Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/DXRTfJRC3YKDVlZqYFTqoWj4DKc.roa
File:                     DXRTfJRC3YKDVlZqYFTqoWj4DKc.roa (raw, json)
Hash identifier:          hAU2eRi9ANmcYMLV3P0s1g68rt71ovOEnaqA8vsSR64=
Subject key identifier:   0D:74:53:7C:94:42:DD:82:83:56:56:6A:60:54:EA:A1:68:F8:0C:A7
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0183E5246C3368DFDDA5651B6AF7D120F67A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/DXRTfJRC3YKDVlZqYFTqoWj4DKc.roa
Signing time:             Mon 17 Oct 2022 08:51:52 +0000
ROA not before:           Mon 17 Oct 2022 08:51:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          89.43.41.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.113.202.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          93.114.171.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          85.204.78.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e5:24:6c:33:68:df:dd:a5:65:1b:6a:f7:d1:20:f6:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Oct 17 08:51:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d74537c9442dd828356566a6054eaa168f80ca7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c9:61:a8:14:8c:3c:65:23:69:6c:5d:f7:ba:
                    13:81:c7:de:6b:f7:10:a9:89:b3:11:f1:2f:08:98:
                    2a:bc:d6:56:fc:c1:f0:5d:65:0b:24:77:9d:1b:ac:
                    5e:a6:89:8a:42:df:94:6b:32:1b:30:4c:a5:b1:72:
                    43:df:ae:0c:e8:85:03:fe:7f:3b:c4:ef:eb:ba:8e:
                    7f:4d:49:cf:d4:93:42:c4:b7:f1:bf:db:46:7f:1a:
                    fd:4c:c3:b8:80:46:a2:41:9a:93:6e:b9:d6:d9:22:
                    93:55:86:51:f2:8f:0e:33:89:d2:88:56:21:b6:6f:
                    25:1b:1b:b9:73:18:78:53:94:55:6c:15:b3:8c:d4:
                    63:3c:e0:15:b0:c2:44:71:fe:53:2f:9d:94:c1:30:
                    3d:ce:d5:ad:4c:62:84:d1:41:3c:c8:07:7e:43:5a:
                    e1:ec:b8:2c:13:c7:59:9e:48:e2:17:51:e6:81:c0:
                    dc:25:45:db:68:eb:81:1e:1d:b8:07:70:78:c6:3b:
                    6d:e5:10:fc:32:5b:f3:23:82:ef:73:a0:a5:05:10:
                    e6:19:fd:66:ad:ab:e9:58:9f:93:3d:ba:bd:40:e7:
                    3f:db:73:11:0c:94:80:01:1c:cc:02:96:b6:9c:14:
                    a5:73:4e:c7:20:69:cb:45:5f:d9:01:39:20:b1:4d:
                    ff:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:74:53:7C:94:42:DD:82:83:56:56:6A:60:54:EA:A1:68:F8:0C:A7
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/DXRTfJRC3YKDVlZqYFTqoWj4DKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.78.0/24
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  86.106.104.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0-89.43.46.255
                  89.43.73.0/24
                  93.113.158.0/24
                  93.113.202.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.171.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         d1:96:5d:fe:e0:34:45:99:8f:7e:5c:f2:07:fa:d3:ff:70:b2:
         d1:97:45:b8:6c:97:5b:bc:84:a6:e6:9c:30:b8:b0:d4:00:45:
         25:fc:d6:4f:09:ec:5e:95:b9:73:61:77:fc:6c:3e:4b:35:ff:
         9f:60:67:d9:19:18:10:09:8f:11:dd:3e:10:21:2e:45:e1:28:
         97:3a:12:d3:4b:5a:1e:5a:23:ac:6d:ca:e0:47:ee:ac:96:ba:
         28:f3:4d:70:7f:66:41:fe:26:ab:aa:85:8d:98:98:c4:28:f5:
         b1:5b:fa:08:5f:46:f2:3d:e8:e5:7a:6b:f9:3e:2d:cd:2e:75:
         ae:e2:0b:3b:f0:d4:be:05:53:5e:3e:b8:ee:4c:b9:56:ea:47:
         46:77:c6:85:43:8f:d5:64:b2:14:fa:ea:8c:55:a0:90:5b:9f:
         03:49:30:74:d4:6a:72:07:85:d6:49:6e:3b:eb:ed:52:ab:56:
         55:af:72:3d:7f:1d:60:3d:47:2f:12:56:80:bc:4e:fd:02:b6:
         f6:b0:10:e3:99:b4:4f:ae:26:00:57:3d:0f:df:20:43:36:43:
         b2:80:77:32:85:1f:a6:be:2e:34:0d:1c:55:e4:64:40:c6:8a:
         c9:93:9d:06:f6:42:e2:78:e8:fc:b8:71:d7:65:c2:51:cc:70:
         56:e3:f4:b6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYPlJGwzaN/dpWUbavfRIPZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMDE3MDg1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc0NTM3Yzk0NDJkZDgyODM1NjU2NmE2MDU0ZWFhMTY4ZjgwY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8lhqBSMPGUjaWxd97oTgcfea/cQ
qYmzEfEvCJgqvNZW/MHwXWULJHedG6xepomKQt+UazIbMEylsXJD364M6IUD/n87
xO/ruo5/TUnP1JNCxLfxv9tGfxr9TMO4gEaiQZqTbrnW2SKTVYZR8o8OM4nSiFYh
tm8lGxu5cxh4U5RVbBWzjNRjPOAVsMJEcf5TL52UwTA9ztWtTGKE0UE8yAd+Q1rh
7LgsE8dZnkjiF1HmgcDcJUXbaOuBHh24B3B4xjtt5RD8MlvzI4Lvc6ClBRDmGf1m
ravpWJ+TPbq9QOc/23MRDJSAARzMApa2nBSlc07HIGnLRV/ZATkgsU3//QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFA10U3yUQt2Cg1ZWamBU6qFo+AynMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvRFhSVGZKUkMzWUtEVmxacVlGVHFvV2o0REtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAFXM
TgMEAFXMfQMEAFXMfwMEAFZqUAMEAFZqaAMEAFkhowMEA1kiCAMEAFkliAMEAFkn
/DAMAwQDWSsoAwQAWSsuAwQAWStJAwQAXXGeAwQAXXHKAwQAXXI3AwQAXXJjAwQA
XXKrAwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBANGWXf7gNEWZj35c8gf60/9wstGXRbhsl1u8hKbmnDC4sNQARSX8
1k8J7F6VuXNhd/xsPks1/59gZ9kZGBAJjxHdPhAhLkXhKJc6EtNLWh5aI6xtyuBH
7qyWuijzTXB/ZkH+JquqhY2YmMQo9bFb+ghfRvI96OV6a/k+Lc0uda7iCzvw1L4F
U14+uO5MuVbqR0Z3xoVDj9VkshT66oxVoJBbnwNJMHTUanIHhdZJbjvr7VKrVlWv
cj1/HWA9Ry8SVoC8Tv0CtvawEOOZtE+uJgBXPQ/fIEM2Q7KAdzKFH6a+LjQNHFXk
ZEDGismTnQb2QuJ46Py4cddlwlHMcFbj9LY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org