Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa
File:                     o1lifhwPcM3OYahRV3yLXqnEuWY.roa (raw, json)
Hash identifier:          kTZeOa89QQJI27YVMjKdKeMpGyKkaS4MbWxgTeudZ+k=
Subject key identifier:   A3:59:62:7E:1C:0F:70:CD:CE:61:A8:51:57:7C:8B:5E:A9:C4:B9:66
Certificate issuer:       /CN=560805b7301871169bd09b886569d1f69dc19b57
Certificate serial:       3714E33D
Authority key identifier: 56:08:05:B7:30:18:71:16:9B:D0:9B:88:65:69:D1:F6:9D:C1:9B:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VggFtzAYcRab0JuIZWnR9p3Bm1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa
Signing time:             Sat 01 Jan 2022 06:01:18 +0000
ROA not before:           Sat 01 Jan 2022 06:01:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20681
IP address blocks:        185.16.140.0/22 maxlen: 24
                          193.178.175.0/24 maxlen: 24
                          193.219.31.0/24 maxlen: 24
                          46.19.248.0/21 maxlen: 24
                          2a01:8300::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 924115773 (0x3714e33d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=560805b7301871169bd09b886569d1f69dc19b57
        Validity
            Not Before: Jan  1 06:01:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a359627e1c0f70cdce61a851577c8b5ea9c4b966
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:48:90:60:c1:3f:ba:bd:6c:20:06:36:eb:15:
                    36:59:c7:d4:76:1f:4a:40:25:41:fc:f9:51:e7:84:
                    ac:29:13:d1:3c:92:9f:d6:00:cc:20:f7:51:82:70:
                    26:a8:35:a9:8d:b1:dc:45:63:68:94:dd:4f:c1:32:
                    ac:5c:ea:6b:08:cb:a5:50:7d:56:5b:58:fa:dc:6a:
                    76:77:ca:c3:2b:24:2c:cb:65:d9:81:25:56:10:e9:
                    d3:b6:b8:21:82:e9:50:67:a8:33:d8:24:df:ef:e5:
                    0a:16:6e:13:65:dd:05:2d:72:41:d3:9f:7b:bc:e4:
                    93:45:1c:84:42:b8:af:e8:13:4e:88:d9:6b:c0:e5:
                    ec:e5:2c:fe:22:d2:44:d8:6a:53:a4:c1:cd:1e:34:
                    5f:7c:af:44:94:bc:12:cd:4c:91:d0:25:be:f6:c2:
                    83:58:59:5b:26:62:2d:9e:43:86:8c:c0:49:1c:7e:
                    6c:14:4d:ce:53:9f:3c:48:cf:09:7e:80:98:1f:da:
                    b3:1e:f4:69:b8:2d:75:60:4c:5f:6b:64:a0:1e:5d:
                    17:dc:be:00:25:6d:2a:03:f9:ef:c7:da:66:9a:13:
                    2f:c4:71:66:a5:22:5b:c6:db:60:a4:36:76:4e:d3:
                    31:4f:76:e6:04:ff:98:64:ab:ed:62:01:0e:e7:c1:
                    71:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:59:62:7E:1C:0F:70:CD:CE:61:A8:51:57:7C:8B:5E:A9:C4:B9:66
            X509v3 Authority Key Identifier:
                keyid:56:08:05:B7:30:18:71:16:9B:D0:9B:88:65:69:D1:F6:9D:C1:9B:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VggFtzAYcRab0JuIZWnR9p3Bm1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/o1lifhwPcM3OYahRV3yLXqnEuWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/7ccd2c-2c05-453a-b7be-08da420f28c8/1/VggFtzAYcRab0JuIZWnR9p3Bm1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.19.248.0/21
