Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa
File:                     mV4v1WxMeI_B2kjtLKF676oholE.roa (raw, json)
Hash identifier:          /qh19Warhg77ZoN0EZmobalbVWVYgqPlen6Gb9QAzus=
Subject key identifier:   99:5E:2F:D5:6C:4C:78:8F:C1:DA:48:ED:2C:A1:7A:EF:AA:21:A2:51
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0183C77D8961727DAFA5F716F96005029A89
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa
Signing time:             Tue 11 Oct 2022 14:40:36 +0000
ROA not before:           Tue 11 Oct 2022 14:40:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        212.193.12.0/24 maxlen: 24
                          193.124.3.0/24 maxlen: 24
                          212.193.15.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          62.76.229.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          193.124.45.0/24 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          194.58.60.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24
                          193.124.95.0/24 maxlen: 24
                          194.87.207.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          195.133.82.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          192.124.173.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.191.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c7:7d:89:61:72:7d:af:a5:f7:16:f9:60:05:02:9a:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 11 14:40:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=995e2fd56c4c788fc1da48ed2ca17aefaa21a251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0d:19:78:92:f3:13:82:9e:d4:cb:c2:e2:fa:
                    6e:01:cf:32:92:46:17:2d:28:81:95:c5:79:c1:f0:
                    63:49:e8:50:3e:f5:80:dd:5d:b4:38:50:66:e2:0b:
                    65:5d:3f:e1:32:15:1d:2a:51:8e:2d:81:ae:51:6f:
                    38:9c:13:59:4f:9e:dd:9e:d4:43:62:a4:50:42:10:
                    85:67:cc:72:43:44:e4:1c:d5:27:3a:36:2f:8a:be:
                    5f:7a:49:f0:0d:d7:0b:5e:d6:b7:bd:54:4f:b9:2b:
                    a9:41:54:c0:51:04:38:6c:1e:14:4e:a6:0d:f3:4c:
                    5d:7c:bf:a1:4a:4b:a9:c7:04:32:61:67:a6:87:f9:
                    58:26:c8:ac:ae:c5:d3:a7:c6:a2:19:ce:4c:4e:2c:
                    6f:8e:b8:b1:ab:3b:79:ed:de:48:28:00:aa:28:e1:
                    f9:54:b5:4c:7b:28:cb:a7:f9:e6:21:a0:cd:48:4f:
                    72:f3:2a:ba:36:45:63:a1:f9:41:92:ae:c0:2d:0c:
                    cb:9e:be:9c:02:e6:94:31:b0:84:d5:1c:1a:9f:2a:
                    f7:43:f2:da:8a:e7:bb:dd:d0:97:4e:63:72:ab:3b:
                    a4:95:af:e3:8f:b5:4d:4f:f7:27:5b:86:43:c0:a7:
                    b8:9b:b8:0d:1e:54:09:ea:c1:6b:e0:06:d6:9c:2b:
                    a6:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5E:2F:D5:6C:4C:78:8F:C1:DA:48:ED:2C:A1:7A:EF:AA:21:A2:51
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mV4v1WxMeI_B2kjtLKF676oholE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0/24
                  62.76.229.0/24
                  62.76.231.0/24
                  192.124.173.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.209.0/24
                  193.124.3.0/24
                  193.124.45.0/24
                  193.124.90.0/24
