9d:41:e9:de:5c:45:
                    dc:46:5e:70:dc:03:27:bc:7f:d4:08:39:fd:93:e8:
                    8b:76:1e:63:9c:72:1a:d3:07:ff:f9:76:ab:47:b2:
                    ed:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:C7:71:92:50:FC:EB:0C:D8:6E:FF:54:E2:EA:35:99:ED:77:C4:4B
            X509v3 Authority Key Identifier:
                keyid:8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/98dxklD86wzYbv9U4uo1me13xEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/jL10xtEdY8pd48xjfOln7pdgTGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.5.126.0/23
                  193.135.4.0/22
                  193.200.144.0/24
                  195.245.237.0/24
                IPv6:
                  2a03:8780::/32

    Signature Algorithm: sha256WithRSAEncryption
         4d:e8:85:93:e2:18:7d:32:31:73:bc:b8:a0:71:0c:12:04:86:
         83:b4:f3:01:a2:ac:41:e7:71:59:6c:81:d8:31:2a:b1:86:22:
         56:b8:66:06:de:3e:22:ab:ef:d4:e3:b2:5c:fd:9b:1d:05:d3:
         3b:50:82:12:c1:d2:89:c8:1a:16:4e:c0:79:30:1e:33:4b:f8:
         ff:60:3a:b9:51:6f:80:97:fb:3c:e4:49:6b:26:d5:92:54:a0:
         cb:74:20:01:89:f0:5e:6a:62:0c:2b:8e:8a:5b:80:10:37:ec:
         a4:e7:e8:0b:d4:6d:ed:6b:e3:c8:26:85:45:30:62:b6:9f:56:
         68:7d:84:54:45:98:5f:a3:0d:42:85:67:d4:a0:e2:7e:d7:16:
         fe:c1:3e:12:16:b5:a6:43:a5:eb:a0:3a:c4:3a:91:f6:a5:22:
         a6:cf:c2:a9:76:47:cd:35:7b:cd:c8:74:f0:d6:ab:8f:cc:83:
         d3:7c:e2:93:a3:0a:52:2d:d5:78:1f:dd:ec:1b:e7:b2:e0:db:
         ef:6d:d7:06:89:d3:97:f4:73:39:ec:2b:37:e5:f5:65:b9:43:
         ce:57:62:4a:77:cc:03:01:91:ad:83:07:c4:fd:00:a3:9b:d9:
         cd:85:5a:7c:cf:eb:27:76:16:9f:01:01:e7:c6:3e:5c:9c:68:
         0c:04:e6:fe
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYS92J6hs3f6U/cKgVxXff8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYmQ3NGM2ZDExZDYzY2E1ZGUzY2M2MzdjZTk2N2VlOTc2
MDRjNjcwHhcNMjIxMTI4MTA0NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M3NzE5MjUwZmNlYjBjZDg2ZWZmNTRlMmVhMzU5OWVkNzdjNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7Rc0X/HMJ9MZTFy+q9j67zSKb7+
0D0Bw48QuWiu8jWTC0zG/HED4RpDpmlU4Hu/xV2gB6tgkphEtcRMKFpFNen0BheC
n+xOHTAJzgnEdX999Ivwlea3Bqd0TSg8V0rJBobLhWlaY2zN6zLkL7zqfGVeR2bT
wKb+IONbr1i0v9nCr8NT1TynEiKbJWnnIOr99CmLNFOHJImFuyTE2R2N5rPXSthn
+Sj5n817QJlIAUccJTyQKhFYQvmiAWINCrOSsmEW8YgmxM85YzaBMWhDDfpgCUpV
n2mlv5adQeneXEXcRl5w3AMnvH/UCDn9k+iLdh5jnHIa0wf/+XarR7LtrwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPfHcZJQ/OsM2G7/VOLqNZntd8RLMB8GA1UdIwQY
MBaAFIy9dMbRHWPKXePMY3zpZ+6XYExnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakwxMHh0RWRZOHBkNDh4amZPbG43cGRnVEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZDNmZmItMDlkYS00ZmFiLWIzOGUt
NmM4ZTVkMTkzNzdlLzEvOThkeGtsRDg2d3pZYnY5VTR1bzFtZTEzeEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZDNmZmItMDlkYS00ZmFiLWIzOGUtNmM4ZTVkMTkzNzdl
LzEvakwxMHh0RWRZOHBkNDh4amZPbG43cGRnVEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwQV+AwQC
wYcEAwQAwciQAwQAw/XtMA0EAgACMAcDBQAqA4eAMA0GCSqGSIb3DQEBCwUAA4IB
AQBN6IWT4hh9MjFzvLigcQwSBIaDtPMBoqxB53FZbIHYMSqxhiJWuGYG3j4iq+/U
47Jc/ZsdBdM7UIISwdKJyBoWTsB5MB4zS/j/YDq5UW+Al/s85ElrJtWSVKDLdCAB
ifBeamIMK46KW4AQN+yk5+gL1G3ta+PIJoVFMGK2n1ZofYRURZhfow1ChWfUoOJ+
1xb+wT4SFrWmQ6XroDrEOpH2pSKmz8KpdkfNNXvNyHTw1quPzIPTfOKTowpSLdV4
H93sG+ey4NvvbdcGidOX9HM57Cs35fVluUPOV2JKd8wDAZGtgwfE/QCjm9nNhVp8
z+sndhafAQHnxj5cnGgMBOb+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org