Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0PpnmLQJrSTxFeE1Fw8qCedjNzA.roa
File:                     0PpnmLQJrSTxFeE1Fw8qCedjNzA.roa (raw, json)
Hash identifier:          ZxGG34MZMKcIcjKzMKtr56bvvtmDGyTYSHqAVONhfX8=
Subject key identifier:   D0:FA:67:98:B4:09:AD:24:F1:15:E1:35:17:0F:2A:09:E7:63:37:30
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       193C8B9B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0PpnmLQJrSTxFeE1Fw8qCedjNzA.roa
Signing time:             Sat 19 Mar 2022 10:35:14 +0000
ROA not before:           Sat 19 Mar 2022 10:35:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        185.133.192.0/24 maxlen: 24
                          185.117.22.0/24 maxlen: 24
                          185.122.56.0/24 maxlen: 32
                          185.122.57.0/24 maxlen: 24
                          185.122.58.0/24 maxlen: 32
                          185.122.56.0/22 maxlen: 32
                          185.122.59.0/24 maxlen: 32
                          2a06:82c2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 423398299 (0x193c8b9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Mar 19 10:35:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0fa6798b409ad24f115e135170f2a09e7633730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:54:51:67:20:6b:0f:80:d5:9a:47:e8:59:59:
                    6e:17:28:35:08:be:46:12:46:8d:02:43:9b:a0:99:
                    6c:cc:82:18:5a:6a:df:96:7a:cc:1b:2a:98:20:d1:
                    7b:1d:95:16:1a:6f:be:bd:6d:17:aa:e2:a3:d8:cb:
                    f2:66:11:57:df:cd:cb:09:02:40:8d:d2:c4:61:46:
                    6e:20:ce:6e:98:be:5b:8e:c9:d9:fb:65:26:80:2a:
                    ab:e8:26:da:13:09:7c:a0:d8:98:42:8d:00:cb:1e:
                    da:be:85:73:7b:dc:ff:8e:0b:53:09:fa:f5:3d:45:
                    5d:9a:3c:f7:3e:e2:03:fd:10:e0:e4:6d:0d:a1:f8:
                    90:6c:c2:54:0f:6d:4d:34:41:15:c3:63:d4:72:12:
                    b3:a5:fb:33:18:f4:a6:b8:fc:46:8d:dd:92:52:8c:
                    76:99:22:1a:22:cb:e6:89:41:4d:26:e2:d7:0b:58:
                    8e:1a:a7:ec:9b:03:f3:2a:b7:78:0b:89:42:8b:37:
                    53:05:71:d6:e8:26:26:3f:6d:d2:e2:3e:5f:cf:bb:
                    a7:e1:db:74:cb:f8:b8:54:a5:a8:c0:b1:91:8a:7c:
                    0b:c2:2d:83:09:b5:4e:f8:af:ec:70:b8:c8:24:a5:
                    07:c2:7c:f9:aa:f5:dd:7a:7c:45:7e:52:49:ff:e0:
                    28:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:FA:67:98:B4:09:AD:24:F1:15:E1:35:17:0F:2A:09:E7:63:37:30
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0PpnmLQJrSTxFeE1Fw8qCedjNzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.22.0/24
                  185.122.56.0/22
                  185.133.192.0/24
                IPv6:
                  2a06:82c2::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:92:70:9e:64:44:d6:8e:90:45:3a:cc:8d:45:62:e1:8f:88:
         cc:c7:fb:09:96:28:34:99:74:ba:df:34:78:77:c9:25:15:b7:
         5e:72:30:fb:f2:2f:4f:fd:60:48:04:62:ce:27:7c:91:3b:a7:
         b0:28:85:fe:72:3b:d1:14:05:48:6d:3c:72:54:fe:dc:cc:ad:
         c0:15:05:80:b0:8e:85:6e:aa:ac:6e:c6:e4:62:75:e2:f3:e9:
         08:2b:13:48:0a:7f:b6:33:c9:3f:3e:74:c6:6e:87:21:a4:90:
         fb:50:2f:9d:3c:ae:28:28:18:4e:23:11:97:75:45:54:d7:42:
         31:33:1b:25:d1:88:26:f1:46:dc:d5:ee:da:5b:ff:c5:55:33:
         d5:d8:6d:fa:1e:27:79:85:c1:ab:65:a8:b2:1a:2c:6e:2c:72:
         7d:55:60:92:d8:7b:fb:d3:9a:53:d7:c8:a9:59:55:46:52:b3:
         d8:6d:8a:d8:93:1b:7d:69:b3:4d:b5:55:29:35:83:fc:63:3e:
         f0:02:45:81:b8:62:d1:a2:a3:de:8f:d3:ff:c7:08:7a:2d:20:
         0a:ff:fe:f3:e2:aa:3b:14:0b:ae:66:fc:53:19:8f:8e:e7:88:
         35:b0:94:38:bf:6d:3c:5d:41:87:c4:80:68:45:19:0b:28:07:
         c4:fc:ef:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGTyLmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMx
OTEwMzUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBmYTY3OThiNDA5
YWQyNGYxMTVlMTM1MTcwZjJhMDllNzYzMzczMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxUUWcgaw+A1ZpH6FlZbhcoNQi+RhJGjQJDm6CZbMyCGFpq
35Z6zBsqmCDRex2VFhpvvr1tF6rio9jL8mYRV9/NywkCQI3SxGFGbiDObpi+W47J
2ftlJoAqq+gm2hMJfKDYmEKNAMse2r6Fc3vc/44LUwn69T1FXZo89z7iA/0Q4ORt
DaH4kGzCVA9tTTRBFcNj1HISs6X7Mxj0prj8Ro3dklKMdpkiGiLL5olBTSbi1wtY
jhqn7JsD8yq3eAuJQos3UwVx1ugmJj9t0uI+X8+7p+HbdMv4uFSlqMCxkYp8C8It
gwm1Tviv7HC4yCSlB8J8+ar13Xp8RX5SSf/gKA8CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTQ+meYtAmtJPEV4TUXDyoJ52M3MDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzBQcG5tTFFKclNUeEZlRTFGdzhxQ2Vkak56QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAPBAIA
AjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQALknCeZETWjpBFOsyNRWLh
j4jMx/sJlig0mXS63zR4d8klFbdecjD78i9P/WBIBGLOJ3yRO6ewKIX+cjvRFAVI
bTxyVP7czK3AFQWAsI6FbqqsbsbkYnXi8+kIKxNICn+2M8k/PnTGbochpJD7UC+d
PK4oKBhOIxGXdUVU10IxMxsl0Ygm8Ubc1e7aW//FVTPV2G36Hid5hcGrZaiyGixu
LHJ9VWCS2Hv705pT18ipWVVGUrPYbYrYkxt9abNNtVUpNYP8Yz7wAkWBuGLRoqPe
j9P/xwh6LSAK//7z4qo7FAuuZvxTGY+O54g1sJQ4v208XUGHxIBoRRkLKAfE/O+W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org