Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/IUIchSuUywe-uR_-GBTP0BZlDLo.roa
File:                     IUIchSuUywe-uR_-GBTP0BZlDLo.roa (raw, json)
Hash identifier:          xQ8IG3oiWhpR1wyQznFz8N2Kr+zywtkij8x3FIOwEMc=
Subject key identifier:   21:42:1C:85:2B:94:CB:07:BE:B9:1F:FE:18:14:CF:D0:16:65:0C:BA
Certificate issuer:       /CN=198204d1c25a011236bea0741e4c60139d349b10
Certificate serial:       118BB85F
Authority key identifier: 19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/IUIchSuUywe-uR_-GBTP0BZlDLo.roa
Signing time:             Sat 01 Jan 2022 07:01:37 +0000
ROA not before:           Sat 01 Jan 2022 07:01:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34790
IP address blocks:        80.74.16.0/20 maxlen: 20
                          195.162.20.0/23 maxlen: 23
                          185.2.236.0/22 maxlen: 22
                          185.188.172.0/22 maxlen: 22
                          217.72.112.0/20 maxlen: 20
                          85.234.64.0/19 maxlen: 19
                          2a00:df00::/29 maxlen: 29
                          2a00:d000::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 294369375 (0x118bb85f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=198204d1c25a011236bea0741e4c60139d349b10
        Validity
            Not Before: Jan  1 07:01:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=21421c852b94cb07beb91ffe1814cfd016650cba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b2:eb:46:fa:5a:a9:2d:24:84:23:e8:80:1d:
                    d9:03:5b:fb:8c:fe:08:00:c1:36:74:8e:be:69:ee:
                    cb:26:c6:43:b7:2d:76:43:c9:47:18:1a:67:72:68:
                    67:7b:63:2b:9e:53:cc:b0:37:b6:cf:75:b5:54:44:
                    f5:57:5f:dc:e0:b2:af:41:84:d9:9a:b3:0e:7a:1e:
                    50:55:cd:94:f7:88:bf:4c:ca:b1:2b:b5:42:61:5b:
                    c2:43:13:2b:8d:6a:d2:7a:e3:2b:cd:b5:f7:20:98:
                    65:69:03:76:77:46:dc:3c:4f:44:50:ce:0a:dd:8e:
                    fd:18:71:53:c2:cf:f9:b4:ad:cf:12:26:de:45:4f:
                    38:52:bb:74:15:b0:18:03:ce:57:52:ec:01:b4:78:
                    0e:e4:a8:09:4c:7c:41:71:b1:2b:19:d0:9c:39:6b:
                    38:5e:5a:97:fc:43:62:cf:36:03:36:5b:0a:dd:92:
                    3e:59:8b:22:27:76:ce:39:0b:20:82:3f:84:12:3b:
                    2a:09:8a:fd:21:75:98:1e:80:24:c4:83:0c:1a:e1:
                    8d:d1:e7:40:a5:90:45:9c:29:4c:6f:23:4c:43:43:
                    1e:28:a2:dd:3a:04:27:a1:40:79:67:89:ed:3e:d6:
                    86:60:24:9c:f4:68:e6:99:a4:40:95:6a:c2:a6:3a:
                    45:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:42:1C:85:2B:94:CB:07:BE:B9:1F:FE:18:14:CF:D0:16:65:0C:BA
            X509v3 Authority Key Identifier:
                keyid:19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/IUIchSuUywe-uR_-GBTP0BZlDLo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.74.16.0/20
                  85.234.64.0/19
