Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/5vLvaunuqbaBKVVq0De0KctwwbM.roa
File:                     5vLvaunuqbaBKVVq0De0KctwwbM.roa (raw, json)
Hash identifier:          1gfMyfGysFnzUK63LRSytFGY/u/7R7J8Q4kNw5HmWas=
Subject key identifier:   E6:F2:EF:6A:E9:EE:A9:B6:81:29:55:6A:D0:37:B4:29:CB:70:C1:B3
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1B4DBD88
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/5vLvaunuqbaBKVVq0De0KctwwbM.roa
Signing time:             Fri 27 May 2022 12:33:13 +0000
ROA not before:           Fri 27 May 2022 12:33:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8708
IP address blocks:        217.156.14.0/24 maxlen: 24
                          193.231.226.0/24 maxlen: 24
                          193.231.227.0/24 maxlen: 24
                          193.231.233.0/24 maxlen: 24
                          193.231.236.0/24 maxlen: 24
                          193.231.238.0/24 maxlen: 24
                          217.156.41.0/24 maxlen: 24
                          81.181.112.0/24 maxlen: 24
                          193.231.252.0/24 maxlen: 24
                          80.96.219.0/24 maxlen: 24
                          193.231.184.0/24 maxlen: 24
                          193.231.187.0/24 maxlen: 24
                          193.231.188.0/24 maxlen: 24
                          193.231.189.0/24 maxlen: 24
                          194.102.134.0/24 maxlen: 24
                          80.97.149.0/24 maxlen: 24
                          80.97.147.0/24 maxlen: 24
                          80.97.148.0/24 maxlen: 24
                          81.180.27.0/24 maxlen: 24
                          81.181.128.0/24 maxlen: 24
                          81.181.167.0/24 maxlen: 24
                          80.96.67.0/24 maxlen: 24
                          80.96.72.0/24 maxlen: 24
                          80.96.73.0/24 maxlen: 24
                          80.96.79.0/24 maxlen: 24
                          80.96.12.0/24 maxlen: 24
                          193.230.217.0/24 maxlen: 24
                          194.102.229.0/24 maxlen: 24
                          80.96.51.0/24 maxlen: 24
                          80.96.47.0/24 maxlen: 24
                          193.231.108.0/24 maxlen: 24
                          193.226.116.0/24 maxlen: 24
                          193.226.125.0/24 maxlen: 24
                          193.226.127.0/24 maxlen: 24
                          194.153.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 458079624 (0x1b4dbd88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: May 27 12:33:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e6f2ef6ae9eea9b68129556ad037b429cb70c1b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6d:e6:1a:26:69:f7:1c:86:84:14:ac:28:1e:
                    ec:79:50:e0:ca:a3:c5:b9:b9:df:fd:eb:ec:1a:f1:
                    f1:18:74:e7:3b:3e:da:57:bc:3c:3d:10:79:43:5a:
                    43:17:e6:ce:61:3d:15:d4:40:83:2d:25:45:2d:ae:
                    52:8f:c2:cd:f9:70:57:81:95:f4:0f:58:9a:08:e9:
                    85:15:3d:5f:b1:42:96:d2:89:f9:4e:9a:8d:23:d2:
                    6a:27:1f:d7:0a:f6:8c:d0:b0:af:52:f3:ba:dd:c5:
                    31:50:8d:c0:21:93:a6:95:68:70:22:3b:ac:ff:8a:
                    7a:79:12:77:4d:a1:28:f6:7d:58:5c:99:5b:24:36:
                    d9:e4:ef:10:bf:75:73:6c:a4:b5:7a:01:33:10:94:
                    ba:95:e0:66:33:3f:83:61:2a:19:e7:be:47:00:30:
                    f6:5a:1c:d7:0b:29:5c:f0:61:93:25:bd:81:0c:0c:
                    38:ce:4e:3b:16:63:00:de:99:cd:d5:e0:93:af:ca:
                    29:2e:c5:36:bb:54:16:6c:7b:af:67:d9:7a:e1:8f:
                    15:86:a3:21:17:8b:e5:3a:01:ec:60:02:e7:2d:ae:
                    28:07:88:08:ff:37:96:f5:f6:cc:39:36:fe:c3:55:
                    f8:e5:0e:42:2f:0d:c2:df:b2:49:61:b0:35:0e:69:
                    3d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:F2:EF:6A:E9:EE:A9:B6:81:29:55:6A:D0:37:B4:29:CB:70:C1:B3
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/5vLvaunuqbaBKVVq0De0KctwwbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.12.0/24
                  80.96.47.0/24
                  80.96.51.0/24
                  80.96.67.0/24
                  80.96.72.0/23
                  80.96.79.0/24
                  80.96.219.0/24
                  80.97.147.0-80.97.149.255
                  81.180.27.0/24
                  81.181.112.0/24
                  81.181.128.0/24
                  81.181.167.0/24
                  193.226.116.0/24
                  193.226.125.0/24
                  193.226.127.0/24
                  193.230.217.0/24
                  193.231.108.0/24
                  193.231.184.0/24
                  193.231.187.0-193.231.189.255
                  193.231.226.0/23
                  193.231.233.0/24
                  193.231.236.0/24
                  193.231.238.0/24
                  193.231.252.0/24
                  194.102.134.0/24
                  194.102.229.0/24
                  194.153.224.0/24
                  217.156.14.0/24
                  217.156.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:b1:d8:ea:ac:3e:14:9e:ef:f6:cd:88:c3:22:81:da:8a:18:
         f1:a1:7b:de:95:f8:29:be:77:25:e4:3b:bf:9b:1e:dc:6d:c5:
         48:be:64:69:f7:2c:4d:b4:3c:e4:87:3d:04:35:84:25:20:99:
         a1:d2:8f:be:f4:fd:8a:b1:ba:b0:12:5b:6f:d7:68:1b:b7:3d:
         05:b6:c9:41:26:69:3b:70:93:e7:8c:5d:86:1c:e0:e1:de:03:
         a4:29:b7:c3:36:92:b2:24:b2:d0:43:ca:08:8b:e6:04:a0:9c:
         b2:11:f3:e1:b2:45:dd:a3:77:87:e6:2e:ce:35:40:5a:f1:e3:
         38:ac:bf:05:17:51:99:bb:c2:14:b7:71:19:cc:66:fc:d0:4a:
         67:f0:96:35:a8:39:8c:37:ce:91:37:9c:fe:4f:60:b7:da:e3:
         d2:2a:0b:b6:47:55:a4:80:8e:73:50:29:80:96:37:ec:a4:f0:
         64:61:45:2b:a1:6c:bd:44:68:c8:9e:39:47:53:cd:e8:35:4d:
         6e:85:bd:fe:d8:db:d3:78:cc:8a:a8:e2:2b:80:a0:0a:72:a1:
         c6:37:47:c8:9f:83:2a:7d:dc:9f:10:d7:16:85:08:d3:40:fa:
         c6:4d:3b:a0:9d:6e:57:9a:bf:33:b1:cd:54:f3:38:0c:6e:2f:
         68:cf:2d:79
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIEG029iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDUy
NzEyMzMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZmMmVmNmFlOWVl
YTliNjgxMjk1NTZhZDAzN2I0MjljYjcwYzFiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVt5homafcchoQUrCge7HlQ4Mqjxbm53/3r7Brx8Rh05zs+
2le8PD0QeUNaQxfmzmE9FdRAgy0lRS2uUo/CzflwV4GV9A9YmgjphRU9X7FCltKJ
+U6ajSPSaicf1wr2jNCwr1Lzut3FMVCNwCGTppVocCI7rP+KenkSd02hKPZ9WFyZ
WyQ22eTvEL91c2yktXoBMxCUupXgZjM/g2EqGee+RwAw9loc1wspXPBhkyW9gQwM
OM5OOxZjAN6ZzdXgk6/KKS7FNrtUFmx7r2fZeuGPFYajIReL5ToB7GAC5y2uKAeI
CP83lvX2zDk2/sNV+OUOQi8Nwt+ySWGwNQ5pPQUCAwEAAaOCAsYwggLCMB0GA1Ud
DgQWBBTm8u9q6e6ptoEpVWrQN7Qpy3DBszAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
LzV2THZhdW51cWJhQktWVnEwRGUwS2N0d3diTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2wYIKwYBBQUHAQcBAf8EgcswgcgwgcUEAgABMIG+AwQAUGAMAwQAUGAvAwQAUGAz
AwQAUGBDAwQBUGBIAwQAUGBPAwQAUGDbMAwDBABQYZMDBAFQYZQDBABRtBsDBABR
tXADBABRtYADBABRtacDBADB4nQDBADB4n0DBADB4n8DBADB5tkDBADB52wDBADB
57gwDAMEAMHnuwMEAcHnvAMEAcHn4gMEAMHn6QMEAMHn7AMEAMHn7gMEAMHn/AME
AMJmhgMEAMJm5QMEAMKZ4AMEANmcDgMEANmcKTANBgkqhkiG9w0BAQsFAAOCAQEA
MrHY6qw+FJ7v9s2IwyKB2ooY8aF73pX4Kb53JeQ7v5se3G3FSL5kafcsTbQ85Ic9
BDWEJSCZodKPvvT9irG6sBJbb9doG7c9BbbJQSZpO3CT54xdhhzg4d4DpCm3wzaS
siSy0EPKCIvmBKCcshHz4bJF3aN3h+YuzjVAWvHjOKy/BRdRmbvCFLdxGcxm/NBK
Z/CWNag5jDfOkTec/k9gt9rj0ioLtkdVpICOc1ApgJY37KTwZGFFK6FsvURoyJ45
R1PN6DVNboW9/tjb03jMiqjiK4CgCnKhxjdHyJ+DKn3cnxDXFoUI00D6xk07oJ1u
V5q/M7HNVPM4DG4vaM8teQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org