Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/0q2CfJesNM7oJisZMMylCECy1t0.roa
File:                     0q2CfJesNM7oJisZMMylCECy1t0.roa (raw, json)
Hash identifier:          eEwAvSKR/uJLxbepjm2RnE5h06ekdYQeuPyt6b2Z9uA=
Subject key identifier:   D2:AD:82:7C:97:AC:34:CE:E8:26:2B:19:30:CC:A5:08:40:B2:D6:DD
Certificate issuer:       /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial:       0458107E
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/0q2CfJesNM7oJisZMMylCECy1t0.roa
Signing time:             Sat 01 Jan 2022 06:01:10 +0000
ROA not before:           Sat 01 Jan 2022 06:01:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47787
IP address blocks:        188.93.192.0/21 maxlen: 24
                          188.93.198.0/24 maxlen: 24
                          188.93.199.0/24 maxlen: 24
                          185.112.251.0/24 maxlen: 24
                          185.166.144.0/24 maxlen: 24
                          2a0d:82c0::/29 maxlen: 48
                          2001:b18::/32 maxlen: 48
                          2a11:c00::/29 maxlen: 48
                          2a0f:8900::/29 maxlen: 29
                          2a0d:82c7:9::/48 maxlen: 48
                          2a0f:d300::/29 maxlen: 29
                          2a0e:5f00::/29 maxlen: 48
                          2a0b:e740::/29 maxlen: 29
                          2a0f:7700::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72880254 (0x458107e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
        Validity
            Not Before: Jan  1 06:01:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2ad827c97ac34cee8262b1930cca50840b2d6dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e7:2e:fb:a5:7d:17:28:ef:cb:f2:49:5b:dd:
                    1f:0c:04:a4:e2:64:d1:29:ca:c4:6d:a8:47:0e:2d:
                    59:97:30:b8:75:f2:d8:e9:43:5f:af:49:0a:ec:16:
                    72:e9:3a:01:8b:d8:d2:b3:e1:96:74:b6:a2:41:a9:
                    78:92:17:ee:11:3e:6f:b7:3f:5c:89:76:e6:3e:32:
                    13:52:67:77:16:7e:f1:b9:7c:05:b6:4f:74:17:77:
                    1e:97:d2:b4:fd:50:ec:aa:db:e2:da:a2:49:80:f4:
                    6a:51:9d:2e:c5:d8:ac:85:3b:bc:c0:f9:6f:9e:ea:
                    17:3b:bc:73:20:04:98:92:4d:1e:7a:0d:1b:b8:c5:
                    bf:ed:41:95:ba:0d:43:e5:7c:6b:03:96:f1:fd:15:
                    5a:83:5d:31:fa:68:ab:5b:86:ef:5b:d2:44:02:71:
                    04:a8:dc:69:e7:a3:8c:a6:8a:13:86:4b:dc:9f:bb:
                    08:c2:97:99:d7:bb:fc:c7:c0:9a:da:1d:73:b5:4f:
                    1c:ea:38:7b:0e:3b:de:64:09:34:e3:8e:3c:ee:7d:
                    bf:2f:10:d2:41:a2:88:b9:d7:0f:79:ea:50:74:2f:
                    29:6e:1b:49:63:22:5b:57:c4:12:26:6d:1a:b3:72:
                    8f:b0:bb:92:12:79:a6:e6:9d:b1:dd:fa:e7:25:17:
                    8c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:AD:82:7C:97:AC:34:CE:E8:26:2B:19:30:CC:A5:08:40:B2:D6:DD
            X509v3 Authority Key Identifier:
                keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/0q2CfJesNM7oJisZMMylCECy1t0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.112.251.0/24
