Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa
File:                     Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa (raw, json)
Hash identifier:          feRgYePnP4FRET4Okpr+wry21e8+XKvEDAi0y6kKJyY=
Subject key identifier:   0A:BE:C6:56:5E:D9:5B:E3:DE:15:6C:CB:D1:FF:D3:C7:B0:24:57:B3
Certificate issuer:       /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial:       0184C772145274D16EB6D131CA783DAFEA2C
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa
Signing time:             Wed 30 Nov 2022 07:30:53 +0000
ROA not before:           Wed 30 Nov 2022 07:30:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213354
IP address blocks:        194.15.112.0/24 maxlen: 24
                          194.15.113.0/24 maxlen: 24
                          91.228.68.0/22 maxlen: 22
                          2a11:9c00::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c7:72:14:52:74:d1:6e:b6:d1:31:ca:78:3d:af:ea:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
        Validity
            Not Before: Nov 30 07:30:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0abec6565ed95be3de156ccbd1ffd3c7b02457b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c6:99:8a:3d:8d:e9:c4:31:68:6f:1f:4c:cc:
                    cb:92:4c:27:bc:21:06:e5:20:97:fe:78:a3:96:a3:
                    ae:1d:36:b7:f1:de:a0:8b:81:f1:28:ca:79:76:22:
                    b9:2b:0a:99:90:f9:94:75:2d:11:23:da:88:20:16:
                    ba:85:0a:ee:e6:3c:53:73:0d:91:f7:2e:46:46:dc:
                    d9:32:55:21:49:60:62:da:92:e6:23:79:93:4a:ff:
                    45:e8:1e:ba:33:78:23:a5:98:9c:b4:78:4e:f8:27:
                    7f:1a:cd:ea:1b:49:dc:e2:06:0b:cf:b7:88:d7:96:
                    0f:03:13:4a:83:d7:65:e1:7b:86:86:be:f3:e9:e0:
                    4a:bf:50:d0:8c:3e:01:a3:66:06:d2:73:a4:71:eb:
                    e6:29:4f:9b:cd:37:17:a2:eb:94:48:ee:a3:d2:e2:
                    62:4c:ab:2e:32:a4:f4:56:f1:f6:74:ca:f1:6f:a4:
                    06:9f:de:81:fa:f1:b9:51:53:ee:05:c8:fd:2e:e0:
                    38:ff:49:8a:50:39:fc:4e:4c:40:5a:c7:4f:3f:ee:
                    ca:b0:19:a3:ca:ba:03:51:5b:49:36:1d:73:c1:7c:
                    b6:27:26:3f:a9:d2:91:5d:ac:66:a5:4e:cb:01:c1:
                    24:69:7b:a3:59:0a:da:ea:4b:d9:32:76:2a:97:39:
                    fa:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:BE:C6:56:5E:D9:5B:E3:DE:15:6C:CB:D1:FF:D3:C7:B0:24:57:B3
            X509v3 Authority Key Identifier:
                keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/Cr7GVl7ZW-PeFWzL0f_Tx7AkV7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.68.0/22
                  194.15.112.0/23
                IPv6:
                  2a11:9c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         4d:55:89:ac:ec:33:95:bd:f4:ac:ba:c5:dd:55:6a:72:04:d7:
         1b:da:dc:a6:94:bf:52:f8:e7:64:28:40:fb:06:04:a6:5c:b8:
         a4:94:bf:68:e1:61:cd:dc:46:e2:fb:3a:9e:3b:66:83:9f:b2:
         51:58:7f:52:11:44:36:ac:74:8f:21:69:f7:4f:ec:87:06:35:
         7e:87:13:5f:6f:2d:6f:5b:47:6f:1b:93:62:69:a3:3e:ac:bf:
         b2:6f:73:89:d2:86:ea:80:42:9f:78:68:8c:6d:8f:84:e7:17:
         1a:22:a0:2f:91:69:4d:61:7e:80:db:4a:d2:73:be:b1:71:11:
         30:90:ce:8b:a4:b2:b4:10:24:74:b1:17:ba:1f:1b:1e:0a:cc:
         63:c1:f0:5c:7e:13:ff:91:21:6d:35:73:f3:cf:0a:0f:47:93:
         3c:e2:fc:49:c8:5c:c9:39:59:c6:b6:f3:e4:37:ae:cf:39:5d:
         fc:81:3c:ce:63:bb:e2:aa:bc:b0:d8:c9:b2:6a:60:46:60:d7:
         86:a6:2c:1f:23:57:11:29:17:02:e1:8c:6a:bc:a9:52:f3:3e:
         0f:e3:6f:6a:cb:24:7e:79:72:da:68:24:3f:81:c8:7f:22:ed:
         dc:a1:21:d4:4a:c5:ff:9a:32:c5:22:0f:8f:69:1b:b0:ff:1a:
         f5:f2:e5:66
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTHchRSdNFuttExyng9r+osMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjIxMTMwMDczMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlYzY1NjVlZDk1YmUzZGUxNTZjY2JkMWZmZDNjN2IwMjQ1N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMaZij2N6cQxaG8fTMzLkkwnvCEG
5SCX/nijlqOuHTa38d6gi4HxKMp5diK5KwqZkPmUdS0RI9qIIBa6hQru5jxTcw2R
9y5GRtzZMlUhSWBi2pLmI3mTSv9F6B66M3gjpZictHhO+Cd/Gs3qG0nc4gYLz7eI
15YPAxNKg9dl4XuGhr7z6eBKv1DQjD4Bo2YG0nOkcevmKU+bzTcXouuUSO6j0uJi
TKsuMqT0VvH2dMrxb6QGn96B+vG5UVPuBcj9LuA4/0mKUDn8TkxAWsdPP+7KsBmj
yroDUVtJNh1zwXy2JyY/qdKRXaxmpU7LAcEkaXujWQra6kvZMnYqlzn66wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAq+xlZe2Vvj3hVsy9H/08ewJFezMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvQ3I3R1ZsN1pXLVBlRld6TDBmX1R4N0FrVjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCW+REAwQB
wg9wMA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOCAQEATVWJrOwzlb30
rLrF3VVqcgTXG9rcppS/UvjnZChA+wYEply4pJS/aOFhzdxG4vs6njtmg5+yUVh/
UhFENqx0jyFp90/shwY1focTX28tb1tHbxuTYmmjPqy/sm9zidKG6oBCn3hojG2P
hOcXGiKgL5FpTWF+gNtK0nO+sXERMJDOi6SytBAkdLEXuh8bHgrMY8HwXH4T/5Eh
bTVz888KD0eTPOL8SchcyTlZxrbz5Deuzzld/IE8zmO74qq8sNjJsmpgRmDXhqYs
HyNXESkXAuGMarypUvM+D+Nvasskfnly2mgkP4HIfyLt3KEh1ErF/5oyxSIPj2kb
sP8a9fLlZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org