                  193.124.95.0/24
                  193.124.203.0/24
                  194.58.45.0/24
                  194.58.60.0/24
                  194.87.1.0/24
                  194.87.24.0/22
                  194.87.165.0/24
                  194.87.170.0/24
                  194.87.179.0/24
                  194.87.191.0/24
                  194.87.198.0/24
                  194.87.207.0-194.87.209.255
                  194.87.222.0/23
                  194.87.226.0/24
                  194.135.23.0/24
                  195.58.54.0/24
                  195.133.76.0/24
                  195.133.82.0/24
                  212.193.12.0/24
                  212.193.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:a2:06:8e:fd:c0:c3:93:98:ea:cb:0e:9b:3f:3e:01:f3:9a:
         47:0e:58:90:a6:f2:f1:bd:e4:dc:96:b6:7e:f0:70:6c:be:dc:
         41:a4:61:9e:a1:d2:84:5e:e7:db:67:42:3e:70:87:98:4a:70:
         c3:87:a3:a3:a6:d1:e2:41:b2:14:27:c8:a1:2d:b9:0e:32:24:
         3d:3a:43:bd:58:80:21:ce:1b:80:11:6a:35:56:ba:50:e3:b1:
         cd:f0:36:81:3e:da:9e:2a:31:ef:e3:bd:a2:2b:08:d3:01:34:
         c6:11:97:4e:b8:53:19:28:28:d3:97:bf:d4:9a:52:04:de:26:
         be:df:22:10:07:a3:09:39:1a:fa:f8:01:cd:b6:cd:ee:27:dd:
         cc:b4:32:6e:f7:7c:89:f5:d7:80:cc:52:dd:a9:14:2e:7c:a9:
         40:a0:a1:7b:fb:df:7e:c4:8e:c5:d4:49:5a:93:0a:2c:ad:87:
         0f:c5:d7:cc:9a:b3:74:70:aa:8f:f7:55:c4:39:31:7e:29:67:
         d6:b8:77:0f:d0:6f:1c:db:e3:04:04:d1:a5:ea:3d:e1:fa:b7:
         f1:a1:4b:77:9b:dd:03:7b:50:df:84:8a:75:46:7f:48:04:c3:
         b9:44:71:36:20:d0:83:77:0f:14:82:a0:78:b6:5d:cb:6c:42:
         b0:48:10:e3
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYPHfYlhcn2vpfcW+WAFApqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDExMTQ0MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVlMmZkNTZjNGM3ODhmYzFkYTQ4ZWQyY2ExN2FlZmFhMjFhMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg0ZeJLzE4Ke1MvC4vpuAc8ykkYX
LSiBlcV5wfBjSehQPvWA3V20OFBm4gtlXT/hMhUdKlGOLYGuUW84nBNZT57dntRD
YqRQQhCFZ8xyQ0TkHNUnOjYvir5feknwDdcLXta3vVRPuSupQVTAUQQ4bB4UTqYN
80xdfL+hSkupxwQyYWemh/lYJsisrsXTp8aiGc5MTixvjrixqzt57d5IKACqKOH5
VLVMeyjLp/nmIaDNSE9y8yq6NkVjoflBkq7ALQzLnr6cAuaUMbCE1Rwanyr3Q/La
iue73dCXTmNyqzukla/jj7VNT/cnW4ZDwKe4m7gNHlQJ6sFr4AbWnCumnQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFJleL9VsTHiPwdpI7Syheu+qIaJRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbVY0djFXeE1lSV9CMmtqdExLRjY3Nm9ob2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAA+
TOEDBAA+TOUDBAA+TOcDBADAfK0DBADAfLIDBALAfLQDBADAfNEDBADBfAMDBADB
fC0DBADBfFoDBADBfF8DBADBfMsDBADCOi0DBADCOjwDBADCVwEDBALCVxgDBADC
V6UDBADCV6oDBADCV7MDBADCV78DBADCV8YwDAMEAMJXzwMEAcJX0AMEAcJX3gME
AMJX4gMEAMKHFwMEAMM6NgMEAMOFTAMEAMOFUgMEANTBDAMEANTBDzANBgkqhkiG
9w0BAQsFAAOCAQEAKqIGjv3Aw5OY6ssOmz8+AfOaRw5YkKby8b3k3Ja2fvBwbL7c
QaRhnqHShF7n22dCPnCHmEpww4ejo6bR4kGyFCfIoS25DjIkPTpDvViAIc4bgBFq
NVa6UOOxzfA2gT7aniox7+O9oisI0wE0xhGXTrhTGSgo05e/1JpSBN4mvt8iEAej
CTka+vgBzbbN7ifdzLQybvd8ifXXgMxS3akULnypQKChe/vffsSOxdRJWpMKLK2H
D8XXzJqzdHCqj/dVxDkxfiln1rh3D9BvHNvjBATRpeo94fq38aFLd5vdA3tQ34SK
dUZ/SATDuURxNiDQg3cPFIKgeLZdy2xCsEgQ4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:25 2024 by rpki-client on console-fra.rpki-client.org