Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-ddJ-x1H58kSLuoe5E2IU3RaSLc.roa
File:                     1-ddJ-x1H58kSLuoe5E2IU3RaSLc.roa (raw, json)
Hash identifier:          DR315eWt+jwQW87i1bfYltcQMyR1iCO5I3h/FlDDeUo=
Subject key identifier:   F9:D7:49:FB:1D:47:E7:C9:12:2E:EA:1E:E4:4D:88:53:74:5A:48:B7
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A6278BB
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-ddJ-x1H58kSLuoe5E2IU3RaSLc.roa
Signing time:             Sat 01 Jan 2022 14:56:37 +0000
ROA not before:           Sat 01 Jan 2022 14:56:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204650
IP address blocks:        5.160.77.0/24 maxlen: 24
                          46.209.56.0/23 maxlen: 23
                          5.160.215.0/24 maxlen: 24
                          46.209.214.0/24 maxlen: 24
                          77.237.66.0/23 maxlen: 23
                          46.209.134.0/24 maxlen: 24
                          46.209.134.0/23 maxlen: 23
                          46.209.133.0/24 maxlen: 24
                          5.160.208.0/23 maxlen: 23
                          5.160.111.0/24 maxlen: 24
                          5.160.110.0/24 maxlen: 24
                          5.160.110.0/23 maxlen: 23
                          5.160.131.0/24 maxlen: 24
                          5.160.130.0/23 maxlen: 23
                          5.160.130.0/24 maxlen: 24
                          46.209.108.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 979531963 (0x3a6278bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f9d749fb1d47e7c9122eea1ee44d8853745a48b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6a:ff:42:4a:06:02:f8:f6:ff:15:3f:42:36:
                    84:6e:7e:cf:ed:49:eb:8b:b7:b5:2d:6e:5f:3e:c6:
                    fe:08:29:10:18:e0:40:70:0d:0b:e6:9a:26:a9:0f:
                    ce:0d:6e:22:af:4c:2f:5c:05:e5:7f:d8:08:95:2a:
                    96:a5:72:bb:60:c3:0c:ce:d0:22:ba:c6:e1:bd:ff:
                    ea:a0:3b:40:5d:32:35:46:17:c9:49:56:e8:c1:bc:
                    dc:f8:6f:24:e1:64:01:51:f5:ae:2c:e4:5e:b7:4c:
                    b6:0c:02:18:7f:ac:6c:26:79:44:7f:af:6c:74:0f:
                    6f:4c:b2:6c:7d:8f:46:22:53:d6:c3:1b:f7:21:4d:
                    95:f8:91:4a:a6:d3:db:cf:eb:34:66:77:6a:75:d3:
                    b7:c8:90:94:27:53:d4:f0:9e:37:5b:4c:b4:ec:c8:
                    0d:96:b1:65:93:4a:17:64:eb:be:fc:95:d5:e4:5b:
                    0b:3f:c4:e8:0f:79:91:a7:44:9f:1e:d5:99:9e:d0:
                    fc:7a:5b:13:88:c9:6a:70:d4:0a:c9:59:1f:22:b7:
                    9e:fb:3d:78:1d:00:42:31:98:55:f4:8c:c4:a1:4d:
                    21:40:a4:c3:5c:de:2e:90:09:42:b6:28:f3:ed:a1:
                    8b:2c:88:da:a7:cf:cd:9d:b8:6c:1f:41:0a:76:1f:
                    ac:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:D7:49:FB:1D:47:E7:C9:12:2E:EA:1E:E4:4D:88:53:74:5A:48:B7
