Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsbJQ-r373QxaqHjwWtWI2H6e6Q.roa
File:                     CsbJQ-r373QxaqHjwWtWI2H6e6Q.roa (raw, json)
Hash identifier:          MTmSzmvokIv8mci+ZErfBWXMP21/5tqTJ7/1JiZCDOA=
Subject key identifier:   0A:C6:C9:43:EA:F7:EF:74:31:6A:A1:E3:C1:6B:56:23:61:FA:7B:A4
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0FE37B8D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsbJQ-r373QxaqHjwWtWI2H6e6Q.roa
Signing time:             Sat 14 May 2022 17:40:40 +0000
ROA not before:           Sat 14 May 2022 17:40:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        62.76.232.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.22.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.52.0/24 maxlen: 24
                          194.58.60.0/24 maxlen: 24
                          212.193.0.0/22 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24
                          193.124.89.0/24 maxlen: 24
                          193.124.91.0/24 maxlen: 24
                          193.124.95.0/24 maxlen: 24
                          193.124.93.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.81.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          212.192.10.0/23 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          192.124.173.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          192.124.188.0/22 maxlen: 22
                          194.87.179.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 266566541 (0xfe37b8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 14 17:40:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ac6c943eaf7ef74316aa1e3c16b562361fa7ba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:73:26:58:0c:57:11:b4:bb:fb:73:84:37:62:
                    7f:e2:18:fd:36:ae:74:72:6b:24:84:c3:2e:89:f3:
                    49:11:b4:94:e9:34:29:eb:ce:04:bf:1e:12:28:4f:
                    dd:2f:b3:f4:8f:36:05:8e:c0:b1:7f:22:3e:6e:f5:
                    05:54:7d:06:55:dc:22:8c:ea:90:66:f8:ba:e3:34:
                    ed:ef:69:90:b4:e8:7d:ce:c1:2c:ab:d8:c0:22:71:
                    fa:03:4d:d6:3b:c8:04:f7:d1:c8:c6:fe:31:cf:00:
                    55:f8:4d:ae:e7:8f:0e:91:48:d3:1a:15:0d:9b:4f:
                    3e:28:8b:5e:c2:07:e8:19:39:69:fa:4f:e3:89:04:
                    10:56:9c:54:ea:b7:6b:bf:ef:5d:04:d2:7c:48:3f:
                    42:70:ba:2d:be:12:fc:7a:a7:7d:84:ee:23:ac:7a:
                    a8:62:d1:00:2b:e2:06:36:0f:4a:56:19:d0:28:30:
                    77:86:4d:92:6b:79:d8:4b:d4:a5:26:52:b4:5f:69:
                    19:f2:e4:6c:dd:50:a6:a2:31:d1:6e:51:ac:1c:e6:
                    62:cd:72:e8:fa:d9:26:59:4e:18:29:a3:29:23:04:
                    58:40:4d:fe:ad:3b:ba:5a:49:a6:8d:76:ae:1f:c6:
                    14:61:bd:ae:1b:b9:29:56:7d:60:c4:f2:72:be:c6:
                    bb:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:C6:C9:43:EA:F7:EF:74:31:6A:A1:E3:C1:6B:56:23:61:FA:7B:A4
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CsbJQ-r373QxaqHjwWtWI2H6e6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.232.0/24
                  62.76.235.0/24
                  192.124.173.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.188.0/22
                  192.124.209.0/24
                  193.124.89.0/24
