Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/WV790TNWkvqKL46qQDFezeqESPA.roa
File:                     WV790TNWkvqKL46qQDFezeqESPA.roa (raw, json)
Hash identifier:          rpQncnkYGTLVYJCqKyZr35ntM6TvCpRJfDmUunsNJ6Y=
Subject key identifier:   59:5E:FD:D1:33:56:92:FA:8A:2F:8E:AA:40:31:5E:CD:EA:84:48:F0
Certificate issuer:       /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial:       18523408
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/WV790TNWkvqKL46qQDFezeqESPA.roa
Signing time:             Sat 01 Jan 2022 15:59:28 +0000
ROA not before:           Sat 01 Jan 2022 15:59:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42708
IP address blocks:        46.21.96.0/20 maxlen: 24
                          46.21.100.0/24 maxlen: 24
                          195.149.101.0/24 maxlen: 24
                          185.157.220.0/22 maxlen: 24
                          212.112.0.0/19 maxlen: 24
                          31.192.224.0/21 maxlen: 24
                          31.192.228.0/24 maxlen: 24
                          193.108.196.0/24 maxlen: 24
                          109.74.0.0/20 maxlen: 24
                          188.126.64.0/19 maxlen: 24
                          80.67.0.0/20 maxlen: 24
                          79.99.0.0/21 maxlen: 24
                          178.73.192.0/18 maxlen: 24
                          91.228.194.0/23 maxlen: 24
                          91.228.193.0/24 maxlen: 24
                          178.73.224.0/19 maxlen: 19
                          5.178.72.0/21 maxlen: 21
                          91.213.246.0/24 maxlen: 24
                          94.247.168.0/21 maxlen: 24
                          46.246.0.0/17 maxlen: 24
                          37.152.56.0/21 maxlen: 24
                          194.54.164.0/22 maxlen: 24
                          195.238.76.0/23 maxlen: 24
                          185.39.144.0/22 maxlen: 24
                          159.253.24.0/21 maxlen: 24
                          91.217.189.0/24 maxlen: 24
                          159.253.28.0/24 maxlen: 24
                          159.253.29.0/24 maxlen: 24
                          195.246.120.0/23 maxlen: 24
                          195.20.206.0/23 maxlen: 24
                          2a00:1a28::/32 maxlen: 48
                          2a02:750::/29 maxlen: 48
                          2a02:750:10::/48 maxlen: 48
                          2a02:750:14::/48 maxlen: 48
                          2a02:750:8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 408040456 (0x18523408)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
        Validity
            Not Before: Jan  1 15:59:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=595efdd1335692fa8a2f8eaa40315ecdea8448f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:bd:06:b0:98:95:9d:70:6d:8e:41:49:db:d2:
                    81:61:f8:d8:20:d5:57:33:b5:c5:ca:49:55:b2:b2:
                    0a:60:bd:d0:ef:c6:6e:ca:c4:98:a8:a5:07:85:53:
                    46:88:e9:e8:25:3b:d5:c2:ce:04:4d:ef:88:21:f3:
                    30:27:0e:59:70:f1:f6:f5:c5:ae:25:b1:ef:a8:b0:
                    f9:d4:01:23:11:01:22:af:e8:e6:05:2f:67:41:d3:
                    f4:72:0b:27:59:17:7d:ee:68:90:93:53:70:67:27:
                    93:d2:94:ff:8f:84:08:fe:aa:82:f6:81:3c:98:ed:
                    06:52:67:be:79:27:32:03:8a:e1:fa:a9:29:ad:31:
                    e2:0b:b5:0e:cb:30:c6:87:43:aa:99:56:35:08:cc:
                    82:f7:75:95:5f:8d:5e:01:6a:d3:85:04:95:64:0d:
                    e6:f6:bd:e6:a4:38:f4:43:b1:c5:92:ab:e0:73:fb:
                    53:ec:21:9a:4e:dd:aa:da:01:b4:7f:32:39:06:27:
                    72:83:2f:22:80:73:56:c2:e7:1c:5e:ee:5b:33:90:
                    ce:82:d0:5d:72:ad:76:bc:83:5e:c6:9a:2c:5b:a8:
                    dd:d1:4b:93:52:be:96:7e:03:e5:0d:7b:86:8e:53:
                    38:7c:be:3f:b2:40:c5:bb:67:32:1c:bb:98:28:39:
                    8c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:5E:FD:D1:33:56:92:FA:8A:2F:8E:AA:40:31:5E:CD:EA:84:48:F0
