Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/rgwtMJX6fwZdAshyKiXsDe92wOc.roa
File:                     rgwtMJX6fwZdAshyKiXsDe92wOc.roa (raw, json)
Hash identifier:          tZc3blVy1kQbrtLKpe5GT0tlbsuw9oqJaowwRSAszXw=
Subject key identifier:   AE:0C:2D:30:95:FA:7F:06:5D:02:C8:72:2A:25:EC:0D:EF:76:C0:E7
Certificate issuer:       /CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Certificate serial:       0FC10714
Authority key identifier: 2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/rgwtMJX6fwZdAshyKiXsDe92wOc.roa
Signing time:             Sat 01 Jan 2022 12:01:10 +0000
ROA not before:           Sat 01 Jan 2022 12:01:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201565
IP address blocks:        185.62.249.0/24 maxlen: 24
                          185.62.248.0/24 maxlen: 24
                          185.62.251.0/24 maxlen: 24
                          185.62.250.0/24 maxlen: 24
                          2a03:820:4000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 264308500 (0xfc10714)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
        Validity
            Not Before: Jan  1 12:01:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae0c2d3095fa7f065d02c8722a25ec0def76c0e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e3:ba:1f:f2:ce:80:b2:b9:f6:f9:23:ea:14:
                    01:aa:e3:2d:21:e4:51:b7:71:7e:7b:be:f5:f2:ce:
                    96:39:bf:58:28:19:bd:0f:f9:57:59:81:5b:67:0a:
                    78:60:fc:26:32:31:9a:a0:64:97:6f:5a:09:15:5f:
                    8d:74:d6:7e:2e:26:16:3f:71:a1:15:70:bf:05:bd:
                    58:2e:ad:af:e7:42:74:0a:0c:79:ff:f0:af:93:fd:
                    cd:77:65:65:f4:9b:a2:a4:13:9b:41:36:b2:c2:88:
                    f9:41:3b:3b:44:34:d2:33:df:b1:84:32:5f:7d:21:
                    44:33:70:87:80:b1:10:05:09:3f:34:17:ce:4b:c8:
                    df:4d:56:e7:08:df:f5:43:d1:54:47:f8:07:63:42:
                    8d:dc:dc:2a:b3:3a:16:14:02:fd:92:31:96:ca:2e:
                    9a:51:b6:ab:ea:42:b2:22:10:56:8c:1d:5d:a1:60:
                    15:ed:aa:d1:c8:3c:46:73:2c:3d:aa:8a:de:74:20:
                    f6:3d:34:05:c3:57:34:b8:08:09:18:97:2f:f5:90:
                    71:77:f3:38:50:ab:1a:e1:d0:b8:b4:56:d8:8f:77:
                    5b:a9:70:fa:c2:d8:55:31:f8:0d:db:e8:4b:c7:32:
                    b3:27:66:ca:10:ff:e2:0c:be:4e:6d:48:18:e0:2c:
                    25:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:0C:2D:30:95:FA:7F:06:5D:02:C8:72:2A:25:EC:0D:EF:76:C0:E7
            X509v3 Authority Key Identifier:
                keyid:2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/rgwtMJX6fwZdAshyKiXsDe92wOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.62.248.0/22
                IPv6:
