Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/CfYOqsD-YvNqGYNKbyMT0F5x7L8.roa
File:                     CfYOqsD-YvNqGYNKbyMT0F5x7L8.roa (raw, json)
Hash identifier:          gLSpbG055s0xAacXXu+Xlh5PPzImvriVuwdNSsr1VTE=
Subject key identifier:   09:F6:0E:AA:C0:FE:62:F3:6A:19:83:4A:6F:23:13:D0:5E:71:EC:BF
Certificate issuer:       /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial:       09CE1E8C
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/CfYOqsD-YvNqGYNKbyMT0F5x7L8.roa
Signing time:             Sat 01 Jan 2022 12:06:39 +0000
ROA not before:           Sat 01 Jan 2022 12:06:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206894
IP address blocks:        193.142.154.0/23 maxlen: 23
                          185.219.192.0/22 maxlen: 22
                          185.192.104.0/22 maxlen: 22
                          185.38.88.0/22 maxlen: 22
                          2a0a:2bc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164503180 (0x9ce1e8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
        Validity
            Not Before: Jan  1 12:06:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=09f60eaac0fe62f36a19834a6f2313d05e71ecbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:de:ac:06:76:46:22:bf:3e:4c:eb:4f:be:d8:
                    87:18:dc:ab:04:90:e9:7b:10:74:e4:63:93:dc:1d:
                    56:99:b4:73:39:5b:07:50:fa:dc:72:c0:3e:55:a0:
                    f9:c2:ab:1e:56:27:80:fb:e0:50:bc:c8:38:f4:1c:
                    38:6c:98:e4:4f:91:09:2c:ce:24:24:57:76:4c:ca:
                    7f:c3:0d:7c:53:07:77:7f:60:40:f6:b0:bb:9f:06:
                    06:62:a9:a1:c5:95:59:a6:94:1c:f3:1e:1b:c9:13:
                    a3:a3:4b:98:c0:86:79:26:49:10:1a:bc:6a:0e:be:
                    4c:6a:41:89:eb:07:db:a1:8d:0f:fa:af:ce:c8:c3:
                    f8:48:ee:37:e3:09:0f:1c:d2:e6:90:0a:e3:7e:37:
                    00:d0:5c:67:d5:24:43:07:93:0f:6c:12:29:10:32:
                    cf:71:d2:5b:61:35:6d:5b:8c:69:d3:07:06:42:98:
                    98:73:f4:c2:db:89:7d:82:58:aa:b7:14:11:71:4a:
                    55:cc:c7:1e:5c:f3:4b:52:ae:f0:87:2a:c4:46:4c:
                    a9:e0:61:37:93:56:e6:36:6b:5c:7c:91:be:44:91:
                    bc:18:1d:33:98:87:99:b9:dd:a0:ad:7f:05:3c:7e:
                    ce:aa:f5:d4:99:c0:85:7b:db:63:59:46:ec:08:0c:
                    4b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F6:0E:AA:C0:FE:62:F3:6A:19:83:4A:6F:23:13:D0:5E:71:EC:BF
            X509v3 Authority Key Identifier:
                keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/CfYOqsD-YvNqGYNKbyMT0F5x7L8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.88.0/22
                  185.192.104.0/22
                  185.219.192.0/22
