Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/aUtgn7F2-fh4CEm93Gg8LJdzURc.roa
File:                     aUtgn7F2-fh4CEm93Gg8LJdzURc.roa (raw, json)
Hash identifier:          DHRiTTaS8vrOBZhwJ5fza/wTbFt+x6hM/ESvZK5CAQA=
Subject key identifier:   69:4B:60:9F:B1:76:F9:F8:78:08:49:BD:DC:68:3C:2C:97:73:51:17
Certificate issuer:       /CN=81eee17fdbcb09dbbceef663c6157b5fe3081ff4
Certificate serial:       349DD57C
Authority key identifier: 81:EE:E1:7F:DB:CB:09:DB:BC:EE:F6:63:C6:15:7B:5F:E3:08:1F:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ge7hf9vLCdu87vZjxhV7X-MIH_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/aUtgn7F2-fh4CEm93Gg8LJdzURc.roa
Signing time:             Sat 01 Jan 2022 00:50:58 +0000
ROA not before:           Sat 01 Jan 2022 00:50:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197965
IP address blocks:        185.176.17.0/24 maxlen: 24
                          185.176.16.0/24 maxlen: 24
                          185.176.16.0/22 maxlen: 22
                          185.176.19.0/24 maxlen: 24
                          185.176.18.0/24 maxlen: 24
                          93.180.74.0/24 maxlen: 24
                          93.180.73.0/24 maxlen: 24
                          93.180.72.0/24 maxlen: 24
                          93.180.78.0/24 maxlen: 24
                          93.180.72.0/21 maxlen: 21
                          93.180.77.0/24 maxlen: 24
                          93.180.76.0/24 maxlen: 24
                          93.180.75.0/24 maxlen: 24
                          93.180.79.0/24 maxlen: 24
                          2a00:4c40::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882759036 (0x349dd57c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81eee17fdbcb09dbbceef663c6157b5fe3081ff4
        Validity
            Not Before: Jan  1 00:50:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=694b609fb176f9f8780849bddc683c2c97735117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:77:9a:6b:de:5e:a4:8c:66:4c:38:7a:d7:7a:
                    18:25:e8:57:05:f3:80:22:aa:b1:ea:c3:97:6c:5a:
                    56:2b:67:ed:dc:a7:86:ec:d8:f2:92:1d:b5:39:90:
                    df:c3:d9:85:dc:56:1e:91:2f:1a:51:3b:6a:d6:88:
                    f1:8b:a7:48:39:c5:cc:e1:6d:80:14:f3:fe:d2:54:
                    05:89:c7:1e:df:5c:58:06:8c:01:0c:84:37:df:c6:
                    1a:7d:3b:82:46:2b:f6:46:c7:bc:15:88:58:87:4a:
                    6a:8d:cb:8c:27:a1:1b:bf:a3:a4:63:18:f0:47:56:
                    b6:ee:3d:10:ef:51:37:28:ef:9f:d6:c8:cc:e2:30:
                    da:1a:af:4a:54:3a:8f:5f:6a:e1:74:18:ec:f6:f2:
                    50:89:10:3e:13:95:1e:89:8f:24:07:c9:4c:ef:09:
                    6f:84:ea:ab:ab:68:19:9a:27:1a:4d:cb:91:52:78:
                    30:ba:e3:32:bc:98:76:0c:25:54:41:8b:6d:0d:47:
                    ca:00:a7:be:b0:05:38:8c:71:9a:a0:3e:52:10:01:
                    89:ca:f4:87:9a:40:70:a4:cc:b0:9a:ef:2c:34:99:
                    24:ca:c8:1e:52:46:3c:05:70:1f:e2:7d:aa:42:f9:
                    d9:11:d9:a4:78:33:a2:8d:30:03:1e:0f:79:95:ef:
                    b6:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4B:60:9F:B1:76:F9:F8:78:08:49:BD:DC:68:3C:2C:97:73:51:17
