Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/FY9eWz7ha0U7blZT1xJwP9rXLzI.roa
File:                     FY9eWz7ha0U7blZT1xJwP9rXLzI.roa (raw, json)
Hash identifier:          9MtyZ5RHKMpvuRWnrPME3YP3eMwUbTuV2Xl5ztE71Co=
Subject key identifier:   15:8F:5E:5B:3E:E1:6B:45:3B:6E:56:53:D7:12:70:3F:DA:D7:2F:32
Certificate issuer:       /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial:       05B5CF11
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/FY9eWz7ha0U7blZT1xJwP9rXLzI.roa
Signing time:             Tue 01 Feb 2022 16:29:35 +0000
ROA not before:           Tue 01 Feb 2022 16:29:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198949
IP address blocks:        81.89.246.0/24 maxlen: 24
                          212.62.68.0/24 maxlen: 24
                          212.62.67.0/24 maxlen: 24
                          212.62.72.0/24 maxlen: 24
                          212.62.85.0/24 maxlen: 24
                          84.201.65.0/24 maxlen: 24
                          84.201.66.0/24 maxlen: 24
                          84.201.73.0/24 maxlen: 24
                          84.201.98.0/24 maxlen: 24
                          2a00:1348:10::/48 maxlen: 64
                          2a00:1348:11::/48 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 95801105 (0x5b5cf11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
        Validity
            Not Before: Feb  1 16:29:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=158f5e5b3ee16b453b6e5653d712703fdad72f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:52:8a:eb:d2:3f:fe:09:a6:51:51:c5:ab:b9:
                    63:a6:36:84:2c:af:d5:8d:6c:43:66:0b:46:00:61:
                    cc:fd:8d:6b:31:65:d5:7b:37:f0:bd:44:f1:3f:44:
                    8f:c5:05:67:c5:10:89:5a:ab:d0:58:34:12:38:0d:
                    a1:2d:12:93:f6:50:38:64:ea:8f:87:e5:17:ce:42:
                    86:3e:93:fb:a9:dd:53:f8:53:6e:f9:a1:31:2d:2f:
                    a6:cd:18:0f:a0:28:29:6c:1e:40:bf:be:ab:b7:15:
                    c9:08:8f:7a:2d:e3:7a:33:1d:9b:c3:e8:90:b2:2b:
                    20:08:6b:3e:e1:0b:0d:c4:69:3b:32:eb:dc:20:9e:
                    5e:27:9e:c0:43:d3:d1:16:99:f3:c7:48:0b:e9:c1:
                    20:96:71:4d:58:5a:16:c2:b0:59:95:2a:dc:4e:38:
                    23:fc:98:95:70:0d:4c:8c:6c:67:c9:ad:47:03:59:
                    55:b5:2a:92:56:3f:1d:94:64:3e:39:8e:0f:ad:2f:
                    6e:13:cc:02:d2:65:7c:0a:be:77:02:40:06:67:10:
                    ff:bd:9f:f2:0f:14:2e:ce:f6:4a:28:f4:8e:91:09:
                    db:9c:43:4d:32:1f:89:ab:38:ee:3d:92:3e:67:e3:
                    57:25:dd:40:36:2f:71:b7:b8:1f:57:2a:6d:55:25:
                    5a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:8F:5E:5B:3E:E1:6B:45:3B:6E:56:53:D7:12:70:3F:DA:D7:2F:32
            X509v3 Authority Key Identifier:
                keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/FY9eWz7ha0U7blZT1xJwP9rXLzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.89.246.0/24
