Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/dsxEc4wXY2EabJAFoVxASdpvH9Y.roa
File:                     dsxEc4wXY2EabJAFoVxASdpvH9Y.roa (raw, json)
Hash identifier:          RJH+GsmaNh/EHwW5sLuVDpNBqwrtuh8Gx9iqt87g7Fk=
Subject key identifier:   76:CC:44:73:8C:17:63:61:1A:6C:90:05:A1:5C:40:49:DA:6F:1F:D6
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       38378073
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/dsxEc4wXY2EabJAFoVxASdpvH9Y.roa
Signing time:             Tue 10 May 2022 06:13:42 +0000
ROA not before:           Tue 10 May 2022 06:13:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12716
IP address blocks:        151.251.255.0/24 maxlen: 24
                          151.251.254.0/24 maxlen: 24
                          83.97.30.0/24 maxlen: 24
                          151.251.239.0/24 maxlen: 24
                          151.251.240.0/24 maxlen: 24
                          151.251.238.0/24 maxlen: 24
                          151.251.245.0/24 maxlen: 24
                          151.251.243.0/24 maxlen: 24
                          151.251.241.0/24 maxlen: 24
                          151.251.246.0/24 maxlen: 24
                          151.251.244.0/24 maxlen: 24
                          151.251.242.0/24 maxlen: 24
                          151.251.249.0/24 maxlen: 24
                          151.251.247.0/24 maxlen: 24
                          151.251.253.0/24 maxlen: 24
                          151.251.251.0/24 maxlen: 24
                          151.251.248.0/24 maxlen: 24
                          151.251.252.0/24 maxlen: 24
                          151.251.250.0/24 maxlen: 24
                          89.215.62.0/23 maxlen: 23
                          213.226.17.0/24 maxlen: 24
                          85.118.71.0/24 maxlen: 24
                          85.118.70.0/24 maxlen: 24
                          213.226.19.0/24 maxlen: 24
                          85.118.74.0/24 maxlen: 24
                          85.118.84.0/24 maxlen: 24
                          213.226.36.0/24 maxlen: 24
                          85.118.93.0/24 maxlen: 24
                          213.226.40.0/24 maxlen: 24
                          85.118.92.0/24 maxlen: 24
                          213.226.51.0/24 maxlen: 24
                          213.226.57.0/24 maxlen: 24
                          213.226.56.0/24 maxlen: 24
                          213.226.63.0/24 maxlen: 24
                          213.226.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 943161459 (0x38378073)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 10 06:13:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76cc44738c1763611a6c9005a15c4049da6f1fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:95:53:c7:8b:b7:09:48:ee:9b:d4:35:c3:71:
                    03:ba:9e:27:29:09:c8:9c:93:29:13:b8:2f:67:38:
                    ac:7e:3a:0d:b1:0c:42:5d:9c:48:b5:82:1c:5f:1d:
                    fd:10:3d:bd:cf:1a:2a:1e:a4:8d:5e:65:af:07:c6:
                    59:5b:56:15:bc:95:50:ad:30:7a:87:2d:f1:09:04:
                    10:bc:7d:fd:c9:de:0c:22:4a:76:92:df:44:59:69:
                    33:2c:e5:45:d2:36:c4:0c:d1:9c:bf:d9:b8:01:39:
                    ed:d4:ec:01:cf:88:80:eb:7f:16:4f:79:65:bd:b5:
                    45:c5:ce:40:50:73:14:95:96:36:e2:0c:45:74:8b:
                    09:6a:7c:55:f3:9f:82:8b:75:ca:5d:2d:f2:cb:ab:
                    8f:99:41:60:13:83:1e:17:74:7a:b6:0e:4a:8f:80:
                    2d:31:5a:06:63:ed:6d:04:57:4a:1a:4f:78:7c:27:
                    a7:92:3b:c9:61:79:da:92:74:d1:8c:e9:77:65:e6:
                    f4:da:de:32:e3:91:b6:d9:ff:b7:16:27:c0:7d:7c:
                    89:c7:2c:3a:8a:5d:ca:d3:a7:78:cd:31:c8:1c:ee:
                    bf:a2:23:05:fb:a2:03:4b:34:4b:bb:0f:2d:eb:52:
                    4a:03:94:7d:76:f8:f0:59:53:18:6b:31:c0:60:90:
                    ad:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:CC:44:73:8C:17:63:61:1A:6C:90:05:A1:5C:40:49:DA:6F:1F:D6
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/dsxEc4wXY2EabJAFoVxASdpvH9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.30.0/24
                  85.118.70.0/23
                  85.118.74.0/24
                  85.118.84.0/24
                  85.118.92.0/23
                  89.215.62.0/23
                  151.251.238.0-151.251.255.255
                  213.226.17.0/24
                  213.226.19.0/24
                  213.226.36.0/24
                  213.226.40.0/24
                  213.226.51.0/24
                  213.226.56.0/23
                  213.226.59.0/24
                  213.226.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:49:0b:45:97:e5:48:0d:6d:a0:2f:11:14:06:98:63:37:85:
         a6:3f:90:d8:e4:ae:10:da:8f:55:a0:81:3b:45:3d:48:ac:85:
         71:0d:a3:9d:5f:4b:a1:b2:af:8c:b0:4c:9f:e2:ae:fd:cc:6e:
         3a:ea:fd:31:fe:ad:b0:ce:d9:dc:78:46:a0:a3:49:10:b2:df:
         43:94:ee:ff:df:99:87:60:85:56:9c:13:c7:54:c8:e0:38:ef:
         f5:6a:56:6c:cd:af:05:60:ab:cf:98:dd:c8:ca:df:b8:ba:9b:
         55:26:51:b3:5f:98:fa:81:de:f2:76:24:7e:58:2f:a4:1b:75:
         77:cc:18:74:0e:50:39:c6:32:44:61:b8:1e:2e:68:00:c9:cd:
         94:88:c7:3d:f6:12:b7:84:b5:45:d1:ad:85:8e:1c:85:a1:a5:
         75:61:e0:84:20:d7:15:78:e1:d0:fc:fd:a5:f1:5e:17:c1:d3:
         a3:e7:b3:38:c6:17:3f:a6:72:d3:33:60:91:9b:0e:f6:48:15:
         f8:f3:8c:5a:f2:cf:70:73:51:3c:8f:60:79:05:d4:71:47:ae:
         75:ee:57:20:cc:5d:96:a7:11:ee:50:d8:53:0b:d0:b1:55:0e:
         be:e1:dd:65:7b:9d:03:68:f8:a2:1f:a8:a3:fe:0f:9d:af:b8:
         aa:64:b1:41
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIEODeAczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
MDA2MTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjYzQ0NzM4YzE3
NjM2MTFhNmM5MDA1YTE1YzQwNDlkYTZmMWZkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSVU8eLtwlI7pvUNcNxA7qeJykJyJyTKRO4L2c4rH46DbEM
Ql2cSLWCHF8d/RA9vc8aKh6kjV5lrwfGWVtWFbyVUK0weoct8QkEELx9/cneDCJK
dpLfRFlpMyzlRdI2xAzRnL/ZuAE57dTsAc+IgOt/Fk95Zb21RcXOQFBzFJWWNuIM
RXSLCWp8VfOfgot1yl0t8surj5lBYBODHhd0erYOSo+ALTFaBmPtbQRXShpPeHwn
p5I7yWF52pJ00Yzpd2Xm9NreMuORttn/txYnwH18iccsOopdytOneM0xyBzuv6Ij
BfuiA0s0S7sPLetSSgOUfXb48FlTGGsxwGCQraUCAwEAAaOCAmQwggJgMB0GA1Ud
DgQWBBR2zERzjBdjYRpskAWhXEBJ2m8f1jAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L2RzeEVjNHdYWTJFYWJKQUZvVnhBU2Rwdkg5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6
BggrBgEFBQcBBwEB/wRrMGkwZwQCAAEwYQMEAFNhHgMEAVV2RgMEAFV2SgMEAFV2
VAMEAVV2XAMEAVnXPjALAwQBl/vuAwMCl/gDBADV4hEDBADV4hMDBADV4iQDBADV
4igDBADV4jMDBAHV4jgDBADV4jsDBADV4j8wDQYJKoZIhvcNAQELBQADggEBADtJ
C0WX5UgNbaAvERQGmGM3haY/kNjkrhDaj1WggTtFPUishXENo51fS6Gyr4ywTJ/i
rv3Mbjrq/TH+rbDO2dx4RqCjSRCy30OU7v/fmYdghVacE8dUyOA47/VqVmzNrwVg
q8+Y3cjK37i6m1UmUbNfmPqB3vJ2JH5YL6QbdXfMGHQOUDnGMkRhuB4uaADJzZSI
xz32EreEtUXRrYWOHIWhpXVh4IQg1xV44dD8/aXxXhfB06PnszjGFz+mctMzYJGb
DvZIFfjzjFryz3BzUTyPYHkF1HFHrnXuVyDMXZanEe5Q2FML0LFVDr7h3WV7nQNo
+KIfqKP+D52vuKpksUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org