            X509v3 Authority Key Identifier:
                keyid:81:EE:E1:7F:DB:CB:09:DB:BC:EE:F6:63:C6:15:7B:5F:E3:08:1F:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7hf9vLCdu87vZjxhV7X-MIH_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/aUtgn7F2-fh4CEm93Gg8LJdzURc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/650a6b-4826-4c1e-a972-48ad14ba7498/1/ge7hf9vLCdu87vZjxhV7X-MIH_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.180.72.0/21
                  185.176.16.0/22
                IPv6:
                  2a00:4c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:75:18:14:5d:84:d1:07:e6:a1:de:a0:91:74:12:4a:e1:d1:
         d1:7d:60:4c:a1:6f:13:4d:5f:42:20:41:c7:0a:06:aa:50:a8:
         66:04:99:55:98:52:87:f5:02:f3:0f:87:a0:c5:de:8f:71:1f:
         92:85:19:10:06:cd:aa:4d:0b:bf:f5:5b:81:87:5c:a4:17:82:
         c8:f1:a0:6c:90:05:ba:09:87:d5:39:df:8c:b3:db:f1:04:2c:
         30:44:f9:15:36:ee:ec:f5:1a:95:4d:9f:8b:55:e4:9a:b1:61:
         29:6e:d3:97:85:d5:86:e1:97:2f:a5:f6:0b:2e:6e:78:32:de:
         1b:58:1c:cd:66:7d:f2:db:1b:e1:2c:f9:a9:9a:3e:f8:54:73:
         19:7b:7e:ef:1e:9c:c9:11:3a:46:96:40:2f:cf:8a:f1:88:37:
         f3:bb:f8:ec:a8:45:bc:d7:5d:cb:b8:40:a9:70:7c:cb:cb:35:
         95:21:38:ff:47:89:23:ff:d3:f8:f0:fe:89:39:24:91:32:3d:
         bd:c6:44:37:61:cb:26:7d:20:b4:e4:e6:48:11:dc:fe:37:57:
         2c:0d:f7:b1:dd:51:6b:79:18:5f:d4:cb:62:c6:bc:9e:0a:0d:
         17:6d:cc:fe:a2:aa:c0:5e:0b:22:b3:b8:a1:50:dc:48:55:ce:
         a7:b9:31:cb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENJ3VfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZTE3ZmRiY2IwOWRiYmNlZWY2NjNjNjE1N2I1ZmUzMDgxZmY0MB4XDTIyMDEw
MTAwNTA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk0YjYwOWZiMTc2
ZjlmODc4MDg0OWJkZGM2ODNjMmM5NzczNTExNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZ3mmveXqSMZkw4etd6GCXoVwXzgCKqserDl2xaVitn7dyn
huzY8pIdtTmQ38PZhdxWHpEvGlE7ataI8YunSDnFzOFtgBTz/tJUBYnHHt9cWAaM
AQyEN9/GGn07gkYr9kbHvBWIWIdKao3LjCehG7+jpGMY8EdWtu49EO9RNyjvn9bI
zOIw2hqvSlQ6j19q4XQY7PbyUIkQPhOVHomPJAfJTO8Jb4Tqq6toGZonGk3LkVJ4
MLrjMryYdgwlVEGLbQ1HygCnvrAFOIxxmqA+UhABicr0h5pAcKTMsJrvLDSZJMrI
HlJGPAVwH+J9qkL52RHZpHgzoo0wAx4PeZXvtuECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRpS2CfsXb5+HgISb3caDwsl3NRFzAfBgNVHSMEGDAWgBSB7uF/28sJ27zu
9mPGFXtf4wgf9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN2hmOXZMQ2R1ODd2Wmp4aFY3WC1NSUhfUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNjUwYTZiLTQ4MjYtNGMxZS1hOTcyLTQ4YWQxNGJhNzQ5OC8x
L2FVdGduN0YyLWZoNENFbTkzR2c4TEpkelVSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NjUwYTZiLTQ4MjYtNGMxZS1hOTcyLTQ4YWQxNGJhNzQ5OC8xL2dlN2hmOXZMQ2R1
ODd2Wmp4aFY3WC1NSUhfUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA120SAMEArmwEDANBAIAAjAHAwUA
KgBMQDANBgkqhkiG9w0BAQsFAAOCAQEArXUYFF2E0Qfmod6gkXQSSuHR0X1gTKFv
E01fQiBBxwoGqlCoZgSZVZhSh/UC8w+HoMXej3EfkoUZEAbNqk0Lv/VbgYdcpBeC
yPGgbJAFugmH1TnfjLPb8QQsMET5FTbu7PUalU2fi1XkmrFhKW7Tl4XVhuGXL6X2
Cy5ueDLeG1gczWZ98tsb4Sz5qZo++FRzGXt+7x6cyRE6RpZAL8+K8Yg387v47KhF
vNddy7hAqXB8y8s1lSE4/0eJI//T+PD+iTkkkTI9vcZEN2HLJn0gtOTmSBHc/jdX
LA33sd1Ra3kYX9TLYsa8ngoNF23M/qKqwF4LIrO4oVDcSFXOp7kxyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:42 2024 by rpki-client on console-fra.rpki-client.org