Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa
File:                     B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa (raw, json)
Hash identifier:          8SvMKk1C/rtPX35ovfNZ1L+5W6EK9lpZzcxqzRd+kcA=
Subject key identifier:   07:76:25:AA:0E:6E:DF:87:B9:5C:0C:F8:8E:0B:D5:0B:59:45:96:0C
Certificate issuer:       /CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Certificate serial:       0D170E6D
Authority key identifier: AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa
Signing time:             Sat 01 Jan 2022 10:53:42 +0000
ROA not before:           Sat 01 Jan 2022 10:53:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2586
IP address blocks:        194.204.0.0/18 maxlen: 20
                          178.23.112.0/21 maxlen: 23
                          81.90.112.0/20 maxlen: 23
                          194.150.64.0/22 maxlen: 24
                          185.13.16.0/22 maxlen: 24
                          95.129.192.0/21 maxlen: 23
                          87.119.160.0/19 maxlen: 21
                          94.246.216.0/21 maxlen: 22
                          146.255.176.0/21 maxlen: 23
                          2001:1530::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 219614829 (0xd170e6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
        Validity
            Not Before: Jan  1 10:53:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=077625aa0e6edf87b95c0cf88e0bd50b5945960c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:27:44:ce:6c:b3:60:15:54:00:50:70:a3:6e:
                    91:d8:1d:2d:de:45:98:d7:75:ac:ed:ca:b7:94:9f:
                    82:dd:08:27:c6:13:a0:fd:dc:e7:a1:94:12:1c:63:
                    c7:7b:6c:38:a6:ab:b9:a9:7f:6c:cc:0f:28:2b:e6:
                    f6:11:ad:d9:87:72:17:e2:37:82:59:30:3b:53:34:
                    0b:ed:2f:e5:e7:e4:cf:a6:67:aa:0c:7d:66:98:7f:
                    a4:1d:6d:b0:f0:e0:fc:9a:f4:96:36:79:31:8f:db:
                    2e:ab:e1:16:f6:4d:6b:59:22:86:76:a5:c3:1b:8d:
                    5c:7e:35:69:54:87:db:2a:46:be:00:92:35:55:22:
                    2e:c6:5c:98:ac:34:14:b0:a0:7d:84:b4:38:95:70:
                    00:d0:ac:8e:d7:44:4e:ae:84:38:87:4e:1e:6d:ff:
                    06:f2:c5:2d:af:56:fb:1b:88:40:58:44:54:93:d3:
                    75:e7:ee:c3:dd:76:23:a2:09:27:48:b6:e6:58:22:
                    24:f9:8c:1d:93:15:68:20:f5:d8:35:9c:ed:9e:df:
                    8b:f4:ec:c6:3d:dc:3d:36:26:2c:17:77:15:6d:1b:
                    46:d4:2b:61:e8:02:f0:ef:70:f2:1a:d0:3a:c2:15:
                    e2:e5:e6:6b:7b:92:42:3b:e3:25:67:e7:50:95:8b:
                    ef:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:76:25:AA:0E:6E:DF:87:B9:5C:0C:F8:8E:0B:D5:0B:59:45:96:0C
            X509v3 Authority Key Identifier:
                keyid:AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.90.112.0/20
                  87.119.160.0/19
                  94.246.216.0/21
                  95.129.192.0/21
