Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/E7EXMkSMwBtP7xT670xMJxqX3Co.roa
File:                     E7EXMkSMwBtP7xT670xMJxqX3Co.roa (raw, json)
Hash identifier:          EjZ2YwVE/rXz0dk8A8PhLHZaGstRYP7AxT7PTMIUSDU=
Subject key identifier:   13:B1:17:32:44:8C:C0:1B:4F:EF:14:FA:EF:4C:4C:27:1A:97:DC:2A
Certificate issuer:       /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial:       0AF3BC
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/E7EXMkSMwBtP7xT670xMJxqX3Co.roa
Signing time:             Thu 23 Jun 2022 12:29:57 +0000
ROA not before:           Thu 23 Jun 2022 12:29:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51684
IP address blocks:        185.16.26.0/24 maxlen: 24
                          5.181.196.0/24 maxlen: 24
                          89.46.204.0/23 maxlen: 23
                          89.46.206.0/24 maxlen: 24
                          89.46.206.0/23 maxlen: 23
                          89.46.203.0/24 maxlen: 24
                          89.46.202.0/23 maxlen: 23
                          89.46.202.0/24 maxlen: 24
                          89.46.204.0/24 maxlen: 24
                          89.46.205.0/24 maxlen: 24
                          89.46.200.0/24 maxlen: 24
                          89.46.200.0/23 maxlen: 23
                          89.46.201.0/24 maxlen: 24
                          89.46.207.0/24 maxlen: 24
                          185.254.203.0/24 maxlen: 24
                          185.254.200.0/24 maxlen: 24
                          185.254.200.0/23 maxlen: 23
                          185.254.201.0/24 maxlen: 24
                          82.199.208.0/23 maxlen: 23
                          82.199.208.0/24 maxlen: 24
                          82.199.209.0/24 maxlen: 24
                          82.199.210.0/24 maxlen: 24
                          82.199.211.0/24 maxlen: 24
                          82.199.212.0/23 maxlen: 23
                          82.199.212.0/24 maxlen: 24
                          82.199.213.0/24 maxlen: 24
                          82.199.214.0/23 maxlen: 23
                          82.199.218.0/23 maxlen: 23
                          82.199.218.0/24 maxlen: 24
                          82.199.219.0/24 maxlen: 24
                          82.199.214.0/24 maxlen: 24
                          82.199.215.0/24 maxlen: 24
                          82.199.216.0/24 maxlen: 24
                          82.199.216.0/23 maxlen: 23
                          82.199.217.0/24 maxlen: 24
                          82.199.221.0/24 maxlen: 24
                          82.199.222.0/24 maxlen: 24
                          82.199.222.0/23 maxlen: 23
                          82.199.220.0/24 maxlen: 24
                          82.199.220.0/23 maxlen: 23
                          185.247.37.0/24 maxlen: 24
                          185.247.38.0/24 maxlen: 24
                          185.247.36.0/24 maxlen: 24
                          185.247.36.0/23 maxlen: 23
                          185.95.204.0/23 maxlen: 23
                          185.95.204.0/24 maxlen: 24
                          185.95.205.0/24 maxlen: 24
                          185.95.206.0/24 maxlen: 24
                          185.95.206.0/23 maxlen: 23
                          185.95.207.0/24 maxlen: 24
                          185.247.38.0/23 maxlen: 23
                          185.247.39.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 717756 (0xaf3bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
        Validity
            Not Before: Jun 23 12:29:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=13b11732448cc01b4fef14faef4c4c271a97dc2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ab:42:5c:09:b9:25:27:9f:98:17:44:7e:64:
                    97:0c:86:93:9f:ff:4c:10:7c:28:1b:48:63:a8:97:
                    d7:9f:e4:6a:81:96:b4:3e:b7:76:66:80:99:21:eb:
                    2b:9c:e4:84:6e:50:f4:62:72:b5:49:df:13:d5:68:
                    c6:ad:47:ae:86:80:38:7a:a8:9e:d3:f1:98:08:d3:
