Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa
File:                     R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa (raw, json)
Hash identifier:          9rZH8hBbR2LIMFbU4OnM6Tas1bMvWDIxBdDGTGYWFdU=
Subject key identifier:   47:95:04:67:81:B2:D1:6B:D3:A9:E6:A1:61:B2:79:4A:82:CD:71:84
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       01838DE35243FEBDBFAEE90F47CAA63598B3
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa
Signing time:             Fri 30 Sep 2022 10:13:48 +0000
ROA not before:           Fri 30 Sep 2022 10:13:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202422
IP address blocks:        92.223.102.0/24 maxlen: 24
                          80.93.209.0/24 maxlen: 24
                          80.93.210.0/24 maxlen: 24
                          80.93.219.0/24 maxlen: 24
                          80.93.218.0/24 maxlen: 24
                          80.93.214.0/24 maxlen: 24
                          80.93.215.0/24 maxlen: 24
                          80.93.217.0/24 maxlen: 24
                          80.93.223.0/24 maxlen: 24
                          92.38.148.0/24 maxlen: 24
                          92.38.155.0/24 maxlen: 24
                          92.38.173.0/24 maxlen: 24
                          5.188.148.0/24 maxlen: 24
                          92.38.186.0/23 maxlen: 24
                          92.38.186.0/24 maxlen: 24
                          92.38.180.0/24 maxlen: 24
                          5.8.24.0/24 maxlen: 24
                          78.111.105.0/24 maxlen: 24
                          78.111.99.0/24 maxlen: 24
                          78.111.102.0/24 maxlen: 24
                          78.111.101.0/24 maxlen: 24
                          217.195.193.0/24 maxlen: 24
                          92.38.187.0/24 maxlen: 24
                          5.188.169.0/24 maxlen: 24
                          146.185.236.0/24 maxlen: 24
                          146.185.237.0/24 maxlen: 24
                          37.9.33.0/24 maxlen: 24
                          37.9.32.0/24 maxlen: 24
                          217.195.205.0/24 maxlen: 24
                          146.185.216.0/24 maxlen: 24
                          146.185.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:8d:e3:52:43:fe:bd:bf:ae:e9:0f:47:ca:a6:35:98:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Sep 30 10:13:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4795046781b2d16bd3a9e6a161b2794a82cd7184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:07:ac:84:61:ce:b7:0a:03:0c:27:49:c1:2c:
                    f1:ce:b5:f4:84:a0:f4:ec:d1:da:46:ee:48:90:f1:
                    fd:1c:33:37:7e:ea:93:81:9f:8a:d0:f5:2d:e7:e6:
                    56:b6:81:37:4a:05:9d:44:90:27:1c:3e:27:c8:a8:
                    4c:59:de:a5:ec:9c:d9:f4:0a:2f:6f:9d:83:06:dc:
                    32:b4:dd:73:5d:97:b5:b7:7f:d4:a8:9f:ac:10:43:
                    e6:d5:cf:61:1e:ff:39:34:99:d6:98:98:c0:39:cc:
                    9c:ce:f1:2a:13:e3:43:d4:2d:1a:04:32:f4:c4:fa:
                    0f:14:6d:79:e7:7a:f3:6f:84:14:2d:6c:e6:b4:f2:
                    17:e2:b1:2b:f5:d5:05:95:2a:5d:5a:1c:9f:3c:ef:
                    52:a4:94:89:0f:3e:6c:4f:21:6f:a4:eb:dc:8c:ab:
                    60:10:6e:ab:5a:d7:3d:3f:3b:fe:17:e6:46:a6:1e:
                    02:05:4b:46:75:d3:2e:ed:22:e5:24:2c:9f:3a:4f:
                    4a:85:32:5f:11:7f:83:85:a0:15:58:be:f9:d4:1b:
                    ac:73:d5:07:cf:61:ea:9f:59:41:a5:ca:3b:37:c6:
                    4c:87:2a:8e:c1:e8:f8:f4:bc:0b:ac:15:fd:80:f9:
                    da:77:65:96:c6:d3:d7:ec:ab:c2:71:df:dd:22:ed:
                    8b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:95:04:67:81:B2:D1:6B:D3:A9:E6:A1:61:B2:79:4A:82:CD:71:84
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/R5UEZ4Gy0WvTqeahYbJ5SoLNcYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.24.0/24
                  5.188.148.0/24
                  5.188.169.0/24
                  37.9.32.0/23
                  78.111.99.0/24
                  78.111.101.0-78.111.102.255
                  78.111.105.0/24
                  80.93.209.0-80.93.210.255
                  80.93.214.0/23
                  80.93.217.0-80.93.219.255
                  80.93.223.0/24
                  92.38.148.0/24
                  92.38.155.0/24
                  92.38.173.0/24
                  92.38.180.0/24
                  92.38.186.0/23
                  92.223.102.0/24
                  146.185.216.0/23
                  146.185.236.0/23
                  217.195.193.0/24
                  217.195.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:6f:fe:c6:16:5f:16:8c:76:9f:f7:38:ee:6a:b7:65:4c:6f:
         11:20:31:d3:bd:4c:0b:c6:86:fa:85:da:6e:e4:20:47:5b:b4:
         ae:1f:a9:59:38:16:1e:42:d2:fa:15:25:e8:d3:6b:99:83:07:
         2e:1e:ba:ce:63:cb:e8:df:ba:db:9d:65:b6:69:ee:18:c4:f7:
         cd:d3:70:93:cd:40:2c:fe:7c:26:b0:3a:08:0d:20:fd:f5:d9:
         d1:32:6a:73:fa:73:55:e2:11:0d:74:21:80:e3:0a:52:c9:3c:
         fd:b7:61:e5:55:31:81:73:fb:a0:24:da:3a:20:af:f4:7b:0e:
         be:b9:2e:ef:34:2d:5a:cf:69:10:cb:7c:4b:37:30:65:54:96:
         ab:3d:f7:66:0a:11:c9:11:b8:0c:ae:85:5f:72:a3:85:70:bc:
         0f:f6:e5:ad:bb:ab:6f:7d:69:a7:43:be:77:6f:de:ad:13:0f:
         19:04:00:ee:66:4d:21:28:a4:74:01:7e:a5:6e:51:90:9c:2c:
         7b:7a:26:19:2e:9a:84:42:e7:a3:37:f0:c7:bb:0f:df:42:c4:
         28:32:38:1d:c8:ed:e5:ec:3b:07:b7:a4:7f:6a:99:d1:00:cc:
         b4:4f:f6:90:44:c5:8b:67:6d:44:ae:21:16:b0:bf:c9:c7:28:
         1c:a5:bd:92
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYON41JD/r2/rukPR8qmNZizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjIwOTMwMTAxMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk1MDQ2NzgxYjJkMTZiZDNhOWU2YTE2MWIyNzk0YTgyY2Q3MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QeshGHOtwoDDCdJwSzxzrX0hKD0
7NHaRu5IkPH9HDM3fuqTgZ+K0PUt5+ZWtoE3SgWdRJAnHD4nyKhMWd6l7JzZ9Aov
b52DBtwytN1zXZe1t3/UqJ+sEEPm1c9hHv85NJnWmJjAOcyczvEqE+ND1C0aBDL0
xPoPFG1553rzb4QULWzmtPIX4rEr9dUFlSpdWhyfPO9SpJSJDz5sTyFvpOvcjKtg
EG6rWtc9Pzv+F+ZGph4CBUtGddMu7SLlJCyfOk9KhTJfEX+DhaAVWL751Busc9UH
z2Hqn1lBpco7N8ZMhyqOwej49LwLrBX9gPnad2WWxtPX7KvCcd/dIu2LWQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFEeVBGeBstFr06nmoWGyeUqCzXGEMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvUjVVRVo0R3kwV3ZUcWVhaFliSjVTb0xOY1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAF
CBgDBAAFvJQDBAAFvKkDBAElCSADBABOb2MwDAMEAE5vZQMEAE5vZgMEAE5vaTAM
AwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkDBAJQXdgDBABQXd8DBABcJpQDBABc
JpsDBABcJq0DBABcJrQDBAFcJroDBABc32YDBAGSudgDBAGSuewDBADZw8EDBADZ
w80wDQYJKoZIhvcNAQELBQADggEBAGZv/sYWXxaMdp/3OO5qt2VMbxEgMdO9TAvG
hvqF2m7kIEdbtK4fqVk4Fh5C0voVJejTa5mDBy4eus5jy+jfutudZbZp7hjE983T
cJPNQCz+fCawOggNIP312dEyanP6c1XiEQ10IYDjClLJPP23YeVVMYFz+6Ak2jog
r/R7Dr65Lu80LVrPaRDLfEs3MGVUlqs992YKEckRuAyuhV9yo4VwvA/25a27q299
aadDvndv3q0TDxkEAO5mTSEopHQBfqVuUZCcLHt6JhkumoRC56M38Me7D99CxCgy
OB3I7eXsOwe3pH9qmdEAzLRP9pBExYtnbUSuIRawv8nHKBylvZI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:34 2024 by rpki-client on console-fra.rpki-client.org