            X509v3 Authority Key Identifier:
                keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/WV790TNWkvqKL46qQDFezeqESPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.72.0/21
                  31.192.224.0/21
                  37.152.56.0/21
                  46.21.96.0/20
                  46.246.0.0/17
                  79.99.0.0/21
                  80.67.0.0/20
                  91.213.246.0/24
                  91.217.189.0/24
                  91.228.193.0-91.228.195.255
                  94.247.168.0/21
                  109.74.0.0/20
                  159.253.24.0/21
                  178.73.192.0/18
                  185.39.144.0/22
                  185.157.220.0/22
                  188.126.64.0/19
                  193.108.196.0/24
                  194.54.164.0/22
                  195.20.206.0/23
                  195.149.101.0/24
                  195.238.76.0/23
                  195.246.120.0/23
                  212.112.0.0/19
                IPv6:
                  2a00:1a28::/32
                  2a02:750::/29

    Signature Algorithm: sha256WithRSAEncryption
         7d:e6:72:b6:9e:d1:ea:c4:76:56:9a:19:16:a5:3c:35:0f:4e:
         92:c4:84:12:82:b0:eb:24:ec:2e:34:67:71:6d:db:3c:16:a3:
         14:56:79:cd:8b:21:de:d7:ad:6f:4b:46:ae:c8:3f:c6:29:3e:
         74:57:fd:a4:09:b6:61:6f:77:5e:fd:ea:d2:76:39:b9:fc:be:
         67:c7:52:4c:28:b9:c8:48:d8:e7:87:6e:dd:de:95:bd:88:1f:
         f7:e9:05:80:08:f6:cd:7e:41:bb:7e:4f:49:0a:4d:79:2d:4a:
         86:3b:c3:cd:62:68:5c:69:2e:c9:81:2c:50:a3:1c:59:b6:e1:
         c9:7c:b3:1f:85:4a:d3:9f:b7:47:85:02:0e:f2:b4:6d:8b:ba:
         ae:f9:1c:63:02:0c:34:a7:98:75:4b:43:9a:f7:4f:c7:c4:5f:
         52:73:e9:38:18:e8:1f:e9:db:91:d7:18:33:3e:20:a2:a0:de:
         0b:e3:a5:0f:4e:57:8c:ab:04:9e:f8:c8:ac:db:7f:9f:f2:86:
         3d:c3:04:89:69:84:0c:b4:fc:79:10:6c:02:32:95:d1:f9:30:
         fe:a2:bc:c6:8d:1a:31:b7:0e:f1:fa:64:7c:12:d8:72:d2:01:
         ef:84:83:41:68:a9:14:77:ea:43:59:ce:5e:6d:b0:2d:8f:4b:
         f9:26:13:1a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIEGFI0CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWFhYjE0NDYxMDBhOGZjZTAzZGYxOWQ3NTVlMDYzMjllZTI0NzEzMB4XDTIyMDEw
MTE1NTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTk1ZWZkZDEzMzU2
OTJmYThhMmY4ZWFhNDAzMTVlY2RlYTg0NDhmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOG9BrCYlZ1wbY5BSdvSgWH42CDVVzO1xcpJVbKyCmC90O/G
bsrEmKilB4VTRojp6CU71cLOBE3viCHzMCcOWXDx9vXFriWx76iw+dQBIxEBIq/o
5gUvZ0HT9HILJ1kXfe5okJNTcGcnk9KU/4+ECP6qgvaBPJjtBlJnvnknMgOK4fqp
Ka0x4gu1DsswxodDqplWNQjMgvd1lV+NXgFq04UElWQN5va95qQ49EOxxZKr4HP7
U+whmk7dqtoBtH8yOQYncoMvIoBzVsLnHF7uWzOQzoLQXXKtdryDXsaaLFuo3dFL
k1K+ln4D5Q17ho5TOHy+P7JAxbtnMhy7mCg5jJUCAwEAAaOCArYwggKyMB0GA1Ud
DgQWBBRZXv3RM1aS+oovjqpAMV7N6oRI8DAfBgNVHSMEGDAWgBTpqrFEYQCo/OA9
8Z11XgYynuJHEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZhcXhSR0VBcVB6Z1BmR2RkVjRHTXA3aVJ4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvNzFlMDljLTI4ZjMtNDgyNS04MDZmLWEwZGMzNTRmNGNhMy8x
L1dWNzkwVE5Xa3ZxS0w0NnFRREZlemVxRVNQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
NzFlMDljLTI4ZjMtNDgyNS04MDZmLWEwZGMzNTRmNGNhMy8xLzZhcXhSR0VBcVB6
Z1BmR2RkVjRHTXA3aVJ4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ywYIKwYBBQUHAQcBAf8EgbswgbgwgZ8EAgABMIGYAwQDBbJIAwQDH8DgAwQDJZg4
AwQELhVgAwQHLvYAAwQDT2MAAwQEUEMAAwQAW9X2AwQAW9m9MAwDBABb5MEDBAJb
5MADBANe96gDBARtSgADBAOf/RgDBAayScADBAK5J5ADBAK5ndwDBAW8fkADBADB
bMQDBALCNqQDBAHDFM4DBADDlWUDBAHD7kwDBAHD9ngDBAXUcAAwFAQCAAIwDgMF
ACoAGigDBQMqAgdQMA0GCSqGSIb3DQEBCwUAA4IBAQB95nK2ntHqxHZWmhkWpTw1
D06SxIQSgrDrJOwuNGdxbds8FqMUVnnNiyHe161vS0auyD/GKT50V/2kCbZhb3de
/erSdjm5/L5nx1JMKLnISNjnh27d3pW9iB/36QWACPbNfkG7fk9JCk15LUqGO8PN
YmhcaS7JgSxQoxxZtuHJfLMfhUrTn7dHhQIO8rRti7qu+RxjAgw0p5h1S0Oa90/H
xF9Sc+k4GOgf6duR1xgzPiCioN4L46UPTleMqwSe+Mis23+f8oY9wwSJaYQMtPx5
EGwCMpXR+TD+orzGjRoxtw7x+mR8Ethy0gHvhINBaKkUd+pDWc5ebbAtj0v5JhMa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:17 2024 by rpki-client on console-fra.rpki-client.org