Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/8Mx0K5Zz5CsUKYK_RGFw2_73ocQ.roa
File:                     8Mx0K5Zz5CsUKYK_RGFw2_73ocQ.roa (raw, json)
Hash identifier:          4rP6NI6fBBQTGBfj8l+N7TEf5vPjUxBVhd0d/jdTBnw=
Subject key identifier:   F0:CC:74:2B:96:73:E4:2B:14:29:82:BF:44:61:70:DB:FE:F7:A1:C4
Certificate issuer:       /CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Certificate serial:       01B7B6
Authority key identifier: 0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/8Mx0K5Zz5CsUKYK_RGFw2_73ocQ.roa
Signing time:             Sat 28 May 2022 10:18:13 +0000
ROA not before:           Sat 28 May 2022 10:18:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39464
IP address blocks:        185.160.92.0/22 maxlen: 22
                          91.196.44.0/22 maxlen: 22
                          193.84.185.0/24 maxlen: 24
                          195.74.71.0/24 maxlen: 24
                          185.189.168.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112566 (0x1b7b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
        Validity
            Not Before: May 28 10:18:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0cc742b9673e42b142982bf446170dbfef7a1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a0:02:79:b9:c1:ca:af:00:97:df:32:46:d2:
                    b7:2a:28:e7:3b:41:77:b5:9e:46:cd:c7:36:63:d0:
                    b0:f5:2b:3c:d4:9a:c3:2b:56:a7:35:46:4a:1a:c5:
                    ee:1d:64:af:09:f0:80:21:96:ca:d6:c1:d3:d4:0d:
                    13:fb:27:19:37:3a:66:93:27:f8:3d:59:37:b1:d2:
                    fb:bb:b7:ae:f9:bd:17:0f:8a:c4:ae:9a:c7:58:7a:
                    08:dd:6c:b4:fd:73:b4:25:01:be:f7:c0:23:de:b9:
                    1e:aa:ff:5b:4c:92:95:28:69:d0:95:c4:6c:45:50:
                    71:e3:b2:f6:82:59:3f:81:c2:f1:57:95:ed:f8:8d:
                    b8:9b:10:c3:d6:03:08:66:1c:2e:53:6a:93:62:0b:
                    59:f6:5e:98:48:97:b7:11:12:30:24:0f:74:1c:63:
                    69:1f:6a:59:1b:26:72:58:2c:5c:f9:06:c6:74:b9:
                    5d:82:83:91:38:03:6d:ce:fb:12:2e:85:0a:b5:8e:
                    ce:18:6e:cf:6f:86:0e:a4:cf:03:e2:07:45:70:d3:
                    cb:73:6f:79:86:d0:6b:10:22:9b:e7:a6:f3:d7:27:
                    60:ea:0b:87:bd:14:b0:90:39:7c:28:c0:4e:8e:a6:
                    de:7b:18:88:59:cc:41:93:f9:ef:ac:a9:07:a7:38:
                    65:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:CC:74:2B:96:73:E4:2B:14:29:82:BF:44:61:70:DB:FE:F7:A1:C4
            X509v3 Authority Key Identifier:
                keyid:0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/8Mx0K5Zz5CsUKYK_RGFw2_73ocQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.44.0/22
                  185.160.92.0/22
