Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/4UQflwVtWiCfgDy6oqt48BXyrEU.roa
File:                     4UQflwVtWiCfgDy6oqt48BXyrEU.roa (raw, json)
Hash identifier:          wAd9CwDu4I7Us5aCXWg3b7N58aMwQ8NwrYa+fd5Dz24=
Subject key identifier:   E1:44:1F:97:05:6D:5A:20:9F:80:3C:BA:A2:AB:78:F0:15:F2:AC:45
Certificate issuer:       /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial:       144644AF
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/4UQflwVtWiCfgDy6oqt48BXyrEU.roa
Signing time:             Sat 01 Jan 2022 15:01:58 +0000
ROA not before:           Sat 01 Jan 2022 15:01:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39347
IP address blocks:        185.122.222.0/24 maxlen: 24
                          89.33.88.0/21 maxlen: 21
                          93.119.176.0/23 maxlen: 23
                          93.119.182.0/23 maxlen: 23
                          2a06:a880::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 340149423 (0x144644af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
        Validity
            Not Before: Jan  1 15:01:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e1441f97056d5a209f803cbaa2ab78f015f2ac45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:55:36:18:15:c3:8a:16:0f:4e:13:0f:3a:71:
                    e2:ed:0a:31:a3:5a:28:de:8b:4d:8e:ed:f9:eb:9e:
                    0b:64:27:37:1b:11:ad:56:be:71:5a:15:f8:c2:79:
                    65:28:5d:c4:ca:8f:e8:a5:de:09:92:fb:ae:f8:9f:
                    ac:0e:a4:28:43:93:72:c3:68:43:2c:19:cb:c3:f7:
                    99:f6:8a:ac:b9:29:e6:32:c1:df:15:b0:2b:a4:29:
                    cc:16:b0:20:b1:8b:be:da:4b:f4:9d:c8:43:7c:23:
                    27:4a:10:af:a4:24:f6:26:09:1c:d3:cf:47:c7:70:
                    a3:38:4b:4b:42:e2:3f:25:67:9d:27:14:f4:96:ac:
                    3f:b5:77:17:ec:e1:32:26:f1:85:69:b7:77:1a:16:
                    f9:72:17:dd:34:94:a6:12:9a:bc:c4:72:eb:7a:75:
                    14:61:39:b9:8f:a8:55:38:61:f6:52:56:3c:63:63:
                    6f:fa:4a:36:38:54:99:f7:96:ce:8f:9a:f1:43:1c:
                    7e:32:ae:60:a8:9f:64:4b:91:0c:aa:6d:e1:59:49:
                    9d:3e:5e:0e:16:fc:9c:77:9d:00:1d:c7:a7:4f:b1:
                    eb:c6:28:ac:d4:b4:4a:bd:95:12:dd:37:9f:3c:24:
                    0d:f1:48:5f:39:2a:47:b9:b1:43:d2:c6:b8:b9:94:
                    2b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:44:1F:97:05:6D:5A:20:9F:80:3C:BA:A2:AB:78:F0:15:F2:AC:45
            X509v3 Authority Key Identifier:
                keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/4UQflwVtWiCfgDy6oqt48BXyrEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.88.0/21
                  93.119.176.0/23
                  93.119.182.0/23
