Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/FjIfVOfcLm4ZMIJydrW5VRJaGm4.roa
File:                     FjIfVOfcLm4ZMIJydrW5VRJaGm4.roa (raw, json)
Hash identifier:          /iyI8xUHMI/x2eVS39+/DwDIiss9enw9YXAwK26kBr8=
Subject key identifier:   16:32:1F:54:E7:DC:2E:6E:19:30:82:72:76:B5:B9:55:12:5A:1A:6E
Certificate issuer:       /CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Certificate serial:       0A586B85
Authority key identifier: 92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/FjIfVOfcLm4ZMIJydrW5VRJaGm4.roa
Signing time:             Sat 01 Jan 2022 01:56:44 +0000
ROA not before:           Sat 01 Jan 2022 01:56:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62597
IP address blocks:        185.103.34.0/24 maxlen: 24
                          185.103.33.0/24 maxlen: 24
                          2a00:edc0:1f0::/44 maxlen: 44
                          2a00:edc0:100::/44 maxlen: 48
                          2a00:edc0:1003::/48 maxlen: 48
                          2a00:edc0:1001::/48 maxlen: 48
                          2a00:edc0:1002::/48 maxlen: 48
                          2a00:edc0:1005::/48 maxlen: 48
                          2a00:edc0:1000::/48 maxlen: 48
                          2a00:edc0:1010::/48 maxlen: 48
                          2a00:edc0:6259::/48 maxlen: 48
                          2a00:edc0:1004::/48 maxlen: 48
                          2a00:edc0:10f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 173566853 (0xa586b85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
        Validity
            Not Before: Jan  1 01:56:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16321f54e7dc2e6e1930827276b5b955125a1a6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:36:29:96:09:9e:7f:55:2a:20:15:43:15:c3:
                    50:94:55:53:a0:4f:58:9e:ea:a1:b6:ad:17:a3:ef:
                    3c:2c:12:ef:ab:c7:2e:1e:2c:b1:af:43:e7:e6:23:
                    db:a3:e1:7c:cb:9d:bc:bc:4d:9c:16:7c:af:67:36:
                    a3:b0:41:84:46:a2:36:ec:49:19:f1:cc:78:4b:4f:
                    50:3f:7d:2a:c0:88:e0:9d:25:f9:ca:b2:52:23:f8:
                    02:56:ea:8b:e6:4b:02:96:d1:e4:5c:2e:0e:3e:6d:
                    7f:8e:00:d8:f6:75:94:a4:e2:01:88:26:f7:c5:67:
                    08:33:18:ce:68:6c:45:6f:f1:25:76:94:32:f0:8a:
                    a5:d0:44:a2:e4:d2:74:f5:e6:3b:61:ae:a8:ed:1d:
                    92:7e:d3:1a:8f:f5:33:12:23:31:45:64:bc:cb:ec:
                    cd:d6:8e:7b:e9:b1:2d:f3:c0:15:25:48:9e:03:1f:
                    23:6f:01:2f:a4:df:b7:ef:15:e7:58:83:c0:8c:99:
                    da:86:e9:0c:52:8e:45:62:6c:91:91:d0:b7:46:d9:
                    67:6a:ad:17:8f:7b:d7:ce:0e:5f:37:fe:7c:2a:3d:
                    70:75:37:ec:aa:4b:7c:20:48:1f:dc:55:5d:13:8a:
                    2a:30:4d:91:aa:9d:e8:b9:b1:f1:25:e2:9c:20:28:
                    38:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:32:1F:54:E7:DC:2E:6E:19:30:82:72:76:B5:B9:55:12:5A:1A:6E
            X509v3 Authority Key Identifier:
                keyid:92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/FjIfVOfcLm4ZMIJydrW5VRJaGm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/kjGbzZsJqYSwcOLvWI_8-otzyKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.33.0-185.103.34.255
