Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/_LR7wsL_V8eMlOcw6uvYcKXrj3I.roa
File:                     _LR7wsL_V8eMlOcw6uvYcKXrj3I.roa (raw, json)
Hash identifier:          b4T//n3/qHOFqwbs1Vp2CbxPKlchZmsvTop4HtGrxYo=
Subject key identifier:   FC:B4:7B:C2:C2:FF:57:C7:8C:94:E7:30:EA:EB:D8:70:A5:EB:8F:72
Certificate issuer:       /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial:       1450AD60
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/_LR7wsL_V8eMlOcw6uvYcKXrj3I.roa
Signing time:             Thu 24 Mar 2022 15:10:10 +0000
ROA not before:           Thu 24 Mar 2022 15:10:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.231.0/24 maxlen: 24
                          217.29.66.0/23 maxlen: 23
                          217.29.68.0/23 maxlen: 23
                          185.1.186.0/24 maxlen: 24
                          2001:7f8:b:100::/64 maxlen: 64
                          2001:7f8:101:7::/64 maxlen: 64
                          2001:7f8:101:13::/64 maxlen: 64
                          2001:7f8:b:101::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 340831584 (0x1450ad60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
        Validity
            Not Before: Mar 24 15:10:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fcb47bc2c2ff57c78c94e730eaebd870a5eb8f72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a1:3c:e8:23:23:3e:ef:9f:36:73:27:a7:bf:
                    17:f4:10:fe:a0:54:ab:5d:96:98:22:af:ba:6c:0c:
                    f5:95:c2:d0:28:e9:e9:5f:ee:c6:d4:7b:81:2b:4d:
                    04:6f:da:66:e7:f6:ac:29:15:d6:06:87:5a:47:db:
                    ea:22:10:d0:57:c5:41:1b:bf:fa:57:94:81:5e:50:
                    5c:e6:18:4f:ba:d8:ce:54:f4:07:5f:0f:46:0f:9d:
                    e7:0f:1b:5b:51:52:75:90:f8:35:6c:cd:67:f1:78:
                    ad:8d:5e:ca:68:d4:91:5d:79:92:0b:9f:fb:5b:f1:
                    4f:f0:73:53:00:03:b1:e2:c7:59:c2:29:bf:42:ab:
                    a0:ab:b9:83:b4:26:f4:74:de:27:82:89:a6:74:28:
                    1e:30:8f:b2:2d:db:67:02:9d:ad:0a:9c:a7:34:a3:
                    c2:c1:bb:e0:74:81:25:74:e1:46:24:d4:1f:42:3c:
                    dd:89:96:38:fe:6b:23:92:5a:2b:93:8a:a6:7a:bc:
                    98:fd:a3:aa:2c:59:52:d2:fb:02:5d:30:e0:9a:ec:
                    c7:e9:bd:60:37:53:da:50:71:06:ca:cf:bc:54:14:
                    de:63:86:96:74:30:da:cf:4a:af:0f:59:70:35:1d:
                    d7:1c:af:43:37:19:75:98:9a:8b:da:7b:44:f1:60:
                    9b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:B4:7B:C2:C2:FF:57:C7:8C:94:E7:30:EA:EB:D8:70:A5:EB:8F:72
            X509v3 Authority Key Identifier:
                keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/_LR7wsL_V8eMlOcw6uvYcKXrj3I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.186.0/24
                  185.1.231.0/24
                  217.29.66.0-217.29.69.255
                IPv6:
                  2001:7f8:b:100::/63
                  2001:7f8:101:7::/64
                  2001:7f8:101:13::/64

    Signature Algorithm: sha256WithRSAEncryption
         9f:b8:17:dd:52:de:eb:7b:5e:dd:e5:0d:aa:c5:16:ce:41:da:
         ad:a4:de:41:c3:d0:1b:ba:95:38:f3:68:5d:3c:1b:c4:08:35:
         7a:39:3e:80:f4:da:a3:53:23:9f:5d:2c:46:68:ea:db:2b:5d:
         b8:b5:16:8c:a0:75:dc:46:b2:9c:03:87:ec:32:84:1d:0a:80:
         dc:e7:e9:fb:df:ea:8e:fb:c9:18:45:99:b7:d2:3e:06:10:d6:
         63:9c:23:5a:5e:7b:8d:df:d3:cb:28:e5:b8:7c:db:8d:94:e5:
         d2:e9:c1:93:11:67:aa:35:20:29:02:60:7e:d9:77:33:2b:3e:
         13:f1:cd:42:41:bd:86:a0:4b:02:83:00:70:40:3a:9e:78:52:
         73:c7:5e:f2:04:fa:d5:6b:cf:e6:26:10:79:c0:f1:e9:de:20:
         41:c5:c5:2f:cc:4c:04:ae:ee:f5:cf:5b:b2:fd:af:86:23:f1:
         9c:57:82:8a:50:44:0f:b3:09:d4:7e:f0:76:3c:1e:5e:5f:f6:
         68:97:85:de:c1:43:af:6b:0f:f7:d5:ef:40:0f:af:a0:0d:c9:
         57:f2:83:51:a4:16:ad:0b:f2:66:fd:67:6c:90:5b:46:cd:35:
         1a:a0:a9:8f:f2:10:b8:09:00:bd:6f:03:7e:ca:ff:65:96:1d:
         20:59:12:d0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEFFCtYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzlkYTQ2NTYxNWM2MDA5NDM3MDgzMzg5MmRhODRjODg2ZTFjNGVmMB4XDTIyMDMy
NDE1MTAxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNiNDdiYzJjMmZm
NTdjNzhjOTRlNzMwZWFlYmQ4NzBhNWViOGY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKahPOgjIz7vnzZzJ6e/F/QQ/qBUq12WmCKvumwM9ZXC0Cjp
6V/uxtR7gStNBG/aZuf2rCkV1gaHWkfb6iIQ0FfFQRu/+leUgV5QXOYYT7rYzlT0
B18PRg+d5w8bW1FSdZD4NWzNZ/F4rY1eymjUkV15kguf+1vxT/BzUwADseLHWcIp
v0KroKu5g7Qm9HTeJ4KJpnQoHjCPsi3bZwKdrQqcpzSjwsG74HSBJXThRiTUH0I8
3YmWOP5rI5JaK5OKpnq8mP2jqixZUtL7Al0w4Jrsx+m9YDdT2lBxBsrPvFQU3mOG
lnQw2s9Krw9ZcDUd1xyvQzcZdZiai9p7RPFgm6UCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBT8tHvCwv9Xx4yU5zDq69hwpeuPcjAfBgNVHSMEGDAWgBTXnaRlYVxgCUNw
gziS2oTIhuHE7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzE1MmtaV0ZjWUFsRGNJTTRrdHFFeUliaHhPOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvZDc5Yzk4LWMyN2QtNDViMy04NmQ5LWRhZDNiYjEzYzBhMi8x
L19MUjd3c0xfVjhlTWxPY3c2dXZZY0tYcmozSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ZDc5Yzk4LWMyN2QtNDViMy04NmQ5LWRhZDNiYjEzYzBhMi8xLzE1MmtaV0ZjWUFs
RGNJTTRrdHFFeUliaHhPOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswIAQCAAEwGgMEALkBugMEALkB5zAMAwQB2R1CAwQB
2R1EMCcEAgACMCEDCQEgAQf4AAsBAAMJACABB/gBAQAHAwkAIAEH+AEBABMwDQYJ
KoZIhvcNAQELBQADggEBAJ+4F91S3ut7Xt3lDarFFs5B2q2k3kHD0Bu6lTjzaF08
G8QINXo5PoD02qNTI59dLEZo6tsrXbi1FoygddxGspwDh+wyhB0KgNzn6fvf6o77
yRhFmbfSPgYQ1mOcI1pee43f08so5bh8242U5dLpwZMRZ6o1ICkCYH7ZdzMrPhPx
zUJBvYagSwKDAHBAOp54UnPHXvIE+tVrz+YmEHnA8eneIEHFxS/MTASu7vXPW7L9
r4Yj8ZxXgopQRA+zCdR+8HY8Hl5f9miXhd7BQ69rD/fV70APr6ANyVfyg1GkFq0L
8mb9Z2yQW0bNNRqgqY/yELgJAL1vA37K/2WWHSBZEtA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:44 2024 by rpki-client on console-ams.rpki-client.org