                  185.122.222.0/24
                IPv6:
                  2a06:a880::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:2c:2e:b7:0b:58:8a:e8:a8:93:22:21:42:74:a8:5c:74:13:
         cb:c3:19:b4:f7:1c:58:d4:4e:a7:5f:17:f8:ab:8b:a4:a2:1e:
         da:96:f5:fb:2d:27:c6:6f:e3:65:1b:45:37:99:10:3f:94:ab:
         87:c8:38:0d:88:72:c5:15:9d:e0:12:56:71:dd:eb:6a:30:24:
         ab:46:43:84:0b:82:76:14:e6:61:2d:75:f5:f4:4d:66:97:d3:
         b4:27:4d:28:fd:5f:16:3a:b8:e4:e5:71:f6:7a:4e:2e:c3:fc:
         8b:24:80:87:35:87:d2:87:11:fc:83:ea:b2:6e:16:f4:9a:e0:
         09:5f:cc:31:ed:9f:f8:12:77:6c:91:36:ff:db:73:69:49:68:
         9c:93:3a:81:79:f0:b7:53:54:0e:8a:79:13:98:da:e2:4d:f6:
         cb:95:5b:09:e1:79:b0:c0:0e:5e:05:84:ea:36:01:b1:d7:13:
         ce:71:0c:3d:dd:45:ef:0e:96:24:85:a3:a5:c9:53:ae:b1:60:
         c8:78:de:14:6f:c1:c1:bd:50:bc:6e:65:f2:88:78:2f:06:37:
         aa:1c:e3:f3:1b:c8:aa:b0:87:df:e7:e8:f9:23:62:3c:cb:5b:
         47:73:36:a1:97:40:5f:7a:de:49:6e:08:9f:6a:f5:a8:e4:be:
         46:6c:5a:87
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEFEZErzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2MwNTkxZTJlYjQ5ZDA1NTllNmZjZTdlZTJhYTgxZjBmNTliYTZmMB4XDTIyMDEw
MTE1MDE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE0NDFmOTcwNTZk
NWEyMDlmODAzY2JhYTJhYjc4ZjAxNWYyYWM0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9VNhgVw4oWD04TDzpx4u0KMaNaKN6LTY7t+eueC2QnNxsR
rVa+cVoV+MJ5ZShdxMqP6KXeCZL7rvifrA6kKEOTcsNoQywZy8P3mfaKrLkp5jLB
3xWwK6QpzBawILGLvtpL9J3IQ3wjJ0oQr6Qk9iYJHNPPR8dwozhLS0LiPyVnnScU
9JasP7V3F+zhMibxhWm3dxoW+XIX3TSUphKavMRy63p1FGE5uY+oVThh9lJWPGNj
b/pKNjhUmfeWzo+a8UMcfjKuYKifZEuRDKpt4VlJnT5eDhb8nHedAB3Hp0+x68Yo
rNS0Sr2VEt03nzwkDfFIXzkqR7mxQ9LGuLmUK28CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBThRB+XBW1aIJ+APLqiq3jwFfKsRTAfBgNVHSMEGDAWgBTDwFkeLrSdBVnm
/OfuKqgfD1m6bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c4QlpIaTYwblFWWjV2em43aXFvSHc5WnVtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8x
LzRVUWZsd1Z0V2lDZmdEeTZvcXQ0OEJYeXJFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8xL3c4QlpIaTYwblFW
WjV2em43aXFvSHc5WnVtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEA1khWAMEAV13sAMEAV13tgMEALl6
3jAPBAIAAjAJAwcAKgaogAAAMA0GCSqGSIb3DQEBCwUAA4IBAQABLC63C1iK6KiT
IiFCdKhcdBPLwxm09xxY1E6nXxf4q4ukoh7alvX7LSfGb+NlG0U3mRA/lKuHyDgN
iHLFFZ3gElZx3etqMCSrRkOEC4J2FOZhLXX19E1ml9O0J00o/V8WOrjk5XH2ek4u
w/yLJICHNYfShxH8g+qybhb0muAJX8wx7Z/4EndskTb/23NpSWickzqBefC3U1QO
inkTmNriTfbLlVsJ4XmwwA5eBYTqNgGx1xPOcQw93UXvDpYkhaOlyVOusWDIeN4U
b8HBvVC8bmXyiHgvBjeqHOPzG8iqsIff5+j5I2I8y1tHczahl0Bfet5JbgifavWo
5L5GbFqH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:38 2024 by rpki-client on console-fra.rpki-client.org