Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ep99VeVaCJnCskYf34W8e5ihNLQ.roa
File:                     ep99VeVaCJnCskYf34W8e5ihNLQ.roa (raw, json)
Hash identifier:          uOB2+WZBs6Kv2byeXUbG2Xz/vqvOEbLyVeBDtCDF7Y4=
Subject key identifier:   7A:9F:7D:55:E5:5A:08:99:C2:B2:46:1F:DF:85:BC:7B:98:A1:34:B4
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018214CBB28E3AF3F40A355066AFB5205C0E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ep99VeVaCJnCskYf34W8e5ihNLQ.roa
Signing time:             Tue 19 Jul 2022 04:51:09 +0000
ROA not before:           Tue 19 Jul 2022 04:51:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397423
IP address blocks:        85.133.218.0/24 maxlen: 24
                          85.133.216.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:14:cb:b2:8e:3a:f3:f4:0a:35:50:66:af:b5:20:5c:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jul 19 04:51:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a9f7d55e55a0899c2b2461fdf85bc7b98a134b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5a:07:82:c3:e9:18:0c:e0:a7:36:52:f6:14:
                    41:68:a6:f1:bf:2c:e2:10:b2:7a:7e:a6:10:d0:83:
                    b3:4f:30:f3:86:ff:0f:f7:b6:36:ca:77:30:6f:15:
                    4c:3b:ac:1a:75:47:b2:c8:a5:fc:b0:a5:7a:d7:20:
                    be:d2:ba:41:e9:28:24:b8:a4:20:82:77:ce:83:2d:
                    c0:bb:9b:e9:74:36:ec:4b:dd:00:76:39:cf:7a:c9:
                    a8:ab:8e:ec:c6:07:87:d9:a0:8c:3e:c0:39:0e:97:
                    26:c5:7d:fe:84:6a:10:a6:e5:ff:72:a7:bd:f5:e9:
                    4d:84:66:55:e3:74:d5:aa:e9:47:d0:79:a4:3a:b4:
                    da:e7:73:69:4a:f8:4b:65:7c:06:2e:89:a2:62:0a:
                    59:56:61:dc:04:ed:81:9d:fb:78:03:db:aa:db:78:
                    88:ca:b9:db:4e:a6:63:f8:d7:b2:1a:9d:1f:93:87:
                    42:ab:41:c2:c6:db:5a:19:c6:b0:21:3e:b3:9d:76:
                    2c:bf:09:3a:bf:65:0a:55:77:a4:5a:d9:c6:45:42:
                    71:1c:81:97:1b:a4:c8:30:37:01:c8:07:cf:b1:65:
                    58:02:b5:f6:3e:45:63:dc:85:e5:67:8d:37:c2:25:
                    8f:e7:de:04:f0:61:0a:eb:1b:18:ce:9e:6c:37:73:
                    ff:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:9F:7D:55:E5:5A:08:99:C2:B2:46:1F:DF:85:BC:7B:98:A1:34:B4
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ep99VeVaCJnCskYf34W8e5ihNLQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.215.0-85.133.216.255
                  85.133.218.0/23
                  85.133.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:b4:79:01:96:34:59:33:59:ff:ef:90:0a:66:8e:ce:fa:6b:
         4f:c2:2e:d2:4d:a2:89:64:d1:1a:b2:af:bf:53:2c:ab:65:c1:
         ad:a8:dd:b1:81:20:6b:aa:ad:01:d3:df:b8:62:4d:7c:72:9c:
         7f:36:17:a8:12:dd:bf:cd:e7:f1:ee:dc:1b:30:16:8b:84:75:
         4a:73:70:1c:e2:e8:6e:4c:7f:87:a0:c1:01:45:67:7f:44:a3:
         ab:31:9a:81:63:80:15:b8:99:02:05:1e:a6:9b:b1:71:27:74:
         ec:6f:06:ab:1d:b7:ad:75:de:e3:04:73:c7:0b:ec:1d:01:fd:
         a9:08:d7:05:bb:cf:0a:8e:ab:57:dc:92:1e:74:40:fb:f8:5f:
         aa:b3:03:5f:6a:c1:ae:18:eb:64:dc:05:9d:79:c7:19:24:d7:
         7c:91:26:dd:d4:e5:a4:b1:2e:42:9b:78:9d:6b:6f:47:30:88:
         54:02:7d:2e:45:e6:6b:70:b2:c8:ef:3c:1e:2a:bc:da:83:34:
         6f:20:6e:35:0c:af:f3:a6:50:b5:f1:45:72:4d:ab:1a:f9:cc:
         a6:a6:2a:91:fb:6d:78:d2:50:ff:ed:b1:79:b3:db:85:20:bf:
         78:84:8b:4a:0d:d0:9a:83:e1:45:6b:c6:5e:ef:96:1b:ba:ee:
         9f:e5:cb:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIUy7KOOvP0CjVQZq+1IFwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIwNzE5MDQ1MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTlmN2Q1NWU1NWEwODk5YzJiMjQ2MWZkZjg1YmM3Yjk4YTEzNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjloHgsPpGAzgpzZS9hRBaKbxvyzi
ELJ6fqYQ0IOzTzDzhv8P97Y2yncwbxVMO6wadUeyyKX8sKV61yC+0rpB6SgkuKQg
gnfOgy3Au5vpdDbsS90AdjnPesmoq47sxgeH2aCMPsA5DpcmxX3+hGoQpuX/cqe9
9elNhGZV43TVqulH0HmkOrTa53NpSvhLZXwGLomiYgpZVmHcBO2Bnft4A9uq23iI
yrnbTqZj+NeyGp0fk4dCq0HCxttaGcawIT6znXYsvwk6v2UKVXekWtnGRUJxHIGX
G6TIMDcByAfPsWVYArX2PkVj3IXlZ403wiWP594E8GEK6xsYzp5sN3P/WwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHqffVXlWgiZwrJGH9+FvHuYoTS0MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZXA5OVZlVmFDSm5Dc2tZZjM0VzhlNWloTkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVhdcD
BABVhdgDBAFVhdoDBABVheEwDQYJKoZIhvcNAQELBQADggEBAFC0eQGWNFkzWf/v
kApmjs76a0/CLtJNoolk0Rqyr79TLKtlwa2o3bGBIGuqrQHT37hiTXxynH82F6gS
3b/N5/Hu3BswFouEdUpzcBzi6G5Mf4egwQFFZ39Eo6sxmoFjgBW4mQIFHqabsXEn
dOxvBqsdt6113uMEc8cL7B0B/akI1wW7zwqOq1fckh50QPv4X6qzA19qwa4Y62Tc
BZ15xxkk13yRJt3U5aSxLkKbeJ1rb0cwiFQCfS5F5mtwssjvPB4qvNqDNG8gbjUM
r/OmULXxRXJNqxr5zKamKpH7bXjSUP/tsXmz24Ugv3iEi0oN0JqD4UVrxl7vlhu6
7p/lyyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org