Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/dBzs98Jy0VUseTsWc1K068sczPw.roa
File:                     dBzs98Jy0VUseTsWc1K068sczPw.roa (raw, json)
Hash identifier:          Yt+DyO1SLOnegc8KMazynRl+RkejkBHOKu9ms5BTV48=
Subject key identifier:   74:1C:EC:F7:C2:72:D1:55:2C:79:3B:16:73:52:B4:EB:CB:1C:CC:FC
Certificate issuer:       /CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Certificate serial:       01F81014
Authority key identifier: 55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/dBzs98Jy0VUseTsWc1K068sczPw.roa
Signing time:             Sat 01 Jan 2022 05:05:42 +0000
ROA not before:           Sat 01 Jan 2022 05:05:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49318
IP address blocks:        188.93.176.0/21 maxlen: 21
                          46.28.250.0/24 maxlen: 24
                          46.28.249.0/24 maxlen: 24
                          46.28.252.0/24 maxlen: 24
                          46.28.251.0/24 maxlen: 24
                          46.28.253.0/24 maxlen: 24
                          46.28.248.0/24 maxlen: 24
                          46.28.254.0/24 maxlen: 24
                          46.28.255.0/24 maxlen: 24
                          194.110.124.0/24 maxlen: 24
                          194.110.131.0/24 maxlen: 24
                          194.110.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33034260 (0x1f81014)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
        Validity
            Not Before: Jan  1 05:05:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=741cecf7c272d1552c793b167352b4ebcb1cccfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:44:c5:09:13:87:03:b0:07:ed:9a:ba:52:c3:
                    6c:f2:02:7d:29:b9:15:c4:b9:0e:aa:4c:71:ed:09:
                    d8:a1:58:cf:f5:a7:b3:e9:da:06:b1:dd:5d:09:0f:
                    77:85:1a:8c:ba:c1:e6:75:39:00:d5:16:f9:db:33:
                    39:76:af:6b:17:3c:95:85:ef:06:da:02:99:7f:a7:
                    2a:37:e9:d8:09:3d:31:cd:b6:84:28:cd:6e:36:bd:
                    b0:85:3f:0e:60:14:b1:e9:d4:63:0f:9d:86:aa:cc:
                    ee:f7:89:90:87:f1:d7:f2:e4:a0:c8:4d:b7:50:06:
                    a9:97:a7:90:3d:64:69:d7:ac:6d:aa:21:36:0d:a0:
                    da:f1:d4:20:26:7f:09:39:e1:11:ce:01:c3:8b:07:
                    a0:c4:c8:80:21:2c:1c:c6:be:ce:42:47:82:93:bb:
                    81:ad:1f:96:84:43:67:77:44:3f:08:41:fa:5a:fb:
                    ae:17:09:f1:c4:95:4a:a5:64:a0:16:f1:0f:f7:02:
                    cc:4a:83:e7:4b:da:64:c6:45:f8:6a:80:1c:67:0a:
                    f2:24:7e:8d:33:d2:a6:70:47:96:1e:af:b6:6d:84:
                    7e:9f:19:01:a1:86:c4:55:92:53:82:f3:10:f6:1a:
                    da:f3:08:0d:fa:27:56:39:5c:5b:1e:f4:9d:22:e5:
                    39:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:1C:EC:F7:C2:72:D1:55:2C:79:3B:16:73:52:B4:EB:CB:1C:CC:FC
            X509v3 Authority Key Identifier:
                keyid:55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/dBzs98Jy0VUseTsWc1K068sczPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.28.248.0/21
                  188.93.176.0/21
                  194.110.124.0/24
                  194.110.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:49:9f:a1:15:aa:89:fb:e0:00:f9:e9:e7:2c:c5:63:df:6c:
         f8:3f:4c:15:f5:48:71:f8:07:44:67:18:25:7f:c4:0d:9a:f3:
         68:7d:b8:1f:98:a1:d2:76:5d:9c:c9:40:27:f8:3e:fb:b9:3c:
         ae:b6:9e:6a:d3:44:52:3f:c8:6e:7b:2c:e0:70:8b:36:16:d0:
         46:02:da:0c:71:7b:3b:f5:71:d9:7a:69:59:e1:34:6c:b9:07:
         db:ad:53:05:e5:55:53:b1:7e:fd:98:ae:86:39:22:53:39:fc:
         3f:57:c7:4a:0c:95:8f:4c:43:1b:22:ff:19:81:38:44:50:f8:
         59:df:cb:7b:27:e4:3c:fe:5b:ec:eb:88:33:50:56:b4:c4:06:
         d6:c7:05:f2:2c:c1:a0:f7:39:3f:2c:6d:11:12:be:2d:63:a8:
         b4:64:df:6e:ad:56:0d:d8:e2:c4:84:21:9f:33:1d:df:57:e3:
         3c:38:9c:7b:84:28:8d:27:9f:66:98:26:7f:da:c6:83:00:ce:
         f5:2c:d9:d5:ad:36:f6:a3:20:ce:8f:0d:ce:21:3b:b1:21:37:
         7d:ca:b5:d0:7f:39:8a:11:70:ad:67:d6:a2:b1:84:c4:81:ed:
         e5:1b:39:db:22:77:63:0a:06:cf:dd:7e:58:38:91:73:50:17:
         eb:b3:50:77
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAfgQFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTNjYTdiMmU2YzFlMTdmNWYzZWRiZTM3NWUxOWVjZTM5NTMzOTEwMB4XDTIyMDEw
MTA1MDU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQxY2VjZjdjMjcy
ZDE1NTJjNzkzYjE2NzM1MmI0ZWJjYjFjY2NmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNExQkThwOwB+2aulLDbPICfSm5FcS5DqpMce0J2KFYz/Wn
s+naBrHdXQkPd4UajLrB5nU5ANUW+dszOXavaxc8lYXvBtoCmX+nKjfp2Ak9Mc22
hCjNbja9sIU/DmAUsenUYw+dhqrM7veJkIfx1/LkoMhNt1AGqZenkD1kadesbaoh
Ng2g2vHUICZ/CTnhEc4Bw4sHoMTIgCEsHMa+zkJHgpO7ga0floRDZ3dEPwhB+lr7
rhcJ8cSVSqVkoBbxD/cCzEqD50vaZMZF+GqAHGcK8iR+jTPSpnBHlh6vtm2Efp8Z
AaGGxFWSU4LzEPYa2vMIDfonVjlcWx70nSLlOVsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR0HOz3wnLRVSx5OxZzUrTryxzM/DAfBgNVHSMEGDAWgBRVPKey5sHhf18+
2+N14Z7OOVM5EDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZUeW5zdWJCNFg5ZlB0dmpkZUdlempsVE9SQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDU3MmMzLTM1MGYtNDc5Yi1hN2IzLTE1M2U5MTgyYWY0MS8x
L2RCenM5OEp5MFZVc2VUc1djMUswNjhzY3pQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDU3MmMzLTM1MGYtNDc5Yi1hN2IzLTE1M2U5MTgyYWY0MS8xL1ZUeW5zdWJCNFg5
ZlB0dmpkZUdlempsVE9SQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAy4c+AMEA7xdsAMEAMJufAMEAcJu
gjANBgkqhkiG9w0BAQsFAAOCAQEAQUmfoRWqifvgAPnp5yzFY99s+D9MFfVIcfgH
RGcYJX/EDZrzaH24H5ih0nZdnMlAJ/g++7k8rraeatNEUj/Ibnss4HCLNhbQRgLa
DHF7O/Vx2XppWeE0bLkH261TBeVVU7F+/ZiuhjkiUzn8P1fHSgyVj0xDGyL/GYE4
RFD4Wd/LeyfkPP5b7OuIM1BWtMQG1scF8izBoPc5PyxtERK+LWOotGTfbq1WDdji
xIQhnzMd31fjPDice4QojSefZpgmf9rGgwDO9SzZ1a029qMgzo8NziE7sSE3fcq1
0H85ihFwrWfWorGExIHt5Rs52yJ3YwoGz91+WDiRc1AX67NQdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org