Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RmeokDLItSq48jBSuj2QtU1edGA.roa
File:                     RmeokDLItSq48jBSuj2QtU1edGA.roa (raw, json)
Hash identifier:          m1lTG4tFShp8O+iFjSjCGuhBbtKM9+Rbwmv5vxQDBwo=
Subject key identifier:   46:67:A8:90:32:C8:B5:2A:B8:F2:30:52:BA:3D:90:B5:4D:5E:74:60
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01849ABB985156F5F38CC47B987F00256B9A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RmeokDLItSq48jBSuj2QtU1edGA.roa
Signing time:             Mon 21 Nov 2022 15:08:16 +0000
ROA not before:           Mon 21 Nov 2022 15:08:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        194.87.200.0/24 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          62.76.226.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          194.87.223.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.87.252.0/24 maxlen: 24
                          212.192.5.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          212.192.9.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          194.58.46.0/24 maxlen: 24
                          195.58.56.0/23 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.193.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.125.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9a:bb:98:51:56:f5:f3:8c:c4:7b:98:7f:00:25:6b:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 21 15:08:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4667a89032c8b52ab8f23052ba3d90b54d5e7460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7d:9d:68:8f:2a:ca:f0:db:c7:07:a5:d1:d6:
                    2a:c7:a5:46:e3:cc:a6:c7:ec:59:fe:a4:ba:e7:e9:
                    95:d0:ea:fc:1c:ec:f4:24:03:e0:ba:03:40:3c:90:
                    14:ef:bc:76:1e:ba:ad:28:65:5a:02:0c:9d:6a:b4:
                    0f:83:36:2a:60:f1:c1:6f:fe:22:0f:42:70:ff:3f:
                    45:f5:11:02:2d:6d:e9:0f:41:3f:9a:95:74:b8:7e:
                    67:96:40:fe:c8:fd:0f:f0:a6:ca:cb:dc:25:d4:a2:
                    6e:dd:42:b1:d8:70:ae:6f:26:80:4b:3a:1b:e3:c5:
                    ff:fa:d6:0f:c8:17:e4:30:76:51:cf:34:42:9a:ea:
                    b7:d7:d1:7f:ba:14:b7:8d:59:7a:bc:42:2f:41:e6:
                    6f:d0:36:0e:0c:df:cf:45:dc:e0:e1:2a:d1:a2:da:
                    ca:1c:6f:5c:e7:38:84:51:34:40:c4:5e:10:03:5b:
                    87:ca:f2:00:f5:f0:c9:2b:df:e0:d1:7d:7c:2a:00:
                    68:90:02:a5:cd:76:a6:24:39:2d:d8:ee:0f:3a:30:
                    aa:e2:cf:49:9c:d7:47:0c:7c:a4:35:ff:be:77:c2:
                    37:ee:af:03:c3:55:4c:0c:71:7e:b5:db:70:81:f9:
                    32:78:27:75:2c:6e:14:84:ef:cb:be:6e:5b:96:4d:
                    e9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:67:A8:90:32:C8:B5:2A:B8:F2:30:52:BA:3D:90:B5:4D:5E:74:60
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RmeokDLItSq48jBSuj2QtU1edGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0-62.76.226.255
                  192.124.180.0/24
                  193.124.18.0/24