                  146.255.176.0/21
                  178.23.112.0/21
                  185.13.16.0/22
                  194.150.64.0/22
                  194.204.0.0/18
                IPv6:
                  2001:1530::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:2c:43:c8:1b:28:fb:6a:77:8b:ef:0f:f4:2d:27:3a:d4:41:
         a8:cf:0d:46:33:d0:11:da:6f:5a:c5:90:8f:33:df:f5:8b:38:
         97:eb:9b:4a:be:84:0a:a7:8e:e3:b7:1a:da:11:5e:a2:5e:b5:
         c7:ad:8d:83:32:2a:70:87:85:d3:14:e2:6d:1d:ea:b8:0c:cd:
         d6:2e:17:49:7e:3b:1f:15:16:e0:52:1a:0c:6a:a7:ed:8b:1d:
         7e:42:bc:a2:99:d1:3e:86:b2:a3:0e:b0:a2:bd:83:53:06:4d:
         b7:fe:37:95:27:48:53:98:3b:72:be:4b:56:27:e0:3b:b4:4e:
         7e:1b:f9:29:0b:fe:af:b3:1a:42:b6:59:a8:0b:f5:38:fc:c0:
         56:e4:56:6c:62:4b:03:06:a6:8e:fd:ad:84:2a:72:64:2d:83:
         3a:a6:aa:47:0a:30:16:c7:71:98:f3:a3:8a:1e:8c:ee:63:0b:
         3e:c6:ef:01:42:f9:45:69:70:79:ee:cd:35:89:af:30:cc:7b:
         8a:06:4e:87:fa:67:71:ae:cd:36:f4:58:59:f2:53:1c:40:b0:
         1e:e0:f9:1c:ef:a4:bc:a0:28:f0:0d:e1:e2:52:06:80:96:95:
         cf:1d:16:ac:05:f6:00:b0:8a:75:43:75:f6:91:7a:69:66:fa:
         25:f8:eb:ee
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEDRcObTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDJjZjAzZTQ0ZGEyOGI3MzE5ZWE3YjdiNWIxMTBiOWI4Y2I3YTcwMB4XDTIyMDEw
MTEwNTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc3NjI1YWEwZTZl
ZGY4N2I5NWMwY2Y4OGUwYmQ1MGI1OTQ1OTYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKonRM5ss2AVVABQcKNukdgdLd5FmNd1rO3Kt5Sfgt0IJ8YT
oP3c56GUEhxjx3tsOKarual/bMwPKCvm9hGt2YdyF+I3glkwO1M0C+0v5efkz6Zn
qgx9Zph/pB1tsPDg/Jr0ljZ5MY/bLqvhFvZNa1kihnalwxuNXH41aVSH2ypGvgCS
NVUiLsZcmKw0FLCgfYS0OJVwANCsjtdETq6EOIdOHm3/BvLFLa9W+xuIQFhEVJPT
defuw912I6IJJ0i25lgiJPmMHZMVaCD12DWc7Z7fi/Tsxj3cPTYmLBd3FW0bRtQr
YegC8O9w8hrQOsIV4uXma3uSQjvjJWfnUJWL74UCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQHdiWqDm7fh7lcDPiOC9ULWUWWDDAfBgNVHSMEGDAWgBStLPA+RNootzGe
p7e1sRC5uMt6cDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JTendQa1RhS0xjeG5xZTN0YkVRdWJqTGVuQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvY2FlMzE5LTU1NzEtNDZmOS1iNTdkLWJlMDY1ZTFhYzA2Ny8x
L0IzWWxxZzV1MzRlNVhBejRqZ3ZWQzFsRmxndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
Y2FlMzE5LTU1NzEtNDZmOS1iNTdkLWJlMDY1ZTFhYzA2Ny8xL3JTendQa1RhS0xj
eG5xZTN0YkVRdWJqTGVuQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBFFacAMEBVd3oAMEA1722AMEA1+B
wAMEA5L/sAMEA7IXcAMEArkNEAMEAsKWQAMEBsLMADANBAIAAjAHAwUAIAEVMDAN
BgkqhkiG9w0BAQsFAAOCAQEAZyxDyBso+2p3i+8P9C0nOtRBqM8NRjPQEdpvWsWQ
jzPf9Ys4l+ubSr6ECqeO47ca2hFeol61x62NgzIqcIeF0xTibR3quAzN1i4XSX47
HxUW4FIaDGqn7YsdfkK8opnRPoayow6wor2DUwZNt/43lSdIU5g7cr5LVifgO7RO
fhv5KQv+r7MaQrZZqAv1OPzAVuRWbGJLAwamjv2thCpyZC2DOqaqRwowFsdxmPOj
ih6M7mMLPsbvAUL5RWlwee7NNYmvMMx7igZOh/pnca7NNvRYWfJTHECwHuD5HO+k
vKAo8A3h4lIGgJaVzx0WrAX2ALCKdUN19pF6aWb6Jfjr7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:22 2024 by rpki-client on console-fra.rpki-client.org