                  185.189.168.0/22
                  193.84.185.0/24
                  195.74.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:69:ef:c6:7d:58:15:99:84:e9:ac:a3:d4:ff:c0:d5:92:81:
         9f:a9:eb:bb:57:d8:ad:65:2d:85:47:6a:c9:fb:63:4b:58:36:
         34:69:b1:2b:9b:3d:55:76:06:d7:ba:3f:40:e0:8c:88:56:94:
         00:db:e4:3d:df:be:c7:5d:0f:0f:d9:cd:e0:de:70:7e:41:47:
         d1:d5:23:79:20:37:49:82:90:fc:0b:3e:e5:39:9a:61:1e:e8:
         68:35:60:b6:71:59:0b:9c:03:6b:8c:c9:fe:66:96:d0:62:3a:
         38:00:6e:af:7b:7e:68:f5:cb:b9:75:52:f6:b2:df:4c:2b:e1:
         b8:ed:5c:d3:07:4c:a5:06:94:84:0e:f3:6b:91:5f:02:fc:97:
         f0:85:1a:ce:54:9f:bb:b7:ca:b2:6f:46:5c:99:30:02:09:96:
         06:ca:07:da:e7:2a:71:2a:66:6a:06:5d:2a:ef:a1:45:b7:c0:
         9b:b6:a2:57:7e:b0:96:02:4a:e9:3f:63:6d:40:4e:53:9f:44:
         f6:62:17:2b:a4:c7:ba:80:fc:87:bf:d3:f4:ca:75:69:64:bd:
         1a:16:df:6b:af:63:8f:53:1e:5c:d4:b4:87:e6:e9:43:67:fb:
         a2:5e:eb:cb:68:f3:56:ce:35:6f:27:bc:39:ab:8e:a5:e8:46:
         81:95:0f:5c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDAbe2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBj
MmNlNjRjM2U2NWE4MjAyYTdjMWIxYjIwY2ExMWU0NWFlNmQ1OGMwHhcNMjIwNTI4
MTAxODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMGNjNzQyYjk2NzNl
NDJiMTQyOTgyYmY0NDYxNzBkYmZlZjdhMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxKACebnByq8Al98yRtK3KijnO0F3tZ5Gzcc2Y9Cw9Ss81JrD
K1anNUZKGsXuHWSvCfCAIZbK1sHT1A0T+ycZNzpmkyf4PVk3sdL7u7eu+b0XD4rE
rprHWHoI3Wy0/XO0JQG+98Aj3rkeqv9bTJKVKGnQlcRsRVBx47L2glk/gcLxV5Xt
+I24mxDD1gMIZhwuU2qTYgtZ9l6YSJe3ERIwJA90HGNpH2pZGyZyWCxc+QbGdLld
goOROANtzvsSLoUKtY7OGG7Pb4YOpM8D4gdFcNPLc295htBrECKb56bz1ydg6guH
vRSwkDl8KMBOjqbeexiIWcxBk/nvrKkHpzhloQIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFPDMdCuWc+QrFCmCv0RhcNv+96HEMB8GA1UdIwQYMBaAFAws5kw+ZaggKnwb
GyDKEeRa5tWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
REN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTktNWM0Yjc2ZjQ4ZDUwLzEv
OE14MEs1Wno1Q3NVS1lLX1JHRncyXzczb2NRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84
YTAwYzItYmI4Ny00MGE3LWIxZTktNWM0Yjc2ZjQ4ZDUwLzEvREN6bVRENWxxQ0Fx
ZkJzYklNb1I1RnJtMVl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8QsAwQCuaBcAwQCub2oAwQAwVS5
AwQAw0pHMA0GCSqGSIb3DQEBCwUAA4IBAQAfae/GfVgVmYTprKPU/8DVkoGfqeu7
V9itZS2FR2rJ+2NLWDY0abErmz1VdgbXuj9A4IyIVpQA2+Q9377HXQ8P2c3g3nB+
QUfR1SN5IDdJgpD8Cz7lOZphHuhoNWC2cVkLnANrjMn+ZpbQYjo4AG6ve35o9cu5
dVL2st9MK+G47VzTB0ylBpSEDvNrkV8C/JfwhRrOVJ+7t8qyb0ZcmTACCZYGygfa
5ypxKmZqBl0q76FFt8CbtqJXfrCWAkrpP2NtQE5Tn0T2YhcrpMe6gPyHv9P0ynVp
ZL0aFt9rr2OPUx5c1LSH5ulDZ/uiXuvLaPNWzjVvJ7w5q46l6EaBlQ9c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:18 2024 by rpki-client on console-ams.rpki-client.org