Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n6zLsVrns2kI1pleKr9ncKOmUjc.roa
File:                     n6zLsVrns2kI1pleKr9ncKOmUjc.roa (raw, json)
Hash identifier:          sQSAAmRBxzQqD7QI2NtTrVJGbYEDpxg3gGC4Pdy3aYE=
Subject key identifier:   9F:AC:CB:B1:5A:E7:B3:69:08:D6:99:5E:2A:BF:67:70:A3:A6:52:37
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       01851C81A1BB47678201AD44DCFFC17AE300
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n6zLsVrns2kI1pleKr9ncKOmUjc.roa
Signing time:             Fri 16 Dec 2022 19:55:35 +0000
ROA not before:           Fri 16 Dec 2022 19:55:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8708
IP address blocks:        217.156.14.0/24 maxlen: 24
                          193.231.226.0/24 maxlen: 24
                          193.231.227.0/24 maxlen: 24
                          193.231.233.0/24 maxlen: 24
                          193.231.236.0/24 maxlen: 24
                          193.231.238.0/24 maxlen: 24
                          217.156.41.0/24 maxlen: 24
                          81.181.112.0/24 maxlen: 24
                          193.231.252.0/24 maxlen: 24
                          80.96.219.0/24 maxlen: 24
                          193.231.184.0/24 maxlen: 24
                          193.231.187.0/24 maxlen: 24
                          193.231.189.0/24 maxlen: 24
                          193.231.188.0/24 maxlen: 24
                          194.102.134.0/24 maxlen: 24
                          193.230.158.0/24 maxlen: 24
                          80.97.149.0/24 maxlen: 24
                          80.97.147.0/24 maxlen: 24
                          80.97.148.0/24 maxlen: 24
                          81.180.27.0/24 maxlen: 24
                          81.181.128.0/24 maxlen: 24
                          194.102.98.0/24 maxlen: 24
                          217.156.92.0/24 maxlen: 24
                          81.181.167.0/24 maxlen: 24
                          80.96.67.0/24 maxlen: 24
                          80.96.72.0/24 maxlen: 24
                          80.96.73.0/24 maxlen: 24
                          80.96.82.0/24 maxlen: 24
                          80.96.79.0/24 maxlen: 24
                          80.96.12.0/24 maxlen: 24
                          81.181.246.0/24 maxlen: 24
                          193.230.217.0/24 maxlen: 24
                          193.230.229.0/24 maxlen: 24
                          194.102.229.0/24 maxlen: 24
                          80.96.43.0/24 maxlen: 24
                          80.96.51.0/24 maxlen: 24
                          80.96.47.0/24 maxlen: 24
                          193.231.108.0/24 maxlen: 24
                          193.226.116.0/24 maxlen: 24
                          193.226.125.0/24 maxlen: 24
                          193.226.127.0/24 maxlen: 24
                          85.120.20.0/24 maxlen: 24
                          85.120.23.0/24 maxlen: 24
                          193.231.75.0/24 maxlen: 24
                          194.153.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1c:81:a1:bb:47:67:82:01:ad:44:dc:ff:c1:7a:e3:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Dec 16 19:55:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9faccbb15ae7b36908d6995e2abf6770a3a65237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:3d:1e:f7:f5:08:c5:c6:4d:05:77:7f:47:f2:
                    3b:43:8c:0d:16:3f:0c:7e:05:53:21:04:8e:35:04:
                    9f:11:35:42:97:c2:e1:83:1c:9e:fc:7c:a1:27:a1:
                    69:68:e7:c2:4b:af:76:7b:a2:17:27:29:3e:ba:c2:
                    da:d3:72:7e:69:87:ef:07:45:5c:c1:51:45:b1:d9:
                    cd:d7:fc:58:c7:65:08:06:8c:81:ac:e3:a9:87:71:
                    7c:b5:f0:f3:58:34:f1:c6:87:19:57:2e:01:28:7c:
                    40:be:0e:50:08:ac:f2:c6:34:b3:24:e7:b7:49:eb:
                    c3:b7:2f:93:f4:5b:52:50:5e:4d:ec:9b:8a:52:3c:
                    ac:7f:fb:2e:8c:a5:e0:54:86:39:24:9e:80:91:fd:
                    01:9e:65:54:79:81:c4:25:38:d2:4c:a5:d4:ef:51:
                    7c:e7:06:92:6d:73:85:22:dc:a6:1d:38:91:2f:f8:
                    2b:b5:65:eb:8b:c2:de:80:3f:3f:14:8e:2c:ba:da:
                    1e:64:70:a1:89:ed:1f:45:4e:8b:28:fe:c6:7c:1e:
                    0a:97:c1:21:c9:93:c1:77:d2:75:84:07:86:e1:93:
                    f6:77:92:3f:55:98:80:b4:db:74:7d:cd:76:a4:6e:
                    ab:0b:15:82:60:16:c4:04:50:bb:7d:11:46:4f:d8:
                    d6:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:AC:CB:B1:5A:E7:B3:69:08:D6:99:5E:2A:BF:67:70:A3:A6:52:37
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/n6zLsVrns2kI1pleKr9ncKOmUjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.12.0/24
                  80.96.43.0/24
                  80.96.47.0/24
                  80.96.51.0/24
                  80.96.67.0/24
                  80.96.72.0/23
                  80.96.79.0/24
                  80.96.82.0/24
                  80.96.219.0/24
                  80.97.147.0-80.97.149.255
                  81.180.27.0/24
                  81.181.112.0/24
                  81.181.128.0/24
                  81.181.167.0/24
                  81.181.246.0/24
                  85.120.20.0/24
                  85.120.23.0/24
                  193.226.116.0/24
                  193.226.125.0/24
                  193.226.127.0/24
                  193.230.158.0/24
                  193.230.217.0/24
                  193.230.229.0/24
                  193.231.75.0/24
                  193.231.108.0/24
                  193.231.184.0/24
                  193.231.187.0-193.231.189.255
                  193.231.226.0/23
                  193.231.233.0/24
                  193.231.236.0/24
                  193.231.238.0/24
                  193.231.252.0/24
                  194.102.98.0/24
                  194.102.134.0/24
                  194.102.229.0/24
                  194.153.224.0/24
                  217.156.14.0/24
                  217.156.41.0/24
                  217.156.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:66:4d:2c:73:78:20:2b:a9:80:6d:97:1b:08:d9:a0:c9:40:
         43:24:64:11:f3:f5:8d:f8:6a:16:47:11:0a:b7:4e:e5:77:ea:
         4a:30:56:08:a8:1b:12:44:d0:a8:5a:11:ac:b7:ff:f4:95:86:
         5c:a6:9c:0d:a2:fc:47:96:8f:88:25:22:07:0c:2e:fe:3d:b0:
         a7:66:90:98:2e:1b:ad:fd:85:01:e4:fc:5d:e2:7b:ce:f3:0e:
         da:a5:87:f4:ad:f4:5f:9a:e7:6c:ea:1b:72:35:b1:9e:57:f6:
         b5:75:26:4d:cd:ff:20:e4:bd:f3:95:da:d0:9e:79:fc:fe:c2:
         ad:cd:8f:49:c8:61:f0:c7:99:1b:cb:1f:c7:23:ab:46:92:dc:
         c8:0a:46:a9:c1:95:3e:6f:ae:b8:35:de:2b:db:80:33:c4:2c:
         59:4f:93:ea:4e:c3:5a:f4:e7:55:d9:89:29:73:60:94:42:b7:
         52:bf:fa:99:27:cc:1d:22:15:fa:fd:14:6c:93:b7:27:17:fa:
         2e:a6:38:9b:0f:67:f6:c6:df:c2:01:4d:35:61:df:23:52:16:
         5a:65:8c:bf:6f:68:ef:01:04:c4:c8:5e:d8:23:24:8e:18:21:
         a2:cd:ec:a9:68:01:a4:45:97:7a:9e:4d:74:09:13:b2:8d:c9:
         50:9c:31:cf
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYUcgaG7R2eCAa1E3P/BeuMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIxMjE2MTk1NTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFjY2JiMTVhZTdiMzY5MDhkNjk5NWUyYWJmNjc3MGEzYTY1MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz0e9/UIxcZNBXd/R/I7Q4wNFj8M
fgVTIQSONQSfETVCl8Lhgxye/HyhJ6FpaOfCS692e6IXJyk+usLa03J+aYfvB0Vc
wVFFsdnN1/xYx2UIBoyBrOOph3F8tfDzWDTxxocZVy4BKHxAvg5QCKzyxjSzJOe3
SevDty+T9FtSUF5N7JuKUjysf/sujKXgVIY5JJ6Akf0BnmVUeYHEJTjSTKXU71F8
5waSbXOFItymHTiRL/grtWXri8LegD8/FI4sutoeZHChie0fRU6LKP7GfB4Kl8Eh
yZPBd9J1hAeG4ZP2d5I/VZiAtNt0fc12pG6rCxWCYBbEBFC7fRFGT9jWJwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFJ+sy7Fa57NpCNaZXiq/Z3CjplI3MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvbjZ6THNWcm5zMmtJMXBsZUtyOW5jS09tVWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQAUGAMAwQAUGArAwQAUGAvAwQAUGAzAwQAUGBDAwQBUGBIAwQAUGBPAwQAUGBS
AwQAUGDbMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtXADBABRtYADBABRtacDBABR
tfYDBABVeBQDBABVeBcDBADB4nQDBADB4n0DBADB4n8DBADB5p4DBADB5tkDBADB
5uUDBADB50sDBADB52wDBADB57gwDAMEAMHnuwMEAcHnvAMEAcHn4gMEAMHn6QME
AMHn7AMEAMHn7gMEAMHn/AMEAMJmYgMEAMJmhgMEAMJm5QMEAMKZ4AMEANmcDgME
ANmcKQMEANmcXDANBgkqhkiG9w0BAQsFAAOCAQEAbGZNLHN4ICupgG2XGwjZoMlA
QyRkEfP1jfhqFkcRCrdO5XfqSjBWCKgbEkTQqFoRrLf/9JWGXKacDaL8R5aPiCUi
Bwwu/j2wp2aQmC4brf2FAeT8XeJ7zvMO2qWH9K30X5rnbOobcjWxnlf2tXUmTc3/
IOS985Xa0J55/P7Crc2PSchh8MeZG8sfxyOrRpLcyApGqcGVPm+uuDXeK9uAM8Qs
WU+T6k7DWvTnVdmJKXNglEK3Ur/6mSfMHSIV+v0UbJO3Jxf6LqY4mw9n9sbfwgFN
NWHfI1IWWmWMv29o7wEExMhe2CMkjhghos3sqWgBpEWXep5NdAkTso3JUJwxzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org