Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa
File:                     At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa (raw, json)
Hash identifier:          rFq/Ij5nq3Ns3wzjCCWdj7hw9a9okqyMbzpLUN9n+AM=
Subject key identifier:   02:DE:CE:5D:62:78:75:59:3C:CA:59:B2:3D:E5:18:9D:F7:8A:E7:14
Certificate issuer:       /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial:       047F4C44
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa
Signing time:             Wed 06 Apr 2022 15:18:05 +0000
ROA not before:           Wed 06 Apr 2022 15:18:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12963
IP address blocks:        94.247.224.0/21 maxlen: 21
                          94.247.224.0/23 maxlen: 23
                          185.192.216.0/22 maxlen: 22
                          194.183.160.0/24 maxlen: 24
                          194.183.160.0/19 maxlen: 19
                          213.160.128.0/19 maxlen: 19
                          2a00:9880::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75451460 (0x47f4c44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
        Validity
            Not Before: Apr  6 15:18:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=02dece5d627875593cca59b23de5189df78ae714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:55:fe:b2:1d:88:02:12:c0:3c:06:0d:32:ae:
                    f3:ba:49:77:ec:8c:7c:c7:1d:80:78:21:b0:19:d2:
                    f1:3d:25:bf:1e:7e:f0:f3:14:0d:6d:9b:5d:3e:39:
                    20:ef:0f:2b:00:1e:b8:e6:97:28:1a:fc:d4:64:65:
                    23:26:0b:31:82:c0:55:33:c2:aa:14:fd:ca:c4:50:
                    84:d2:ee:18:c1:7f:a1:c8:a7:bd:06:9f:00:f7:51:
                    71:e1:67:a3:b9:dc:e9:1b:15:32:58:e7:b1:f6:ff:
                    c8:db:8f:0d:1b:bd:a9:4b:2e:d3:f1:91:ce:20:25:
                    af:eb:c9:d7:a1:c7:92:92:1d:84:5d:f2:f9:03:5d:
                    cd:93:c3:43:2a:62:68:5b:c7:86:b1:a7:e0:85:88:
                    2c:15:7d:58:4a:42:43:0b:56:d1:71:04:aa:29:60:
                    6b:72:a1:75:f0:44:2d:f5:e6:66:57:c9:96:a6:70:
                    c2:41:9f:45:3d:9d:05:9c:1c:6f:ed:07:b6:c9:e8:
                    4e:8a:e8:1e:c3:16:ee:71:f0:d8:05:c6:65:9e:4e:
                    6b:95:51:7b:78:de:f8:9f:ac:aa:e2:2b:f7:32:65:
                    43:75:17:bb:2b:ff:b7:7d:0a:ac:28:16:b2:75:ea:
                    ea:b7:62:30:12:70:44:69:52:20:d9:ad:d3:46:11:
                    78:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:DE:CE:5D:62:78:75:59:3C:CA:59:B2:3D:E5:18:9D:F7:8A:E7:14
            X509v3 Authority Key Identifier:
                keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.247.224.0/21
                  185.192.216.0/22
                  194.183.160.0/19
                  213.160.128.0/19
                IPv6:
                  2a00:9880::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:bc:18:6c:d5:bf:47:2a:25:6e:9b:03:30:0d:04:25:63:62:
         9d:7b:df:93:25:93:4f:61:d4:ab:c3:1d:f0:c2:49:3a:c1:da:
         8a:c5:4d:f1:eb:70:b5:e0:78:4a:e1:9b:ab:2f:1e:e2:29:5b:
         ce:0f:d8:8e:5b:64:cb:16:04:f9:4f:cb:1d:f3:bd:b9:cd:db:
         cd:44:74:75:b2:c0:e3:34:b6:8c:c6:5c:b3:b3:0c:9c:10:4e:
         63:18:31:c7:a7:18:2d:aa:ee:37:dd:01:ae:f1:fb:6e:a1:aa:
         b5:b9:5d:11:36:46:3c:02:8c:e0:b1:d9:f3:cc:e1:e5:a9:06:
         71:83:f4:7c:21:fd:e6:75:30:99:fe:15:cd:6d:30:42:f2:7b:
         59:a9:f0:67:dd:ea:09:28:07:e7:2a:f9:1c:7b:76:25:eb:87:
         c2:6a:91:4c:ab:97:33:ff:52:5c:49:73:f9:6d:3b:4d:3f:b1:
         b7:39:fd:83:5a:92:24:11:07:b5:cc:fe:9d:18:46:3b:62:6f:
         77:e9:5e:01:5b:05:87:bb:88:1b:08:ca:96:4b:21:0c:1f:3b:
         64:18:6f:0c:47:39:0b:7c:ab:c1:36:4f:7f:74:29:94:71:15:
         82:1e:bc:e2:58:51:2d:6a:43:3b:7e:a8:d8:7e:62:65:20:cf:
         d3:6b:98:54
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBH9MRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGUzYzMzNjk3MjA5NGIxYThjMTNkNDE4MTY4NTdkMTk3YTNhYWU5MB4XDTIyMDQw
NjE1MTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkZWNlNWQ2Mjc4
NzU1OTNjY2E1OWIyM2RlNTE4OWRmNzhhZTcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNV/rIdiAISwDwGDTKu87pJd+yMfMcdgHghsBnS8T0lvx5+
8PMUDW2bXT45IO8PKwAeuOaXKBr81GRlIyYLMYLAVTPCqhT9ysRQhNLuGMF/ocin
vQafAPdRceFno7nc6RsVMljnsfb/yNuPDRu9qUsu0/GRziAlr+vJ16HHkpIdhF3y
+QNdzZPDQypiaFvHhrGn4IWILBV9WEpCQwtW0XEEqilga3KhdfBELfXmZlfJlqZw
wkGfRT2dBZwcb+0HtsnoToroHsMW7nHw2AXGZZ5Oa5VRe3je+J+squIr9zJlQ3UX
uyv/t30KrCgWsnXq6rdiMBJwRGlSINmt00YReFECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQC3s5dYnh1WTzKWbI95Rid94rnFDAfBgNVHSMEGDAWgBR048M2lyCUsajB
PUGBaFfRl6Oq6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RPUEROcGNnbExHb3dUMUJnV2hYMFplanF1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8x
L0F0N09YV0o0ZFZrOHlsbXlQZVVZbmZlSzV4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8xL2RPUEROcGNnbExH
b3dUMUJnV2hYMFplanF1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1734AMEArnA2AMEBcK3oAMEBdWg
gDANBAIAAjAHAwUAKgCYgDANBgkqhkiG9w0BAQsFAAOCAQEAa7wYbNW/RyolbpsD
MA0EJWNinXvfkyWTT2HUq8Md8MJJOsHaisVN8etwteB4SuGbqy8e4ilbzg/Yjltk
yxYE+U/LHfO9uc3bzUR0dbLA4zS2jMZcs7MMnBBOYxgxx6cYLaruN90BrvH7bqGq
tbldETZGPAKM4LHZ88zh5akGcYP0fCH95nUwmf4VzW0wQvJ7WanwZ93qCSgH5yr5
HHt2JeuHwmqRTKuXM/9SXElz+W07TT+xtzn9g1qSJBEHtcz+nRhGO2Jvd+leAVsF
h7uIGwjKlkshDB87ZBhvDEc5C3yrwTZPf3QplHEVgh684lhRLWpDO36o2H5iZSDP
02uYVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org