                  193.124.91.0/24
                  193.124.93.0/24
                  193.124.95.0/24
                  193.124.202.0/23
                  193.124.205.0/24
                  193.124.207.0/24
                  194.58.60.0/24
                  194.87.22.0/24
                  194.87.64.0/24
                  194.87.104.0/24
                  194.87.166.0/24
                  194.87.172.0/24
                  194.87.179.0/24
                  194.87.200.0/24
                  194.87.226.0/24
                  194.135.23.0/24
                  195.58.35.0/24
                  195.58.50.0/24
                  195.58.52.0/24
                  195.133.81.0/24
                  212.192.10.0/23
                  212.193.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:f5:81:24:4c:0e:3f:06:1c:df:6e:15:b6:9d:c3:b0:ad:11:
         02:a9:56:37:1b:93:17:2a:23:57:03:98:26:ea:a3:e3:c0:77:
         e3:65:bf:ce:92:01:5f:56:9c:53:f3:0a:89:4c:59:83:57:40:
         e3:ff:89:74:d8:88:8c:9a:a5:70:91:87:5b:7c:44:ee:69:aa:
         15:4a:0c:f9:1e:6f:64:1f:81:13:2d:53:88:40:c1:ce:90:7f:
         37:80:0a:e2:a0:06:ca:36:0b:30:45:74:48:3e:ca:bf:3f:f4:
         08:81:9e:9e:bb:91:04:4a:11:e8:09:01:ac:ee:57:cc:a0:31:
         41:d9:73:e5:6a:3d:d0:c3:cb:de:94:f0:32:7d:d8:62:92:e7:
         ce:3e:42:8e:36:f5:82:5f:77:17:93:30:9d:df:3a:67:22:01:
         28:60:ae:74:8f:7a:61:0e:96:16:f4:08:2b:fa:5f:b3:4a:1f:
         dc:47:51:cf:56:34:b4:a5:92:37:ca:b8:2d:18:51:7a:6d:62:
         17:95:a3:d0:d2:1e:1c:7a:4f:26:f5:98:38:34:f5:7f:a5:a6:
         9d:bd:30:1d:9c:12:2f:ce:9b:50:c7:7d:d2:ba:71:19:47:88:
         4a:aa:4d:a5:8c:5e:4c:14:9a:09:ea:1c:10:64:75:77:a6:d5:
         c4:af:68:5b
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIED+N7jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUx
NDE3NDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFjNmM5NDNlYWY3
ZWY3NDMxNmFhMWUzYzE2YjU2MjM2MWZhN2JhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtzJlgMVxG0u/tzhDdif+IY/TaudHJrJITDLonzSRG0lOk0
KevOBL8eEihP3S+z9I82BY7AsX8iPm71BVR9BlXcIozqkGb4uuM07e9pkLTofc7B
LKvYwCJx+gNN1jvIBPfRyMb+Mc8AVfhNruePDpFI0xoVDZtPPiiLXsIH6Bk5afpP
44kEEFacVOq3a7/vXQTSfEg/QnC6Lb4S/HqnfYTuI6x6qGLRACviBjYPSlYZ0Cgw
d4ZNkmt52EvUpSZStF9pGfLkbN1QpqIx0W5RrBzmYs1y6PrZJllOGCmjKSMEWEBN
/q07ulpJpo12rh/GFGG9rhu5KVZ9YMTycr7GuxsCAwEAAaOCArwwggK4MB0GA1Ud
DgQWBBQKxslD6vfvdDFqoePBa1YjYfp7pDAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L0NzYkpRLXIzNzNReGFxSGp3V3RXSTJINmU2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0QYIKwYBBQUHAQcBAf8EgcEwgb4wgbsEAgABMIG0AwQAPkzoAwQAPkzrAwQAwHyt
AwQAwHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXxZAwQAwXxbAwQAwXxdAwQAwXxf
AwQBwXzKAwQAwXzNAwQAwXzPAwQAwjo8AwQAwlcWAwQAwldAAwQAwldoAwQAwlem
AwQAwlesAwQAwlezAwQAwlfIAwQAwlfiAwQAwocXAwQAwzojAwQAwzoyAwQAwzo0
AwQAw4VRAwQB1MAKAwQC1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ9YEkTA4/Bhzf
bhW2ncOwrRECqVY3G5MXKiNXA5gm6qPjwHfjZb/OkgFfVpxT8wqJTFmDV0Dj/4l0
2IiMmqVwkYdbfETuaaoVSgz5Hm9kH4ETLVOIQMHOkH83gArioAbKNgswRXRIPsq/
P/QIgZ6eu5EEShHoCQGs7lfMoDFB2XPlaj3Qw8velPAyfdhikufOPkKONvWCX3cX
kzCd3zpnIgEoYK50j3phDpYW9Agr+l+zSh/cR1HPVjS0pZI3yrgtGFF6bWIXlaPQ
0h4cek8m9Zg4NPV/paadvTAdnBIvzptQx33SunEZR4hKqk2ljF5MFJoJ6hwQZHV3
ptXEr2hb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org