Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/V7Ip70vVtNiyqvmJfcWvB117FN8.roa
File:                     V7Ip70vVtNiyqvmJfcWvB117FN8.roa (raw, json)
Hash identifier:          uWl2FQRRkzKuVwNgiB5QQeTVrimE5qlxPe1keoOIUwU=
Subject key identifier:   57:B2:29:EF:4B:D5:B4:D8:B2:AA:F9:89:7D:C5:AF:07:5D:7B:14:DF
Certificate issuer:       /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial:       018210B36AF9DEAC24B6E14674E25CCA8033
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/V7Ip70vVtNiyqvmJfcWvB117FN8.roa
Signing time:             Mon 18 Jul 2022 09:46:09 +0000
ROA not before:           Mon 18 Jul 2022 09:46:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202087
IP address blocks:        185.83.148.0/23 maxlen: 23
                          185.83.150.0/23 maxlen: 23
                          94.26.95.0/24 maxlen: 24
                          94.26.98.0/23 maxlen: 23
                          94.26.97.0/24 maxlen: 24
                          94.26.93.0/24 maxlen: 24
                          94.26.101.0/24 maxlen: 24
                          94.26.103.0/24 maxlen: 24
                          94.26.109.0/24 maxlen: 24
                          104.255.128.0/21 maxlen: 21
                          192.190.168.0/22 maxlen: 22
                          185.75.80.0/22 maxlen: 22
                          185.49.216.0/22 maxlen: 22
                          153.94.56.0/21 maxlen: 21
                          185.94.78.0/23 maxlen: 23
                          185.94.76.0/23 maxlen: 23
                          94.190.197.0/24 maxlen: 24
                          94.190.196.0/22 maxlen: 22
                          94.190.196.0/24 maxlen: 24
                          94.190.199.0/24 maxlen: 24
                          94.190.198.0/24 maxlen: 24
                          45.94.8.0/22 maxlen: 22
                          45.89.212.0/22 maxlen: 22
                          185.9.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:10:b3:6a:f9:de:ac:24:b6:e1:46:74:e2:5c:ca:80:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
        Validity
            Not Before: Jul 18 09:46:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=57b229ef4bd5b4d8b2aaf9897dc5af075d7b14df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:23:ae:03:a1:62:37:9d:c4:9d:d2:ac:07:89:
                    27:b1:34:85:53:6e:ca:fa:31:a4:e5:17:9d:e6:1a:
                    48:dc:0d:45:f2:d5:fe:57:e5:4f:22:7b:4e:91:eb:
                    b4:a9:32:40:f4:b6:4c:0e:d0:37:f8:4a:99:57:8e:
                    0c:12:47:cc:53:4b:f2:94:fa:b8:7f:98:ad:8b:17:
                    3a:86:a7:a9:2a:a2:21:ce:a6:38:64:31:d1:30:67:
                    9e:40:ba:48:e3:8a:29:35:99:06:ad:74:5a:b3:78:
                    8c:52:d7:06:ae:ea:c2:8b:ef:42:7d:43:f5:cc:6a:
                    50:10:00:fb:2f:a4:f9:18:0e:d0:fe:39:05:96:c8:
                    0a:85:f4:5c:7e:22:8f:07:f0:68:b0:84:24:ff:64:
                    01:1c:22:27:44:7f:ec:fe:eb:87:f2:65:83:72:9d:
                    bd:0a:c0:55:90:cd:8d:36:f6:32:ae:4b:92:80:67:
                    9f:d9:4e:81:31:c7:17:a0:99:c7:dd:0f:db:0a:4b:
                    7c:e7:a0:b0:e1:e3:ac:0e:b9:4f:db:a0:39:78:bf:
                    fd:e1:63:5c:14:e0:f1:52:a4:b7:16:90:dc:f9:29:
                    1d:7c:25:af:c0:16:46:cd:8d:b9:bd:59:93:76:87:
                    ee:c6:29:3b:d5:2f:a3:36:45:64:c3:3b:1e:01:89:
                    87:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:B2:29:EF:4B:D5:B4:D8:B2:AA:F9:89:7D:C5:AF:07:5D:7B:14:DF
            X509v3 Authority Key Identifier:
                keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/V7Ip70vVtNiyqvmJfcWvB117FN8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.212.0/22
                  45.94.8.0/22
                  94.26.93.0/24
                  94.26.95.0/24
                  94.26.97.0-94.26.99.255
                  94.26.101.0/24
                  94.26.103.0/24
                  94.26.109.0/24
                  94.190.196.0/22
                  104.255.128.0/21
                  153.94.56.0/21
                  185.9.212.0/22
                  185.49.216.0/22
                  185.75.80.0/22
                  185.83.148.0/22
                  185.94.76.0/22
                  192.190.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:ad:76:d9:b4:e0:a9:cf:b3:40:bd:07:07:5e:98:71:1e:92:
         81:b0:78:a4:7f:0a:97:7a:20:cc:d7:55:19:0e:2e:4a:c2:f1:
         6c:65:8c:8d:dd:15:72:6a:f7:b4:07:14:6a:8c:56:28:f5:e4:
         6e:7b:ea:df:98:6e:b4:84:12:d1:83:49:23:cb:08:af:39:29:
         98:27:f3:8f:b1:0f:7e:87:8f:b2:ec:75:b7:31:2f:b0:64:57:
         14:eb:3a:1a:20:d1:62:4d:cf:9e:9f:21:65:58:50:d3:c3:5d:
         52:69:5b:47:b4:18:3e:5c:a4:3c:8b:18:47:98:26:e1:e8:24:
         05:e6:ed:27:dc:c8:46:7a:68:d0:0d:53:06:b7:f7:bd:f1:66:
         a5:b9:29:2a:b5:85:fa:37:02:c3:ca:69:e0:11:9b:0a:77:68:
         2c:e7:74:7a:6d:90:5a:42:1f:cb:b3:88:44:f7:ba:f7:05:89:
         43:de:c8:66:1f:b0:4f:3a:aa:b7:e8:98:13:24:bc:a4:8c:c7:
         2f:4a:75:aa:a4:f7:80:86:be:a5:30:80:ec:9d:ed:03:9b:aa:
         ef:72:cc:a7:d3:75:a4:bc:5b:3d:e0:ae:b0:41:d7:fa:92:1c:
         50:96:19:51:6a:74:11:1b:27:6c:57:11:f0:b0:e9:9f:50:9d:
         52:2a:bd:55
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYIQs2r53qwktuFGdOJcyoAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjIwNzE4MDk0NjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2IyMjllZjRiZDViNGQ4YjJhYWY5ODk3ZGM1YWYwNzVkN2IxNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiOuA6FiN53EndKsB4knsTSFU27K
+jGk5Red5hpI3A1F8tX+V+VPIntOkeu0qTJA9LZMDtA3+EqZV44MEkfMU0vylPq4
f5itixc6hqepKqIhzqY4ZDHRMGeeQLpI44opNZkGrXRas3iMUtcGrurCi+9CfUP1
zGpQEAD7L6T5GA7Q/jkFlsgKhfRcfiKPB/BosIQk/2QBHCInRH/s/uuH8mWDcp29
CsBVkM2NNvYyrkuSgGef2U6BMccXoJnH3Q/bCkt856Cw4eOsDrlP26A5eL/94WNc
FODxUqS3FpDc+SkdfCWvwBZGzY25vVmTdofuxik71S+jNkVkwzseAYmHPwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFFeyKe9L1bTYsqr5iX3FrwddexTfMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvVjdJcDcwdlZ0Tml5cXZtSmZjV3ZCMTE3Rk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAi1Z1AME
Ai1eCAMEAF4aXQMEAF4aXzAMAwQAXhphAwQCXhpgAwQAXhplAwQAXhpnAwQAXhpt
AwQCXr7EAwQDaP+AAwQDmV44AwQCuQnUAwQCuTHYAwQCuUtQAwQCuVOUAwQCuV5M
AwQCwL6oMA0GCSqGSIb3DQEBCwUAA4IBAQBBrXbZtOCpz7NAvQcHXphxHpKBsHik
fwqXeiDM11UZDi5KwvFsZYyN3RVyave0BxRqjFYo9eRue+rfmG60hBLRg0kjywiv
OSmYJ/OPsQ9+h4+y7HW3MS+wZFcU6zoaINFiTc+enyFlWFDTw11SaVtHtBg+XKQ8
ixhHmCbh6CQF5u0n3MhGemjQDVMGt/e98WaluSkqtYX6NwLDymngEZsKd2gs53R6
bZBaQh/Ls4hE97r3BYlD3shmH7BPOqq36JgTJLykjMcvSnWqpPeAhr6lMIDsne0D
m6rvcsyn03WkvFs94K6wQdf6khxQlhlRanQRGydsVxHwsOmfUJ1SKr1V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:00 2024 by rpki-client on console-fra.rpki-client.org