Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0Xs6w5wRCoDPUe-ocbakvah7JI.roa
File:                     O0Xs6w5wRCoDPUe-ocbakvah7JI.roa (raw, json)
Hash identifier:          mvff7Bf82blFlX+9ikg/MVR6D/67WkQhVz54yOixFjA=
Subject key identifier:   3B:45:EC:EB:0E:70:44:2A:03:3D:47:BE:A1:C6:DA:92:F6:A1:EC:92
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01853F7C7F97710BD2A8A406E275E2926284
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0Xs6w5wRCoDPUe-ocbakvah7JI.roa
Signing time:             Fri 23 Dec 2022 14:56:41 +0000
ROA not before:           Fri 23 Dec 2022 14:56:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.108.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          212.192.222.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.52.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3f:7c:7f:97:71:0b:d2:a8:a4:06:e2:75:e2:92:62:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 23 14:56:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3b45eceb0e70442a033d47bea1c6da92f6a1ec92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e3:69:02:a9:ad:c3:9e:2e:e8:0e:83:73:a1:
                    22:af:18:48:a1:4e:2e:42:49:e0:42:9c:8f:df:74:
                    73:c1:1d:f7:a2:82:db:6c:8d:65:22:64:aa:51:42:
                    74:d7:93:70:89:4c:6b:c0:e3:a5:62:53:91:4b:8e:
                    3c:3b:5d:c3:e6:9b:5d:13:5d:5f:52:ce:3b:7a:3c:
                    e9:8a:48:fc:fb:db:25:b1:98:15:66:11:98:d2:9c:
                    03:12:4d:de:fd:7c:f4:10:e2:5d:bf:88:44:b0:5c:
                    bc:3d:47:6b:30:95:72:fd:5c:0f:49:54:7e:ae:40:
                    29:ce:75:09:3c:8a:64:5e:3f:85:52:8b:98:00:63:
                    61:f0:d3:82:3f:e2:6d:a5:43:68:64:5d:02:ee:eb:
                    4f:1b:69:bb:39:9d:7f:a8:b7:dd:23:cb:e3:ec:d6:
                    52:25:a0:28:e3:53:fe:08:b8:9b:26:f6:45:24:73:
                    73:4c:bc:c6:6a:80:f6:08:52:eb:b0:7c:1d:3a:23:
                    9b:79:86:20:4e:04:43:f1:5f:8c:61:c7:2d:a7:1d:
                    0c:86:14:3b:ee:ca:81:15:9d:a6:de:df:24:a7:4c:
                    35:cd:aa:44:d8:c9:2e:95:df:3b:12:e1:af:21:a8:
                    47:70:84:b4:60:e2:a2:ee:ae:b5:ed:37:22:14:1b:
                    8d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:45:EC:EB:0E:70:44:2A:03:3D:47:BE:A1:C6:DA:92:F6:A1:EC:92
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0Xs6w5wRCoDPUe-ocbakvah7JI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/23
                  193.124.18.0/24
                  193.124.133.0/24
                  193.124.201.0/24
                  193.124.203.0/24
                  193.124.207.0/24
                  194.58.38.0/24
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.87.7.0/24
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.108.0/24
                  194.87.116.0/24
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.136.0/24
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0-194.87.172.255
