Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa
File:                     U3tUiWtkc7REbXqobR6jhlEMQCY.roa (raw, json)
Hash identifier:          nZmF4oGDQ2OtZVMGv0zBZurnMSArWcPo6MAgBR2roLU=
Subject key identifier:   53:7B:54:89:6B:64:73:B4:44:6D:7A:A8:6D:1E:A3:86:51:0C:40:26
Certificate issuer:       /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial:       05E92784
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa
Signing time:             Fri 29 Apr 2022 08:39:42 +0000
ROA not before:           Fri 29 Apr 2022 08:39:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42568
IP address blocks:        89.36.152.0/23 maxlen: 23
                          93.114.140.0/24 maxlen: 24
                          89.33.202.0/23 maxlen: 23
                          89.45.160.0/23 maxlen: 23
                          89.33.10.0/24 maxlen: 24
                          89.33.11.0/24 maxlen: 24
                          188.213.200.0/23 maxlen: 23
                          89.42.234.0/24 maxlen: 24
                          89.42.235.0/24 maxlen: 24
                          89.41.174.0/23 maxlen: 23
                          31.14.222.0/23 maxlen: 23
                          89.42.176.0/23 maxlen: 23
                          89.45.64.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99166084 (0x5e92784)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
        Validity
            Not Before: Apr 29 08:39:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=537b54896b6473b4446d7aa86d1ea386510c4026
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5f:a4:03:66:5e:46:34:8c:6a:06:74:bc:68:
                    09:b8:ed:4f:ea:8a:c5:d7:9a:30:9d:34:ac:9a:20:
                    a7:a5:5d:a5:5e:65:29:f5:fc:d6:ae:45:46:76:fb:
                    6b:1d:1d:ae:58:6e:d2:ba:00:42:1f:e2:74:ce:7d:
                    9a:0d:f3:17:7e:b2:be:29:c1:be:bb:d8:be:8d:60:
                    13:23:a3:44:c0:54:5a:c4:bd:46:f2:e5:fb:ee:59:
                    b4:ae:6c:08:a4:b4:68:d8:19:0d:ba:1f:47:5e:d5:
                    87:9e:69:fa:bb:fc:d7:30:d1:7d:7b:92:4b:3b:9a:
                    87:f8:4b:35:d9:3c:b4:1a:33:01:93:5d:85:3c:96:
                    5b:13:87:c8:74:e2:98:d3:ea:9c:4d:6e:66:89:2a:
                    58:4b:14:ff:bf:db:84:9a:94:fd:fc:eb:5f:88:31:
                    f5:7a:40:f4:a4:cc:2c:5d:fa:61:7b:6d:e8:0b:66:
                    d9:71:1f:91:cc:15:48:00:98:86:24:18:9d:f3:11:
                    99:57:ea:5d:10:6e:c9:cc:48:cd:7e:4f:a6:21:57:
                    ba:22:1e:28:75:47:aa:b7:78:6a:80:f2:4b:ea:dc:
                    aa:9d:75:0b:70:5c:75:4a:f8:f0:1b:fd:07:0e:40:
                    64:06:a0:c8:a1:76:7d:58:4d:8b:d2:34:fb:6d:d0:
                    7a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:7B:54:89:6B:64:73:B4:44:6D:7A:A8:6D:1E:A3:86:51:0C:40:26
            X509v3 Authority Key Identifier:
                keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/U3tUiWtkc7REbXqobR6jhlEMQCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.222.0/23
