Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uPvC6nPveNo-z9hG3HMx8aKpvRU.roa
File:                     uPvC6nPveNo-z9hG3HMx8aKpvRU.roa (raw, json)
Hash identifier:          9jHu+PCPCHBY9tsamJrr9mweQSMYVV3mEIqNqoyOY/c=
Subject key identifier:   B8:FB:C2:EA:73:EF:78:DA:3E:CF:D8:46:DC:73:31:F1:A2:A9:BD:15
Certificate issuer:       /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial:       4212C4E4
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uPvC6nPveNo-z9hG3HMx8aKpvRU.roa
Signing time:             Sat 01 Jan 2022 10:03:44 +0000
ROA not before:           Sat 01 Jan 2022 10:03:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201011
IP address blocks:        83.142.80.0/21 maxlen: 21
                          82.199.147.0/24 maxlen: 24
                          82.199.148.0/24 maxlen: 24
                          82.199.149.0/24 maxlen: 24
                          82.199.153.0/24 maxlen: 24
                          195.138.249.0/24 maxlen: 24
                          195.138.250.0/24 maxlen: 24
                          82.199.157.0/24 maxlen: 24
                          82.199.158.0/24 maxlen: 24
                          82.199.159.0/24 maxlen: 24
                          195.138.248.0/21 maxlen: 21
                          31.7.177.0/24 maxlen: 24
                          31.7.176.0/20 maxlen: 24
                          92.43.104.0/21 maxlen: 24
                          80.255.0.0/20 maxlen: 20
                          81.95.0.0/20 maxlen: 24
                          82.199.128.0/24 maxlen: 24
                          82.199.128.0/19 maxlen: 24
                          82.199.130.0/24 maxlen: 24
                          82.199.131.0/24 maxlen: 24
                          82.199.138.0/24 maxlen: 24
                          82.199.141.0/24 maxlen: 24
                          5.56.16.0/21 maxlen: 21
                          2a01:4a0:47::/48 maxlen: 48
                          2a01:4a0:42::/48 maxlen: 48
                          2a0b:76c0::/29 maxlen: 29
                          2a01:4a0:38::/48 maxlen: 48
                          2a01:4a0:56::/48 maxlen: 48
                          2a01:4a0:30::/48 maxlen: 48
                          2a01:4a0:50::/48 maxlen: 48
                          2a01:4a0:e::/48 maxlen: 48
                          2a01:4a0::/29 maxlen: 48
                          2a01:4a0:17::/48 maxlen: 48
                          2a01:4a0:48::/48 maxlen: 48
                          2a01:4a0:b::/48 maxlen: 48
                          2a01:4a0:46::/48 maxlen: 48
                          2a01:4a0:45::/48 maxlen: 48
                          2a01:4a0:43::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1108526308 (0x4212c4e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
        Validity
            Not Before: Jan  1 10:03:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b8fbc2ea73ef78da3ecfd846dc7331f1a2a9bd15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:25:af:c5:d1:7a:c1:9a:e4:56:e2:e9:10:39:
                    3c:a3:8b:3d:78:4d:ce:83:07:18:67:18:de:9f:a7:
                    04:04:47:2e:ca:c7:41:e9:1a:c6:5c:bb:45:4f:46:
                    56:7b:21:d4:23:b3:3c:02:c1:06:1f:69:5e:30:46:
                    d4:08:3c:d4:2f:39:7f:72:dd:21:32:fb:b3:aa:0c:
                    f5:fc:78:28:ae:b1:72:51:cf:e2:a8:ce:96:b6:a6:
                    23:c8:f7:c8:88:26:18:1c:c3:ac:00:16:6e:88:22:
                    59:83:09:89:6d:8a:1d:39:db:7d:1f:80:46:19:17:
                    1d:c0:ab:86:00:ae:35:d9:97:0b:f5:45:19:fa:d2:
                    b4:87:f7:c5:1b:ce:ce:2e:0b:b6:3c:51:64:1d:14:
                    d2:a6:06:ce:69:ba:80:c6:d3:5d:a6:77:30:e2:bb:
                    b7:0b:df:56:9d:e3:66:a5:54:95:78:6a:dd:2f:85:
                    60:df:0b:61:c4:25:39:d8:a9:07:5d:d9:a7:fa:48:
                    4a:58:f6:cd:92:66:a3:d1:51:a5:7e:39:4c:5a:43:
                    87:e0:68:c7:a4:c9:c2:4c:18:49:f6:a5:3c:50:c6:
                    09:46:16:4c:81:be:8f:ee:82:00:12:21:54:19:26:
                    c8:d7:4a:c2:87:c5:79:39:9c:f8:09:fe:ff:a9:fc:
                    eb:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:FB:C2:EA:73:EF:78:DA:3E:CF:D8:46:DC:73:31:F1:A2:A9:BD:15
            X509v3 Authority Key Identifier:
                keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uPvC6nPveNo-z9hG3HMx8aKpvRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.56.16.0/21
                  31.7.176.0/20
                  80.255.0.0/20
                  81.95.0.0/20
                  82.199.128.0/19
                  83.142.80.0/21
                  92.43.104.0/21
                  195.138.248.0/21
                IPv6:
                  2a01:4a0::/29
                  2a0b:76c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         02:f0:2b:90:89:1a:8d:57:bc:e8:65:06:ff:54:69:e4:25:78:
         0f:1e:71:df:16:b3:3b:3a:0f:6f:75:ce:1c:67:db:aa:ed:dd:
         8f:bd:6e:ca:92:b4:5d:67:c0:40:3b:58:88:a4:e0:c4:78:b9:
         19:31:5a:a0:c4:e7:0b:60:72:2c:77:fb:0a:5f:3f:66:86:6f:
         a8:26:0f:5e:d1:bc:09:43:8b:86:bd:c5:0f:72:5f:fc:63:39:
         e2:84:81:94:3c:23:54:cc:02:ab:bb:da:ea:3b:9f:22:74:8b:
         2a:6c:1d:c6:85:ab:9f:08:a8:49:8f:19:0d:7f:aa:5f:b7:ee:
         8d:e1:75:7b:ee:7c:be:e3:40:02:92:00:92:81:cf:bf:b3:64:
         d5:cc:56:5f:8e:16:66:23:d0:83:6c:ff:9d:61:b2:ee:43:95:
         1a:e3:64:74:31:3a:18:13:40:ff:78:79:4a:17:fe:21:26:0f:
         89:af:94:9c:e3:5e:32:8a:52:a6:7c:54:16:28:c6:72:15:a0:
         5f:60:98:0b:59:5d:bf:38:78:66:5a:8f:99:bb:f4:84:f2:0b:
         14:ce:65:93:99:86:3a:dc:1e:1a:3f:f8:48:66:6a:48:a8:2f:
         67:92:78:96:a5:39:5c:20:94:a8:61:2c:54:5e:16:eb:d7:c4:
         eb:9a:e9:b4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEQhLE5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWI3NWI2NGQ1ZGExN2Q3MGJiYWJkODExYTM5YTYwMmRkYWY5NjNhMB4XDTIyMDEw
MTEwMDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhmYmMyZWE3M2Vm
NzhkYTNlY2ZkODQ2ZGM3MzMxZjFhMmE5YmQxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwlr8XResGa5Fbi6RA5PKOLPXhNzoMHGGcY3p+nBARHLsrH
Qekaxly7RU9GVnsh1COzPALBBh9pXjBG1Ag81C85f3LdITL7s6oM9fx4KK6xclHP
4qjOlramI8j3yIgmGBzDrAAWbogiWYMJiW2KHTnbfR+ARhkXHcCrhgCuNdmXC/VF
GfrStIf3xRvOzi4LtjxRZB0U0qYGzmm6gMbTXaZ3MOK7twvfVp3jZqVUlXhq3S+F
YN8LYcQlOdipB13Zp/pISlj2zZJmo9FRpX45TFpDh+Box6TJwkwYSfalPFDGCUYW
TIG+j+6CABIhVBkmyNdKwofFeTmc+An+/6n86ykCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBS4+8Lqc+942j7P2EbcczHxoqm9FTAfBgNVHSMEGDAWgBSpt1tk1doX1wu6
vYEaOaYC3a+WOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FiZGJaTlhhRjljTHVyMkJHam1tQXQydmxqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8x
L3VQdkM2blB2ZU5vLXo5aEczSE14OGFLcHZSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
ZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8xL3FiZGJaTlhhRjlj
THVyMkJHam1tQXQydmxqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEAwU4EAMEBB8HsAMEBFD/AAMEBFFf
AAMEBVLHgAMEA1OOUAMEA1wraAMEA8OK+DAUBAIAAjAOAwUDKgEEoAMFAyoLdsAw
DQYJKoZIhvcNAQELBQADggEBAALwK5CJGo1XvOhlBv9UaeQleA8ecd8Wszs6D291
zhxn26rt3Y+9bsqStF1nwEA7WIik4MR4uRkxWqDE5wtgcix3+wpfP2aGb6gmD17R
vAlDi4a9xQ9yX/xjOeKEgZQ8I1TMAqu72uo7nyJ0iypsHcaFq58IqEmPGQ1/ql+3
7o3hdXvufL7jQAKSAJKBz7+zZNXMVl+OFmYj0INs/51hsu5DlRrjZHQxOhgTQP94
eUoX/iEmD4mvlJzjXjKKUqZ8VBYoxnIVoF9gmAtZXb84eGZaj5m79ITyCxTOZZOZ
hjrcHho/+EhmakioL2eSeJalOVwglKhhLFReFuvXxOua6bQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org