Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/816948-8312-4619-88ab-9f67ff6afd50/1/uw47YTs_nzbCRzaniOoJql1Id50.roa
File:                     uw47YTs_nzbCRzaniOoJql1Id50.roa (raw, json)
Hash identifier:          PQh0vMqL9OrXLhPf7ymcYfMw0N5qaqrwLV5PNCTCbds=
Subject key identifier:   BB:0E:3B:61:3B:3F:9F:36:C2:47:36:A7:88:EA:09:AA:5D:48:77:9D
Certificate issuer:       /CN=5bdc41674d65d2af9174b1abace0b371362b4851
Certificate serial:       0182879148E44F6C8CAEE1853F8F0AA563C7
Authority key identifier: 5B:DC:41:67:4D:65:D2:AF:91:74:B1:AB:AC:E0:B3:71:36:2B:48:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W9xBZ01l0q-RdLGrrOCzcTYrSFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/816948-8312-4619-88ab-9f67ff6afd50/1/uw47YTs_nzbCRzaniOoJql1Id50.roa
Signing time:             Wed 10 Aug 2022 11:43:41 +0000
ROA not before:           Wed 10 Aug 2022 11:43:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56476
IP address blocks:        31.42.192.0/24 maxlen: 24
                          31.42.192.0/19 maxlen: 19
                          31.42.194.0/24 maxlen: 24
                          31.42.195.0/24 maxlen: 24
                          31.42.193.0/24 maxlen: 24
                          31.42.198.0/24 maxlen: 24
                          31.42.199.0/24 maxlen: 24
                          31.42.196.0/24 maxlen: 24
                          31.42.197.0/24 maxlen: 24
                          31.42.201.0/24 maxlen: 24
                          31.42.202.0/24 maxlen: 24
                          31.42.200.0/24 maxlen: 24
                          31.42.205.0/24 maxlen: 24
                          31.42.206.0/24 maxlen: 24
                          31.42.203.0/24 maxlen: 24
                          31.42.204.0/24 maxlen: 24
                          31.42.208.0/24 maxlen: 24
                          31.42.209.0/24 maxlen: 24
                          31.42.207.0/24 maxlen: 24
                          31.42.212.0/24 maxlen: 24
                          31.42.213.0/24 maxlen: 24
                          31.42.210.0/24 maxlen: 24
                          31.42.211.0/24 maxlen: 24
                          31.42.215.0/24 maxlen: 24
                          31.42.216.0/24 maxlen: 24
                          31.42.214.0/24 maxlen: 24
                          31.42.219.0/24 maxlen: 24
                          31.42.217.0/24 maxlen: 24
                          31.42.218.0/24 maxlen: 24
                          31.42.223.0/24 maxlen: 24
                          31.42.220.0/24 maxlen: 24
                          31.42.221.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:87:91:48:e4:4f:6c:8c:ae:e1:85:3f:8f:0a:a5:63:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bdc41674d65d2af9174b1abace0b371362b4851
        Validity
            Not Before: Aug 10 11:43:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb0e3b613b3f9f36c24736a788ea09aa5d48779d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c6:ed:49:bf:be:06:40:94:8b:de:a5:44:d1:
                    73:14:b0:04:d9:c9:b0:d7:30:b3:96:1e:4c:96:85:
                    40:89:63:a4:aa:e2:96:71:01:11:81:51:ae:9b:35:
                    ca:9c:d0:84:b6:65:52:3d:d1:35:ea:67:1b:66:b8:
                    ea:1b:7d:01:95:8a:80:ba:5c:8b:53:30:f1:f3:5e:
                    ce:7d:10:79:84:9f:18:e9:a2:e7:03:7b:50:7f:d9:
                    0d:5d:54:84:ab:e1:e4:1c:5f:da:b3:6b:4f:e7:ac:
                    fd:9c:70:17:de:9a:a4:f8:bd:88:28:65:98:be:90:
                    ba:51:9c:55:aa:e2:71:e8:fc:27:24:b2:af:bf:f0:
                    3f:d1:47:8c:b3:50:ba:6c:6a:16:0a:70:c2:f3:09:
                    0e:68:c9:82:1f:90:c4:02:88:d1:32:26:8f:61:0d:
