Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/YNEasqXdrhiJgnthcqRCZpvQWoA.roa
File:                     YNEasqXdrhiJgnthcqRCZpvQWoA.roa (raw, json)
Hash identifier:          s8rotDtgfTaEcnudPA5CV94z6IjJBh3PH4FyVUSQEZI=
Subject key identifier:   60:D1:1A:B2:A5:DD:AE:18:89:82:7B:61:72:A4:42:66:9B:D0:5A:80
Certificate issuer:       /CN=aee2f8e53627adc27678063b93d3d9fd6ece9002
Certificate serial:       04FD2E1F
Authority key identifier: AE:E2:F8:E5:36:27:AD:C2:76:78:06:3B:93:D3:D9:FD:6E:CE:90:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/YNEasqXdrhiJgnthcqRCZpvQWoA.roa
Signing time:             Sat 01 Jan 2022 02:56:01 +0000
ROA not before:           Sat 01 Jan 2022 02:56:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209370
IP address blocks:        176.222.26.0/24 maxlen: 24
                          176.222.31.0/24 maxlen: 24
                          185.31.239.0/24 maxlen: 24
                          185.31.236.0/24 maxlen: 24
                          185.31.237.0/24 maxlen: 24
                          185.31.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83701279 (0x4fd2e1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aee2f8e53627adc27678063b93d3d9fd6ece9002
        Validity
            Not Before: Jan  1 02:56:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=60d11ab2a5ddae1889827b6172a442669bd05a80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:52:f0:d4:25:8f:84:bf:47:99:5a:31:3d:04:
                    99:47:7a:3b:ad:e0:bf:0f:8a:50:4a:03:76:ca:9b:
                    e8:b9:2d:83:d5:3b:89:f4:81:a2:db:bf:42:ec:aa:
                    c8:35:7c:ef:20:20:71:52:86:cb:7d:68:e0:df:11:
                    2d:97:66:00:d7:fa:6b:62:a7:9c:fb:67:77:7f:4d:
                    e1:a1:ed:5b:91:12:de:18:ff:f3:13:53:91:96:15:
                    74:df:e0:79:b6:23:9c:52:35:29:e6:21:4f:3a:ff:
                    84:15:e8:1c:59:35:95:71:fa:bc:3d:a3:e5:62:6c:
                    ff:49:55:1f:dd:e6:11:4a:7b:ef:6f:78:01:24:f3:
                    90:1d:e6:82:c1:16:84:36:f6:b0:ca:9d:4a:0b:5f:
                    47:98:0e:08:04:cf:e6:72:0f:d4:a9:e7:b0:e3:6e:
                    ad:38:55:5d:8e:75:f7:53:09:2a:b6:2b:86:af:fc:
                    00:03:01:f3:59:68:c6:f4:3f:a3:9b:59:1e:f4:c1:
                    39:ef:73:88:9a:5e:06:16:31:97:d5:34:1c:c6:88:
                    ec:1d:e5:80:c6:76:c9:24:c3:cf:a7:b5:98:8d:98:
                    79:f6:10:3e:fb:36:2d:4a:6c:6b:8c:93:05:24:dc:
                    ed:e2:34:15:92:c7:3d:ae:48:86:81:0c:35:c5:0f:
                    91:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:D1:1A:B2:A5:DD:AE:18:89:82:7B:61:72:A4:42:66:9B:D0:5A:80
            X509v3 Authority Key Identifier:
                keyid:AE:E2:F8:E5:36:27:AD:C2:76:78:06:3B:93:D3:D9:FD:6E:CE:90:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/YNEasqXdrhiJgnthcqRCZpvQWoA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.222.26.0/24