                IPv6:
                  2a00:edc0:100::/44
                  2a00:edc0:1f0::/44
                  2a00:edc0:1000::-2a00:edc0:1005:ffff:ffff:ffff:ffff:ffff
                  2a00:edc0:1010::/48
                  2a00:edc0:6259::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:1b:fd:71:87:e4:64:17:0c:27:ff:3e:09:c0:8a:8c:59:ae:
         c2:99:71:b4:a0:c4:fd:96:2d:5c:34:ef:02:e2:d5:18:36:ae:
         b6:74:8d:5e:5a:1e:d1:a7:ab:89:fd:14:e1:39:26:19:12:bc:
         b9:df:bc:3c:ae:5e:9d:d9:12:a3:c5:6a:a7:b1:90:eb:3e:c8:
         93:ba:1c:db:80:f5:00:e2:83:11:ec:ad:5c:6a:97:41:18:88:
         bf:76:62:a5:21:b6:cb:51:04:48:0e:c4:70:4f:64:9f:f4:c4:
         9b:2e:93:03:5f:6f:b8:e3:39:7f:d2:b7:32:f6:7b:49:6e:f7:
         f2:e8:47:4e:b6:bc:92:1e:b2:ba:57:ec:58:40:64:49:b0:c7:
         ed:6c:cd:1c:57:55:aa:52:57:75:38:6d:7d:c6:78:4f:62:9a:
         5e:e8:1d:b3:3e:c6:65:79:df:7c:38:be:ec:61:3a:83:e3:f6:
         6a:e6:09:1a:9e:e3:05:9a:2e:81:d9:20:5a:ed:66:34:66:54:
         64:16:77:25:7f:ec:a6:d0:a8:2a:39:87:f9:d9:e0:b0:db:e1:
         ab:94:58:d5:df:e8:d8:77:4d:20:33:e1:cb:da:97:ad:ec:8e:
         89:01:d6:05:23:15:ec:fb:4b:81:d9:c5:4e:df:6e:28:96:cb:
         e3:28:a7:24
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEClhrhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjMxOWJjZDliMDlhOTg0YjA3MGUyZWY1ODhmZmNmYThiNzNjOGEyMB4XDTIyMDEw
MTAxNTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTYzMjFmNTRlN2Rj
MmU2ZTE5MzA4MjcyNzZiNWI5NTUxMjVhMWE2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANg2KZYJnn9VKiAVQxXDUJRVU6BPWJ7qobatF6PvPCwS76vH
Lh4ssa9D5+Yj26PhfMudvLxNnBZ8r2c2o7BBhEaiNuxJGfHMeEtPUD99KsCI4J0l
+cqyUiP4Albqi+ZLApbR5FwuDj5tf44A2PZ1lKTiAYgm98VnCDMYzmhsRW/xJXaU
MvCKpdBEouTSdPXmO2GuqO0dkn7TGo/1MxIjMUVkvMvszdaOe+mxLfPAFSVIngMf
I28BL6Tft+8V51iDwIyZ2obpDFKORWJskZHQt0bZZ2qtF497184OXzf+fCo9cHU3
7KpLfCBIH9xVXROKKjBNkaqd6Lmx8SXinCAoOJkCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBQWMh9U59wubhkwgnJ2tblVEloabjAfBgNVHSMEGDAWgBSSMZvNmwmphLBw
4u9Yj/z6i3PIojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tqR2J6WnNKcVlTd2NPTHZXSV84LW90enlLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYjJiMmM2LTM1ZWUtNDJmNS1hMjY4LWNkYmViYmM2NTJkZS8x
L0ZqSWZWT2ZjTG00Wk1JSnlkclc1VlJKYUdtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YjJiMmM2LTM1ZWUtNDJmNS1hMjY4LWNkYmViYmM2NTJkZS8xL2tqR2J6WnNKcVlT
d2NPTHZXSV84LW90enlLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwFAQCAAEwDjAMAwQAuWchAwQAuWciMD0EAgACMDcD
BwQqAO3AAQADBwQqAO3AAfAwEQMGBCoA7cAQAwcBKgDtwBAEAwcAKgDtwBAQAwcA
KgDtwGJZMA0GCSqGSIb3DQEBCwUAA4IBAQAWG/1xh+RkFwwn/z4JwIqMWa7CmXG0
oMT9li1cNO8C4tUYNq62dI1eWh7Rp6uJ/RThOSYZEry537w8rl6d2RKjxWqnsZDr
PsiTuhzbgPUA4oMR7K1capdBGIi/dmKlIbbLUQRIDsRwT2Sf9MSbLpMDX2+44zl/
0rcy9ntJbvfy6EdOtrySHrK6V+xYQGRJsMftbM0cV1WqUld1OG19xnhPYppe6B2z
PsZled98OL7sYTqD4/Zq5gkanuMFmi6B2SBa7WY0ZlRkFnclf+ym0KgqOYf52eCw
2+GrlFjV3+jYd00gM+HL2pet7I6JAdYFIxXs+0uB2cVO324olsvjKKck
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:22 2024 by rpki-client on console-ams.rpki-client.org