                    f5:0d:f7:61:6d:4b:25:cc:72:f9:c5:8d:90:fd:e3:
                    00:82:86:01:e4:88:49:20:2b:39:49:cc:dc:66:33:
                    b6:c6:58:f6:5f:be:39:1f:20:d7:9b:de:26:34:d1:
                    6c:70:bf:9d:e4:4b:32:6c:e7:20:29:45:4f:50:fb:
                    2e:70:97:cd:f7:85:a3:4b:89:ea:65:57:a5:ff:39:
                    4c:a0:eb:c0:59:a9:97:b7:7b:ae:ed:ba:c4:46:ff:
                    af:3d:a6:e3:ef:78:d6:f6:06:7b:02:91:aa:33:33:
                    fb:17:f9:b9:72:f9:24:bf:03:40:f9:dc:1d:45:de:
                    d0:7d:a6:b2:23:18:85:da:43:17:da:fc:66:63:e5:
                    64:52:17:53:5c:a7:86:0d:79:69:2c:5b:35:40:28:
                    07:d5:9a:d8:b4:55:23:91:3e:42:83:b6:8c:f4:b4:
                    6c:f0:0f:8b:99:c7:3d:22:33:30:74:a1:bc:88:58:
                    cd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:B1:17:32:44:8C:C0:1B:4F:EF:14:FA:EF:4C:4C:27:1A:97:DC:2A
            X509v3 Authority Key Identifier:
                keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/E7EXMkSMwBtP7xT670xMJxqX3Co.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.196.0/24
                  82.199.208.0/20
                  89.46.200.0/21
                  185.16.26.0/24
                  185.95.204.0/22
                  185.247.36.0/22
                  185.254.200.0/23
                  185.254.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:f1:92:fc:3b:55:c7:ff:6d:b6:83:3c:0a:a4:28:03:a0:cc:
         de:6d:e0:d1:74:cb:78:19:90:96:3a:7f:50:a0:fe:db:80:f2:
         1f:3f:a6:8f:f2:f0:c1:5b:cf:b4:83:68:46:84:ff:a9:94:53:
         db:b9:fc:4d:8b:bc:ac:e1:bc:ac:e8:6f:71:f8:a4:b5:40:f3:
         16:16:97:35:7e:d9:a1:3b:78:31:2d:e1:09:e2:33:56:ac:67:
         f5:c7:9a:46:fe:09:5e:27:04:fb:dd:4e:49:55:7d:6c:f3:12:
         3c:2d:3e:64:7a:37:7b:73:a4:22:be:09:4d:33:92:c2:34:d2:
         cc:d6:48:e5:cb:20:9f:91:eb:fa:5d:21:90:0a:87:d0:18:10:
         6d:c8:af:db:e5:d9:a9:3a:6e:09:bc:fc:5e:22:a3:d3:a7:71:
         84:94:94:15:68:e9:0a:f9:4f:f6:f2:d2:9d:34:ef:63:24:1a:
         bb:5c:31:b8:b8:80:16:5d:c7:32:54:2a:02:92:18:09:f6:f3:
         d6:39:12:a0:cc:d8:7b:12:be:9f:4a:7a:06:ba:6d:ac:af:73:
         a9:5f:90:e6:98:71:ca:97:4c:6b:7c:93:fd:6e:43:3d:a1:57:
         aa:d0:3d:e8:00:9a:d4:2e:c1:ba:2c:25:c8:55:d4:53:d3:95:
         f4:a8:69:3e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIDCvO8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ5
ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEzMzhmZmUwHhcNMjIwNjIz
MTIyOTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxM2IxMTczMjQ0OGNj
MDFiNGZlZjE0ZmFlZjRjNGMyNzFhOTdkYzJhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1atCXAm5JSefmBdEfmSXDIaTn/9MEHwoG0hjqJfXn+RqgZa0
Prd2ZoCZIesrnOSEblD0YnK1Sd8T1WjGrUeuhoA4eqie0/GYCNP1DfdhbUslzHL5
xY2Q/eMAgoYB5IhJICs5SczcZjO2xlj2X745HyDXm94mNNFscL+d5EsybOcgKUVP
UPsucJfN94WjS4nqZVel/zlMoOvAWamXt3uu7brERv+vPabj73jW9gZ7ApGqMzP7
F/m5cvkkvwNA+dwdRd7QfaayIxiF2kMX2vxmY+VkUhdTXKeGDXlpLFs1QCgH1ZrY
tFUjkT5Cg7aM9LRs8A+Lmcc9IjMwdKG8iFjNJwIDAQABo4ICMzCCAi8wHQYDVR0O
BBYEFBOxFzJEjMAbT+8U+u9MTCcal9wqMB8GA1UdIwQYMBaAFEndjxpipdf4AhLe
Dz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBmLzEv
RTdFWE1rU013QnRQN3hUNjcweE1KeHFYM0NvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8w
MWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBmLzEvU2QyUEdtS2wxX2dD
RXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkG
CCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbXEAwQEUsfQAwQDWS7IAwQAuRAa
AwQCuV/MAwQCufckAwQBuf7IAwQAuf7LMA0GCSqGSIb3DQEBCwUAA4IBAQCb8ZL8
O1XH/222gzwKpCgDoMzebeDRdMt4GZCWOn9QoP7bgPIfP6aP8vDBW8+0g2hGhP+p
lFPbufxNi7ys4bys6G9x+KS1QPMWFpc1ftmhO3gxLeEJ4jNWrGf1x5pG/gleJwT7
3U5JVX1s8xI8LT5kejd7c6QivglNM5LCNNLM1kjlyyCfkev6XSGQCofQGBBtyK/b
5dmpOm4JvPxeIqPTp3GElJQVaOkK+U/28tKdNO9jJBq7XDG4uIAWXccyVCoCkhgJ
9vPWORKgzNh7Er6fSnoGum2sr3OpX5DmmHHKl0xrfJP9bkM9oVeq0D3oAJrULsG6
LCXIVdRT05X0qGk+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:40 2024 by rpki-client on console-fra.rpki-client.org