Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/eGEjayQ7vt5Nn8LDi6OtHKw2vQM.roa
File:                     eGEjayQ7vt5Nn8LDi6OtHKw2vQM.roa (raw, json)
Hash identifier:          KeWrbFi2+ql71kRfBrkmaLHJwvmwoOaryuOj0sv66ro=
Subject key identifier:   78:61:23:6B:24:3B:BE:DE:4D:9F:C2:C3:8B:A3:AD:1C:AC:36:BD:03
Certificate issuer:       /CN=945efd6c477806bd6b45267558d6828feec61ea6
Certificate serial:       0466E32B
Authority key identifier: 94:5E:FD:6C:47:78:06:BD:6B:45:26:75:58:D6:82:8F:EE:C6:1E:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lF79bEd4Br1rRSZ1WNaCj-7GHqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/eGEjayQ7vt5Nn8LDi6OtHKw2vQM.roa
Signing time:             Mon 11 Apr 2022 10:20:13 +0000
ROA not before:           Mon 11 Apr 2022 10:20:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197113
IP address blocks:        185.242.152.0/23 maxlen: 24
                          185.242.154.0/23 maxlen: 24
                          46.174.224.0/21 maxlen: 21
                          2a0c:ce80::/44 maxlen: 64
                          2a0c:ce80:10::/44 maxlen: 44
                          2a0c:ce80:20::/44 maxlen: 44
                          2a0c:ce80:30::/44 maxlen: 44
                          2a0c:ce80:40::/44 maxlen: 44
                          2a0c:ce80:50::/44 maxlen: 44
                          2a0c:ce80:60::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73851691 (0x466e32b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=945efd6c477806bd6b45267558d6828feec61ea6
        Validity
            Not Before: Apr 11 10:20:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7861236b243bbede4d9fc2c38ba3ad1cac36bd03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3b:3a:49:5b:ff:f4:78:de:54:9e:d5:f8:95:
                    e1:24:b6:61:a4:bb:52:2b:d1:ad:0c:76:fc:66:66:
                    6b:f4:a5:82:b5:3c:e2:ed:23:46:ae:0a:2a:b6:ca:
                    53:94:11:37:17:a4:7c:97:38:90:85:e5:2d:d5:10:
                    97:c5:5e:54:08:a2:38:41:f5:3d:fe:56:e5:4e:29:
                    5c:48:8b:7c:1e:d2:13:37:34:9f:d4:c4:3b:ff:ce:
                    2c:a8:88:4a:b5:12:75:32:1f:46:7c:98:4e:dc:52:
                    f8:87:65:94:3f:59:b2:c1:7c:4b:9b:a6:84:95:e9:
                    b7:15:da:23:01:99:5a:04:fd:d2:05:4a:0a:a3:2c:
                    a1:74:06:f6:d4:2e:6f:b4:b9:1b:b3:00:f9:ac:4b:
                    8f:d0:0a:d8:09:d9:48:07:8c:70:22:eb:01:20:2f:
                    2b:ab:98:7d:0e:88:3e:d8:2f:f7:11:69:a2:e4:2b:
                    75:51:d0:d5:f7:84:11:93:d4:16:92:6d:de:6b:08:
                    ba:ef:74:05:1c:d0:d0:e7:7c:38:f5:34:72:12:86:
                    1b:94:f6:ad:f5:52:6d:23:f1:63:36:3b:7b:42:79:
                    12:6d:bc:af:df:08:5f:b8:b1:6f:48:e5:2a:e8:a8:
                    71:17:80:ab:7c:12:05:b3:e8:0a:6b:e8:8e:fa:76:
                    91:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:61:23:6B:24:3B:BE:DE:4D:9F:C2:C3:8B:A3:AD:1C:AC:36:BD:03
            X509v3 Authority Key Identifier:
                keyid:94:5E:FD:6C:47:78:06:BD:6B:45:26:75:58:D6:82:8F:EE:C6:1E:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lF79bEd4Br1rRSZ1WNaCj-7GHqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/eGEjayQ7vt5Nn8LDi6OtHKw2vQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/lF79bEd4Br1rRSZ1WNaCj-7GHqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.174.224.0/21
                  185.242.152.0/22
                IPv6:
                  2a0c:ce80::-2a0c:ce80:6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         7e:62:6b:08:05:e4:9c:b6:67:21:80:38:5c:b7:50:da:0b:2b:
         f6:cd:5b:5f:4e:ef:25:37:26:8b:b2:ae:b5:9a:7c:a4:ce:2a:
         6b:e7:e8:21:a5:15:59:6c:00:01:9f:d4:da:4e:cb:df:c0:10:
         30:cc:87:4e:6a:b5:b3:e2:38:0c:d9:f0:f5:c8:a8:8f:e8:9d:
         d8:ad:0b:ad:c4:f3:04:df:62:6b:1e:bc:0f:13:c2:e1:25:67:
         b9:74:db:c0:9f:b0:e9:a6:ba:c8:11:6c:ee:66:43:45:ec:11:
         fa:39:5c:e1:84:7b:2c:8f:e6:52:ad:e0:1f:f7:f9:75:f5:e8:
         1c:3c:63:97:88:6f:c0:f3:3b:99:a6:14:b7:ee:88:5c:46:71:
         39:24:f4:f7:f2:6b:26:81:eb:38:98:64:c5:d0:ee:d4:d4:65:
         87:2d:f7:4d:29:7c:a0:1f:00:8d:f7:76:15:39:96:6e:fe:07:
         1c:fd:4a:f7:36:21:2a:11:25:8a:d6:cd:46:44:8c:88:04:40:
         a2:2f:5a:9c:84:fe:c0:2b:9c:13:4e:bc:13:ee:e2:fb:47:dc:
         dd:b5:7c:ba:d3:a1:ea:93:83:2c:2f:fb:3b:77:94:68:bf:2d:
         3e:8b:86:bb:6a:29:0d:0d:93:7b:50:91:cc:86:3d:ea:ac:8a:
         45:f1:7e:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBGbjKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDVlZmQ2YzQ3NzgwNmJkNmI0NTI2NzU1OGQ2ODI4ZmVlYzYxZWE2MB4XDTIyMDQx
MTEwMjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg2MTIzNmIyNDNi
YmVkZTRkOWZjMmMzOGJhM2FkMWNhYzM2YmQwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk7Oklb//R43lSe1fiV4SS2YaS7UivRrQx2/GZma/SlgrU8
4u0jRq4KKrbKU5QRNxekfJc4kIXlLdUQl8VeVAiiOEH1Pf5W5U4pXEiLfB7SEzc0
n9TEO//OLKiISrUSdTIfRnyYTtxS+IdllD9ZssF8S5umhJXptxXaIwGZWgT90gVK
CqMsoXQG9tQub7S5G7MA+axLj9AK2AnZSAeMcCLrASAvK6uYfQ6IPtgv9xFpouQr
dVHQ1feEEZPUFpJt3msIuu90BRzQ0Od8OPU0chKGG5T2rfVSbSPxYzY7e0J5Em28
r98IX7ixb0jlKuiocReAq3wSBbPoCmvojvp2kcECAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBR4YSNrJDu+3k2fwsOLo60crDa9AzAfBgNVHSMEGDAWgBSUXv1sR3gGvWtF
JnVY1oKP7sYepjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xGNzliRWQ0QnIxclJTWjFXTmFDai03R0hxWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMzI4ZmFiLTRlYmMtNGUxZi04NDBlLWJjNDI0MzQ5YTE2ZS8x
L2VHRWpheVE3dnQ1Tm44TERpNk90SEt3MnZRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
MzI4ZmFiLTRlYmMtNGUxZi04NDBlLWJjNDI0MzQ5YTE2ZS8xL2xGNzliRWQ0QnIx
clJTWjFXTmFDai03R0hxWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAy6u4AMEArnymDAYBAIAAjASMBAD
BQcqDM6AAwcEKgzOgABgMA0GCSqGSIb3DQEBCwUAA4IBAQB+YmsIBeSctmchgDhc
t1DaCyv2zVtfTu8lNyaLsq61mnykzipr5+ghpRVZbAABn9TaTsvfwBAwzIdOarWz
4jgM2fD1yKiP6J3YrQutxPME32JrHrwPE8LhJWe5dNvAn7DpprrIEWzuZkNF7BH6
OVzhhHssj+ZSreAf9/l19egcPGOXiG/A8zuZphS37ohcRnE5JPT38msmges4mGTF
0O7U1GWHLfdNKXygHwCN93YVOZZu/gcc/Ur3NiEqESWK1s1GRIyIBECiL1qchP7A
K5wTTrwT7uL7R9zdtXy606Hqk4MsL/s7d5Rovy0+i4a7aikNDZN7UJHMhj3qrIpF
8X7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org