Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa
File:                     MvCP99bu_szFj2ZgPfE4sa8_cy0.roa (raw, json)
Hash identifier:          1KbbAaauV8Gg7kDqTGFjIl3KmUNnYnnYIRf9KmFSM/M=
Subject key identifier:   32:F0:8F:F7:D6:EE:FE:CC:C5:8F:66:60:3D:F1:38:B1:AF:3F:73:2D
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       01828DF07C1553184D215C5AD2AA1A7BD6B6
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa
Signing time:             Thu 11 Aug 2022 17:25:24 +0000
ROA not before:           Thu 11 Aug 2022 17:25:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207023
IP address blocks:        176.116.238.0/23 maxlen: 24
                          91.234.122.0/23 maxlen: 24
                          194.33.64.0/23 maxlen: 23
                          176.118.200.0/22 maxlen: 22
                          176.118.204.0/22 maxlen: 22
                          77.36.72.0/21 maxlen: 21
                          91.232.18.0/24 maxlen: 24
                          46.173.252.0/23 maxlen: 23
                          91.229.147.0/24 maxlen: 24
                          91.200.133.0/24 maxlen: 24
                          37.97.116.0/22 maxlen: 24
                          192.162.186.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8d:f0:7c:15:53:18:4d:21:5c:5a:d2:aa:1a:7b:d6:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Aug 11 17:25:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32f08ff7d6eefeccc58f66603df138b1af3f732d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c8:70:84:65:a2:a4:4e:7a:11:46:75:f5:ba:
                    4c:5c:09:25:34:33:25:1f:07:e3:ca:76:85:58:4e:
                    df:87:ed:9d:75:10:47:75:ed:ed:04:9b:7f:0f:19:
                    e9:c0:a8:c6:b8:e4:2d:1c:59:92:9e:6e:48:00:6a:
                    4a:58:e7:36:f4:37:83:ed:24:d2:4b:e7:84:c9:32:
                    18:c2:bd:9a:23:09:60:e3:12:2a:76:6e:2e:28:f7:
                    94:ec:49:f5:ba:4b:1e:cf:f1:38:c0:81:fe:f5:fe:
                    73:a8:c7:2e:32:97:ba:2c:59:5c:dd:49:9a:0e:77:
                    f3:2a:00:d4:5a:82:0c:b2:a8:17:cb:83:c1:95:9b:
                    af:a3:94:9c:65:53:f0:24:0f:86:51:05:79:59:62:
                    27:f8:dc:0e:97:b4:e0:85:39:38:b4:86:0b:f8:aa:
                    1e:14:b0:0e:7f:9d:00:9a:76:67:3a:c3:4c:21:d0:
                    76:c4:b6:52:3b:0e:ff:f9:89:1d:76:71:1f:92:7b:
                    3a:f4:1c:6d:aa:95:9e:62:f7:ac:a5:fa:28:06:05:
                    e1:24:d9:de:3c:37:66:bd:63:b4:4b:49:c6:8e:62:
                    9a:f1:b2:f1:6a:4d:b8:d9:cc:e6:05:cf:4c:02:84:
                    79:90:1d:d4:c3:18:47:28:bf:b5:ce:c1:7a:6b:4a:
                    a7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:F0:8F:F7:D6:EE:FE:CC:C5:8F:66:60:3D:F1:38:B1:AF:3F:73:2D
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MvCP99bu_szFj2ZgPfE4sa8_cy0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.97.116.0/22
                  46.173.252.0/23
                  77.36.72.0/21
                  91.200.133.0/24
                  91.229.147.0/24
                  91.232.18.0/24
                  91.234.122.0/23
                  176.116.238.0/23
                  176.118.200.0/21
                  192.162.186.0/23
                  194.33.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:dc:17:59:dd:f4:c4:1c:4a:39:b6:7b:53:27:bf:8b:87:23:
         3e:76:30:ca:72:b4:b6:2c:18:b4:02:17:cf:cb:3e:7d:e5:bb:
         3c:49:6e:bb:b7:89:fa:63:fc:0f:74:63:f5:11:29:01:66:a5:
         b5:9c:72:03:2e:60:45:8b:5c:68:65:89:59:51:b4:e2:c2:6a:
         2f:b0:bd:66:6e:b7:36:9a:e7:72:5b:49:f0:fe:be:5a:8c:27:
         e3:51:3f:ff:d7:a5:47:87:bb:ee:70:c4:e6:43:f9:f7:4f:32:
         9c:16:9a:e5:3a:17:18:01:eb:4c:10:b6:b0:51:51:9a:90:37:
         09:76:0d:91:87:f7:76:d1:1d:62:24:0c:6b:c1:13:41:f9:b9:
         b2:a9:e8:10:85:11:41:1b:45:15:77:34:cb:14:71:d0:19:d1:
         ac:ca:e1:ca:e4:27:56:f1:5d:ec:00:29:3e:4f:12:5a:0b:b3:
         d5:2c:48:7f:03:c3:74:5c:e7:4d:eb:f3:98:6e:08:44:c4:59:
         1f:2d:3c:5c:82:5b:34:62:72:57:25:6e:4e:da:e9:4e:0c:78:
         fb:42:23:3c:bd:cb:de:1a:10:dd:99:df:9e:df:51:1c:11:91:
         44:3c:cf:de:37:94:c3:ab:3b:e6:17:dc:3c:3e:b9:45:96:75:
         5f:e4:05:e9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYKN8HwVUxhNIVxa0qoae9a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODExMTcyNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmYwOGZmN2Q2ZWVmZWNjYzU4ZjY2NjAzZGYxMzhiMWFmM2Y3MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxchwhGWipE56EUZ19bpMXAklNDMl
HwfjynaFWE7fh+2ddRBHde3tBJt/DxnpwKjGuOQtHFmSnm5IAGpKWOc29DeD7STS
S+eEyTIYwr2aIwlg4xIqdm4uKPeU7En1uksez/E4wIH+9f5zqMcuMpe6LFlc3Uma
DnfzKgDUWoIMsqgXy4PBlZuvo5ScZVPwJA+GUQV5WWIn+NwOl7TghTk4tIYL+Koe
FLAOf50AmnZnOsNMIdB2xLZSOw7/+YkddnEfkns69BxtqpWeYvespfooBgXhJNne
PDdmvWO0S0nGjmKa8bLxak242czmBc9MAoR5kB3UwxhHKL+1zsF6a0qniwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDLwj/fW7v7MxY9mYD3xOLGvP3MtMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTXZDUDk5YnVfc3pGajJaZ1BmRTRzYThfY3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCJWF0AwQB
Lq38AwQDTSRIAwQAW8iFAwQAW+WTAwQAW+gSAwQBW+p6AwQBsHTuAwQDsHbIAwQB
wKK6AwQBwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQBU3BdZ3fTEHEo5tntTJ7+LhyM+
djDKcrS2LBi0AhfPyz595bs8SW67t4n6Y/wPdGP1ESkBZqW1nHIDLmBFi1xoZYlZ
UbTiwmovsL1mbrc2mudyW0nw/r5ajCfjUT//16VHh7vucMTmQ/n3TzKcFprlOhcY
AetMELawUVGakDcJdg2Rh/d20R1iJAxrwRNB+bmyqegQhRFBG0UVdzTLFHHQGdGs
yuHK5CdW8V3sACk+TxJaC7PVLEh/A8N0XOdN6/OYbghExFkfLTxcgls0YnJXJW5O
2ulODHj7QiM8vcveGhDdmd+e31EcEZFEPM/eN5TDqzvmF9w8PrlFlnVf5AXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org