                  193.124.90.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.40.0/24
                  194.58.46.0/24
                  194.58.59.0/24
                  194.87.124.0/23
                  194.87.200.0/24
                  194.87.223.0/24
                  194.87.226.0/24
                  194.87.233.0/24
                  194.87.252.0/24
                  195.58.54.0/24
                  195.58.56.0/23
                  195.133.76.0/24
                  195.133.193.0/24
                  212.192.5.0/24
                  212.192.9.0-212.192.10.255

    Signature Algorithm: sha256WithRSAEncryption
         4e:56:cd:fb:19:94:0f:a9:a8:f2:52:4e:28:57:35:27:59:4c:
         60:27:df:53:e1:e3:fe:2e:a7:42:a4:6c:23:4f:84:51:d5:b1:
         f1:b4:3e:f4:ef:4d:e6:1b:78:58:e0:3a:d6:ec:d8:68:9a:8e:
         3e:ec:87:2a:74:a0:2c:f5:8e:4e:88:aa:66:a5:d7:d6:43:8a:
         b3:eb:38:09:55:92:b6:7a:92:67:c0:23:4e:8c:c3:a7:d7:17:
         65:e2:64:12:41:bb:0e:ae:87:41:f1:94:22:dc:53:56:49:10:
         8f:be:7c:0f:dc:30:42:fb:4e:93:d8:a8:59:38:1c:f0:f9:49:
         4d:83:74:44:f2:ae:74:af:b6:c1:83:f5:bf:03:67:21:fc:4d:
         3a:d9:84:2b:c4:7a:21:2c:4f:76:d2:2e:b5:5d:b7:97:4f:9a:
         16:88:50:1f:2c:76:1e:dc:79:d4:90:4d:e5:3b:bc:a2:5e:ef:
         f6:21:19:1a:97:bc:7b:83:15:19:da:5c:54:89:eb:ff:2f:4e:
         99:6b:9b:e0:56:0b:5d:bc:9d:0c:c2:74:a8:a5:0e:38:61:16:
         1b:11:49:93:33:23:93:82:f5:ad:b3:13:f8:88:e8:06:cf:89:
         ab:96:c9:2e:2a:87:be:3d:89:f6:57:fd:2f:f6:66:9a:57:0b:
         5a:15:0b:0b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYSau5hRVvXzjMR7mH8AJWuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTIxMTUwODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjY3YTg5MDMyYzhiNTJhYjhmMjMwNTJiYTNkOTBiNTRkNWU3NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX2daI8qyvDbxwel0dYqx6VG48ym
x+xZ/qS65+mV0Or8HOz0JAPgugNAPJAU77x2HrqtKGVaAgydarQPgzYqYPHBb/4i
D0Jw/z9F9RECLW3pD0E/mpV0uH5nlkD+yP0P8KbKy9wl1KJu3UKx2HCubyaASzob
48X/+tYPyBfkMHZRzzRCmuq319F/uhS3jVl6vEIvQeZv0DYODN/PRdzg4SrRotrK
HG9c5ziEUTRAxF4QA1uHyvIA9fDJK9/g0X18KgBokAKlzXamJDkt2O4POjCq4s9J
nNdHDHykNf++d8I37q8Dw1VMDHF+tdtwgfkyeCd1LG4UhO/Lvm5blk3pVwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFEZnqJAyyLUquPIwUro9kLVNXnRgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUm1lb2tETEl0U3E0OGpCU3VqMlF0VTFlZEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMF8EgMEAMF8WgMEAMF8hQMEAMF8yAMEAMI6KAME
AMI6LgMEAMI6OwMEAcJXfAMEAMJXyAMEAMJX3wMEAMJX4gMEAMJX6QMEAMJX/AME
AMM6NgMEAcM6OAMEAMOFTAMEAMOFwQMEANTABTAMAwQA1MAJAwQA1MAKMA0GCSqG
SIb3DQEBCwUAA4IBAQBOVs37GZQPqajyUk4oVzUnWUxgJ99T4eP+LqdCpGwjT4RR
1bHxtD70703mG3hY4DrW7Nhomo4+7IcqdKAs9Y5OiKpmpdfWQ4qz6zgJVZK2epJn
wCNOjMOn1xdl4mQSQbsOrodB8ZQi3FNWSRCPvnwP3DBC+06T2KhZOBzw+UlNg3RE
8q50r7bBg/W/A2ch/E062YQrxHohLE920i61XbeXT5oWiFAfLHYe3HnUkE3lO7yi
Xu/2IRkal7x7gxUZ2lxUiev/L06Za5vgVgtdvJ0MwnSopQ44YRYbEUmTMyOTgvWt
sxP4iOgGz4mrlskuKoe+PYn2V/0v9maaVwtaFQsL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org