                  84.201.65.0-84.201.66.255
                  84.201.73.0/24
                  84.201.98.0/24
                  212.62.67.0-212.62.68.255
                  212.62.72.0/24
                  212.62.85.0/24
                IPv6:
                  2a00:1348:10::/47

    Signature Algorithm: sha256WithRSAEncryption
         72:3f:7a:37:e3:49:f6:89:6f:66:93:79:7d:ce:23:7c:cf:a5:
         da:0d:a7:72:b4:68:61:2c:1b:9b:9a:5b:cb:a8:36:62:2c:0b:
         b3:0c:41:6b:69:94:93:7d:a8:72:7e:bf:ab:53:32:85:23:ca:
         ba:98:f9:09:63:cc:bc:51:20:b3:9a:f7:ff:ca:92:01:71:c8:
         a7:29:83:ce:0d:bf:ad:5c:5d:5a:64:91:b7:a0:84:5b:f0:a7:
         c8:1f:12:e5:f4:e3:7f:a6:68:c8:1f:0b:f0:4a:08:93:32:30:
         0c:c1:8d:a1:0d:19:74:f9:cc:a1:ca:fd:c1:33:93:08:ca:e3:
         6e:a0:25:18:97:48:c3:9d:a2:75:f4:2d:4e:40:fa:1b:8b:e1:
         c9:41:cb:49:69:56:25:16:aa:16:c2:f3:53:8e:10:01:d4:c9:
         73:d6:00:80:39:4f:11:ee:6f:8a:12:51:44:ce:b1:8b:ad:ad:
         da:8d:33:dd:88:67:40:f4:34:12:0b:df:fb:e0:8b:b9:ce:95:
         a8:d8:97:0f:aa:85:c4:0e:72:f1:c1:a6:32:07:d0:3a:8c:db:
         d8:9a:09:49:99:92:d9:b4:8f:6a:8c:82:f8:2c:15:de:8e:25:
         d3:b8:67:28:25:86:8d:16:4c:59:bc:b6:3b:56:a3:89:ad:04:
         64:09:f6:61
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEBbXPETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjYzMmVkYjYzNWFhOGY5YzQwYTA0OTVhN2E2M2JiNjUzOTU4MGJiMB4XDTIyMDIw
MTE2MjkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU4ZjVlNWIzZWUx
NmI0NTNiNmU1NjUzZDcxMjcwM2ZkYWQ3MmYzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtSiuvSP/4JplFRxau5Y6Y2hCyv1Y1sQ2YLRgBhzP2NazFl
1Xs38L1E8T9Ej8UFZ8UQiVqr0Fg0EjgNoS0Sk/ZQOGTqj4flF85Chj6T+6ndU/hT
bvmhMS0vps0YD6AoKWweQL++q7cVyQiPei3jejMdm8PokLIrIAhrPuELDcRpOzLr
3CCeXieewEPT0RaZ88dIC+nBIJZxTVhaFsKwWZUq3E44I/yYlXANTIxsZ8mtRwNZ
VbUqklY/HZRkPjmOD60vbhPMAtJlfAq+dwJABmcQ/72f8g8ULs72Sij0jpEJ25xD
TTIfias47j2SPmfjVyXdQDYvcbe4H1cqbVUlWoECAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBQVj15bPuFrRTtuVlPXEnA/2tcvMjAfBgNVHSMEGDAWgBSbYy7bY1qo+cQK
BJWnpju2U5WAuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20yTXUyMk5hcVBuRUNnU1ZwNlk3dGxPVmdMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8x
L0ZZOWVXejdoYTBVN2JsWlQxeEp3UDlyWEx6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8xL20yTXUyMk5hcVBu
RUNnU1ZwNlk3dGxPVmdMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQAQCAAEwOgMEAFFZ9jAMAwQAVMlBAwQAVMlCAwQA
VMlJAwQAVMliMAwDBADUPkMDBADUPkQDBADUPkgDBADUPlUwDwQCAAIwCQMHASoA
E0gAEDANBgkqhkiG9w0BAQsFAAOCAQEAcj96N+NJ9olvZpN5fc4jfM+l2g2ncrRo
YSwbm5pby6g2YiwLswxBa2mUk32ocn6/q1MyhSPKupj5CWPMvFEgs5r3/8qSAXHI
pymDzg2/rVxdWmSRt6CEW/CnyB8S5fTjf6ZoyB8L8EoIkzIwDMGNoQ0ZdPnMocr9
wTOTCMrjbqAlGJdIw52idfQtTkD6G4vhyUHLSWlWJRaqFsLzU44QAdTJc9YAgDlP
Ee5vihJRRM6xi62t2o0z3YhnQPQ0Egvf++CLuc6VqNiXD6qFxA5y8cGmMgfQOozb
2JoJSZmS2bSPaoyC+CwV3o4l07hnKCWGjRZMWby2O1ajia0EZAn2YQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org