Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TvDl4opcydBy6muh4VypuTA7ohY.roa
File:                     TvDl4opcydBy6muh4VypuTA7ohY.roa (raw, json)
Hash identifier:          BLiNVWHzq8Q8WUaFp6ODbDa9UTCNUH7/BGMFf10HqB4=
Subject key identifier:   4E:F0:E5:E2:8A:5C:C9:D0:72:EA:6B:A1:E1:5C:A9:B9:30:3B:A2:16
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0CC2AF1D
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TvDl4opcydBy6muh4VypuTA7ohY.roa
Signing time:             Fri 06 May 2022 21:57:05 +0000
ROA not before:           Fri 06 May 2022 21:57:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          89.43.41.0/24 maxlen: 24
                          89.43.45.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.113.202.0/24 maxlen: 24
                          89.44.209.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.45.34.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.97.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          93.114.171.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214085405 (0xcc2af1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: May  6 21:57:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ef0e5e28a5cc9d072ea6ba1e15ca9b9303ba216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:db:78:5f:a9:66:3e:cb:4b:8a:1d:72:bf:a3:
                    1d:f1:8b:fd:6a:58:6f:8c:20:cf:a9:48:76:ed:03:
                    aa:71:42:30:2f:06:32:70:42:69:96:ad:9a:56:f1:
                    f7:1e:b0:28:bc:41:c1:ff:a1:30:b1:0f:44:1d:a2:
                    98:84:52:6c:a3:3e:14:d7:d2:9a:94:1a:63:7c:8d:
                    e3:1f:38:f3:56:2f:74:2d:20:25:36:b3:09:4d:02:
                    30:9f:01:e8:74:fe:05:00:db:96:24:52:f6:6b:9b:
                    79:83:16:ea:bc:85:7a:63:24:6f:0d:97:78:f6:b1:
                    6e:62:c8:08:87:ab:1c:4d:ba:5a:f9:94:cf:41:a9:
                    54:b0:03:09:9b:19:7d:95:67:3a:1c:65:1a:ea:fe:
                    9d:c7:43:6e:c3:eb:63:0f:3c:c7:0a:0b:2e:ed:a5:
                    5d:ad:a7:d3:f9:fd:84:a5:68:7d:ed:ff:be:7d:03:
                    4a:77:ab:15:80:72:9c:5f:54:1c:0b:96:39:1c:e9:
                    cc:62:9a:a7:08:26:f9:33:21:f8:06:ac:40:11:1e:
                    3d:f4:99:9e:d4:e8:60:17:ba:dd:c2:23:67:7f:85:
                    9f:5e:fb:e6:c2:0f:ce:fa:28:a2:17:ba:55:3b:9b:
                    ec:1a:63:f7:6b:5f:a1:9e:c1:c6:27:62:c1:2d:2b:
                    47:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F0:E5:E2:8A:5C:C9:D0:72:EA:6B:A1:E1:5C:A9:B9:30:3B:A2:16
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TvDl4opcydBy6muh4VypuTA7ohY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  86.106.97.0/24
                  86.106.104.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/22
                  89.43.45.0-89.43.46.255
                  89.43.73.0/24
                  89.44.209.0/24
                  89.45.34.0/24
                  93.113.158.0/24
                  93.113.202.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.171.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:05:c2:8f:23:cc:02:1e:42:95:3e:89:c7:60:9f:f0:98:30:
         b0:be:4b:bb:bc:02:cc:25:1d:a9:11:cd:fa:a3:e2:fc:16:69:
         ae:b5:f7:e2:61:e7:36:ce:71:bf:8b:fa:6a:11:fc:41:e8:0e:
         77:43:5f:5b:a8:d4:ad:fc:69:13:25:22:c1:72:e6:29:73:94:
         f2:21:a5:8b:46:15:16:55:18:46:b0:c3:cf:e9:c5:ae:1a:5d:
         ea:f9:30:9d:c0:a4:3f:1d:4a:c9:e8:ab:28:e5:ed:c6:d4:2f:
         06:6e:f6:a9:6c:7e:4c:02:45:e1:84:b0:c2:c3:72:d2:43:0f:
         0c:ac:6d:d9:53:29:3e:61:e4:a9:a6:94:0e:5e:58:de:d8:51:
         2d:f7:50:6b:08:22:50:7f:c0:1e:d8:0d:17:d9:a0:53:76:86:
         51:4b:f7:a4:2d:f3:d0:b8:f0:7e:32:59:f5:c9:1e:f1:86:34:
         34:56:fa:d8:d3:ef:ba:8b:44:31:04:85:62:6f:90:ac:a0:d8:
         70:78:1c:4f:ab:b2:ef:c5:a8:69:12:a0:ec:df:69:a4:b4:aa:
         5c:5b:8c:90:64:28:34:ec:ed:84:12:e8:a8:3f:db:de:5c:82:
         e5:1b:61:0e:74:2e:bb:5c:f7:4c:ea:75:fa:b2:cd:4f:ca:8c:
         45:76:e3:13
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIEDMKvHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDUw
NjIxNTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVmMGU1ZTI4YTVj
YzlkMDcyZWE2YmExZTE1Y2E5YjkzMDNiYTIxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3beF+pZj7LS4odcr+jHfGL/WpYb4wgz6lIdu0DqnFCMC8G
MnBCaZatmlbx9x6wKLxBwf+hMLEPRB2imIRSbKM+FNfSmpQaY3yN4x8481YvdC0g
JTazCU0CMJ8B6HT+BQDbliRS9mubeYMW6ryFemMkbw2XePaxbmLICIerHE26WvmU
z0GpVLADCZsZfZVnOhxlGur+ncdDbsPrYw88xwoLLu2lXa2n0/n9hKVofe3/vn0D
SnerFYBynF9UHAuWORzpzGKapwgm+TMh+AasQBEePfSZntToYBe63cIjZ3+Fn177
5sIPzvooohe6VTub7Bpj92tfoZ7BxidiwS0rR/ECAwEAAaOCAqswggKnMB0GA1Ud
DgQWBBRO8OXiilzJ0HLqa6HhXKm5MDuiFjAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L1R2RGw0b3BjeWRCeTZtdWg0VnlwdVRBN29oWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wAYIKwYBBQUHAQcBAf8EgbAwga0wgZkEAgABMIGSAwQAVcx9AwQAVcx/AwQAVmpQ
AwQAVmphAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSsoMAwDBABZ
Ky0DBABZKy4DBABZK0kDBABZLNEDBABZLSIDBABdcZ4DBABdccoDBABdcjcDBABd
cmMDBABdcqsDBABdcrsDBAC81RIDBAG810gDBAC88A4wDwQCAAIwCQMHACoFtoAA
ATANBgkqhkiG9w0BAQsFAAOCAQEAAQXCjyPMAh5ClT6Jx2Cf8JgwsL5Lu7wCzCUd
qRHN+qPi/BZprrX34mHnNs5xv4v6ahH8QegOd0NfW6jUrfxpEyUiwXLmKXOU8iGl
i0YVFlUYRrDDz+nFrhpd6vkwncCkPx1KyeirKOXtxtQvBm72qWx+TAJF4YSwwsNy
0kMPDKxt2VMpPmHkqaaUDl5Y3thRLfdQawgiUH/AHtgNF9mgU3aGUUv3pC3z0Ljw
fjJZ9cke8YY0NFb62NPvuotEMQSFYm+QrKDYcHgcT6uy78WoaRKg7N9ppLSqXFuM
kGQoNOzthBLoqD/b3lyC5RthDnQuu1z3TOp1+rLNT8qMRXbjEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org