Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/bBvFtsLg2gVr6B7Xn0yI-2coEBA.roa
File:                     bBvFtsLg2gVr6B7Xn0yI-2coEBA.roa (raw, json)
Hash identifier:          5+QTygpKQ5oSJJwKqZa0YTl5KdJF09zabZ+g6oiLkk0=
Subject key identifier:   6C:1B:C5:B6:C2:E0:DA:05:6B:E8:1E:D7:9F:4C:88:FB:67:28:10:10
Certificate issuer:       /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial:       026BB805
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/bBvFtsLg2gVr6B7Xn0yI-2coEBA.roa
Signing time:             Wed 09 Feb 2022 19:49:39 +0000
ROA not before:           Wed 09 Feb 2022 19:49:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50130
IP address blocks:        31.129.227.0/24 maxlen: 24
                          31.129.228.0/24 maxlen: 24
                          31.129.240.0/22 maxlen: 22
                          31.129.234.0/24 maxlen: 24
                          31.129.240.0/23 maxlen: 23
                          31.129.242.0/23 maxlen: 23
                          31.129.252.0/22 maxlen: 22
                          31.129.252.0/23 maxlen: 23
                          31.129.252.0/24 maxlen: 24
                          31.129.253.0/24 maxlen: 24
                          31.129.254.0/24 maxlen: 24
                          31.129.254.0/23 maxlen: 23
                          31.129.255.0/24 maxlen: 24
                          31.129.224.0/22 maxlen: 22
                          31.129.224.0/24 maxlen: 24
                          31.129.224.0/23 maxlen: 23
                          31.129.225.0/24 maxlen: 24
                          31.129.226.0/23 maxlen: 23
                          31.129.226.0/24 maxlen: 24
                          213.5.192.0/24 maxlen: 24
                          213.5.194.0/24 maxlen: 24
                          213.5.193.0/24 maxlen: 24
                          213.5.195.0/24 maxlen: 24
                          213.5.196.0/23 maxlen: 23
                          213.5.196.0/24 maxlen: 24
                          213.5.197.0/24 maxlen: 24
                          213.5.198.0/24 maxlen: 24
                          213.5.198.0/23 maxlen: 23
                          213.5.199.0/24 maxlen: 24
                          213.5.196.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40613893 (0x26bb805)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
        Validity
            Not Before: Feb  9 19:49:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c1bc5b6c2e0da056be81ed79f4c88fb67281010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:14:a3:30:fc:e8:5e:a4:a3:be:42:e1:67:b7:
                    8b:ff:f9:90:6a:0e:0a:0f:54:41:14:65:ef:bf:d8:
                    37:81:cb:16:13:65:b6:87:06:36:e4:0a:25:0c:79:
                    bb:99:08:93:10:c3:a3:0e:0a:52:56:d8:24:cd:9b:
                    26:72:15:9c:42:5d:61:44:e3:a5:22:fa:87:7b:fd:
                    b5:f7:bb:16:a9:44:83:99:37:57:58:15:8b:32:ec:
                    44:7f:11:2e:74:57:a5:3e:ff:cb:60:05:53:77:9e:
                    85:d1:03:96:e4:fe:72:1b:a8:02:4a:7b:55:e1:5a:
                    25:e2:87:d3:63:e4:d8:a2:a0:24:85:c0:ee:a2:3c:
                    b3:61:21:33:e4:d9:d4:52:49:62:c7:12:1b:08:ff:
                    9c:3c:46:4f:2d:5e:f9:d1:ce:97:11:66:51:6d:88:
                    5e:34:53:85:b4:d4:20:21:ba:76:d1:c3:a6:a6:52:
                    17:05:aa:2b:59:dd:4c:21:12:be:21:94:91:a7:ca:
