Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/7MHczdE6UzJk3KNjo4Ex47SKOtQ.roa
File:                     7MHczdE6UzJk3KNjo4Ex47SKOtQ.roa (raw, json)
Hash identifier:          wthna3f+6RjPjdLvHJ2yqbaEBwcI+0yTBx0KgIUCx8w=
Subject key identifier:   EC:C1:DC:CD:D1:3A:53:32:64:DC:A3:63:A3:81:31:E3:B4:8A:3A:D4
Certificate issuer:       /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial:       04B674BD
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/7MHczdE6UzJk3KNjo4Ex47SKOtQ.roa
Signing time:             Sat 01 Jan 2022 00:57:37 +0000
ROA not before:           Sat 01 Jan 2022 00:57:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39657
IP address blocks:        185.63.12.0/22 maxlen: 22
                          81.93.32.0/22 maxlen: 22
                          81.93.32.0/21 maxlen: 21
                          81.93.32.0/20 maxlen: 20
                          81.93.36.0/22 maxlen: 22
                          81.93.40.0/21 maxlen: 21
                          81.93.40.0/22 maxlen: 22
                          81.93.44.0/22 maxlen: 22
                          93.88.32.0/22 maxlen: 22
                          93.88.32.0/20 maxlen: 20
                          93.88.36.0/22 maxlen: 22
                          93.88.40.0/22 maxlen: 22
                          81.30.16.0/20 maxlen: 20
                          93.88.44.0/22 maxlen: 22
                          81.30.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79066301 (0x4b674bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
        Validity
            Not Before: Jan  1 00:57:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecc1dccdd13a533264dca363a38131e3b48a3ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:da:d2:75:1b:86:6c:c2:83:c5:59:bc:f6:ee:
                    3b:38:9a:01:1b:76:9a:e1:6f:5a:6f:0a:37:2f:84:
                    cb:ec:19:ec:69:99:75:5f:a7:1d:b8:e9:16:be:dc:
                    c8:94:e6:1d:22:9e:81:fe:ba:ef:00:c4:86:1e:25:
                    7b:36:e0:75:4b:2f:fd:f3:98:ac:66:ea:c5:43:c6:
                    2d:51:3b:16:3c:b5:3b:3e:cc:27:d0:96:25:a4:00:
                    1e:b3:24:b2:d2:ef:83:a3:b6:7a:35:7c:d5:9c:88:
                    ee:b2:c1:87:32:e6:74:a2:7e:b2:c8:1d:d7:69:0f:
                    87:c1:0d:db:43:59:84:b5:3e:dd:3e:ca:46:66:c9:
                    42:79:c1:33:af:50:59:1e:ad:4e:75:64:e1:84:86:
                    9d:b6:8c:46:07:d9:ad:b8:54:29:1c:d7:1a:67:bd:
                    fd:9e:4a:0f:60:5f:80:66:45:26:58:e6:32:65:7f:
                    8e:47:47:85:de:52:f5:ab:04:16:32:cb:cc:46:b5:
                    57:be:99:23:80:59:19:ca:c7:0a:de:6a:d6:9e:8b:
                    fc:76:e4:74:e0:ce:f1:9a:98:00:e4:31:c2:ac:f5:
                    0a:48:1e:fd:c1:58:a8:b4:16:eb:a3:c1:78:38:d1:
                    78:62:8c:79:e0:e3:4f:79:00:50:2a:40:c5:da:c7:
                    d4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C1:DC:CD:D1:3A:53:32:64:DC:A3:63:A3:81:31:E3:B4:8A:3A:D4