                  185.16.140.0/22
                  193.178.175.0/24
                  193.219.31.0/24
                IPv6:
                  2a01:8300::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:5d:32:60:5d:40:02:8d:5f:89:6c:cb:f7:3c:b8:f3:d9:5b:
         6f:85:5a:bd:e8:7b:a2:5d:09:73:7f:66:3d:b3:7a:5b:da:c9:
         b5:49:06:86:c8:ed:ed:55:bf:b5:07:da:3e:a7:a0:3d:8e:5f:
         d9:29:d3:82:ce:95:f6:5b:69:64:ff:55:60:28:4a:b9:d8:d9:
         0a:90:a6:d7:2a:21:17:b1:df:cf:b0:80:fc:37:a5:67:18:f2:
         fa:ac:ef:d5:ad:26:89:3c:0b:0a:db:dd:d5:05:c1:6d:d7:39:
         f4:08:51:06:41:8b:79:30:85:fa:3c:c9:47:0f:98:30:c8:c8:
         db:7e:c2:8c:a6:e0:fb:7e:cf:c8:52:9d:88:ff:fd:64:03:46:
         71:26:07:ea:7f:0e:72:80:d2:88:99:d3:08:05:88:45:c2:f5:
         3e:7d:e6:63:79:8e:3c:32:b3:7e:53:7a:8f:be:06:0b:d7:14:
         ff:13:de:87:87:a0:a6:a4:9f:0a:af:a8:db:1b:ac:cc:28:98:
         c8:ad:97:b3:46:3d:a3:91:d0:65:bf:93:27:67:e2:02:5b:41:
         0c:0c:ca:a6:0a:80:c5:89:e5:6e:2b:13:36:ff:ca:50:15:2a:
         26:af:35:9a:90:f8:2c:c7:3c:3e:7c:9b:c5:67:b9:b7:44:d4:
         f7:a2:64:cd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENxTjPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjA4MDViNzMwMTg3MTE2OWJkMDliODg2NTY5ZDFmNjlkYzE5YjU3MB4XDTIyMDEw
MTA2MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1OTYyN2UxYzBm
NzBjZGNlNjFhODUxNTc3YzhiNWVhOWM0Yjk2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNIkGDBP7q9bCAGNusVNlnH1HYfSkAlQfz5UeeErCkT0TyS
n9YAzCD3UYJwJqg1qY2x3EVjaJTdT8EyrFzqawjLpVB9VltY+txqdnfKwyskLMtl
2YElVhDp07a4IYLpUGeoM9gk3+/lChZuE2XdBS1yQdOfe7zkk0UchEK4r+gTTojZ
a8Dl7OUs/iLSRNhqU6TBzR40X3yvRJS8Es1MkdAlvvbCg1hZWyZiLZ5DhozASRx+
bBRNzlOfPEjPCX6AmB/asx70abgtdWBMX2tkoB5dF9y+ACVtKgP578faZpoTL8Rx
ZqUiW8bbYKQ2dk7TMU925gT/mGSr7WIBDufBcQUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSjWWJ+HA9wzc5hqFFXfIteqcS5ZjAfBgNVHSMEGDAWgBRWCAW3MBhxFpvQ
m4hladH2ncGbVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZnZ0Z0ekFZY1JhYjBKdUlaV25SOXAzQm0xYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvN2NjZDJjLTJjMDUtNDUzYS1iN2JlLTA4ZGE0MjBmMjhjOC8x
L28xbGlmaHdQY00zT1lhaFJWM3lMWHFuRXVXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
N2NjZDJjLTJjMDUtNDUzYS1iN2JlLTA4ZGE0MjBmMjhjOC8xL1ZnZ0Z0ekFZY1Jh
YjBKdUlaV25SOXAzQm0xYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4T+AMEArkQjAMEAMGyrwMEAMHb
HzANBAIAAjAHAwUAKgGDADANBgkqhkiG9w0BAQsFAAOCAQEAg10yYF1AAo1fiWzL
9zy489lbb4Vaveh7ol0Jc39mPbN6W9rJtUkGhsjt7VW/tQfaPqegPY5f2SnTgs6V
9ltpZP9VYChKudjZCpCm1yohF7Hfz7CA/DelZxjy+qzv1a0miTwLCtvd1QXBbdc5
9AhRBkGLeTCF+jzJRw+YMMjI237CjKbg+37PyFKdiP/9ZANGcSYH6n8OcoDSiJnT
CAWIRcL1Pn3mY3mOPDKzflN6j74GC9cU/xPeh4egpqSfCq+o2xuszCiYyK2Xs0Y9
o5HQZb+TJ2fiAltBDAzKpgqAxYnlbisTNv/KUBUqJq81mpD4LMc8PnybxWe5t0TU
96JkzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org