                  185.166.144.0/24
                  188.93.192.0/21
                IPv6:
                  2001:b18::/32
                  2a0b:e740::/29
                  2a0d:82c0::/29
                  2a0e:5f00::/29
                  2a0f:7700::/29
                  2a0f:8900::/29
                  2a0f:d300::/29
                  2a11:c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         22:ff:51:6f:c6:0d:df:51:39:ae:db:70:84:54:ad:0f:2b:93:
         07:5c:19:22:48:c0:08:0f:f5:8d:c4:1a:a6:73:09:a4:3a:f1:
         e6:e9:3c:2d:09:d2:22:54:57:66:1c:24:f0:d3:1c:3f:a7:36:
         25:6e:2e:f3:ba:3f:b6:23:01:6b:56:76:55:8c:e8:2c:c6:8e:
         53:3d:c6:ca:fd:c9:3f:dd:47:a6:9a:19:73:69:5e:40:2c:a6:
         bd:d2:c7:c3:92:47:59:e9:25:76:d3:3d:d8:e2:5c:a6:c6:75:
         c8:44:12:a4:dd:db:46:97:6b:3b:df:97:8b:da:0c:7e:78:5a:
         85:87:54:f0:84:c4:9d:29:ef:f1:c6:f5:45:35:27:50:36:0d:
         6b:46:c7:0d:0d:40:c5:13:4e:ae:01:9e:14:6f:fc:30:94:82:
         73:76:f8:ab:2d:e3:40:27:62:db:9b:b9:60:15:d5:20:58:9b:
         7d:ac:e9:49:48:1a:c0:20:a1:a6:bf:81:fc:55:14:43:02:79:
         12:2a:fa:83:a1:b9:7d:0a:ff:14:07:b8:f7:41:29:b6:e4:85:
         28:bc:3a:ab:32:ce:14:eb:8a:b7:f5:f9:68:01:1a:34:a8:79:
         07:6f:69:7d:cc:d9:58:4f:f8:7e:69:23:2f:11:a2:78:ce:ef:
         df:c8:ec:c6
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEBFgQfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzlmNWNhOGMzM2YxMzRjM2MxNTdkNDhiOWMyYWU0ZTkxYjYzMGJmMB4XDTIyMDEw
MTA2MDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJhZDgyN2M5N2Fj
MzRjZWU4MjYyYjE5MzBjY2E1MDg0MGIyZDZkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANznLvulfRco78vySVvdHwwEpOJk0SnKxG2oRw4tWZcwuHXy
2OlDX69JCuwWcuk6AYvY0rPhlnS2okGpeJIX7hE+b7c/XIl25j4yE1JndxZ+8bl8
BbZPdBd3HpfStP1Q7Krb4tqiSYD0alGdLsXYrIU7vMD5b57qFzu8cyAEmJJNHnoN
G7jFv+1BlboNQ+V8awOW8f0VWoNdMfpoq1uG71vSRAJxBKjcaeejjKaKE4ZL3J+7
CMKXmde7/MfAmtodc7VPHOo4ew473mQJNOOOPO59vy8Q0kGiiLnXD3nqUHQvKW4b
SWMiW1fEEiZtGrNyj7C7khJ5puadsd365yUXjAsCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBTSrYJ8l6w0zugmKxkwzKUIQLLW3TAfBgNVHSMEGDAWgBSXn1yowz8TTDwV
fUi5wq5OkbYwvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w1OWNxTU1fRTB3OEZYMUl1Y0t1VHBHMk1MOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvZjY1NjEwLTU5ZjYtNGFkNi1hOWQ4LTE0NzBhYzM2NGRkMi8x
LzBxMkNmSmVzTk03b0ppc1pNTXlsQ0VDeTF0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
ZjY1NjEwLTU5ZjYtNGFkNi1hOWQ4LTE0NzBhYzM2NGRkMi8xL2w1OWNxTU1fRTB3
OEZYMUl1Y0t1VHBHMk1MOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowGAQCAAEwEgMEALlw+wMEALmmkAMEA7xdwDA+BAIA
AjA4AwUAIAELGAMFAyoL50ADBQMqDYLAAwUDKg5fAAMFAyoPdwADBQMqD4kAAwUD
Kg/TAAMFAyoRDAAwDQYJKoZIhvcNAQELBQADggEBACL/UW/GDd9ROa7bcIRUrQ8r
kwdcGSJIwAgP9Y3EGqZzCaQ68ebpPC0J0iJUV2YcJPDTHD+nNiVuLvO6P7YjAWtW
dlWM6CzGjlM9xsr9yT/dR6aaGXNpXkAspr3Sx8OSR1npJXbTPdjiXKbGdchEEqTd
20aXazvfl4vaDH54WoWHVPCExJ0p7/HG9UU1J1A2DWtGxw0NQMUTTq4BnhRv/DCU
gnN2+Kst40AnYtubuWAV1SBYm32s6UlIGsAgoaa/gfxVFEMCeRIq+oOhuX0K/xQH
uPdBKbbkhSi8OqsyzhTrirf1+WgBGjSoeQdvaX3M2VhP+H5pIy8RonjO79/I7MY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:29 2024 by rpki-client on console-fra.rpki-client.org