            X509v3 Authority Key Identifier:
                keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/7MHczdE6UzJk3KNjo4Ex47SKOtQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.30.16.0/20
                  81.93.32.0/20
                  93.88.32.0/20
                  185.63.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b8:a8:1b:90:1b:90:5e:15:c0:68:c7:77:67:45:9d:f2:4b:04:
         ed:2c:5c:d7:63:49:f7:00:34:9d:71:9f:1d:2c:f0:87:8e:cd:
         c5:95:ca:b2:34:b4:35:21:bd:58:78:56:10:99:9c:86:a0:a9:
         79:27:4c:21:c7:21:a0:73:8e:c6:59:7f:87:31:9a:13:f2:fa:
         d2:6c:29:8a:37:90:26:78:fc:4c:e5:7a:44:a0:4e:f1:57:ee:
         34:3b:0b:3f:f8:7a:ea:a6:1d:44:16:cf:0f:cd:7e:3d:0c:7a:
         f7:bf:7f:b8:0e:32:47:9e:8e:51:4b:8e:3c:c8:7f:b0:59:02:
         bb:64:3e:62:ea:7d:30:17:7c:53:3a:f1:e5:c9:63:ce:ad:87:
         0f:14:6e:06:64:cc:4e:b1:17:cf:74:5f:a8:9f:ad:d8:f1:62:
         45:57:56:ed:f9:03:af:19:02:d3:52:21:de:02:a0:62:5a:95:
         6f:c6:49:06:e9:cd:5d:b3:e5:64:b0:0b:68:03:b6:51:93:00:
         d7:8a:1e:f7:d8:df:ab:77:b3:93:da:93:ab:af:39:4f:2d:68:
         7d:af:f9:bf:e2:79:a3:28:be:f9:55:2a:2c:95:5d:0d:4f:d1:
         b9:2b:9f:46:ed:3d:3e:63:08:3f:7b:9a:d5:e3:61:7d:94:9f:
         92:c6:a1:b9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBLZ0vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWUxYzdhYTBiMzk1ZTA2MTJlYzQyM2ZlMDdmYjAzODlhYWE0MDAzMB4XDTIyMDEw
MTAwNTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNjMWRjY2RkMTNh
NTMzMjY0ZGNhMzYzYTM4MTMxZTNiNDhhM2FkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDa0nUbhmzCg8VZvPbuOziaARt2muFvWm8KNy+Ey+wZ7GmZ
dV+nHbjpFr7cyJTmHSKegf667wDEhh4lezbgdUsv/fOYrGbqxUPGLVE7Fjy1Oz7M
J9CWJaQAHrMkstLvg6O2ejV81ZyI7rLBhzLmdKJ+ssgd12kPh8EN20NZhLU+3T7K
RmbJQnnBM69QWR6tTnVk4YSGnbaMRgfZrbhUKRzXGme9/Z5KD2BfgGZFJljmMmV/
jkdHhd5S9asEFjLLzEa1V76ZI4BZGcrHCt5q1p6L/HbkdODO8ZqYAOQxwqz1Ckge
/cFYqLQW66PBeDjReGKMeeDjT3kAUCpAxdrH1FMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTswdzN0TpTMmTco2OjgTHjtIo61DAfBgNVHSMEGDAWgBQa4ceqCzleBhLs
Qj/gf7A4mqpAAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d1SEhxZ3M1WGdZUzdFSV80SC13T0pxcVFBTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvYWJlNjI4LWZjZTctNDQ3ZS04NTNlLTk0ZmRjOWZiZGNhYy8x
LzdNSGN6ZEU2VXpKazNLTmpvNEV4NDdTS090US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
YWJlNjI4LWZjZTctNDQ3ZS04NTNlLTk0ZmRjOWZiZGNhYy8xL0d1SEhxZ3M1WGdZ
UzdFSV80SC13T0pxcVFBTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBFEeEAMEBFFdIAMEBF1YIAMEArk/
DDANBgkqhkiG9w0BAQsFAAOCAQEAuKgbkBuQXhXAaMd3Z0Wd8ksE7Sxc12NJ9wA0
nXGfHSzwh47NxZXKsjS0NSG9WHhWEJmchqCpeSdMIcchoHOOxll/hzGaE/L60mwp
ijeQJnj8TOV6RKBO8VfuNDsLP/h66qYdRBbPD81+PQx6979/uA4yR56OUUuOPMh/
sFkCu2Q+Yup9MBd8Uzrx5cljzq2HDxRuBmTMTrEXz3RfqJ+t2PFiRVdW7fkDrxkC
01Ih3gKgYlqVb8ZJBunNXbPlZLALaAO2UZMA14oe99jfq3ezk9qTq685Ty1ofa/5
v+J5oyi++VUqLJVdDU/RuSufRu09PmMIP3ua1eNhfZSfksahuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:16 2024 by rpki-client on console-ams.rpki-client.org