Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/5Q8u3vy1dN1d5qclCxN-JF1qbH4.roa
File:                     5Q8u3vy1dN1d5qclCxN-JF1qbH4.roa (raw, json)
Hash identifier:          P7FO+eVeFCF2U2W81XxqPgnNgANHoRswBqnqCjcECSI=
Subject key identifier:   E5:0F:2E:DE:FC:B5:74:DD:5D:E6:A7:25:0B:13:7E:24:5D:6A:6C:7E
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       0B188782
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/5Q8u3vy1dN1d5qclCxN-JF1qbH4.roa
Signing time:             Thu 07 Apr 2022 17:31:11 +0000
ROA not before:           Thu 07 Apr 2022 17:31:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49453
IP address blocks:        185.152.92.0/22 maxlen: 24
                          85.239.36.0/22 maxlen: 24
                          85.239.35.0/24 maxlen: 24
                          85.239.48.0/20 maxlen: 24
                          85.239.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186156930 (0xb188782)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: Apr  7 17:31:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e50f2edefcb574dd5de6a7250b137e245d6a6c7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:93:53:e9:72:88:0a:b7:12:a1:82:7b:7e:35:
                    e1:cd:f0:6e:a9:7d:fe:1a:d4:fa:fd:07:f7:73:59:
                    f7:22:f5:b0:68:3e:77:2d:fa:aa:2e:1a:84:17:49:
                    d7:ed:c4:2f:d1:81:33:6a:7b:2e:11:63:2e:82:0a:
                    b8:11:5c:7e:3e:1f:df:14:3b:8f:c6:39:87:c7:3e:
                    a5:74:e8:c6:98:36:74:8a:95:e8:03:e4:10:40:06:
                    3a:35:51:8c:98:26:bf:21:a5:e5:92:94:8b:4a:1a:
                    8a:36:5b:89:89:17:2e:d1:9d:eb:cb:50:f8:a3:ee:
                    e0:77:a3:c6:2b:4e:ea:96:bf:e5:d5:77:ca:b4:6f:
                    13:e7:18:d1:b9:a8:57:ba:a6:b9:a7:93:8a:b6:30:
                    f3:f2:a1:ab:45:9f:83:85:d2:26:38:be:12:8d:75:
                    4d:c9:de:69:a9:70:fc:d8:ae:ae:7c:d4:0e:08:1d:
                    95:9b:ce:65:2f:30:e2:1f:a8:fe:ff:22:86:c1:0f:
                    2e:05:cb:1a:13:63:99:c7:18:78:0d:a6:ae:b7:ca:
                    1b:7a:bd:5c:c0:5b:44:21:b5:ba:df:32:6f:d2:af:
                    81:d5:56:e1:8d:76:6c:d7:0e:30:0e:dc:0f:9f:c8:
                    cb:e2:01:c6:7f:2d:77:34:55:b1:7e:c2:ba:47:f2:
                    80:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:0F:2E:DE:FC:B5:74:DD:5D:E6:A7:25:0B:13:7E:24:5D:6A:6C:7E
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/5Q8u3vy1dN1d5qclCxN-JF1qbH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.35.0-85.239.39.255
                  85.239.48.0/20
                  185.152.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:63:3e:8a:49:41:e5:76:c9:36:b0:96:d4:87:f3:53:02:42:
         3f:43:85:f3:30:8f:9f:45:2c:79:8d:08:00:c8:8e:c4:ae:96:
         36:c1:83:4f:16:2e:b5:ec:b1:76:8b:ab:8e:2d:41:ac:63:80:
         33:d2:90:ae:6f:cf:a8:10:1e:53:c9:27:f9:86:95:11:42:15:
         97:1d:a5:2d:d5:9e:f2:94:af:2b:67:4a:5c:c1:4d:2e:8b:a0:
         e2:64:f6:d1:59:88:f8:f1:cb:91:de:e2:12:df:50:61:91:86:
         4c:fc:b4:f4:ff:fa:a5:19:6e:71:67:eb:3f:54:70:3a:08:88:
         3d:ac:7a:94:ff:ef:a6:19:4d:78:1e:93:42:f9:4c:88:83:7d:
         10:dd:85:4d:1e:21:13:0b:18:31:d3:86:11:1c:37:0e:ca:ee:
         64:61:0d:c1:4e:96:4b:c9:2a:53:4d:2d:31:f2:2d:a9:62:83:
         b9:26:73:96:83:4f:a9:50:45:6e:d0:c0:e7:b4:f9:f6:e5:fd:
         f7:35:cd:fe:f9:72:47:e1:29:77:0a:90:ac:2b:59:d7:d6:a1:
         f6:a5:41:78:c9:73:82:ae:cb:a6:b8:8d:8f:66:45:f6:45:d7:
         8e:82:34:7b:5e:be:63:8d:e5:8c:b4:3f:41:c4:4f:69:6b:26:
         0b:30:3c:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECxiHgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDQw
NzE3MzExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTUwZjJlZGVmY2I1
NzRkZDVkZTZhNzI1MGIxMzdlMjQ1ZDZhNmM3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGTU+lyiAq3EqGCe3414c3wbql9/hrU+v0H93NZ9yL1sGg+
dy36qi4ahBdJ1+3EL9GBM2p7LhFjLoIKuBFcfj4f3xQ7j8Y5h8c+pXToxpg2dIqV
6APkEEAGOjVRjJgmvyGl5ZKUi0oaijZbiYkXLtGd68tQ+KPu4HejxitO6pa/5dV3
yrRvE+cY0bmoV7qmuaeTirYw8/Khq0Wfg4XSJji+Eo11Tcneaalw/NiurnzUDggd
lZvOZS8w4h+o/v8ihsEPLgXLGhNjmccYeA2mrrfKG3q9XMBbRCG1ut8yb9KvgdVW
4Y12bNcOMA7cD5/Iy+IBxn8tdzRVsX7CukfygMUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTlDy7e/LV03V3mpyULE34kXWpsfjAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
LzVROHUzdnkxZE4xZDVxY2xDeE4tSkYxcWJINC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAVe8jAwQDVe8gAwQEVe8wAwQC
uZhcMA0GCSqGSIb3DQEBCwUAA4IBAQCBYz6KSUHldsk2sJbUh/NTAkI/Q4XzMI+f
RSx5jQgAyI7ErpY2wYNPFi617LF2i6uOLUGsY4Az0pCub8+oEB5TySf5hpURQhWX
HaUt1Z7ylK8rZ0pcwU0ui6DiZPbRWYj48cuR3uIS31BhkYZM/LT0//qlGW5xZ+s/
VHA6CIg9rHqU/++mGU14HpNC+UyIg30Q3YVNHiETCxgx04YRHDcOyu5kYQ3BTpZL
ySpTTS0x8i2pYoO5JnOWg0+pUEVu0MDntPn25f33Nc3++XJH4Sl3CpCsK1nX1qH2
pUF4yXOCrsumuI2PZkX2RdeOgjR7Xr5jjeWMtD9BxE9payYLMDzL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org