Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/RNHgdIxtrOhxO0bxTVA1wqcccNk.roa
File:                     RNHgdIxtrOhxO0bxTVA1wqcccNk.roa (raw, json)
Hash identifier:          F94iGpSfFYbR0hHvxlCls36pWNEDNqYffBIke7RzNa0=
Subject key identifier:   44:D1:E0:74:8C:6D:AC:E8:71:3B:46:F1:4D:50:35:C2:A7:1C:70:D9
Certificate issuer:       /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial:       0AC356DF
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/RNHgdIxtrOhxO0bxTVA1wqcccNk.roa
Signing time:             Mon 21 Feb 2022 15:29:22 +0000
ROA not before:           Mon 21 Feb 2022 15:29:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        185.237.82.0/24 maxlen: 24
                          185.237.83.0/24 maxlen: 24
                          185.205.16.0/24 maxlen: 24
                          185.86.83.0/24 maxlen: 24
                          185.86.82.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180573919 (0xac356df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
        Validity
            Not Before: Feb 21 15:29:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44d1e0748c6dace8713b46f14d5035c2a71c70d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:88:f4:3f:20:55:5a:ac:51:d8:8b:2a:b4:68:
                    02:b3:96:f9:58:a3:b5:83:10:24:c4:82:03:d9:65:
                    3f:ff:1c:44:75:6a:c3:3e:ab:6a:83:19:3e:e0:4f:
                    8f:b0:3e:fb:8f:a2:9b:53:d5:3a:a7:77:7e:fd:3f:
                    fe:a9:0b:3b:47:4e:91:31:59:d8:5b:cf:67:ab:8f:
                    3a:d4:76:0d:0b:7b:60:f8:f5:2a:1a:83:c3:0b:10:
                    e5:bb:85:41:cb:cc:96:2e:35:73:e2:01:ed:e0:d6:
                    e1:75:29:08:ae:2e:79:55:46:a6:d1:97:1a:7c:d0:
                    1d:01:b7:54:bd:c0:2b:1f:f7:47:c3:db:32:fe:04:
                    04:ec:4b:f9:45:cb:62:c3:70:6e:cc:90:01:f4:1a:
                    42:a9:e9:8b:0b:45:5b:88:82:22:88:0a:53:23:3c:
                    56:cf:5d:93:f1:f5:39:3b:ed:1d:fe:80:b7:5d:d4:
                    b8:f5:08:27:11:2d:97:ac:4c:89:56:8e:49:37:82:
                    51:9a:fd:3a:db:d0:fd:17:8c:80:01:35:51:99:50:
                    e6:c5:36:57:bd:ee:d0:6d:f6:f6:42:13:ca:86:a7:
                    4e:58:94:10:ed:03:0c:44:05:33:7e:d0:a3:11:37:
                    50:67:e0:77:3e:6e:df:42:55:d9:6a:a3:04:69:16:
                    84:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D1:E0:74:8C:6D:AC:E8:71:3B:46:F1:4D:50:35:C2:A7:1C:70:D9
            X509v3 Authority Key Identifier:
                keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/RNHgdIxtrOhxO0bxTVA1wqcccNk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.86.82.0/23
                  185.205.16.0/24
