Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/qVc4mMr6_OVly4pLxV0_Nm6U6yg.roa
File:                     qVc4mMr6_OVly4pLxV0_Nm6U6yg.roa (raw, json)
Hash identifier:          LXG1mlbyofnNZB8slOHGlBoNZ4G9+gElF2Didqm8CMQ=
Subject key identifier:   A9:57:38:98:CA:FA:FC:E5:65:CB:8A:4B:C5:5D:3F:36:6E:94:EB:28
Certificate issuer:       /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial:       B58940
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/qVc4mMr6_OVly4pLxV0_Nm6U6yg.roa
Signing time:             Tue 08 Feb 2022 09:05:39 +0000
ROA not before:           Tue 08 Feb 2022 09:05:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206618
IP address blocks:        194.114.80.0/23 maxlen: 23
                          194.114.85.0/24 maxlen: 24
                          193.23.96.0/24 maxlen: 24
                          194.114.96.0/24 maxlen: 24
                          194.114.96.0/23 maxlen: 23
                          194.114.96.0/22 maxlen: 22
                          194.114.94.0/23 maxlen: 23
                          194.114.98.0/23 maxlen: 23
                          194.114.97.0/24 maxlen: 24
                          194.114.100.0/22 maxlen: 22
                          194.114.104.0/21 maxlen: 21
                          194.114.104.0/24 maxlen: 24
                          143.163.67.0/24 maxlen: 24
                          143.163.66.0/24 maxlen: 24
                          143.163.66.0/23 maxlen: 23
                          194.114.125.0/24 maxlen: 24
                          194.114.126.0/24 maxlen: 24
                          194.114.32.0/23 maxlen: 23
                          194.114.40.0/23 maxlen: 23
                          143.163.1.0/24 maxlen: 24
                          194.114.44.0/22 maxlen: 22
                          194.114.48.0/21 maxlen: 21
                          143.163.12.0/22 maxlen: 22
                          194.114.56.0/22 maxlen: 22
                          143.163.16.0/23 maxlen: 23
                          194.114.61.0/24 maxlen: 24
                          194.114.64.0/23 maxlen: 23
                          194.114.62.0/23 maxlen: 23
                          194.114.62.0/24 maxlen: 24
                          194.114.63.0/24 maxlen: 24
                          194.114.66.0/23 maxlen: 23
                          194.114.70.0/23 maxlen: 23
                          194.114.74.0/24 maxlen: 24
                          194.114.78.0/23 maxlen: 23
                          194.114.77.0/24 maxlen: 24
                          2a01:4dc0::/42 maxlen: 42

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11897152 (0xb58940)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
        Validity
            Not Before: Feb  8 09:05:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9573898cafafce565cb8a4bc55d3f366e94eb28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f5:e9:27:1b:3f:4e:e2:9b:8e:ce:47:ed:a7:
                    b4:a6:8d:2b:4e:94:01:f4:0b:cb:bd:12:5a:19:22:
                    48:e1:12:5c:00:96:27:d3:a5:74:25:01:91:1b:97:
                    6e:c5:ab:c3:2b:b0:d5:8a:ed:f9:fc:0e:23:03:34:
                    cd:73:fc:94:e8:00:7d:24:bf:c7:79:92:9d:22:38:
                    51:a1:b0:70:aa:cb:fc:39:d0:ec:da:31:79:53:b7:
                    6a:7b:93:d7:a9:5e:d0:ab:0d:cb:be:41:4d:78:9a:
                    dc:5b:11:f9:5f:8e:52:a7:5d:e0:4c:32:4e:ec:57:
                    45:06:15:52:73:38:13:6d:f9:ad:b2:6f:6f:46:88:
                    cb:fd:06:3b:dd:cd:6b:ed:8e:59:14:66:3b:ca:84:
                    f1:4a:e0:9e:99:eb:d8:50:e7:cc:66:95:0b:6f:3c:
                    4f:18:62:04:ea:c4:36:0c:34:eb:9c:d7:ad:49:89:
                    87:ab:1d:7e:25:43:4f:01:52:0e:63:70:07:5a:b4:
                    20:0e:c5:51:3c:1c:1e:b3:86:b8:12:53:d2:f5:08:
                    f1:4d:2c:cf:0f:cf:0e:50:1e:b0:e5:98:cd:7a:71:
                    09:d9:82:e0:4b:1c:08:c1:16:e7:d8:f5:41:c0:7b:
                    8f:0d:34:b9:a0:3a:ea:e0:cd:af:7d:13:45:80:47:
                    e1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:57:38:98:CA:FA:FC:E5:65:CB:8A:4B:C5:5D:3F:36:6E:94:EB:28
            X509v3 Authority Key Identifier:
                keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/qVc4mMr6_OVly4pLxV0_Nm6U6yg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.163.1.0/24
                  143.163.12.0-143.163.17.255
                  143.163.66.0/23
                  193.23.96.0/24
                  194.114.32.0/23
                  194.114.40.0/23
                  194.114.44.0-194.114.59.255
                  194.114.61.0-194.114.67.255
                  194.114.70.0/23
                  194.114.74.0/24
                  194.114.77.0-194.114.81.255
                  194.114.85.0/24
                  194.114.94.0-194.114.111.255
                  194.114.125.0-194.114.126.255
                IPv6:
                  2a01:4dc0::/42

    Signature Algorithm: sha256WithRSAEncryption
         60:2e:f8:38:3d:e7:57:6a:0b:44:9b:ef:7b:12:3c:9c:4f:7a:
         53:4e:15:58:39:04:08:8c:07:3f:35:57:ec:d5:6b:cc:4f:6c:
         5b:e7:19:74:bc:2a:76:20:f1:52:ef:62:92:9b:81:09:57:b1:
         9c:1a:6a:7b:c4:b6:59:ac:0f:7a:84:da:5b:16:48:c8:1d:36:
         88:bd:56:90:5f:23:16:19:33:98:e9:6b:f8:6b:0c:de:e2:44:
         3e:6b:06:34:9b:52:ad:cd:90:80:d4:d0:32:b8:9f:f9:11:e2:
         9a:9a:f7:f9:90:b4:7e:96:7d:6e:e6:28:94:5d:a2:52:06:63:
         e9:be:0f:ca:e4:7c:18:db:6f:d3:77:7f:64:87:0f:f5:34:38:
         bf:e4:ab:83:64:a3:0c:10:ba:cb:f7:d8:81:9e:3f:26:b2:4e:
         45:61:79:96:54:ba:73:ad:a7:e5:c2:79:09:06:e2:a5:a8:5b:
         11:4d:63:80:86:ad:12:55:ff:3f:a2:a8:dc:74:28:98:2e:91:
         67:98:68:51:39:60:11:25:e8:98:c0:2f:26:fb:3c:bf:eb:ad:
         f6:ae:88:e3:c8:8a:25:fd:90:03:e0:b5:03:1e:01:c7:b4:20:
         61:ae:11:ab:96:eb:df:ec:b5:c5:51:11:1d:bd:ac:38:26:79:
         90:18:2c:1c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIEALWJQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2YwNGI3OGIyZWVkZjk5OGVkZDVjYzFlODg2NzFjOGQxMGYxODY1MB4XDTIyMDIw
ODA5MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk1NzM4OThjYWZh
ZmNlNTY1Y2I4YTRiYzU1ZDNmMzY2ZTk0ZWIyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKr16ScbP07im47OR+2ntKaNK06UAfQLy70SWhkiSOESXACW
J9OldCUBkRuXbsWrwyuw1Yrt+fwOIwM0zXP8lOgAfSS/x3mSnSI4UaGwcKrL/DnQ
7NoxeVO3anuT16le0KsNy75BTXia3FsR+V+OUqdd4EwyTuxXRQYVUnM4E235rbJv
b0aIy/0GO93Na+2OWRRmO8qE8Urgnpnr2FDnzGaVC288TxhiBOrENgw065zXrUmJ
h6sdfiVDTwFSDmNwB1q0IA7FUTwcHrOGuBJT0vUI8U0szw/PDlAesOWYzXpxCdmC
4EscCMEW59j1QcB7jw00uaA66uDNr30TRYBH4e8CAwEAAaOCAp0wggKZMB0GA1Ud
DgQWBBSpVziYyvr85WXLikvFXT82bpTrKDAfBgNVHSMEGDAWgBTH8Et4su7fmY7d
XMHohnHI0Q8YZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hfQkxlTEx1MzVtTzNWekI2SVp4eU5FUEdHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvNDczOTI0LTZmOTktNDczZC1hMDc3LWY0Mzc4MzkwOTVkMS8x
L3FWYzRtTXI2X09WbHk0cEx4VjBfTm02VTZ5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
NDczOTI0LTZmOTktNDczZC1hMDc3LWY0Mzc4MzkwOTVkMS8xL3hfQkxlTEx1MzVt
TzNWekI2SVp4eU5FUEdHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sgYIKwYBBQUHAQcBAf8EgaIwgZ8wgYsEAgABMIGEAwQAj6MBMAwDBAKPowwDBAGP
oxADBAGPo0IDBADBF2ADBAHCciADBAHCcigwDAMEAsJyLAMEAsJyODAMAwQAwnI9
AwQCwnJAAwQBwnJGAwQAwnJKMAwDBADCck0DBAHCclADBADCclUwDAMEAcJyXgME
BMJyYDAMAwQAwnJ9AwQAwnJ+MA8EAgACMAkDBwYqAU3AAAAwDQYJKoZIhvcNAQEL
BQADggEBAGAu+Dg951dqC0Sb73sSPJxPelNOFVg5BAiMBz81V+zVa8xPbFvnGXS8
KnYg8VLvYpKbgQlXsZwaanvEtlmsD3qE2lsWSMgdNoi9VpBfIxYZM5jpa/hrDN7i
RD5rBjSbUq3NkIDU0DK4n/kR4pqa9/mQtH6WfW7mKJRdolIGY+m+D8rkfBjbb9N3
f2SHD/U0OL/kq4NkowwQusv32IGePyayTkVheZZUunOtp+XCeQkG4qWoWxFNY4CG
rRJV/z+iqNx0KJgukWeYaFE5YBEl6JjALyb7PL/rrfauiOPIiiX9kAPgtQMeAce0
IGGuEauW69/stcVRER29rDgmeZAYLBw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:57 2024 by rpki-client on console-fra.rpki-client.org