Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/4jwFoN7e2jBKYe4Aec2QpJm64MU.roa
File:                     4jwFoN7e2jBKYe4Aec2QpJm64MU.roa (raw, json)
Hash identifier:          tHhHSsvprOk5N1Xculp4z/8UtH57YcI9UR0nLc1vqCY=
Subject key identifier:   E2:3C:05:A0:DE:DE:DA:30:4A:61:EE:00:79:CD:90:A4:99:BA:E0:C5
Certificate issuer:       /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial:       01830DAE22363AAE7953741774F70A6B5B12
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/4jwFoN7e2jBKYe4Aec2QpJm64MU.roa
Signing time:             Mon 05 Sep 2022 12:44:19 +0000
ROA not before:           Mon 05 Sep 2022 12:44:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59441
IP address blocks:        185.208.78.0/23 maxlen: 24
                          185.208.78.0/24 maxlen: 24
                          185.208.79.0/24 maxlen: 24
                          185.83.112.0/22 maxlen: 22
                          185.83.112.0/23 maxlen: 23
                          185.83.112.0/24 maxlen: 24
                          185.83.113.0/24 maxlen: 24
                          185.83.114.0/24 maxlen: 24
                          185.83.114.0/23 maxlen: 24
                          185.83.115.0/24 maxlen: 24
                          5.144.129.0/24 maxlen: 24
                          5.144.128.0/22 maxlen: 22
                          5.144.132.0/22 maxlen: 22
                          5.144.132.0/23 maxlen: 24
                          5.144.128.0/21 maxlen: 21
                          5.144.128.0/23 maxlen: 23
                          5.144.128.0/24 maxlen: 24
                          5.144.130.0/24 maxlen: 24
                          5.144.130.0/23 maxlen: 24
                          5.144.131.0/24 maxlen: 24
                          5.144.132.0/24 maxlen: 24
                          5.144.135.0/24 maxlen: 24
                          5.144.133.0/24 maxlen: 24
                          5.144.134.0/24 maxlen: 24
                          5.144.134.0/23 maxlen: 24
                          185.173.104.0/24 maxlen: 24
                          185.173.104.0/22 maxlen: 24
                          185.173.105.0/24 maxlen: 24
                          185.173.106.0/24 maxlen: 24
                          185.173.107.0/24 maxlen: 24
                          45.92.95.0/24 maxlen: 24
                          45.92.92.0/23 maxlen: 24
                          45.92.92.0/24 maxlen: 24
                          45.92.92.0/22 maxlen: 24
                          45.92.93.0/24 maxlen: 24
                          45.92.94.0/24 maxlen: 24
                          45.92.94.0/23 maxlen: 24
                          45.138.132.0/22 maxlen: 24
                          45.138.132.0/23 maxlen: 24
                          45.138.132.0/24 maxlen: 24
                          45.138.133.0/24 maxlen: 24
                          45.138.134.0/24 maxlen: 24
                          45.138.135.0/24 maxlen: 24
                          2a10:5c40::/29 maxlen: 29
                          2a05:9a00:4::/48 maxlen: 48
                          2a05:9a00::/29 maxlen: 29
                          2a05:9a00:1::/48 maxlen: 48
                          2a05:9a00:1001::/48 maxlen: 48
                          2a05:9a00:2::/48 maxlen: 48
                          2a05:9a00:1002::/48 maxlen: 48
                          2a05:9a00::/48 maxlen: 48
                          2a05:9a00:1000::/48 maxlen: 48
                          2a05:9a00:3::/48 maxlen: 48
                          2a05:9a00:1003::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:0d:ae:22:36:3a:ae:79:53:74:17:74:f7:0a:6b:5b:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
        Validity
            Not Before: Sep  5 12:44:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e23c05a0dededa304a61ee0079cd90a499bae0c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:2a:d4:a8:25:0f:91:bd:ac:c3:f2:73:77:3f:
                    c6:42:59:67:6f:c3:2d:f1:7c:d6:7d:e0:ad:be:6e:
                    e8:1d:71:67:1d:4e:96:1e:9d:6a:98:49:e4:81:5d:
                    d3:c9:82:b7:db:da:cf:4d:ab:8b:38:92:9b:7e:a7:
                    a5:59:80:e6:39:67:2f:67:0c:00:43:b2:56:fa:76:
                    23:bf:36:5b:a7:9c:43:8b:e4:72:80:ba:71:eb:bc:
                    45:c2:5f:fb:af:86:8c:90:a4:e5:84:a9:58:ae:d1:
                    25:f3:9e:59:20:8a:f2:8d:d1:db:3a:26:25:9a:58:
                    41:62:15:87:df:5e:30:d9:8a:83:c5:ac:09:57:25:
                    43:53:86:2b:8c:e5:b5:d5:f9:20:69:18:b2:79:f7:
                    a6:0e:b7:7e:53:07:8b:35:bf:df:e9:ee:74:96:35:
                    75:5a:c5:c1:25:89:4e:e3:58:f9:f5:6b:c2:59:9f:
                    91:44:3a:5d:37:4b:bf:18:d2:ca:be:38:a8:4c:0e:
                    42:c0:32:5f:38:00:21:2d:94:5a:bf:3b:97:72:88:
                    e1:cf:60:60:b2:f4:8a:1b:cd:3c:7c:61:6b:41:77:
                    d1:a3:c3:31:f4:d8:d8:b8:5b:80:a5:a9:8c:19:45:
                    94:34:61:ae:bd:75:0d:de:8d:08:f1:52:25:3c:76:
                    f8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:3C:05:A0:DE:DE:DA:30:4A:61:EE:00:79:CD:90:A4:99:BA:E0:C5
            X509v3 Authority Key Identifier:
                keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/4jwFoN7e2jBKYe4Aec2QpJm64MU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.128.0/21
                  45.92.92.0/22
                  45.138.132.0/22
                  185.83.112.0/22
                  185.173.104.0/22
                  185.208.78.0/23
                IPv6:
                  2a05:9a00::/29
                  2a10:5c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         b0:53:ae:14:24:58:f0:5d:f4:de:be:5f:58:65:b9:c0:6e:b1:
         19:37:0c:43:c8:ee:dd:e9:40:8e:cf:81:ab:e3:a8:c7:8f:17:
         98:02:ba:6b:22:93:ac:a8:8f:11:16:a9:e1:0d:0e:6d:37:f5:
         e8:b8:bf:4c:27:63:c6:f1:e1:b1:b9:fe:23:8c:1f:ee:d1:2c:
         8d:b5:1e:4a:b8:75:b6:80:c7:c9:98:4b:61:bb:08:4e:8c:c2:
         01:47:b4:8c:2c:23:ed:bd:32:15:22:ee:f3:c3:21:b9:e0:99:
         7b:be:75:e4:c7:75:49:20:3f:65:9e:bd:e8:91:b9:f3:e6:18:
         03:2e:b5:90:89:0a:45:7c:9c:24:d4:1c:7c:be:bc:cd:8f:2b:
         ce:18:1a:e8:3a:86:c8:86:98:59:d8:0d:de:b4:e3:95:d7:39:
         80:cd:05:87:f7:f3:e2:d2:b1:e1:17:e3:2a:39:32:48:29:92:
         85:21:c9:7e:a1:3b:bd:44:4c:ab:0c:1f:f7:2c:c9:5f:bd:2d:
         83:27:e3:57:e4:5d:8f:32:db:9c:08:d2:36:34:b4:41:b7:e5:
         3a:32:33:e8:2f:df:f1:aa:4a:4d:be:ad:f0:9c:87:6c:28:a4:
         e1:ac:ea:b5:9a:db:d8:f3:0b:5a:6e:b2:f4:c5:92:ad:d6:3b:
         2f:0c:aa:68
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYMNriI2Oq55U3QXdPcKa1sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjIwOTA1MTI0NDE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNjMDVhMGRlZGVkYTMwNGE2MWVlMDA3OWNkOTBhNDk5YmFlMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSrUqCUPkb2sw/Jzdz/GQllnb8Mt
8XzWfeCtvm7oHXFnHU6WHp1qmEnkgV3TyYK329rPTauLOJKbfqelWYDmOWcvZwwA
Q7JW+nYjvzZbp5xDi+RygLpx67xFwl/7r4aMkKTlhKlYrtEl855ZIIryjdHbOiYl
mlhBYhWH314w2YqDxawJVyVDU4YrjOW11fkgaRiyefemDrd+UweLNb/f6e50ljV1
WsXBJYlO41j59WvCWZ+RRDpdN0u/GNLKvjioTA5CwDJfOAAhLZRavzuXcojhz2Bg
svSKG808fGFrQXfRo8Mx9NjYuFuApamMGUWUNGGuvXUN3o0I8VIlPHb4zwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOI8BaDe3towSmHuAHnNkKSZuuDFMB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvNGp3Rm9ON2UyakJLWWU0QWVjMlFwSm02NE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBZCAAwQC
LVxcAwQCLYqEAwQCuVNwAwQCua1oAwQBudBOMBQEAgACMA4DBQMqBZoAAwUDKhBc
QDANBgkqhkiG9w0BAQsFAAOCAQEAsFOuFCRY8F303r5fWGW5wG6xGTcMQ8ju3elA
js+Bq+Oox48XmAK6ayKTrKiPERap4Q0ObTf16Li/TCdjxvHhsbn+I4wf7tEsjbUe
Srh1toDHyZhLYbsITozCAUe0jCwj7b0yFSLu88MhueCZe7515Md1SSA/ZZ696JG5
8+YYAy61kIkKRXycJNQcfL68zY8rzhga6DqGyIaYWdgN3rTjldc5gM0Fh/fz4tKx
4RfjKjkySCmShSHJfqE7vURMqwwf9yzJX70tgyfjV+RdjzLbnAjSNjS0QbflOjIz
6C/f8apKTb6t8JyHbCik4azqtZrb2PMLWm6y9MWSrdY7LwyqaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:49 2024 by rpki-client on console-fra.rpki-client.org