Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/aryVTKi5CqtAJ92eo0-LYB79ZYs.roa
File:                     aryVTKi5CqtAJ92eo0-LYB79ZYs.roa (raw, json)
Hash identifier:          ZYaZOpH331FcUaiXRVCyZ8HetZnMKlUC5lATk/uDwG8=
Subject key identifier:   6A:BC:95:4C:A8:B9:0A:AB:40:27:DD:9E:A3:4F:8B:60:1E:FD:65:8B
Certificate issuer:       /CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Certificate serial:       0182EE21748DFC4D7A7548C28A47F90976BD
Authority key identifier: 6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/aryVTKi5CqtAJ92eo0-LYB79ZYs.roa
Signing time:             Tue 30 Aug 2022 09:42:26 +0000
ROA not before:           Tue 30 Aug 2022 09:42:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198913
IP address blocks:        46.243.123.0/24 maxlen: 24
                          46.243.124.0/24 maxlen: 24
                          46.243.120.0/21 maxlen: 21
                          46.243.125.0/24 maxlen: 24
                          46.243.121.0/24 maxlen: 24
                          46.243.122.0/24 maxlen: 24
                          46.243.126.0/24 maxlen: 24
                          46.243.127.0/24 maxlen: 24
                          31.220.147.0/24 maxlen: 24
                          185.132.24.0/22 maxlen: 22
                          185.132.24.0/24 maxlen: 24
                          185.132.26.0/24 maxlen: 24
                          185.132.27.0/24 maxlen: 24
                          185.132.25.0/24 maxlen: 24
                          185.173.228.0/24 maxlen: 24
                          185.173.228.0/22 maxlen: 22
                          185.173.229.0/24 maxlen: 24
                          185.173.230.0/24 maxlen: 24
                          185.173.231.0/24 maxlen: 24
                          217.19.13.0/24 maxlen: 24
                          2a03:d400:228::/48 maxlen: 48
                          2a03:d400:123::/48 maxlen: 48
                          2a03:d400:26::/48 maxlen: 48
                          2a03:d400:126::/48 maxlen: 48
                          2a03:d400:121::/48 maxlen: 48
                          2a03:d400:25::/48 maxlen: 48
                          2a03:d400:125::/48 maxlen: 48
                          2a03:d400::/32 maxlen: 32
                          2a03:d400:120::/48 maxlen: 48
                          2a03:d400:122::/48 maxlen: 48
                          2a03:d400:13::/48 maxlen: 48
                          2a0b:6f00::/29 maxlen: 29
                          2a03:d400:231::/48 maxlen: 48
                          2a03:d400:27::/48 maxlen: 48
                          2a03:d400:127::/48 maxlen: 48
                          2a03:d400:230::/48 maxlen: 48
                          2a03:d400:229::/48 maxlen: 48
                          2a03:d400:24::/48 maxlen: 48
                          2a03:d400:124::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ee:21:74:8d:fc:4d:7a:75:48:c2:8a:47:f9:09:76:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e8b028d18274d21a7316aea3ccce9158b54f481
        Validity
            Not Before: Aug 30 09:42:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6abc954ca8b90aab4027dd9ea34f8b601efd658b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:76:97:06:16:fc:fc:2a:db:e0:46:12:b7:7e:
                    33:49:43:12:9f:b0:41:46:f1:ef:82:61:d6:dd:73:
                    e7:ba:1b:61:b7:ca:ac:7c:8e:84:53:26:64:23:a4:
                    56:9f:32:78:e5:55:6f:66:75:b4:79:de:a9:56:93:
                    54:20:d4:fa:97:2c:dd:6e:88:3a:c7:a4:03:0e:ad:
                    d1:14:ef:ee:9a:13:21:17:2f:3b:0b:4e:45:80:c9:
                    c8:0a:70:6b:73:49:af:21:92:f1:f3:99:32:0a:e0:
                    57:a8:04:a5:7f:64:f5:a7:71:a9:60:7e:d2:a3:a2:
                    df:17:55:26:f0:22:17:d7:06:19:3e:9b:2d:fd:75:
                    25:16:f8:32:28:83:c5:77:4c:dd:62:8b:83:e8:14:
                    77:5b:42:0c:cd:c7:c0:9d:15:55:8b:48:78:04:1a:
                    0b:8d:f1:0c:e8:17:5f:c4:00:a7:db:bf:08:91:70:
                    f7:91:c6:4a:c0:1b:6d:ad:5d:f7:41:e7:f1:04:3c:
                    7e:68:53:61:54:6f:c4:c2:78:bf:c0:cd:77:c2:b0:
                    54:40:76:19:c9:cd:84:b7:3f:ae:62:65:85:29:7d:
                    35:db:24:42:a4:a4:47:c4:d4:50:f5:a8:b5:a9:80:
                    9b:e0:8b:1e:cf:74:4d:48:17:cc:26:ab:d0:6a:7a:
                    f2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:BC:95:4C:A8:B9:0A:AB:40:27:DD:9E:A3:4F:8B:60:1E:FD:65:8B
            X509v3 Authority Key Identifier:
                keyid:6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/aryVTKi5CqtAJ92eo0-LYB79ZYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.220.147.0/24
                  46.243.120.0/21
                  185.132.24.0/22
                  185.173.228.0/22
                  217.19.13.0/24
                IPv6:
                  2a03:d400::/32
                  2a0b:6f00::/29

    Signature Algorithm: sha256WithRSAEncryption
         37:26:43:8e:13:92:72:ef:07:66:78:3b:23:ea:d4:04:27:a8:
         6b:67:e7:57:f6:39:90:90:7d:ee:ad:60:16:91:0d:5e:45:2f:
         0c:df:61:f4:02:c4:ee:95:95:38:91:28:ea:a5:ae:96:dc:e8:
         95:58:99:23:1a:fa:54:0d:b3:eb:46:5f:d4:f3:0a:34:a6:a7:
         4f:79:d8:e9:93:f8:5c:06:af:3c:f1:ff:36:f5:21:81:aa:2b:
         ad:5f:eb:e0:10:90:d6:41:4b:84:15:ef:f4:06:99:83:fb:2a:
         f7:44:ca:01:f8:34:cf:3b:00:47:30:63:07:4c:b8:8e:6f:0d:
         55:26:4d:17:94:32:f4:fd:06:fc:9f:8b:c7:86:ea:78:54:42:
         a1:3f:75:24:7b:cc:e7:88:2f:bb:f5:a4:56:2c:e2:47:49:10:
         84:d2:25:f8:03:e2:5e:e6:d1:9f:d9:14:36:27:5d:86:fb:11:
         51:a3:13:ff:1d:4a:07:42:1a:11:92:7f:0a:8f:22:0b:53:89:
         9a:7a:ed:2e:2e:65:eb:7d:bc:37:a9:7d:60:05:cf:aa:63:7a:
         1c:8e:ed:96:87:ba:78:f3:ad:4e:4e:3c:d6:aa:54:ad:53:17:
         7b:bc:3e:2b:2f:49:04:9c:c7:a9:96:f4:ea:f8:80:5d:0e:9e:
         db:58:ba:cd
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYLuIXSN/E16dUjCikf5CXa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOGIwMjhkMTgyNzRkMjFhNzMxNmFlYTNjY2NlOTE1OGI1
NGY0ODEwHhcNMjIwODMwMDk0MjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJjOTU0Y2E4YjkwYWFiNDAyN2RkOWVhMzRmOGI2MDFlZmQ2NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnaXBhb8/Crb4EYSt34zSUMSn7BB
RvHvgmHW3XPnuhtht8qsfI6EUyZkI6RWnzJ45VVvZnW0ed6pVpNUINT6lyzdbog6
x6QDDq3RFO/umhMhFy87C05FgMnICnBrc0mvIZLx85kyCuBXqASlf2T1p3GpYH7S
o6LfF1Um8CIX1wYZPpst/XUlFvgyKIPFd0zdYouD6BR3W0IMzcfAnRVVi0h4BBoL
jfEM6BdfxACn278IkXD3kcZKwBttrV33QefxBDx+aFNhVG/Ewni/wM13wrBUQHYZ
yc2Etz+uYmWFKX012yRCpKRHxNRQ9ai1qYCb4Isez3RNSBfMJqvQanrynwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGq8lUyouQqrQCfdnqNPi2Ae/WWLMB8GA1UdIwQY
MBaAFG6LAo0YJ00hpzFq6jzM6RWLVPSBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUt
YzJjNjE1MTg1ODlmLzEvYXJ5VlRLaTVDcXRBSjkyZW8wLUxZQjc5WllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUtYzJjNjE1MTg1ODlm
LzEvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAH9yTAwQD
LvN4AwQCuYQYAwQCua3kAwQA2RMNMBQEAgACMA4DBQAqA9QAAwUDKgtvADANBgkq
hkiG9w0BAQsFAAOCAQEANyZDjhOScu8HZng7I+rUBCeoa2fnV/Y5kJB97q1gFpEN
XkUvDN9h9ALE7pWVOJEo6qWultzolViZIxr6VA2z60Zf1PMKNKanT3nY6ZP4XAav
PPH/NvUhgaorrV/r4BCQ1kFLhBXv9AaZg/sq90TKAfg0zzsARzBjB0y4jm8NVSZN
F5Qy9P0G/J+Lx4bqeFRCoT91JHvM54gvu/WkViziR0kQhNIl+APiXubRn9kUNidd
hvsRUaMT/x1KB0IaEZJ/Co8iC1OJmnrtLi5l6328N6l9YAXPqmN6HI7tloe6ePOt
Tk481qpUrVMXe7w+Ky9JBJzHqZb06viAXQ6e21i6zQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:34 2024 by rpki-client on console-fra.rpki-client.org