Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NgtdFdFGqBZyQ7WRXzFjWQXrd7w.roa
File:                     NgtdFdFGqBZyQ7WRXzFjWQXrd7w.roa (raw, json)
Hash identifier:          cXnPv52eF04Phy9vXez3RLdgdriSdqQaAvusIkKKi3E=
Subject key identifier:   36:0B:5D:15:D1:46:A8:16:72:43:B5:91:5F:31:63:59:05:EB:77:BC
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01849FEB1D0244AFE5DBDA7643C13A38E106
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NgtdFdFGqBZyQ7WRXzFjWQXrd7w.roa
Signing time:             Tue 22 Nov 2022 15:18:16 +0000
ROA not before:           Tue 22 Nov 2022 15:18:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        62.76.226.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          194.58.46.0/24 maxlen: 24
                          195.58.56.0/23 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.125.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          194.87.223.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.87.252.0/24 maxlen: 24
                          212.192.5.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          212.192.9.0/24 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          192.124.183.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9f:eb:1d:02:44:af:e5:db:da:76:43:c1:3a:38:e1:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 22 15:18:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=360b5d15d146a8167243b5915f31635905eb77bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ba:91:aa:4d:31:b3:f6:74:a1:c3:1d:f4:00:
                    dd:1e:a5:c1:41:85:4e:65:60:0b:92:31:1c:e8:59:
                    ec:cc:3a:ab:be:2b:ae:9d:e9:3d:8a:ee:fa:0e:50:
                    ff:48:4a:32:04:b6:88:b1:32:9e:5e:b2:49:29:53:
                    42:e6:47:c0:49:c8:5c:b0:7c:9b:0a:cb:c0:67:40:
                    58:c3:65:c2:a3:37:e3:3e:7d:bc:41:e0:d5:81:a6:
                    7f:ab:0f:1f:98:1a:b5:35:b9:2e:43:d3:50:99:94:
                    35:eb:d5:1e:02:0c:10:ed:0b:fa:a6:fc:3b:47:04:
                    ef:4b:30:ae:5a:a5:2b:38:3a:f4:7c:66:3f:7d:51:
                    58:20:b2:c0:1f:e8:d8:77:86:c8:60:f3:97:b1:09:
                    3e:88:59:ed:4f:45:1f:ba:98:b5:da:81:be:01:72:
                    d4:a4:ad:8c:5d:db:00:6e:6e:49:f4:d6:34:96:bd:
                    c5:b7:b8:0c:91:f0:8a:18:8b:d3:95:45:d7:ff:c7:
                    0d:4d:f9:f6:00:b5:23:79:43:c3:ff:13:70:ce:06:
                    cd:e3:b4:40:b3:01:97:bc:37:2a:fe:6d:28:33:a4:
                    de:14:01:a7:11:39:ab:42:77:98:b2:e6:a8:90:da:
                    96:37:a7:23:70:f8:e1:90:c1:c9:2b:43:d7:73:09:
                    d1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0B:5D:15:D1:46:A8:16:72:43:B5:91:5F:31:63:59:05:EB:77:BC
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NgtdFdFGqBZyQ7WRXzFjWQXrd7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0-62.76.226.255
                  192.124.180.0/24
                  192.124.183.0/24
                  193.124.18.0/24