                  2a03:820:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         49:46:d9:8e:a8:a1:5a:92:36:bc:f2:35:90:ee:c9:ec:df:b3:
         eb:a4:85:2a:af:32:a8:de:6a:6a:6f:bd:8e:17:7e:9e:e0:9d:
         d8:ae:af:41:eb:9b:19:02:67:67:64:35:c5:62:6e:6d:65:a9:
         38:84:f5:c6:55:6e:4b:46:ca:c7:b9:7a:a6:0d:27:0c:5c:e7:
         11:44:4a:54:f4:fa:7f:a4:3d:51:a0:a7:83:ef:39:49:b0:0e:
         69:ad:0c:22:ca:ee:a7:89:47:03:4d:5d:a8:23:90:c1:8a:e9:
         b3:6b:2f:3f:92:d1:61:6c:a0:5e:fa:4b:4d:46:04:f9:cf:8f:
         66:39:9c:d0:4c:c6:fb:c4:70:41:f5:80:f1:4a:a5:77:b0:55:
         53:58:1a:f3:5d:9b:b9:a9:d1:66:c7:2d:87:c5:f7:42:fb:9d:
         8a:9e:ca:b1:34:86:ae:a5:b8:6b:7a:4d:95:3d:1d:7d:90:09:
         4e:24:d4:c4:12:90:f0:ba:7f:f2:8a:1a:fd:26:c0:fe:e2:15:
         33:bf:10:ff:a1:13:91:fa:10:5c:cc:23:db:da:35:b6:e7:be:
         c3:e4:6c:1f:02:ab:e9:b6:4e:b0:4a:dc:24:e2:ae:34:c2:b3:
         2b:30:d7:a5:5c:5d:ae:36:cb:0c:62:66:0e:57:15:c4:07:ca:
         2f:43:98:93
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIED8EHFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjM2N2M3OTQ5ZmEwZjZjZjA1YTIxMDI3ZTc1Yjg0NjEyZGMxM2IwMB4XDTIyMDEw
MTEyMDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWUwYzJkMzA5NWZh
N2YwNjVkMDJjODcyMmEyNWVjMGRlZjc2YzBlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLjuh/yzoCyufb5I+oUAarjLSHkUbdxfnu+9fLOljm/WCgZ
vQ/5V1mBW2cKeGD8JjIxmqBkl29aCRVfjXTWfi4mFj9xoRVwvwW9WC6tr+dCdAoM
ef/wr5P9zXdlZfSboqQTm0E2ssKI+UE7O0Q00jPfsYQyX30hRDNwh4CxEAUJPzQX
zkvI301W5wjf9UPRVEf4B2NCjdzcKrM6FhQC/ZIxlsoumlG2q+pCsiIQVowdXaFg
Fe2q0cg8RnMsPaqK3nQg9j00BcNXNLgICRiXL/WQcXfzOFCrGuHQuLRW2I93W6lw
+sLYVTH4DdvoS8cysydmyhD/4gy+Tm1IGOAsJWsCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSuDC0wlfp/Bl0CyHIqJewN73bA5zAfBgNVHSMEGDAWgBQvNnx5SfoPbPBa
IQJ+dbhGEtwTsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x6WjhlVW42RDJ6d1dpRUNmblc0UmhMY0U3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMDhlMTgzLTY0ZWItNDk5OS05Zjc4LTdjZTczMjI2NzFlYi8x
L3Jnd3RNSlg2ZndaZEFzaHlLaVhzRGU5MndPYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MDhlMTgzLTY0ZWItNDk5OS05Zjc4LTdjZTczMjI2NzFlYi8xL0x6WjhlVW42RDJ6
d1dpRUNmblc0UmhMY0U3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEArk++DAOBAIAAjAIAwYEKgMIIEAw
DQYJKoZIhvcNAQELBQADggEBAElG2Y6ooVqSNrzyNZDuyezfs+ukhSqvMqjeampv
vY4Xfp7gndiur0HrmxkCZ2dkNcVibm1lqTiE9cZVbktGyse5eqYNJwxc5xFESlT0
+n+kPVGgp4PvOUmwDmmtDCLK7qeJRwNNXagjkMGK6bNrLz+S0WFsoF76S01GBPnP
j2Y5nNBMxvvEcEH1gPFKpXewVVNYGvNdm7mp0WbHLYfF90L7nYqeyrE0hq6luGt6
TZU9HX2QCU4k1MQSkPC6f/KKGv0mwP7iFTO/EP+hE5H6EFzMI9vaNbbnvsPkbB8C
q+m2TrBK3CTirjTCsysw16VcXa42ywxiZg5XFcQHyi9DmJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:18 2024 by rpki-client on console-ams.rpki-client.org