Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa
File:                     ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa (raw, json)
Hash identifier:          S+rsDN21T5HQ9Vd7JtJ8LR+FeCvCNrxw1sf2M8lrUok=
Subject key identifier:   76:CF:A6:75:BF:D8:1D:BF:CC:88:CD:FF:7E:64:6E:3A:D0:35:8C:AE
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1AE2E9E4
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa
Signing time:             Fri 29 Apr 2022 18:08:40 +0000
ROA not before:           Fri 29 Apr 2022 18:08:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8708
IP address blocks:        217.156.14.0/24 maxlen: 24
                          80.96.67.0/24 maxlen: 24
                          193.231.227.0/24 maxlen: 24
                          193.231.233.0/24 maxlen: 24
                          80.96.79.0/24 maxlen: 24
                          193.231.236.0/24 maxlen: 24
                          193.231.238.0/24 maxlen: 24
                          193.231.252.0/24 maxlen: 24
                          80.96.12.0/24 maxlen: 24
                          193.231.184.0/24 maxlen: 24
                          193.231.187.0/24 maxlen: 24
                          193.231.188.0/24 maxlen: 24
                          193.231.189.0/24 maxlen: 24
                          194.102.229.0/24 maxlen: 24
                          80.96.47.0/24 maxlen: 24
                          194.102.134.0/24 maxlen: 24
                          80.97.149.0/24 maxlen: 24
                          80.97.147.0/24 maxlen: 24
                          80.97.148.0/24 maxlen: 24
                          81.180.27.0/24 maxlen: 24
                          193.226.116.0/24 maxlen: 24
                          81.181.128.0/24 maxlen: 24
                          81.181.167.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 451078628 (0x1ae2e9e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Apr 29 18:08:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76cfa675bfd81dbfcc88cdff7e646e3ad0358cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:84:1f:ed:a6:09:3c:67:05:ae:f6:41:14:e2:
                    dd:f9:b0:f6:8e:b4:71:2e:bf:7c:b5:bd:76:1f:53:
                    e7:b6:65:4d:1f:80:f8:bd:6c:25:c7:ef:22:af:4a:
                    13:7d:74:d6:e7:52:67:8d:04:b2:4c:84:57:f9:2a:
                    0c:d4:89:6f:31:cf:57:d4:26:26:5a:a4:3d:bc:e9:
                    93:8b:d3:05:a8:79:e3:87:8a:2f:a8:28:a6:32:67:
                    76:07:42:b6:73:bc:2c:1c:b8:e1:ab:74:21:49:72:
                    fc:33:b7:b3:7f:04:ab:aa:88:28:c0:b6:32:02:2f:
                    12:27:75:ac:6c:ef:f8:5f:1b:a0:4c:83:0b:8b:d2:
                    4d:32:40:39:48:ed:67:0f:c5:5e:35:23:9a:5b:c9:
                    28:20:15:30:e9:49:84:17:32:8e:bd:b5:95:24:fd:
                    e7:1d:3e:b7:56:07:d1:fc:74:0b:fa:83:6a:48:0c:
                    19:fd:a8:0b:89:1d:cd:b4:75:fc:8e:3f:73:7a:fe:
                    02:84:c1:04:55:ed:04:5d:42:db:ad:3d:b1:d2:62:
                    b9:b8:4f:c5:54:5d:3c:b2:58:ec:29:c5:32:80:d9:
                    8c:60:9e:21:74:c5:01:48:c3:15:1a:a5:b2:d7:98:
                    06:01:95:c5:1a:2b:7f:60:f0:60:f2:f0:ef:1b:77:
                    8f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:CF:A6:75:BF:D8:1D:BF:CC:88:CD:FF:7E:64:6E:3A:D0:35:8C:AE