                    b2:07:d8:58:f4:79:7b:20:a7:94:ad:9d:1d:90:05:
                    6b:95:59:e9:af:b6:5f:00:71:c5:ad:35:cc:4c:76:
                    53:d5:9a:ca:df:c0:8d:74:36:2b:7c:3e:a0:10:cc:
                    66:14:a4:56:c3:21:47:d9:59:83:65:78:eb:23:7c:
                    31:a4:55:f8:1d:5f:7e:70:c8:76:ec:97:5b:7d:8d:
                    72:3c:ef:f7:15:d7:5f:d1:51:5f:d2:bc:3c:5a:ad:
                    f0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0E:3B:61:3B:3F:9F:36:C2:47:36:A7:88:EA:09:AA:5D:48:77:9D
            X509v3 Authority Key Identifier:
                keyid:5B:DC:41:67:4D:65:D2:AF:91:74:B1:AB:AC:E0:B3:71:36:2B:48:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9xBZ01l0q-RdLGrrOCzcTYrSFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/816948-8312-4619-88ab-9f67ff6afd50/1/uw47YTs_nzbCRzaniOoJql1Id50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/816948-8312-4619-88ab-9f67ff6afd50/1/W9xBZ01l0q-RdLGrrOCzcTYrSFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         59:f6:e9:3f:1e:58:58:7e:83:80:46:71:0f:df:7f:75:dc:f3:
         36:a3:f2:9f:0a:1c:32:f8:70:1b:31:03:6a:71:f3:cc:94:b7:
         a8:6a:cb:4f:68:f7:bb:67:00:4f:8f:de:ea:4e:95:e3:41:94:
         46:81:ba:78:b9:dd:fe:ce:7c:3c:07:e6:23:12:a4:42:61:f7:
         c4:e0:d7:6a:d7:b9:e8:07:c7:e3:69:7f:31:35:dc:46:79:a9:
         de:84:bf:da:45:9d:90:b5:0b:12:d7:82:a4:91:6b:69:4d:e9:
         a9:96:0f:c5:0a:7d:05:e7:bb:80:48:b9:10:81:c0:f5:d0:65:
         59:00:71:c5:96:9c:3c:aa:38:d7:13:ad:0b:10:df:93:8c:7e:
         ee:3e:38:cc:96:41:91:74:22:56:95:31:83:e8:0c:bf:de:1c:
         0d:b2:eb:3f:63:bf:cd:27:97:c9:9a:29:b7:6b:9d:ba:17:03:
         6e:c9:f0:79:e4:4b:19:6e:6b:b0:48:d7:30:82:32:7b:f5:70:
         45:36:a4:76:12:de:ad:04:13:9e:0d:bb:06:8c:4d:d7:9d:ee:
         20:a1:4f:bd:79:84:be:20:ed:8e:63:8b:c6:97:5a:2a:59:2b:
         36:a8:65:60:7d:e4:10:33:88:c5:ef:82:ba:24:e4:61:fe:2b:
         fa:a8:21:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKHkUjkT2yMruGFP48KpWPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZGM0MTY3NGQ2NWQyYWY5MTc0YjFhYmFjZTBiMzcxMzYy
YjQ4NTEwHhcNMjIwODEwMTE0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBlM2I2MTNiM2Y5ZjM2YzI0NzM2YTc4OGVhMDlhYTVkNDg3NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcbtSb++BkCUi96lRNFzFLAE2cmw
1zCzlh5MloVAiWOkquKWcQERgVGumzXKnNCEtmVSPdE16mcbZrjqG30BlYqAulyL
UzDx817OfRB5hJ8Y6aLnA3tQf9kNXVSEq+HkHF/as2tP56z9nHAX3pqk+L2IKGWY
vpC6UZxVquJx6PwnJLKvv/A/0UeMs1C6bGoWCnDC8wkOaMmCH5DEAojRMiaPYQ2y
B9hY9Hl7IKeUrZ0dkAVrlVnpr7ZfAHHFrTXMTHZT1ZrK38CNdDYrfD6gEMxmFKRW
wyFH2VmDZXjrI3wxpFX4HV9+cMh27JdbfY1yPO/3Fddf0VFf0rw8Wq3wzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLsOO2E7P582wkc2p4jqCapdSHedMB8GA1UdIwQY
MBaAFFvcQWdNZdKvkXSxq6zgs3E2K0hRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzl4QlowMWwwcS1SZExHcnJPQ3pjVFlyU0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84MTY5NDgtODMxMi00NjE5LTg4YWIt
OWY2N2ZmNmFmZDUwLzEvdXc0N1lUc19uemJDUnphbmlPb0pxbDFJZDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84MTY5NDgtODMxMi00NjE5LTg4YWItOWY2N2ZmNmFmZDUw
LzEvVzl4QlowMWwwcS1SZExHcnJPQ3pjVFlyU0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFHyrAMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ9uk/HlhYfoOARnEP33913PM2o/KfChwy+HAbMQNq
cfPMlLeoastPaPe7ZwBPj97qTpXjQZRGgbp4ud3+znw8B+YjEqRCYffE4Ndq17no
B8fjaX8xNdxGeanehL/aRZ2QtQsS14KkkWtpTemplg/FCn0F57uASLkQgcD10GVZ
AHHFlpw8qjjXE60LEN+TjH7uPjjMlkGRdCJWlTGD6Ay/3hwNsus/Y7/NJ5fJmim3
a526FwNuyfB55EsZbmuwSNcwgjJ79XBFNqR2Et6tBBOeDbsGjE3Xne4goU+9eYS+
IO2OY4vGl1oqWSs2qGVgfeQQM4jF74K6JORh/iv6qCGQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:09 2024 by rpki-client on console-ams.rpki-client.org