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-ddJ-x1H58kSLuoe5E2IU3RaSLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.77.0/24
                  5.160.110.0/23
                  5.160.130.0/23
                  5.160.208.0/23
                  5.160.215.0/24
                  46.209.56.0/23
                  46.209.108.0/22
                  46.209.133.0-46.209.135.255
                  46.209.214.0/24
                  77.237.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:b3:9d:eb:aa:d1:a4:38:84:f4:92:2e:06:d7:1c:fd:ab:0c:
         ec:eb:f4:23:44:4f:30:14:f1:ed:14:55:47:b3:c9:c4:ea:ef:
         4d:8d:15:82:a9:fe:b6:64:a1:df:ea:b3:1e:c3:e0:53:22:70:
         1a:e7:bc:91:ec:fa:2d:0f:9f:80:63:49:c0:7f:83:cc:be:56:
         5f:ea:6d:4a:77:8a:cc:61:a1:36:84:09:cd:c9:39:49:2b:3e:
         55:a3:cc:cd:d8:39:52:d7:31:e8:44:96:a9:1a:e6:39:6a:6b:
         31:a2:c7:05:cd:e5:28:4e:4f:2a:5d:e6:bd:f6:4d:41:f1:f0:
         58:89:d7:7e:d3:37:31:29:27:98:0e:47:26:17:1c:89:d1:83:
         9a:d6:92:97:c3:3a:15:1d:24:eb:bd:ce:4b:b2:2b:7b:6b:9d:
         4e:fa:45:e1:32:ff:4c:c2:d0:b0:5e:2f:ad:e0:ee:c0:e7:18:
         9d:16:fe:74:55:ca:a7:b6:d7:cd:8c:09:7c:88:03:b4:c7:83:
         df:5c:6d:1b:bb:50:f9:5a:80:cb:82:e9:02:6e:74:93:56:ec:
         84:ce:71:c7:62:5d:9b:a1:5b:9a:b1:8f:63:9b:c1:1a:c4:59:
         b2:ab:8d:06:74:32:b7:47:45:a4:49:43:26:21:bb:ff:e4:6c:
         f7:e1:14:25
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEOmJ4uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlkNzQ5ZmIxZDQ3
ZTdjOTEyMmVlYTFlZTQ0ZDg4NTM3NDVhNDhiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5q/0JKBgL49v8VP0I2hG5+z+1J64u3tS1uXz7G/ggpEBjg
QHANC+aaJqkPzg1uIq9ML1wF5X/YCJUqlqVyu2DDDM7QIrrG4b3/6qA7QF0yNUYX
yUlW6MG83PhvJOFkAVH1rizkXrdMtgwCGH+sbCZ5RH+vbHQPb0yybH2PRiJT1sMb
9yFNlfiRSqbT28/rNGZ3anXTt8iQlCdT1PCeN1tMtOzIDZaxZZNKF2TrvvyV1eRb
Cz/E6A95kadEnx7VmZ7Q/HpbE4jJanDUCslZHyK3nvs9eB0AQjGYVfSMxKFNIUCk
w1zeLpAJQrYo8+2hiyyI2qfPzZ24bB9BCnYfrI0CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBT510n7HUfnyRIu6h7kTYhTdFpItzAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzEtZGRKLXgxSDU4a1NMdW9lNUUySVUzUmFTTGMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI0
LzFlYTJiMC02YjlhLTQ0ZDctYTJlNS0yMjA2Y2MyZTY5MWMvMS9nY3lwOFY0Wkla
VTZZb3lLMHF4TDZYZTJ3d00uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
XQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQDBAAFoE0DBAEFoG4DBAEFoIIDBAEF
oNADBAAFoNcDBAEu0TgDBAIu0WwwDAMEAC7RhQMEAy7RgAMEAC7R1gMEAU3tQjAN
BgkqhkiG9w0BAQsFAAOCAQEAhbOd66rRpDiE9JIuBtcc/asM7Ov0I0RPMBTx7RRV
R7PJxOrvTY0Vgqn+tmSh3+qzHsPgUyJwGue8kez6LQ+fgGNJwH+DzL5WX+ptSneK
zGGhNoQJzck5SSs+VaPMzdg5Utcx6ESWqRrmOWprMaLHBc3lKE5PKl3mvfZNQfHw
WInXftM3MSknmA5HJhccidGDmtaSl8M6FR0k673OS7Ire2udTvpF4TL/TMLQsF4v
reDuwOcYnRb+dFXKp7bXzYwJfIgDtMeD31xtG7tQ+VqAy4LpAm50k1bshM5xx2Jd
m6FbmrGPY5vBGsRZsquNBnQyt0dFpElDJiG7/+Rs9+EUJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:20 2024 by rpki-client on console-ams.rpki-client.org