Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/Xk02x6CLg_3gFwOl5qf5beXxkx8.roa
File:                     Xk02x6CLg_3gFwOl5qf5beXxkx8.roa (raw, json)
Hash identifier:          0ldSIFFY4rGoWsode3eOeeH1EojqZWPl16M6LA+fIRo=
Subject key identifier:   5E:4D:36:C7:A0:8B:83:FD:E0:17:03:A5:E6:A7:F9:6D:E5:F1:93:1F
Certificate issuer:       /CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Certificate serial:       0705676C
Authority key identifier: 4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/Xk02x6CLg_3gFwOl5qf5beXxkx8.roa
Signing time:             Tue 31 May 2022 07:30:26 +0000
ROA not before:           Tue 31 May 2022 07:30:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44932
IP address blocks:        188.209.119.0/24 maxlen: 24
                          185.147.176.0/24 maxlen: 24
                          185.147.176.0/22 maxlen: 24
                          185.147.179.0/24 maxlen: 24
                          185.147.177.0/24 maxlen: 24
                          185.147.178.0/24 maxlen: 24
                          188.209.117.0/24 maxlen: 24
                          188.209.118.0/24 maxlen: 24
                          188.209.116.0/24 maxlen: 24
                          188.209.116.0/22 maxlen: 24
                          2a0b:1fc0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117794668 (0x705676c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
        Validity
            Not Before: May 31 07:30:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e4d36c7a08b83fde01703a5e6a7f96de5f1931f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:57:06:b8:f6:13:51:8c:78:8e:bc:39:2a:0e:
                    9a:d7:a3:02:48:9b:60:04:9d:e0:4e:59:04:3f:fc:
                    5e:86:a2:f5:54:86:b2:e6:92:95:32:b1:7d:b8:69:
                    8b:88:57:86:81:c0:72:82:8c:b7:09:ac:c6:97:09:
                    7b:c2:f9:5b:f1:5e:cc:14:98:f3:42:68:7e:ca:20:
                    2b:14:ca:9a:9b:29:a8:2f:42:16:9b:2c:ce:88:e5:
                    fa:9e:77:2b:14:3d:14:7e:b1:5e:3e:5a:be:37:dc:
                    5b:cb:48:ca:6e:4e:86:d8:f5:ec:63:8d:bf:4e:36:
                    5c:12:17:12:7c:4b:6c:ee:b7:8b:c1:b0:82:f1:b0:
                    97:e8:ab:08:57:93:e8:ff:4a:00:da:e0:66:6c:4a:
                    c3:c7:82:0a:2b:7a:44:60:68:0b:34:30:36:c7:22:
                    66:09:a5:0a:9e:b9:98:27:51:65:7d:ab:88:8d:68:
                    81:0c:b2:e9:ea:80:cd:42:bd:32:b5:0d:05:90:23:
                    4c:d4:80:80:c5:5e:be:f6:b7:51:4a:36:a5:de:4a:
                    ca:81:65:43:32:7a:29:db:b7:be:17:09:01:f7:97:
                    c2:24:e1:69:9c:0a:7c:2b:d4:02:5c:37:06:f9:b0:
                    4b:06:d4:bf:de:87:78:b3:ca:6d:57:93:22:8d:27:
                    12:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:4D:36:C7:A0:8B:83:FD:E0:17:03:A5:E6:A7:F9:6D:E5:F1:93:1F
            X509v3 Authority Key Identifier:
                keyid:4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/Xk02x6CLg_3gFwOl5qf5beXxkx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.147.176.0/22
                  188.209.116.0/22
                IPv6:
                  2a0b:1fc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         50:41:2e:e5:86:b9:b4:f3:23:8b:f1:5e:90:8c:f1:74:16:2f:
         33:62:7b:77:fd:c2:cf:9c:9d:bd:fa:bc:d3:4d:22:61:d3:bf:
         58:db:d1:2e:93:18:1a:f5:93:39:3d:79:e9:cf:c4:7f:0a:06:
         92:36:1f:06:6d:ed:db:d9:c1:b5:42:e4:c6:ef:b3:be:9c:f7:
         db:cc:d1:ed:4f:55:70:39:84:9d:43:39:23:53:19:ca:ea:b6:
         c5:99:f3:14:9f:6d:b2:27:25:8d:35:4c:9f:b2:a5:33:d9:fc:
         82:10:53:0f:8d:c5:f7:25:ca:5f:a8:b9:06:b4:9f:20:39:45:
         3a:ac:1f:88:8a:e2:af:40:eb:b8:3c:ae:00:d6:2b:c9:5c:0f:
         ec:4e:65:51:e2:30:2d:a9:37:d7:9b:ae:4b:fe:c4:26:27:98:
         c6:3c:cc:d1:c6:d5:31:08:51:3c:9e:76:39:6c:7d:5f:70:e5:
         0a:3e:b7:fd:c9:17:e0:13:82:00:64:11:71:61:84:09:f4:9f:
         de:7b:e7:bd:b7:28:1a:f4:ab:85:8a:7b:c5:29:0a:54:bb:f1:
         ae:25:e0:78:8c:8c:d7:4f:07:5c:f0:2a:9b:13:77:1f:8c:75:
         50:6b:78:5f:c8:03:c4:31:be:f0:a6:c0:e9:00:df:82:0f:11:
         a4:e9:29:3e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBwVnbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWMzYTA2MmNiOTZkOWEzZjIxYThiMmRhODQ4ZjgxYzZmNzNiZjk1MB4XDTIyMDUz
MTA3MzAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU0ZDM2YzdhMDhi
ODNmZGUwMTcwM2E1ZTZhN2Y5NmRlNWYxOTMxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxXBrj2E1GMeI68OSoOmtejAkibYASd4E5ZBD/8Xoai9VSG
suaSlTKxfbhpi4hXhoHAcoKMtwmsxpcJe8L5W/FezBSY80JofsogKxTKmpspqC9C
Fpsszojl+p53KxQ9FH6xXj5avjfcW8tIym5Ohtj17GONv042XBIXEnxLbO63i8Gw
gvGwl+irCFeT6P9KANrgZmxKw8eCCit6RGBoCzQwNsciZgmlCp65mCdRZX2riI1o
gQyy6eqAzUK9MrUNBZAjTNSAgMVevva3UUo2pd5KyoFlQzJ6Kdu3vhcJAfeXwiTh
aZwKfCvUAlw3BvmwSwbUv96HeLPKbVeTIo0nErECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBReTTbHoIuD/eAXA6Xmp/lt5fGTHzAfBgNVHSMEGDAWgBROw6Biy5bZo/Ia
iy2oSPgcb3O/lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RzT2dZc3VXMmFQeUdvc3RxRWo0SEc5enY1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNzg2YjUxLWUyZGYtNGZkNi05YzliLWY1NjdjM2U5ZjVmZi8x
L1hrMDJ4NkNMZ18zZ0Z3T2w1cWY1YmVYeGt4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
Nzg2YjUxLWUyZGYtNGZkNi05YzliLWY1NjdjM2U5ZjVmZi8xL1RzT2dZc3VXMmFQ
eUdvc3RxRWo0SEc5enY1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmTsAMEArzRdDANBAIAAjAHAwUD
KgsfwDANBgkqhkiG9w0BAQsFAAOCAQEAUEEu5Ya5tPMji/FekIzxdBYvM2J7d/3C
z5ydvfq8000iYdO/WNvRLpMYGvWTOT156c/EfwoGkjYfBm3t29nBtULkxu+zvpz3
28zR7U9VcDmEnUM5I1MZyuq2xZnzFJ9tsicljTVMn7KlM9n8ghBTD43F9yXKX6i5
BrSfIDlFOqwfiIrir0DruDyuANYryVwP7E5lUeIwLak315uuS/7EJieYxjzM0cbV
MQhRPJ52OWx9X3DlCj63/ckX4BOCAGQRcWGECfSf3nvnvbcoGvSrhYp7xSkKVLvx
riXgeIyM108HXPAqmxN3H4x1UGt4X8gDxDG+8KbA6QDfgg8RpOkpPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org