Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/oaNTz2pnWGSh5BIdb4SLgA6vDOM.roa
File:                     oaNTz2pnWGSh5BIdb4SLgA6vDOM.roa (raw, json)
Hash identifier:          f+5ByRLte7q2H1+vDkyg8t+eVsOyqLDkk4Al24Cn+Fg=
Subject key identifier:   A1:A3:53:CF:6A:67:58:64:A1:E4:12:1D:6F:84:8B:80:0E:AF:0C:E3
Certificate issuer:       /CN=a0afe1fed1f2b7db24a0c2d1f61010684e93cbd5
Certificate serial:       382F5233
Authority key identifier: A0:AF:E1:FE:D1:F2:B7:DB:24:A0:C2:D1:F6:10:10:68:4E:93:CB:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oK_h_tHyt9skoMLR9hAQaE6Ty9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/oaNTz2pnWGSh5BIdb4SLgA6vDOM.roa
Signing time:             Sat 01 Jan 2022 04:57:37 +0000
ROA not before:           Sat 01 Jan 2022 04:57:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43142
IP address blocks:        185.8.64.0/22 maxlen: 22
                          185.8.64.0/23 maxlen: 23
                          185.8.64.0/24 maxlen: 24
                          185.8.66.0/24 maxlen: 24
                          185.8.67.0/24 maxlen: 24
                          185.8.65.0/24 maxlen: 24
                          46.227.16.0/24 maxlen: 24
                          46.227.16.0/21 maxlen: 21
                          46.227.16.0/23 maxlen: 23
                          46.227.17.0/24 maxlen: 24
                          46.227.22.0/24 maxlen: 24
                          46.227.21.0/24 maxlen: 24
                          46.227.23.0/24 maxlen: 24
                          46.227.18.0/24 maxlen: 24
                          46.227.18.0/23 maxlen: 23
                          46.227.20.0/24 maxlen: 24
                          46.227.19.0/24 maxlen: 24
                          46.227.20.0/22 maxlen: 22
                          91.194.96.0/22 maxlen: 22
                          91.194.97.0/24 maxlen: 24
                          91.194.96.0/24 maxlen: 24
                          91.194.96.0/23 maxlen: 23
                          91.194.98.0/24 maxlen: 24
                          91.194.98.0/23 maxlen: 23
                          91.194.100.0/23 maxlen: 23
                          91.194.100.0/24 maxlen: 24
                          91.194.101.0/24 maxlen: 24
                          188.214.102.0/24 maxlen: 24
                          188.214.102.0/23 maxlen: 24
                          188.214.103.0/24 maxlen: 24
                          2a01:6e00:7::/48 maxlen: 48
                          2a01:6e00:2::/48 maxlen: 48
                          2a01:6e00:10::/48 maxlen: 48
                          2a01:6e00:6::/48 maxlen: 48
                          2a01:6e00:9::/48 maxlen: 48
                          2a01:6e00:4::/48 maxlen: 48
                          2a01:6e00:8::/48 maxlen: 48
                          2a01:6e00:3::/48 maxlen: 48
                          2a01:6e00:1::/48 maxlen: 48
                          2a01:6e00:5::/48 maxlen: 48
                          2a01:6e00:8000::/33 maxlen: 33
                          2a01:6e00::/33 maxlen: 33
                          2a01:6e00::/32 maxlen: 32
                          2a01:6e00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 942625331 (0x382f5233)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0afe1fed1f2b7db24a0c2d1f61010684e93cbd5
        Validity
            Not Before: Jan  1 04:57:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a1a353cf6a675864a1e4121d6f848b800eaf0ce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:37:37:f6:2a:31:2b:50:66:83:23:66:e2:8a:
                    64:7e:13:4d:b8:d0:fd:74:e6:63:71:4f:76:b3:b4:
                    58:2c:86:9c:ea:16:f7:ec:ce:33:bc:16:6c:32:43:
                    d5:f9:d0:8d:f2:5a:5b:37:6e:39:9c:59:7f:91:4a:
                    7b:4a:d2:3b:b5:5f:00:f1:d4:44:cf:a7:cb:2e:84:
                    2b:8f:f3:23:e2:7c:e0:27:96:31:c5:50:dc:48:24:
                    83:10:63:35:c7:fb:35:d7:d0:ed:2a:67:0f:0d:f2:
                    c5:47:d2:98:74:49:e2:24:bf:2a:bb:e1:45:3d:8f:
                    7f:c1:62:b5:d0:8b:38:de:e3:5c:e2:37:c3:80:65:
                    ed:ef:24:aa:58:c9:1d:24:3f:bb:cb:4f:37:b9:59:
                    d9:b4:d7:00:31:66:50:38:26:5c:1e:b1:7d:16:57:
                    b4:a0:23:30:57:fe:47:37:e1:0a:35:41:c5:75:42:
                    81:db:e5:e6:07:b3:aa:05:1b:5c:ff:1d:0c:81:07:
                    13:02:17:69:36:7a:6c:1a:70:0d:11:fb:da:17:b0:
                    b3:e6:1d:9b:cc:83:9e:d6:40:8d:cb:46:bf:f0:5e:
                    91:bb:bc:4a:11:50:10:39:25:f4:6c:19:c6:16:13:
                    9a:ca:c4:91:a6:38:28:44:cd:23:de:2e:cc:8a:40:
                    be:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:A3:53:CF:6A:67:58:64:A1:E4:12:1D:6F:84:8B:80:0E:AF:0C:E3
            X509v3 Authority Key Identifier:
                keyid:A0:AF:E1:FE:D1:F2:B7:DB:24:A0:C2:D1:F6:10:10:68:4E:93:CB:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oK_h_tHyt9skoMLR9hAQaE6Ty9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/oaNTz2pnWGSh5BIdb4SLgA6vDOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3202ad-7b46-422d-a4d2-eca53a7f7762/1/oK_h_tHyt9skoMLR9hAQaE6Ty9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.16.0/21
                  91.194.96.0-91.194.101.255
                  185.8.64.0/22
                  188.214.102.0/23
                IPv6:
                  2a01:6e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:3e:8e:46:a2:d0:19:eb:9d:68:53:70:e4:3e:6f:d0:b4:e2:
         5f:ba:fa:21:a2:4e:1c:cc:d2:80:65:ae:40:24:e4:ba:f3:3d:
         28:f7:09:22:f9:25:d7:b9:8f:fd:3b:24:ed:ad:f0:fd:81:c3:
         94:af:e8:6c:70:0b:e6:1c:a4:76:be:ca:77:eb:4d:7f:3f:84:
         bb:0c:22:67:de:95:cd:29:04:91:f6:23:68:22:79:0c:5d:bf:
         50:52:28:f9:5f:67:99:88:16:b1:d8:f1:29:6d:30:50:5d:a4:
         68:66:a9:b2:fa:93:22:8c:5b:2e:78:b2:c0:0d:ca:31:47:b5:
         86:b1:42:e8:b7:54:d2:e5:f9:f5:7e:ef:29:08:3e:14:87:fc:
         1e:d2:e7:f0:74:2e:7d:64:05:2d:dd:40:2e:d0:c4:e5:e4:b7:
         22:0f:8c:a5:3e:b3:6d:de:95:80:68:00:80:77:36:33:70:11:
         41:d5:5e:0a:10:bc:c8:92:86:58:ef:f3:01:83:bb:22:55:17:
         82:b9:e8:3e:30:20:90:8b:d2:1b:6a:e4:58:a7:87:0f:a9:62:
         1a:90:f1:1f:33:d7:e5:dc:12:f5:cc:ea:40:9b:7f:39:09:30:
         04:48:b7:bb:65:4b:26:aa:4a:d2:c5:4f:51:da:ee:80:a9:d4:
         05:99:0d:a1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEOC9SMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGFmZTFmZWQxZjJiN2RiMjRhMGMyZDFmNjEwMTA2ODRlOTNjYmQ1MB4XDTIyMDEw
MTA0NTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFhMzUzY2Y2YTY3
NTg2NGExZTQxMjFkNmY4NDhiODAwZWFmMGNlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQ3N/YqMStQZoMjZuKKZH4TTbjQ/XTmY3FPdrO0WCyGnOoW
9+zOM7wWbDJD1fnQjfJaWzduOZxZf5FKe0rSO7VfAPHURM+nyy6EK4/zI+J84CeW
McVQ3EgkgxBjNcf7NdfQ7SpnDw3yxUfSmHRJ4iS/KrvhRT2Pf8FitdCLON7jXOI3
w4Bl7e8kqljJHSQ/u8tPN7lZ2bTXADFmUDgmXB6xfRZXtKAjMFf+RzfhCjVBxXVC
gdvl5gezqgUbXP8dDIEHEwIXaTZ6bBpwDRH72hews+Ydm8yDntZAjctGv/Bekbu8
ShFQEDkl9GwZxhYTmsrEkaY4KETNI94uzIpAvq0CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSho1PPamdYZKHkEh1vhIuADq8M4zAfBgNVHSMEGDAWgBSgr+H+0fK32ySg
wtH2EBBoTpPL1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29LX2hfdEh5dDlza29NTFI5aEFRYUU2VHk5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzIwMmFkLTdiNDYtNDIyZC1hNGQyLWVjYTUzYTdmNzc2Mi8x
L29hTlR6MnBuV0dTaDVCSWRiNFNMZ0E2dkRPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzIwMmFkLTdiNDYtNDIyZC1hNGQyLWVjYTUzYTdmNzc2Mi8xL29LX2hfdEh5dDlz
a29NTFI5aEFRYUU2VHk5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEAy7jEDAMAwQFW8JgAwQBW8JkAwQC
uQhAAwQBvNZmMA0EAgACMAcDBQAqAW4AMA0GCSqGSIb3DQEBCwUAA4IBAQB7Po5G
otAZ651oU3DkPm/QtOJfuvohok4czNKAZa5AJOS68z0o9wki+SXXuY/9OyTtrfD9
gcOUr+hscAvmHKR2vsp3601/P4S7DCJn3pXNKQSR9iNoInkMXb9QUij5X2eZiBax
2PEpbTBQXaRoZqmy+pMijFsueLLADcoxR7WGsULot1TS5fn1fu8pCD4Uh/we0ufw
dC59ZAUt3UAu0MTl5LciD4ylPrNt3pWAaACAdzYzcBFB1V4KELzIkoZY7/MBg7si
VReCueg+MCCQi9IbauRYp4cPqWIakPEfM9fl3BL1zOpAm385CTAESLe7ZUsmqkrS
xU9R2u6AqdQFmQ2h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:46 2024 by rpki-client on console-fra.rpki-client.org