                  176.222.31.0/24
                  185.31.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:64:7a:7a:75:2c:e0:72:79:fd:78:0b:80:f7:1a:d9:7c:86:
         d1:a4:2f:62:d1:6b:cb:36:74:61:a5:e2:b1:ff:29:57:97:a0:
         f4:2e:42:ab:24:e1:fa:bc:f6:da:bc:3b:4e:3c:1f:b2:42:a3:
         af:d7:42:f4:5b:17:f1:ae:61:11:d4:0c:86:a3:bb:03:d7:f7:
         f5:50:88:98:59:21:ed:16:f7:0a:f3:31:0f:27:96:22:ed:b1:
         80:80:91:a1:d0:ee:e7:45:76:36:fe:c9:38:da:cc:e2:40:68:
         c7:d2:b7:2d:62:bd:d0:de:f9:ec:ba:33:06:74:fd:e0:ea:05:
         72:26:f3:15:19:5b:b5:85:1a:03:50:ce:ce:fc:7d:57:3c:7c:
         4b:f7:88:db:9b:32:dc:f9:a2:c8:3d:03:c2:18:8d:2c:e2:8e:
         5f:76:ff:37:09:52:8b:e0:f2:94:9f:2b:84:2f:6c:50:2c:45:
         ac:7b:18:06:78:fc:3c:1c:96:61:63:b7:07:25:d0:b3:ca:e5:
         1b:dd:09:dc:c6:dc:7f:6f:25:34:03:65:e3:a9:b8:da:57:c8:
         fe:f4:be:37:89:50:33:45:5b:c1:64:ce:7d:1e:a8:68:a6:51:
         2a:46:f9:40:b4:4d:60:d6:e0:89:7f:9d:3a:a5:ae:ff:49:64:
         2c:2d:06:7d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBP0uHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWUyZjhlNTM2MjdhZGMyNzY3ODA2M2I5M2QzZDlmZDZlY2U5MDAyMB4XDTIyMDEw
MTAyNTYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBkMTFhYjJhNWRk
YWUxODg5ODI3YjYxNzJhNDQyNjY5YmQwNWE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpS8NQlj4S/R5laMT0EmUd6O63gvw+KUEoDdsqb6Lktg9U7
ifSBotu/QuyqyDV87yAgcVKGy31o4N8RLZdmANf6a2KnnPtnd39N4aHtW5ES3hj/
8xNTkZYVdN/gebYjnFI1KeYhTzr/hBXoHFk1lXH6vD2j5WJs/0lVH93mEUp77294
ASTzkB3mgsEWhDb2sMqdSgtfR5gOCATP5nIP1KnnsONurThVXY5191MJKrYrhq/8
AAMB81loxvQ/o5tZHvTBOe9ziJpeBhYxl9U0HMaI7B3lgMZ2ySTDz6e1mI2YefYQ
Pvs2LUpsa4yTBSTc7eI0FZLHPa5IhoEMNcUPkbUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRg0Rqypd2uGImCe2FypEJmm9BagDAfBgNVHSMEGDAWgBSu4vjlNietwnZ4
BjuT09n9bs6QAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J1TDQ1VFlucmNKMmVBWTdrOVBaX1c3T2tBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvMTkzZWQyLWI3NzQtNDJmMC1hYTNmLWE0NjU2NDFhNDhmYS8x
L1lORWFzcVhkcmhpSmdudGhjcVJDWnB2UVdvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
MTkzZWQyLWI3NzQtNDJmMC1hYTNmLWE0NjU2NDFhNDhmYS8xL3J1TDQ1VFlucmNK
MmVBWTdrOVBaX1c3T2tBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALDeGgMEALDeHwMEArkf7DANBgkq
hkiG9w0BAQsFAAOCAQEAIGR6enUs4HJ5/XgLgPca2XyG0aQvYtFryzZ0YaXisf8p
V5eg9C5CqyTh+rz22rw7TjwfskKjr9dC9FsX8a5hEdQMhqO7A9f39VCImFkh7Rb3
CvMxDyeWIu2xgICRodDu50V2Nv7JONrM4kBox9K3LWK90N757LozBnT94OoFcibz
FRlbtYUaA1DOzvx9Vzx8S/eI25sy3PmiyD0DwhiNLOKOX3b/NwlSi+DylJ8rhC9s
UCxFrHsYBnj8PByWYWO3ByXQs8rlG90J3Mbcf28lNANl46m42lfI/vS+N4lQM0Vb
wWTOfR6oaKZRKkb5QLRNYNbgiX+dOqWu/0lkLC0GfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:07 2024 by rpki-client on console-ams.rpki-client.org