                  193.142.154.0/23
                IPv6:
                  2a0a:2bc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:76:c2:1c:98:71:2c:4a:c4:1f:79:01:57:eb:53:30:2c:01:
         ec:57:2a:a5:13:47:9d:83:7f:13:b8:72:4d:d0:3c:e0:c0:2b:
         58:38:64:73:1e:0c:f2:3e:c8:6a:63:87:46:cb:ff:41:2a:fc:
         3d:01:23:a4:8d:6c:17:ca:42:03:ee:e4:0b:47:3a:52:bb:b8:
         eb:9a:2f:4f:72:84:1f:cc:69:57:36:12:4b:80:48:2e:c7:fe:
         81:22:a4:9c:8e:97:8a:00:05:fb:fc:fd:98:1b:f9:8b:1a:c1:
         cc:dd:c7:c3:8d:2a:34:5c:a4:d8:ca:e7:1d:89:b4:16:59:f2:
         99:63:d8:34:a5:fa:58:9b:eb:57:09:11:75:10:be:49:8c:86:
         79:f0:b5:43:2d:3a:e6:39:0c:dc:22:1e:e9:a1:d8:54:cf:9d:
         0a:b5:4b:73:d7:71:02:4f:32:11:7d:a0:2b:6d:4f:09:a8:1f:
         e9:1f:39:94:9c:bb:e1:f4:34:65:3d:6a:f8:15:c6:d5:9e:7d:
         2b:b5:07:07:1f:e7:ee:45:04:ec:a3:67:3a:f3:33:a6:7f:b8:
         03:b6:b3:da:de:46:40:51:6b:35:59:93:c2:73:36:87:bc:7f:
         c6:86:8e:ec:e5:d5:a7:db:cc:30:f4:3a:09:50:c8:67:c8:d1:
         46:e5:83:49
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECc4ejDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2ZlOGQ3MjUyNmU0ZTczYTNiNTdkOTM2MGYzYTUxYmViNTlhNDVmMB4XDTIyMDEw
MTEyMDYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlmNjBlYWFjMGZl
NjJmMzZhMTk4MzRhNmYyMzEzZDA1ZTcxZWNiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzerAZ2RiK/PkzrT77YhxjcqwSQ6XsQdORjk9wdVpm0czlb
B1D63HLAPlWg+cKrHlYngPvgULzIOPQcOGyY5E+RCSzOJCRXdkzKf8MNfFMHd39g
QPawu58GBmKpocWVWaaUHPMeG8kTo6NLmMCGeSZJEBq8ag6+TGpBiesH26GND/qv
zsjD+EjuN+MJDxzS5pAK4343ANBcZ9UkQweTD2wSKRAyz3HSW2E1bVuMadMHBkKY
mHP0wtuJfYJYqrcUEXFKVczHHlzzS1Ku8IcqxEZMqeBhN5NW5jZrXHyRvkSRvBgd
M5iHmbndoK1/BTx+zqr11JnAhXvbY1lG7AgMSwcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQJ9g6qwP5i82oZg0pvIxPQXnHsvzAfBgNVHSMEGDAWgBRc/o1yUm5Oc6O1
fZNg86Ub61mkXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hQNk5jbEp1VG5PanRYMlRZUE9sRy10WnBGOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvODRiZjU0LTA5YzMtNDMyNC1hMTFjLWU0ZGRmYTMyZTUyZS8x
L0NmWU9xc0QtWXZOcUdZTktieU1UMEY1eDdMOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ODRiZjU0LTA5YzMtNDMyNC1hMTFjLWU0ZGRmYTMyZTUyZS8xL1hQNk5jbEp1VG5P
anRYMlRZUE9sRy10WnBGOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArkmWAMEArnAaAMEArnbwAMEAcGO
mjANBAIAAjAHAwUAKgorwDANBgkqhkiG9w0BAQsFAAOCAQEATnbCHJhxLErEH3kB
V+tTMCwB7FcqpRNHnYN/E7hyTdA84MArWDhkcx4M8j7IamOHRsv/QSr8PQEjpI1s
F8pCA+7kC0c6Uru465ovT3KEH8xpVzYSS4BILsf+gSKknI6XigAF+/z9mBv5ixrB
zN3Hw40qNFyk2MrnHYm0FlnymWPYNKX6WJvrVwkRdRC+SYyGefC1Qy065jkM3CIe
6aHYVM+dCrVLc9dxAk8yEX2gK21PCagf6R85lJy74fQ0ZT1q+BXG1Z59K7UHBx/n
7kUE7KNnOvMzpn+4A7az2t5GQFFrNVmTwnM2h7x/xoaO7OXVp9vMMPQ6CVDIZ8jR
RuWDSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org