                  194.87.176.0/24
                  194.87.182.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.94.0/24
                  195.133.195.0/24
                  212.192.0.0/23
                  212.192.10.0/24
                  212.192.222.0/24
                  212.193.0.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:f6:37:10:a6:72:65:f6:de:ad:ff:ab:68:14:7b:16:a4:8e:
         0d:85:21:25:5d:59:ff:a9:81:22:f7:dd:f4:d2:59:8c:9d:6c:
         fc:f9:dd:cf:7d:5a:3b:09:c4:f4:9c:a0:fa:70:77:92:bc:e7:
         a7:2b:11:50:86:33:34:27:29:94:b8:51:a3:ad:bb:4e:35:04:
         16:38:ef:43:f1:79:bb:0a:02:19:95:d3:f7:17:31:5b:20:2b:
         0a:72:93:81:d1:da:95:46:69:d8:a3:46:2d:50:83:d8:33:a3:
         bd:0b:41:c5:81:5b:53:31:97:ad:0e:94:df:a9:58:90:91:f7:
         92:35:c5:49:82:21:a7:ae:7f:d8:e2:2c:5b:46:0b:1f:34:08:
         e4:4f:27:f8:89:ab:b3:29:20:c8:a5:2e:ed:00:6a:77:09:aa:
         56:28:41:0d:e7:5b:0d:fc:97:b4:7a:b5:ce:9c:c8:ab:e9:f6:
         81:f2:1a:ba:34:f8:27:d1:35:86:8b:37:02:07:91:e0:f7:b3:
         e8:f1:5d:dc:c8:08:df:4c:4f:52:ba:fa:45:2e:a0:28:61:50:
         51:c6:e1:34:c3:ad:08:70:6a:22:34:88:ce:f5:91:3e:28:c1:
         72:7d:fd:f0:63:9d:04:33:96:30:bf:66:20:96:4c:52:3c:dc:
         86:e3:68:f7
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYU/fH+XcQvSqKQG4nXikmKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjIzMTQ1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ1ZWNlYjBlNzA0NDJhMDMzZDQ3YmVhMWM2ZGE5MmY2YTFlYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApONpAqmtw54u6A6Dc6EirxhIoU4u
QkngQpyP33RzwR33ooLbbI1lImSqUUJ015NwiUxrwOOlYlORS448O13D5ptdE11f
Us47ejzpikj8+9slsZgVZhGY0pwDEk3e/Xz0EOJdv4hEsFy8PUdrMJVy/VwPSVR+
rkApznUJPIpkXj+FUouYAGNh8NOCP+JtpUNoZF0C7utPG2m7OZ1/qLfdI8vj7NZS
JaAo41P+CLibJvZFJHNzTLzGaoD2CFLrsHwdOiObeYYgTgRD8V+MYcctpx0MhhQ7
7sqBFZ2m3t8kp0w1zapE2Mkuld87EuGvIahHcIS0YOKi7q617TciFBuNJwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFDtF7OsOcEQqAz1HvqHG2pL2oeySMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzBYczZ3NXdSQ29EUFVlLW9jYmFrdmFoN0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8CAMEAMF8
EgMEAMF8hQMEAMF8yQMEAMF8ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQE
wjogAwQAwjo7AwQAwlcHAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoAwQA
wldsAwQAwld0AwQAwld2AwQAwld7AwQAwleIAwQAwleVAwQAwlejAwQAwlelMAwD
BADCV6sDBADCV6wDBADCV7ADBADCV7YDBAHCV8YDBADCV8oDBAHCV9ADBAHCV94D
BADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOFXgMEAMOF
wwMEAdTAAAMEANTACgMEANTA3gMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOC
AQEAdPY3EKZyZfberf+raBR7FqSODYUhJV1Z/6mBIvfd9NJZjJ1s/Pndz31aOwnE
9Jyg+nB3krznpysRUIYzNCcplLhRo627TjUEFjjvQ/F5uwoCGZXT9xcxWyArCnKT
gdHalUZp2KNGLVCD2DOjvQtBxYFbUzGXrQ6U36lYkJH3kjXFSYIhp65/2OIsW0YL
HzQI5E8n+ImrsykgyKUu7QBqdwmqVihBDedbDfyXtHq1zpzIq+n2gfIaujT4J9E1
hos3AgeR4Pez6PFd3MgI30xPUrr6RS6gKGFQUcbhNMOtCHBqIjSIzvWRPijBcn39
8GOdBDOWML9mIJZMUjzchuNo9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org