Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa
File:                     iBHWDf-EyhBxcCSjeyk7gZTxioo.roa (raw, json)
Hash identifier:          OBh5+u2F35kTKwSVZxKQg3eh9ZrkoYdujFKCMQigFj4=
Subject key identifier:   88:11:D6:0D:FF:84:CA:10:71:70:24:A3:7B:29:3B:81:94:F1:8A:8A
Certificate issuer:       /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial:       16A3870B
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa
Signing time:             Sat 01 Jan 2022 02:00:27 +0000
ROA not before:           Sat 01 Jan 2022 02:00:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33848
IP address blocks:        141.36.0.0/16 maxlen: 27
                          192.109.218.0/24 maxlen: 27
                          185.152.96.0/22 maxlen: 27
                          84.21.32.0/19 maxlen: 27
                          147.12.96.0/19 maxlen: 27
                          2a00:4980::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 379815691 (0x16a3870b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
        Validity
            Not Before: Jan  1 02:00:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8811d60dff84ca10717024a37b293b8194f18a8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d1:dc:9f:e9:47:bc:51:fe:d5:d8:8c:49:d3:
                    5a:22:35:ed:48:91:6b:9b:c2:ce:ca:4a:3c:03:84:
                    8b:2b:10:37:3e:4a:f9:6e:f8:42:59:23:d7:be:6d:
                    8a:88:89:91:28:f5:80:bd:4e:2c:45:21:d9:87:55:
                    3c:92:66:8c:a1:dd:05:fe:81:e5:4d:dc:80:15:79:
                    17:a5:22:d5:73:1b:af:e2:c6:9b:d8:95:55:f2:0f:
                    cd:89:99:8f:ca:9c:35:10:30:39:7b:e5:dc:de:2a:
                    a7:03:f3:d1:a5:d6:a5:0b:f2:62:04:c1:87:d1:dc:
                    c0:b9:74:74:cd:7a:37:91:c1:c5:3e:2e:86:20:a4:
                    d8:51:2c:44:e7:2d:66:c7:11:d5:b5:c8:3a:b3:e8:
                    e6:d5:b0:1d:c2:30:f7:d4:9a:2f:1f:5d:5a:4a:e0:
                    1a:48:f2:ef:c2:80:3e:b7:da:40:da:9d:d4:9f:b7:
                    85:94:a3:b9:d0:62:c9:4b:86:78:2c:e1:30:5d:9a:
                    78:2c:6c:8c:b4:68:36:0a:94:fc:6e:f9:7b:2b:09:
                    f7:23:bd:e7:c5:db:c0:c9:b7:c8:85:7d:5b:49:af:
                    51:07:40:bf:06:75:74:8d:ec:93:25:12:dc:6f:52:
                    c6:d8:a2:af:23:42:a8:31:b7:58:4c:7e:ed:e9:47:
                    95:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:11:D6:0D:FF:84:CA:10:71:70:24:A3:7B:29:3B:81:94:F1:8A:8A
            X509v3 Authority Key Identifier:
                keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.21.32.0/19
                  141.36.0.0/16
                  147.12.96.0/19
                  185.152.96.0/22
                  192.109.218.0/24
                IPv6:
                  2a00:4980::/29

    Signature Algorithm: sha256WithRSAEncryption
         73:7d:3a:c0:a6:82:39:d6:88:b9:21:f4:89:a2:04:a7:62:8c:
         6e:8c:30:b1:55:37:79:a7:ce:00:8f:4f:6c:fb:ad:25:24:08:
         45:d1:75:22:c0:b4:bb:49:85:04:63:c0:ad:1d:d0:51:53:bb:
         58:ef:25:86:e7:01:75:2d:a3:15:fe:ea:6e:d1:fe:f3:1d:bc:
         f6:d0:1d:4f:76:ea:c4:b3:99:6d:9c:47:2d:47:2d:d1:43:17:
         04:a2:77:91:9e:a5:75:23:ef:6f:eb:d9:e2:ba:8f:55:13:df:
         d7:b1:31:13:f5:ca:b9:e6:e6:28:12:5a:db:17:72:8a:13:5b:
         c8:21:d2:4b:13:1c:c0:7e:86:e7:0f:65:ad:4a:c2:cd:42:03:
         22:bc:b9:22:b5:60:71:6e:25:20:cd:c3:2e:aa:81:fc:42:f6:
         8d:9e:fc:94:88:ef:6d:9f:db:77:f0:9a:d2:7a:43:b1:dd:be:
         5c:04:06:c2:63:d6:0c:3c:25:2b:01:98:57:91:9a:13:f6:e5:
         f2:a2:4d:f3:bd:3b:8f:8f:4e:f5:93:84:f6:19:2b:06:55:5c:
         d1:b2:b4:a9:3a:03:54:34:b7:3d:10:23:93:33:46:47:35:87:
         9a:92:b3:c1:cb:f0:10:54:46:5b:27:95:d8:3c:c5:64:05:b8:
         99:da:bc:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEFqOHCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjY4NmM4NTJmMzZmYmU5ZmM4YmU3N2M0MDliNTIyNmE2ZWU1NGQ1MB4XDTIyMDEw
MTAyMDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgxMWQ2MGRmZjg0
Y2ExMDcxNzAyNGEzN2IyOTNiODE5NGYxOGE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHR3J/pR7xR/tXYjEnTWiI17UiRa5vCzspKPAOEiysQNz5K
+W74Qlkj175tioiJkSj1gL1OLEUh2YdVPJJmjKHdBf6B5U3cgBV5F6Ui1XMbr+LG
m9iVVfIPzYmZj8qcNRAwOXvl3N4qpwPz0aXWpQvyYgTBh9HcwLl0dM16N5HBxT4u
hiCk2FEsROctZscR1bXIOrPo5tWwHcIw99SaLx9dWkrgGkjy78KAPrfaQNqd1J+3
hZSjudBiyUuGeCzhMF2aeCxsjLRoNgqU/G75eysJ9yO958XbwMm3yIV9W0mvUQdA
vwZ1dI3skyUS3G9SxtiiryNCqDG3WEx+7elHlSECAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSIEdYN/4TKEHFwJKN7KTuBlPGKijAfBgNVHSMEGDAWgBSSaGyFLzb76fyL
53xAm1Impu5U1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ttaHNoUzgyLS1uOGktZDhRSnRTSnFidVZOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvZDU1OWIyLTRiMzMtNGY4ZC05ZDIxLWJhNzFmYmRiMDM3NC8x
L2lCSFdEZi1FeWhCeGNDU2pleWs3Z1pUeGlvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
ZDU1OWIyLTRiMzMtNGY4ZC05ZDIxLWJhNzFmYmRiMDM3NC8xL2ttaHNoUzgyLS1u
OGktZDhRSnRTSnFidVZOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMEBVQVIAMDAI0kAwQFkwxgAwQCuZhg
AwQAwG3aMA0EAgACMAcDBQMqAEmAMA0GCSqGSIb3DQEBCwUAA4IBAQBzfTrApoI5
1oi5IfSJogSnYoxujDCxVTd5p84Aj09s+60lJAhF0XUiwLS7SYUEY8CtHdBRU7tY
7yWG5wF1LaMV/upu0f7zHbz20B1PdurEs5ltnEctRy3RQxcEoneRnqV1I+9v69ni
uo9VE9/XsTET9cq55uYoElrbF3KKE1vIIdJLExzAfobnD2WtSsLNQgMivLkitWBx
biUgzcMuqoH8QvaNnvyUiO9tn9t38JrSekOx3b5cBAbCY9YMPCUrAZhXkZoT9uXy
ok3zvTuPj071k4T2GSsGVVzRsrSpOgNUNLc9ECOTM0ZHNYeakrPBy/AQVEZbJ5XY
PMVkBbiZ2ry4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:41 2024 by rpki-client on console-ams.rpki-client.org