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ds-mdb_YHb_MiM3_fmRuOtA1jK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.12.0/24
                  80.96.47.0/24
                  80.96.67.0/24
                  80.96.79.0/24
                  80.97.147.0-80.97.149.255
                  81.180.27.0/24
                  81.181.128.0/24
                  81.181.167.0/24
                  193.226.116.0/24
                  193.231.184.0/24
                  193.231.187.0-193.231.189.255
                  193.231.227.0/24
                  193.231.233.0/24
                  193.231.236.0/24
                  193.231.238.0/24
                  193.231.252.0/24
                  194.102.134.0/24
                  194.102.229.0/24
                  217.156.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:8f:e9:f9:03:a3:36:e0:54:c4:f4:96:93:a9:33:41:fd:d7:
         67:c7:33:f4:99:fa:76:b0:23:3c:e2:f9:8c:43:6b:d8:20:59:
         c4:6d:2b:85:36:fe:8a:a4:39:43:25:b2:37:6e:f6:23:32:d8:
         a9:a3:3b:3f:45:cf:87:12:0d:32:e3:59:c5:43:0d:ce:74:65:
         b5:3c:1d:40:9e:1c:37:c7:48:23:c1:8b:15:c1:53:e0:8a:39:
         f2:ec:41:c3:f9:59:01:d9:b5:35:f5:eb:38:6b:87:7b:06:82:
         0c:8c:2a:74:9f:bf:2e:e8:25:2f:68:7c:a5:4e:f3:11:bd:7a:
         39:53:02:06:21:19:90:c9:8b:67:80:73:da:f4:c7:d8:91:6c:
         67:b8:cb:5e:80:0d:00:34:d1:86:a4:59:b9:c3:1c:71:22:d2:
         e7:75:d5:0e:f9:ac:08:f0:a7:32:32:5a:9a:48:9c:71:b7:9c:
         c0:3d:d6:1a:80:89:7f:47:04:47:5e:98:03:31:a8:54:a9:2b:
         a7:a5:08:c5:cc:7f:13:cb:0d:c2:2d:f8:0a:6d:e5:ea:72:71:
         03:ce:b0:dd:1b:56:b0:17:cc:79:65:a5:4a:e3:18:dc:29:fc:
         41:d1:b9:88:e0:87:4d:86:f6:ca:f9:47:a8:c5:d5:fd:a8:3a:
         ed:13:09:ba
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIEGuLp5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDQy
OTE4MDg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjZmE2NzViZmQ4
MWRiZmNjODhjZGZmN2U2NDZlM2FkMDM1OGNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+EH+2mCTxnBa72QRTi3fmw9o60cS6/fLW9dh9T57ZlTR+A
+L1sJcfvIq9KE3101udSZ40EskyEV/kqDNSJbzHPV9QmJlqkPbzpk4vTBah544eK
L6gopjJndgdCtnO8LBy44at0IUly/DO3s38Eq6qIKMC2MgIvEid1rGzv+F8boEyD
C4vSTTJAOUjtZw/FXjUjmlvJKCAVMOlJhBcyjr21lST95x0+t1YH0fx0C/qDakgM
Gf2oC4kdzbR1/I4/c3r+AoTBBFXtBF1C2609sdJiubhPxVRdPLJY7CnFMoDZjGCe
IXTFAUjDFRqlsteYBgGVxRorf2DwYPLw7xt3j/MCAwEAAaOCAoowggKGMB0GA1Ud
DgQWBBR2z6Z1v9gdv8yIzf9+ZG460DWMrjAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L2RzLW1kYl9ZSGJfTWlNM19mbVJ1T3RBMWpLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nwYIKwYBBQUHAQcBAf8EgY8wgYwwgYkEAgABMIGCAwQAUGAMAwQAUGAvAwQAUGBD
AwQAUGBPMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtYADBABRtacDBADB4nQDBADB
57gwDAMEAMHnuwMEAcHnvAMEAMHn4wMEAMHn6QMEAMHn7AMEAMHn7gMEAMHn/AME
AMJmhgMEAMJm5QMEANmcDjANBgkqhkiG9w0BAQsFAAOCAQEAHo/p+QOjNuBUxPSW
k6kzQf3XZ8cz9Jn6drAjPOL5jENr2CBZxG0rhTb+iqQ5QyWyN272IzLYqaM7P0XP
hxINMuNZxUMNznRltTwdQJ4cN8dII8GLFcFT4Io58uxBw/lZAdm1NfXrOGuHewaC
DIwqdJ+/LuglL2h8pU7zEb16OVMCBiEZkMmLZ4Bz2vTH2JFsZ7jLXoANADTRhqRZ
ucMccSLS53XVDvmsCPCnMjJamkiccbecwD3WGoCJf0cER16YAzGoVKkrp6UIxcx/
E8sNwi34Cm3l6nJxA86w3RtWsBfMeWWlSuMY3Cn8QdG5iOCHTYb2yvlHqMXV/ag6
7RMJug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org