                  193.124.90.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.40.0/24
                  194.58.46.0/24
                  194.58.59.0/24
                  194.87.124.0/23
                  194.87.200.0/24
                  194.87.223.0/24
                  194.87.226.0/24
                  194.87.233.0/24
                  194.87.252.0/24
                  195.58.54.0/24
                  195.58.56.0/23
                  195.133.76.0/24
                  195.133.193.0/24
                  212.192.5.0/24
                  212.192.9.0-212.192.10.255

    Signature Algorithm: sha256WithRSAEncryption
         25:4b:d4:5b:26:33:28:4d:e9:96:5a:52:3e:e9:a3:76:16:5f:
         12:91:a3:c6:bf:ee:fc:ce:38:f6:92:61:8e:65:41:81:c8:a4:
         6f:f5:50:24:d7:6f:1a:d9:98:17:fe:5d:20:28:53:61:cc:08:
         e8:2e:9d:f2:9e:c0:41:4b:44:b9:a7:94:bc:76:2e:01:06:b6:
         f6:e7:71:a0:67:71:14:2a:91:5e:01:b7:4b:e5:7a:06:23:62:
         1c:18:4f:ca:14:1a:e2:13:ed:31:c8:a1:d0:ae:92:68:82:26:
         72:e7:8b:6e:99:aa:ab:cb:20:bc:11:b1:98:0d:18:6b:04:87:
         7d:14:4d:d5:26:d0:22:cb:50:b7:ed:39:77:54:0a:3b:79:31:
         cb:7d:58:01:0c:8b:e5:a6:0c:9b:f9:5c:07:83:5a:1f:16:44:
         88:12:36:86:96:33:fb:d3:6a:86:68:91:aa:5b:0f:7e:c9:2c:
         ec:3d:65:c6:d1:f8:f8:f4:2c:cf:4c:05:17:c6:25:51:10:68:
         e4:e5:df:60:e4:09:05:15:d7:39:1b:d1:77:f4:c9:5e:ea:8c:
         45:3c:d0:6d:65:f1:95:f2:56:63:bc:fb:8f:97:33:85:ad:94:
         ff:74:24:ff:55:c4:fd:f7:a2:e6:31:d2:2a:25:f4:df:bb:4e:
         79:6c:17:c3
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYSf6x0CRK/l29p2Q8E6OOEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIyMTUxODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBiNWQxNWQxNDZhODE2NzI0M2I1OTE1ZjMxNjM1OTA1ZWI3N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7qRqk0xs/Z0ocMd9ADdHqXBQYVO
ZWALkjEc6FnszDqrviuunek9iu76DlD/SEoyBLaIsTKeXrJJKVNC5kfASchcsHyb
CsvAZ0BYw2XCozfjPn28QeDVgaZ/qw8fmBq1NbkuQ9NQmZQ169UeAgwQ7Qv6pvw7
RwTvSzCuWqUrODr0fGY/fVFYILLAH+jYd4bIYPOXsQk+iFntT0Ufupi12oG+AXLU
pK2MXdsAbm5J9NY0lr3Ft7gMkfCKGIvTlUXX/8cNTfn2ALUjeUPD/xNwzgbN47RA
swGXvDcq/m0oM6TeFAGnETmrQneYsuaokNqWN6cjcPjhkMHJK0PXcwnROwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFDYLXRXRRqgWckO1kV8xY1kF63e8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTmd0ZEZkRkdxQlp5UTdXUlh6RmpXUVhyZDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQwDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAME
AMI6KAMEAMI6LgMEAMI6OwMEAcJXfAMEAMJXyAMEAMJX3wMEAMJX4gMEAMJX6QME
AMJX/AMEAMM6NgMEAcM6OAMEAMOFTAMEAMOFwQMEANTABTAMAwQA1MAJAwQA1MAK
MA0GCSqGSIb3DQEBCwUAA4IBAQAlS9RbJjMoTemWWlI+6aN2Fl8SkaPGv+78zjj2
kmGOZUGByKRv9VAk128a2ZgX/l0gKFNhzAjoLp3ynsBBS0S5p5S8di4BBrb253Gg
Z3EUKpFeAbdL5XoGI2IcGE/KFBriE+0xyKHQrpJogiZy54tumaqryyC8EbGYDRhr
BId9FE3VJtAiy1C37Tl3VAo7eTHLfVgBDIvlpgyb+VwHg1ofFkSIEjaGljP702qG
aJGqWw9+ySzsPWXG0fj49CzPTAUXxiVREGjk5d9g5AkFFdc5G9F39Mle6oxFPNBt
ZfGV8lZjvPuPlzOFrZT/dCT/VcT996LmMdIqJfTfu055bBfD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org