                  89.33.10.0/23
                  89.33.202.0/23
                  89.36.152.0/23
                  89.41.174.0/23
                  89.42.176.0/23
                  89.42.234.0/23
                  89.45.64.0/23
                  89.45.160.0/23
                  93.114.140.0/24
                  188.213.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         19:d7:70:80:d7:1b:68:9e:fb:13:3c:87:cf:16:ab:ce:e2:b5:
         d9:ef:5a:95:4c:6c:71:38:fa:56:8a:bd:e3:c4:53:24:1d:10:
         45:74:08:ab:d2:24:b3:c1:7d:15:55:f6:24:70:ad:8c:09:de:
         76:e9:6c:c2:c8:f9:95:17:9b:76:4f:cf:96:5c:1b:fa:39:fe:
         59:c7:ea:6f:16:73:ec:2e:89:2e:0f:07:5b:ec:9b:8d:08:6d:
         3b:b0:01:cf:d5:f9:ad:eb:88:a5:d1:10:40:3f:86:87:8e:0b:
         f4:0f:df:e7:d1:37:86:51:cf:6a:c5:d9:7c:55:ad:4b:88:d4:
         92:35:fd:6b:b3:66:c5:fb:00:21:7c:ec:49:4c:8d:e0:db:3b:
         27:ae:ca:07:de:87:23:50:8a:47:49:5b:a0:46:58:bb:92:14:
         03:92:d0:29:70:7c:9d:14:11:63:a1:71:9f:4b:b2:88:12:43:
         2b:a6:f2:4b:7a:9a:0d:2e:97:0e:7f:d6:8d:de:b2:6a:c7:0b:
         d4:82:e9:0c:52:fc:a0:bb:ba:b0:9f:a2:26:b9:4d:6e:8f:be:
         b9:bf:3c:7b:de:b9:50:70:52:73:9c:4a:35:3d:71:44:9f:d6:
         f3:98:1a:13:5e:a9:26:b1:04:ca:13:ec:76:f3:e9:2d:7b:bb:
         b0:9a:b5:9c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBeknhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTQ2YjQyOWY4YzQ5NjExZmNmZWExZWZhMWE1MWI5YzBlZGRiNmU3MB4XDTIyMDQy
OTA4Mzk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM3YjU0ODk2YjY0
NzNiNDQ0NmQ3YWE4NmQxZWEzODY1MTBjNDAyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZfpANmXkY0jGoGdLxoCbjtT+qKxdeaMJ00rJogp6VdpV5l
KfX81q5FRnb7ax0drlhu0roAQh/idM59mg3zF36yvinBvrvYvo1gEyOjRMBUWsS9
RvLl++5ZtK5sCKS0aNgZDbofR17Vh55p+rv81zDRfXuSSzuah/hLNdk8tBozAZNd
hTyWWxOHyHTimNPqnE1uZokqWEsU/7/bhJqU/fzrX4gx9XpA9KTMLF36YXtt6Atm
2XEfkcwVSACYhiQYnfMRmVfqXRBuycxIzX5PpiFXuiIeKHVHqrd4aoDyS+rcqp11
C3BcdUr48Bv9Bw5AZAagyKF2fVhNi9I0+23QetECAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRTe1SJa2RztERteqhtHqOGUQxAJjAfBgNVHSMEGDAWgBQBRrQp+MSWEfz+
oe+hpRucDt225zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FVYTBLZmpFbGhIOF9xSHZvYVVibkE3ZHR1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8x
L1UzdFVpV3RrYzdSRWJYcW9iUjZqaGxFTVFDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
ZTVlMzc5LTY1NmQtNDYyMi1hN2JjLWVhMjZlNzQ2YTBhZC8xL0FVYTBLZmpFbGhI
OF9xSHZvYVVibkE3ZHR1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAR8O3gMEAVkhCgMEAVkhygMEAVkk
mAMEAVkprgMEAVkqsAMEAVkq6gMEAVktQAMEAVktoAMEAF1yjAMEAbzVyDANBgkq
hkiG9w0BAQsFAAOCAQEAGddwgNcbaJ77EzyHzxarzuK12e9alUxscTj6Voq948RT
JB0QRXQIq9Iks8F9FVX2JHCtjAnedulswsj5lRebdk/Pllwb+jn+WcfqbxZz7C6J
Lg8HW+ybjQhtO7ABz9X5reuIpdEQQD+Gh44L9A/f59E3hlHPasXZfFWtS4jUkjX9
a7NmxfsAIXzsSUyN4Ns7J67KB96HI1CKR0lboEZYu5IUA5LQKXB8nRQRY6Fxn0uy
iBJDK6byS3qaDS6XDn/Wjd6yascL1ILpDFL8oLu6sJ+iJrlNbo++ub88e965UHBS
c5xKNT1xRJ/W85gaE16pJrEEyhPsdvPpLXu7sJq1nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:58 2024 by rpki-client on console-ams.rpki-client.org