                  185.237.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:fe:91:43:99:e0:c9:9c:c7:0d:5e:ab:75:2f:c8:04:df:93:
         df:6c:8b:7f:6e:5e:94:4f:6e:26:bd:c3:3a:ce:2c:bf:0b:4f:
         08:76:f5:d5:dd:17:d4:21:97:3f:08:46:af:73:36:d2:85:92:
         bc:b9:e2:f8:eb:d1:0b:56:07:32:0b:ef:4f:86:37:e6:29:6a:
         86:76:5b:0a:de:10:13:12:08:37:fd:6e:60:af:3c:11:d3:e1:
         86:7b:be:c3:0f:d4:4d:4e:47:bc:a8:72:55:3f:ea:aa:53:91:
         12:e7:e3:1a:e6:eb:ba:8a:74:b4:94:2e:0d:a7:89:c5:d2:55:
         ff:03:e3:13:46:42:f4:f6:19:3b:52:fb:a9:e6:23:a3:66:9f:
         3a:9f:7e:a7:f1:ad:e6:2b:75:1b:e1:42:76:c2:5c:ae:13:e2:
         95:69:6d:aa:ff:06:34:dd:17:dc:ce:a6:de:4e:b5:ee:d1:ab:
         b6:26:81:21:87:f6:0e:15:a8:42:62:b4:a6:10:ab:e8:3a:c5:
         e5:1e:dc:27:c7:7d:15:6f:61:9d:2f:0f:41:53:94:37:e4:c7:
         c4:77:c4:d6:d9:19:f3:46:a8:b6:fe:86:43:38:dd:f3:65:55:
         fc:ca:16:41:8c:72:82:4a:80:9b:07:fc:9b:5a:a4:fc:8c:83:
         dc:09:2e:68
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECsNW3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDU5MmU2ODg5NWM3MDY4YjQ2NTU1MDg5MTdhZDViYmRkYmQwYTVmMB4XDTIyMDIy
MTE1MjkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRkMWUwNzQ4YzZk
YWNlODcxM2I0NmYxNGQ1MDM1YzJhNzFjNzBkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyI9D8gVVqsUdiLKrRoArOW+VijtYMQJMSCA9llP/8cRHVq
wz6raoMZPuBPj7A++4+im1PVOqd3fv0//qkLO0dOkTFZ2FvPZ6uPOtR2DQt7YPj1
KhqDwwsQ5buFQcvMli41c+IB7eDW4XUpCK4ueVVGptGXGnzQHQG3VL3AKx/3R8Pb
Mv4EBOxL+UXLYsNwbsyQAfQaQqnpiwtFW4iCIogKUyM8Vs9dk/H1OTvtHf6At13U
uPUIJxEtl6xMiVaOSTeCUZr9OtvQ/ReMgAE1UZlQ5sU2V73u0G329kITyoanTliU
EO0DDEQFM37QoxE3UGfgdz5u30JV2WqjBGkWhEsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRE0eB0jG2s6HE7RvFNUDXCpxxw2TAfBgNVHSMEGDAWgBRQWS5oiVxwaLRl
VQiRetW73b0KXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VGa3VhSWxjY0dpMFpWVUlrWHJWdTkyOUNsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvMmE4MTAwLTE3MmItNDhlMy1hMzJhLTdiYmQyOGNlNGE3NS8x
L1JOSGdkSXh0ck9oeE8wYnhUVkExd3FjY2NOay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
MmE4MTAwLTE3MmItNDhlMy1hMzJhLTdiYmQyOGNlNGE3NS8xL1VGa3VhSWxjY0dp
MFpWVUlrWHJWdTkyOUNsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAblWUgMEALnNEAMEAbntUjANBgkq
hkiG9w0BAQsFAAOCAQEAAf6RQ5ngyZzHDV6rdS/IBN+T32yLf25elE9uJr3DOs4s
vwtPCHb11d0X1CGXPwhGr3M20oWSvLni+OvRC1YHMgvvT4Y35ilqhnZbCt4QExII
N/1uYK88EdPhhnu+ww/UTU5HvKhyVT/qqlOREufjGubruop0tJQuDaeJxdJV/wPj
E0ZC9PYZO1L7qeYjo2afOp9+p/Gt5it1G+FCdsJcrhPilWltqv8GNN0X3M6m3k61
7tGrtiaBIYf2DhWoQmK0phCr6DrF5R7cJ8d9FW9hnS8PQVOUN+THxHfE1tkZ80ao
tv6GQzjd82VV/MoWQYxygkqAmwf8m1qk/IyD3AkuaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:59 2024 by rpki-client on console-fra.rpki-client.org