Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/A98beqs6cpBJopU_2ogaYfYC76Y.roa
File:                     A98beqs6cpBJopU_2ogaYfYC76Y.roa (raw, json)
Hash identifier:          vAw8c5YUmF81vLs4wOQIaiqbt1SOpHCWuwbTEZEr86k=
Subject key identifier:   03:DF:1B:7A:AB:3A:72:90:49:A2:95:3F:DA:88:1A:61:F6:02:EF:A6
Certificate issuer:       /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial:       0183181130E50FB202F08F9E432FC4C8CE0A
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/A98beqs6cpBJopU_2ogaYfYC76Y.roa
Signing time:             Wed 07 Sep 2022 13:08:43 +0000
ROA not before:           Wed 07 Sep 2022 13:08:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48573
IP address blocks:        193.29.230.0/23 maxlen: 23
                          94.143.40.0/22 maxlen: 22
                          94.143.40.0/21 maxlen: 21
                          94.143.44.0/22 maxlen: 22
                          185.43.10.0/23 maxlen: 23
                          185.43.8.0/23 maxlen: 23
                          185.43.8.0/22 maxlen: 22
                          31.185.0.0/22 maxlen: 22
                          31.185.0.0/21 maxlen: 21
                          31.185.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:18:11:30:e5:0f:b2:02:f0:8f:9e:43:2f:c4:c8:ce:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
        Validity
            Not Before: Sep  7 13:08:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03df1b7aab3a729049a2953fda881a61f602efa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:44:bc:7a:32:e9:fd:b9:a4:71:6e:0f:55:44:
                    21:ac:a6:43:4c:68:28:f9:1e:5b:72:26:3a:d1:15:
                    9c:ee:9f:56:5c:31:5c:b2:9a:de:46:10:96:1f:08:
                    d2:7f:ea:be:c1:70:31:15:bd:ef:ca:f3:48:f0:e7:
                    d5:25:51:cc:6f:36:3a:b9:a0:05:15:3e:5a:61:50:
                    6d:8e:74:ce:29:b8:4b:88:af:07:a5:16:99:0a:11:
                    5c:18:7b:da:cf:c5:3d:18:dc:bc:e8:ba:5d:67:c3:
                    98:51:d6:0d:95:f7:fe:8b:90:51:92:cf:a4:ce:54:
                    2c:72:da:f8:19:fd:5f:6b:fd:33:e1:c3:19:88:3b:
                    8e:e1:f7:51:32:b7:39:07:e4:fa:ed:a5:49:15:df:
                    d0:0b:31:68:e4:f6:72:2a:b8:30:4a:04:71:f6:48:
                    d4:09:d9:b5:62:fc:05:7e:38:b7:4c:54:41:ac:7e:
                    bb:ef:02:eb:54:12:ad:2d:c2:60:33:2f:50:7e:17:
                    01:2c:61:f8:aa:59:d2:9a:0c:89:a2:3c:84:5b:7c:
                    69:70:09:e2:82:0e:f8:3f:ab:fd:8a:e4:37:5b:e9:
                    3c:04:70:b8:4d:cd:42:ce:a9:53:a9:b0:14:47:45:
                    46:d3:ab:1e:50:00:11:81:61:7a:a8:4e:c0:13:f4:
                    c4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:DF:1B:7A:AB:3A:72:90:49:A2:95:3F:DA:88:1A:61:F6:02:EF:A6
            X509v3 Authority Key Identifier:
                keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/A98beqs6cpBJopU_2ogaYfYC76Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.185.0.0/21
                  94.143.40.0/21
                  185.43.8.0/22
                  193.29.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:b9:a8:c2:95:26:79:59:f6:50:d3:5f:8b:d9:e6:8a:ae:50:
         3b:46:d1:66:05:75:19:df:6a:eb:10:da:95:6a:56:6d:cb:27:
         1e:b0:ff:70:90:42:01:84:a1:56:cb:4e:83:ba:a0:61:51:42:
         1b:7f:47:20:67:67:fa:85:cc:aa:60:d2:86:b9:76:02:0a:c8:
         9a:e5:b0:6e:64:c5:0f:14:6f:44:54:05:13:74:cc:39:f2:82:
         70:f7:4c:9b:b7:6a:00:0b:78:03:35:fc:99:9d:e9:a0:a4:51:
         ba:7f:48:bd:7e:bc:cc:82:e1:fc:f9:4a:73:00:9d:00:32:31:
         ab:10:51:03:76:3b:f4:26:67:06:00:78:d9:35:33:7f:fc:cc:
         02:51:4d:35:73:a7:d6:e0:e1:f1:66:b2:86:9e:20:ae:f4:c1:
         af:ca:ef:10:a6:bf:d8:f2:cf:d9:6d:eb:af:ba:18:01:78:96:
         43:ab:71:63:3c:a3:3f:c7:94:4a:cf:e7:7c:aa:91:39:be:ae:
         b9:e8:99:b1:d0:5a:e8:7c:7a:30:98:02:83:cb:aa:9c:1b:10:
         14:e3:de:dc:c4:eb:29:00:7d:de:1e:45:fb:33:bb:48:60:53:
         54:50:29:78:27:ae:f1:f1:e7:3b:68:d5:fd:02:6b:25:0b:72:
         37:e2:e8:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYMYETDlD7IC8I+eQy/EyM4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjIwOTA3MTMwODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RmMWI3YWFiM2E3MjkwNDlhMjk1M2ZkYTg4MWE2MWY2MDJlZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUS8ejLp/bmkcW4PVUQhrKZDTGgo
+R5bciY60RWc7p9WXDFcspreRhCWHwjSf+q+wXAxFb3vyvNI8OfVJVHMbzY6uaAF
FT5aYVBtjnTOKbhLiK8HpRaZChFcGHvaz8U9GNy86LpdZ8OYUdYNlff+i5BRks+k
zlQsctr4Gf1fa/0z4cMZiDuO4fdRMrc5B+T67aVJFd/QCzFo5PZyKrgwSgRx9kjU
Cdm1YvwFfji3TFRBrH677wLrVBKtLcJgMy9QfhcBLGH4qlnSmgyJojyEW3xpcAni
gg74P6v9iuQ3W+k8BHC4Tc1CzqlTqbAUR0VG06seUAARgWF6qE7AE/TESwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAPfG3qrOnKQSaKVP9qIGmH2Au+mMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvQTk4YmVxczZjcEJKb3BVXzJvZ2FZZllDNzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDH7kAAwQD
Xo8oAwQCuSsIAwQBwR3mMA0GCSqGSIb3DQEBCwUAA4IBAQAXuajClSZ5WfZQ01+L
2eaKrlA7RtFmBXUZ32rrENqValZtyycesP9wkEIBhKFWy06DuqBhUUIbf0cgZ2f6
hcyqYNKGuXYCCsia5bBuZMUPFG9EVAUTdMw58oJw90ybt2oAC3gDNfyZnemgpFG6
f0i9frzMguH8+UpzAJ0AMjGrEFEDdjv0JmcGAHjZNTN//MwCUU01c6fW4OHxZrKG
niCu9MGvyu8Qpr/Y8s/ZbeuvuhgBeJZDq3FjPKM/x5RKz+d8qpE5vq656Jmx0Fro
fHowmAKDy6qcGxAU497cxOspAH3eHkX7M7tIYFNUUCl4J67x8ec7aNX9AmslC3I3
4uhK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org