                  185.2.236.0/22
                  185.188.172.0/22
                  195.162.20.0/23
                  217.72.112.0/20
                IPv6:
                  2a00:d000::/29
                  2a00:df00::/29

    Signature Algorithm: sha256WithRSAEncryption
         38:af:cb:f5:90:41:33:8f:94:1b:d7:b6:a2:6b:ff:b9:e7:f7:
         a6:81:16:f3:e6:d8:05:53:6f:0e:55:5d:67:90:d6:1c:9e:6c:
         ab:dd:67:86:b3:0a:5d:ef:47:79:f8:01:ae:b1:ff:40:b0:35:
         34:f2:9f:b4:b3:1e:3c:b2:8f:70:5e:36:32:27:be:bc:4e:0f:
         78:1b:a7:87:8d:14:14:4c:f2:fc:a5:95:47:7f:c2:b2:d0:93:
         f9:c0:30:66:2c:e4:bf:42:c0:6e:ec:38:f0:98:5d:76:62:bd:
         24:9b:84:bb:5d:0a:19:fd:55:d5:4f:78:2f:73:03:82:b9:ec:
         68:75:fe:65:4c:2f:86:8a:5e:e6:8b:72:26:27:2d:de:4a:b5:
         4b:29:7e:97:7a:c3:f2:3c:2f:95:74:9d:eb:a4:8e:83:d9:1c:
         1c:85:23:51:6b:67:e2:e3:eb:00:64:79:94:2f:60:ca:7c:ba:
         6c:32:18:35:e8:92:4f:45:1b:20:45:5a:bb:f7:87:2f:41:67:
         1b:f2:63:5e:63:5c:fd:81:3c:f4:98:81:5e:da:5e:3d:5d:a5:
         a5:55:9a:1b:66:1b:0a:d1:2e:76:2e:1d:65:dc:51:5c:50:3d:
         ff:ee:73:9b:7c:64:55:84:dc:b6:ef:a5:27:38:fb:7d:27:ef:
         a1:18:20:84
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEEYu4XzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTgyMDRkMWMyNWEwMTEyMzZiZWEwNzQxZTRjNjAxMzlkMzQ5YjEwMB4XDTIyMDEw
MTA3MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE0MjFjODUyYjk0
Y2IwN2JlYjkxZmZlMTgxNGNmZDAxNjY1MGNiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJay60b6WqktJIQj6IAd2QNb+4z+CADBNnSOvmnuyybGQ7ct
dkPJRxgaZ3JoZ3tjK55TzLA3ts91tVRE9Vdf3OCyr0GE2ZqzDnoeUFXNlPeIv0zK
sSu1QmFbwkMTK41q0nrjK8219yCYZWkDdndG3DxPRFDOCt2O/RhxU8LP+bStzxIm
3kVPOFK7dBWwGAPOV1LsAbR4DuSoCUx8QXGxKxnQnDlrOF5al/xDYs82AzZbCt2S
PlmLIid2zjkLIII/hBI7KgmK/SF1mB6AJMSDDBrhjdHnQKWQRZwpTG8jTENDHiii
3ToEJ6FAeWeJ7T7WhmAknPRo5pmkQJVqwqY6RQcCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQhQhyFK5TLB765H/4YFM/QFmUMujAfBgNVHSMEGDAWgBQZggTRwloBEja+
oHQeTGATnTSbEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dZSUUwY0phQVJJMnZxQjBIa3hnRTUwMG14QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYzZmMGE4LTk4ZjItNDlmYi04NTA2LTQyYWQzYjRjOGQwYy8x
L0lVSWNoU3VVeXdlLXVSXy1HQlRQMEJabERMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YzZmMGE4LTk4ZjItNDlmYi04NTA2LTQyYWQzYjRjOGQwYy8xL0dZSUUwY0phQVJJ
MnZxQjBIa3hnRTUwMG14QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEBFBKEAMEBVXqQAMEArkC7AMEArm8
rAMEAcOiFAMEBNlIcDAUBAIAAjAOAwUDKgDQAAMFAyoA3wAwDQYJKoZIhvcNAQEL
BQADggEBADivy/WQQTOPlBvXtqJr/7nn96aBFvPm2AVTbw5VXWeQ1hyebKvdZ4az
Cl3vR3n4Aa6x/0CwNTTyn7SzHjyyj3BeNjInvrxOD3gbp4eNFBRM8vyllUd/wrLQ
k/nAMGYs5L9CwG7sOPCYXXZivSSbhLtdChn9VdVPeC9zA4K57Gh1/mVML4aKXuaL
ciYnLd5KtUspfpd6w/I8L5V0neukjoPZHByFI1FrZ+Lj6wBkeZQvYMp8umwyGDXo
kk9FGyBFWrv3hy9BZxvyY15jXP2BPPSYgV7aXj1dpaVVmhtmGwrRLnYuHWXcUVxQ
Pf/uc5t8ZFWE3LbvpSc4+30n76EYIIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:54 2024 by rpki-client on console-fra.rpki-client.org