                    97:aa:2d:cc:7f:5c:25:2e:3e:6f:f2:16:6e:65:d0:
                    fe:a5:c5:84:78:a0:de:60:bd:b1:0b:39:7e:27:21:
                    42:bc:d1:c8:46:69:a1:09:32:37:e1:49:f9:e9:08:
                    96:2c:c6:d6:a9:c6:71:1c:8f:d8:aa:1f:8a:b2:db:
                    fd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:1B:C5:B6:C2:E0:DA:05:6B:E8:1E:D7:9F:4C:88:FB:67:28:10:10
            X509v3 Authority Key Identifier:
                keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/bBvFtsLg2gVr6B7Xn0yI-2coEBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.129.224.0-31.129.228.255
                  31.129.234.0/24
                  31.129.240.0/22
                  31.129.252.0/22
                  213.5.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         13:dd:2c:b4:92:9d:b3:44:dc:31:3c:92:2b:f1:79:bb:f5:76:
         6a:1d:ea:e3:d2:d3:56:11:fc:57:45:50:b4:d2:48:f9:fc:75:
         48:c9:04:0f:ad:ea:da:c5:a2:4a:a3:63:27:57:7c:4b:12:fa:
         32:f8:92:f6:2b:3b:b2:16:e2:d4:ba:37:1b:7a:f0:07:be:8b:
         17:cc:d7:4f:0a:0c:88:f1:58:c9:62:3d:51:5d:40:f8:7e:de:
         72:91:7d:8e:25:7e:da:11:57:10:d9:86:0f:de:76:63:9e:e2:
         a7:1a:00:ba:2f:30:cc:36:2c:b6:ab:e9:1d:ab:90:cd:fe:34:
         d3:50:9b:8f:21:ac:49:26:92:bb:60:ca:d6:95:73:b3:09:f3:
         da:df:64:ae:94:e0:34:1e:69:1c:81:6a:3c:0e:31:2e:b2:4a:
         ad:dc:db:ec:b8:bc:55:eb:cf:82:cf:a6:ac:5d:eb:98:8d:e3:
         70:f1:0d:04:11:34:47:ac:7f:2c:d0:b2:4d:84:97:8c:12:09:
         60:1d:7a:94:d2:91:f6:21:9b:55:c9:96:e2:6f:8d:57:12:10:
         f0:bb:b9:85:1a:d6:64:c9:84:01:7a:00:c6:27:6e:e7:9c:a6:
         29:e0:33:7a:8f:41:d9:11:be:99:f9:39:ff:86:b2:15:96:e2:
         d0:ec:6e:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEAmu4BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDQ0YzdjM2FkMzRiNjk3N2ZhMThhMjIzN2NhMzA2YjliZWUwOGUwMB4XDTIyMDIw
OTE5NDkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMxYmM1YjZjMmUw
ZGEwNTZiZTgxZWQ3OWY0Yzg4ZmI2NzI4MTAxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgUozD86F6ko75C4We3i//5kGoOCg9UQRRl77/YN4HLFhNl
tocGNuQKJQx5u5kIkxDDow4KUlbYJM2bJnIVnEJdYUTjpSL6h3v9tfe7FqlEg5k3
V1gVizLsRH8RLnRXpT7/y2AFU3eehdEDluT+chuoAkp7VeFaJeKH02Pk2KKgJIXA
7qI8s2EhM+TZ1FJJYscSGwj/nDxGTy1e+dHOlxFmUW2IXjRThbTUICG6dtHDpqZS
FwWqK1ndTCESviGUkafKl6otzH9cJS4+b/IWbmXQ/qXFhHig3mC9sQs5fichQrzR
yEZpoQkyN+FJ+ekIlizG1qnGcRyP2KofirLb/TECAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRsG8W2wuDaBWvoHtefTIj7ZygQEDAfBgNVHSMEGDAWgBRERMfDrTS2l3+h
iiI3yjBrm+4I4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JFVEh3NjAwdHBkX29Zb2lOOG93YTV2dUNPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8x
L2JCdkZ0c0xnMmdWcjZCN1huMHlJLTJjb0VCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8xL1JFVEh3NjAwdHBk
X29Zb2lOOG93YTV2dUNPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJjAMAwQFH4HgAwQAH4HkAwQAH4HqAwQC
H4HwAwQCH4H8AwQD1QXAMA0GCSqGSIb3DQEBCwUAA4IBAQAT3Sy0kp2zRNwxPJIr
8Xm79XZqHerj0tNWEfxXRVC00kj5/HVIyQQPreraxaJKo2MnV3xLEvoy+JL2Kzuy
FuLUujcbevAHvosXzNdPCgyI8VjJYj1RXUD4ft5ykX2OJX7aEVcQ2YYP3nZjnuKn
GgC6LzDMNiy2q+kdq5DN/jTTUJuPIaxJJpK7YMrWlXOzCfPa32SulOA0HmkcgWo8
DjEuskqt3NvsuLxV68+Cz6asXeuYjeNw8Q0EETRHrH8s0LJNhJeMEglgHXqU0pH2
IZtVyZbib41XEhDwu7mFGtZkyYQBegDGJ27nnKYp4DN6j0HZEb6Z+Tn/hrIVluLQ
7G55
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:57 2024 by rpki-client on console-ams.rpki-client.org