Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/6i7FkJws7WnM0X3KDSoO_FfbA2U.roa
File:                     6i7FkJws7WnM0X3KDSoO_FfbA2U.roa (raw, json)
Hash identifier:          tbdW1OXNbQzjSnPPLOlSzmy9t9bVGWZeV+OFjzd8dXA=
Subject key identifier:   EA:2E:C5:90:9C:2C:ED:69:CC:D1:7D:CA:0D:2A:0E:FC:57:DB:03:65
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018335DE6DFC403E67FEE8B5EE40DDC22E18
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/6i7FkJws7WnM0X3KDSoO_FfbA2U.roa
Signing time:             Tue 13 Sep 2022 08:01:52 +0000
ROA not before:           Tue 13 Sep 2022 08:01:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.64.0/21 maxlen: 24
                          213.176.72.0/22 maxlen: 24
                          213.176.88.0/21 maxlen: 24
                          213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          213.176.20.0/22 maxlen: 24
                          62.60.128.0/21 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.143.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          62.60.152.0/22 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24
                          62.60.224.0/22 maxlen: 24
                          62.60.228.0/22 maxlen: 24
                          62.60.232.0/22 maxlen: 24
                          62.60.236.0/22 maxlen: 24
                          62.60.240.0/22 maxlen: 24
                          62.60.244.0/22 maxlen: 24
                          62.60.248.0/22 maxlen: 24
                          62.60.252.0/22 maxlen: 24
                          62.60.200.0/21 maxlen: 24
                          62.60.208.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:35:de:6d:fc:40:3e:67:fe:e8:b5:ee:40:dd:c2:2e:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Sep 13 08:01:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea2ec5909c2ced69ccd17dca0d2a0efc57db0365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:0e:d6:6e:c9:48:c9:48:50:74:c4:fc:e9:0a:
                    f3:7d:ce:95:42:22:60:6f:9c:55:c4:41:58:9f:40:
                    dc:79:12:70:4c:6f:59:4c:f4:43:12:12:40:7e:7b:
                    13:5f:dc:96:67:49:f6:0c:ac:9d:9a:f8:15:5f:62:
                    05:7f:9f:59:7a:04:cd:0b:30:51:ab:10:39:f2:d3:
                    a8:5a:a2:fc:73:c5:a0:a1:e2:ff:6c:77:04:58:54:
                    76:16:b3:39:cb:bd:08:84:1e:06:9d:5c:af:7a:53:
                    b0:75:ac:a3:e0:4e:37:14:e6:bd:d2:f7:95:06:e3:
                    25:42:76:25:c2:a1:d9:58:b8:71:af:b8:3c:de:ae:
                    d9:e6:a8:c0:95:01:07:c5:bd:4c:59:cc:00:dd:24:
                    66:0d:25:78:67:23:5f:68:0e:0c:2a:60:fd:47:e8:
                    17:80:aa:c3:63:28:ac:cc:6e:95:77:14:bf:78:c4:
                    5d:00:56:db:ad:da:90:f4:9a:c0:24:e7:82:35:72:
                    af:15:77:4d:82:44:5e:f5:31:72:93:ed:bb:d6:66:
                    53:6a:2d:4c:7d:09:d9:6b:81:38:62:0d:92:05:af:
                    86:b7:27:31:b1:59:bb:41:ba:cb:b3:02:16:b0:20:
                    66:ac:75:8d:fa:6b:08:fc:d6:e2:c4:64:69:7a:e7:
                    bb:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:2E:C5:90:9C:2C:ED:69:CC:D1:7D:CA:0D:2A:0E:FC:57:DB:03:65
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/6i7FkJws7WnM0X3KDSoO_FfbA2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.128.0-62.60.137.255
                  62.60.139.0-62.60.143.255
                  62.60.145.0/24
                  62.60.152.0/22
                  62.60.200.0-62.60.211.255
                  62.60.224.0/19
                  213.176.4.0/23
                  213.176.20.0/22
                  213.176.64.0-213.176.75.255
                  213.176.88.0-213.176.96.255
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         48:fd:b8:81:94:21:05:68:33:49:3e:8c:89:4d:30:7f:58:7e:
         4f:58:42:52:8f:0a:7f:e2:2e:ff:ab:a1:7d:5d:e1:23:d1:a2:
         60:ad:4c:63:65:65:e7:7d:63:d2:7d:28:70:14:dc:36:9a:ed:
         be:36:33:19:16:3b:77:79:2c:58:3b:71:40:c2:a2:8c:5d:2d:
         6a:de:10:f7:a9:ad:82:25:96:a4:3f:31:71:08:a4:24:33:87:
         91:a6:18:9e:f1:57:18:cc:02:60:2c:dc:e5:56:35:cc:0c:44:
         71:32:d4:ad:f6:b1:97:00:dc:2b:e0:d4:99:f0:aa:58:14:57:
         6c:75:4c:98:b9:be:aa:50:cd:42:4e:f0:82:b1:b7:bc:28:af:
         59:5f:6c:f0:a2:00:22:2a:09:90:6e:59:12:06:be:4f:bb:16:
         d5:16:68:13:69:af:35:a0:52:84:32:91:e7:0d:d0:ce:f0:91:
         ed:ff:44:ec:f0:81:0a:3f:d8:23:e4:15:93:cc:1a:79:a2:09:
         72:bb:96:64:db:29:1d:08:21:db:77:40:08:07:08:6d:52:de:
         f0:ac:f1:e5:66:59:6f:6b:aa:9c:b1:b0:14:ba:03:4d:a3:33:
         a7:fa:55:32:be:ab:3d:2b:76:53:aa:07:ad:41:7e:9d:d7:15:
         57:55:c9:af
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYM13m38QD5n/ui17kDdwi4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIwOTEzMDgwMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTJlYzU5MDljMmNlZDY5Y2NkMTdkY2EwZDJhMGVmYzU3ZGIwMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw7WbslIyUhQdMT86Qrzfc6VQiJg
b5xVxEFYn0DceRJwTG9ZTPRDEhJAfnsTX9yWZ0n2DKydmvgVX2IFf59ZegTNCzBR
qxA58tOoWqL8c8WgoeL/bHcEWFR2FrM5y70IhB4GnVyvelOwdayj4E43FOa90veV
BuMlQnYlwqHZWLhxr7g83q7Z5qjAlQEHxb1MWcwA3SRmDSV4ZyNfaA4MKmD9R+gX
gKrDYyiszG6VdxS/eMRdAFbbrdqQ9JrAJOeCNXKvFXdNgkRe9TFyk+271mZTai1M
fQnZa4E4Yg2SBa+GtycxsVm7QbrLswIWsCBmrHWN+msI/NbixGRpeue7iQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFOouxZCcLO1pzNF9yg0qDvxX2wNlMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvNmk3RmtKd3M3V25NMFgzS0RTb09fRmZiQTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcjAMAwQHPjyA
AwQBPjyIMAwDBAA+PIsDBAQ+PIADBAA+PJEDBAI+PJgwDAMEAz48yAMEAj480AME
BT484AMEAdWwBAMEAtWwFDAMAwQG1bBAAwQC1bBIMAwDBAPVsFgDBADVsGAwDAME
AdWwegMEAdWwfDANBgkqhkiG9w0BAQsFAAOCAQEASP24gZQhBWgzST6MiU0wf1h+
T1hCUo8Kf+Iu/6uhfV3hI9GiYK1MY2Vl531j0n0ocBTcNprtvjYzGRY7d3ksWDtx
QMKijF0tat4Q96mtgiWWpD8xcQikJDOHkaYYnvFXGMwCYCzc5VY1zAxEcTLUrfax
lwDcK+DUmfCqWBRXbHVMmLm+qlDNQk7wgrG3vCivWV9s8KIAIioJkG5ZEga+T7sW
1RZoE2mvNaBShDKR5w3QzvCR7f9E7PCBCj/YI+QVk8waeaIJcruWZNspHQgh23dA
CAcIbVLe8Kzx5WZZb2uqnLGwFLoDTaMzp/pVMr6rPSt2U6oHrUF+ndcVV1XJrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org