Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SUKuzkOXUmYuhl6-Up7pYY_1FcE.roa
File:                     SUKuzkOXUmYuhl6-Up7pYY_1FcE.roa (raw, json)
Hash identifier:          as7IyA0LYdvPMUTL/GEu4uKLeZGaHqPANVw0UkU+z78=
Subject key identifier:   49:42:AE:CE:43:97:52:66:2E:86:5E:BE:52:9E:E9:61:8F:F5:15:C1
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0CC44933
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SUKuzkOXUmYuhl6-Up7pYY_1FcE.roa
Signing time:             Fri 06 May 2022 22:34:03 +0000
ROA not before:           Fri 06 May 2022 22:34:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          89.43.41.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.113.202.0/24 maxlen: 24
                          89.44.209.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.45.34.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.97.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          93.114.171.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          85.204.78.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214190387 (0xcc44933)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: May  6 22:34:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4942aece439752662e865ebe529ee9618ff515c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:2f:a9:c8:c4:85:0f:0d:02:ab:dc:d4:33:44:
                    67:c6:70:87:30:e8:b2:60:6d:81:6e:b8:bb:87:c5:
                    e3:f1:1b:6f:ae:46:a2:5e:f1:8f:e5:7d:11:c7:2a:
                    f8:23:7b:0b:6c:50:52:13:36:3b:e9:a2:be:e6:56:
                    1d:9f:bb:5a:48:35:82:c5:d9:ac:86:53:fb:aa:18:
                    5e:db:20:77:5c:12:b1:2b:49:84:7c:9e:79:e2:3f:
                    c4:00:11:ea:16:09:73:24:e2:75:24:1b:b3:46:6b:
                    84:e4:aa:4f:80:84:9e:4b:23:d7:45:4e:f0:b7:05:
                    de:5b:cf:1c:fe:9b:2a:12:4b:4c:6b:cc:75:62:61:
                    28:d6:9a:92:d0:2a:73:5d:52:2f:d2:10:8c:67:d0:
                    49:c6:96:e0:a9:10:49:50:e9:d1:b9:d3:29:a4:45:
                    6a:f3:a6:ae:e4:d1:29:07:0b:a5:e8:e8:aa:56:52:
                    fa:af:25:d3:e7:02:8c:af:29:03:1e:7a:40:df:1a:
                    57:d7:f1:25:59:71:96:de:f9:6f:61:05:5b:0f:6c:
                    cf:dc:23:89:c3:12:72:9b:b5:06:97:27:83:6f:e8:
                    79:bd:f0:7a:7f:68:47:36:b1:6f:09:84:66:7c:6d:
                    c6:b6:3c:87:ad:f2:9a:b0:dd:51:c4:99:07:cf:69:
                    33:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:42:AE:CE:43:97:52:66:2E:86:5E:BE:52:9E:E9:61:8F:F5:15:C1
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SUKuzkOXUmYuhl6-Up7pYY_1FcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.78.0/24
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  86.106.97.0/24
                  86.106.104.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/22
                  89.43.45.0-89.43.46.255
                  89.43.73.0/24
                  89.44.209.0/24
                  89.45.34.0/24
                  93.113.158.0/24
                  93.113.202.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.171.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:16:8b:b5:96:07:d6:ce:18:71:c7:36:e2:a1:b1:e5:f0:e7:
         ee:cc:b2:a4:09:0f:a7:8f:66:73:ca:9f:e2:cc:66:f7:83:ee:
         0d:31:c0:2e:62:93:21:62:02:2e:b4:2a:aa:4c:b7:ea:f7:b4:
         f2:ef:49:0f:80:e3:3f:4c:33:3f:8b:8c:90:00:d2:84:ed:ab:
         8f:ec:99:5d:eb:1d:60:30:70:ff:ba:39:52:2b:42:6e:18:d3:
         9b:2c:5c:64:0d:4b:17:ed:de:17:ca:54:6b:00:24:75:a5:d8:
         1a:7a:ca:05:4f:1c:4a:92:b5:a6:04:75:0d:18:d8:eb:eb:69:
         9a:30:8c:5c:ea:e1:f5:5b:68:51:25:60:74:75:7d:bd:69:27:
         bc:81:51:9d:23:ba:90:12:7c:3f:68:a5:8f:a7:6b:1b:6a:79:
         49:7c:eb:ff:3b:c8:d1:8b:c8:96:5a:cb:3a:f6:27:af:f7:fd:
         6c:38:bc:8c:98:43:5c:1d:36:bb:91:1a:5f:d3:df:00:4e:f5:
         43:43:5f:41:06:69:97:16:bf:58:51:16:24:bf:92:9d:9a:94:
         11:1c:83:7c:fa:1f:1a:a9:63:fc:ef:f2:37:af:9e:d0:b1:27:
         e6:4c:f3:bc:10:c6:a8:fe:f9:ce:3e:aa:b7:69:3f:fc:ca:39:
         fa:e8:ac:a0
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIEDMRJMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDUw
NjIyMzQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk0MmFlY2U0Mzk3
NTI2NjJlODY1ZWJlNTI5ZWU5NjE4ZmY1MTVjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPsvqcjEhQ8NAqvc1DNEZ8ZwhzDosmBtgW64u4fF4/Ebb65G
ol7xj+V9Eccq+CN7C2xQUhM2O+mivuZWHZ+7Wkg1gsXZrIZT+6oYXtsgd1wSsStJ
hHyeeeI/xAAR6hYJcyTidSQbs0ZrhOSqT4CEnksj10VO8LcF3lvPHP6bKhJLTGvM
dWJhKNaaktAqc11SL9IQjGfQScaW4KkQSVDp0bnTKaRFavOmruTRKQcLpejoqlZS
+q8l0+cCjK8pAx56QN8aV9fxJVlxlt75b2EFWw9sz9wjicMScpu1Bpcng2/oeb3w
en9oRzaxbwmEZnxtxrY8h63ymrDdUcSZB89pM4UCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBRJQq7OQ5dSZi6GXr5Snulhj/UVwTAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L1NVS3V6a09YVW1ZdWhsNi1VcDdwWVlfMUZjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xgYIKwYBBQUHAQcBAf8EgbYwgbMwgZ8EAgABMIGYAwQAVcxOAwQAVcx9AwQAVcx/
AwQAVmpQAwQAVmphAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSso
MAwDBABZKy0DBABZKy4DBABZK0kDBABZLNEDBABZLSIDBABdcZ4DBABdccoDBABd
cjcDBABdcmMDBABdcqsDBABdcrsDBAC81RIDBAG810gDBAC88A4wDwQCAAIwCQMH
ACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAWBaLtZYH1s4Yccc24qGx5fDn7syy
pAkPp49mc8qf4sxm94PuDTHALmKTIWICLrQqqky36ve08u9JD4DjP0wzP4uMkADS
hO2rj+yZXesdYDBw/7o5UitCbhjTmyxcZA1LF+3eF8pUawAkdaXYGnrKBU8cSpK1
pgR1DRjY6+tpmjCMXOrh9VtoUSVgdHV9vWknvIFRnSO6kBJ8P2ilj6drG2p5SXzr
/zvI0YvIllrLOvYnr/f9bDi8jJhDXB02u5EaX9PfAE71Q0NfQQZplxa/WFEWJL+S
nZqUERyDfPofGqlj/O/yN6+e0LEn5kzzvBDGqP75zj6qt2k//Mo5+uisoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org