Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/S0q-ftB2x3NMlQ5jeObEbRCScfY.roa
File:                     S0q-ftB2x3NMlQ5jeObEbRCScfY.roa (raw, json)
Hash identifier:          sm3Lbi3RXR0NLM925TV6pmTButxibRgwWa3gltqfuTA=
Subject key identifier:   4B:4A:BE:7E:D0:76:C7:73:4C:95:0E:63:78:E6:C4:6D:10:92:71:F6
Certificate issuer:       /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial:       0182CE479C93A1143737E166AEB502E6797D
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/S0q-ftB2x3NMlQ5jeObEbRCScfY.roa
Signing time:             Wed 24 Aug 2022 05:16:15 +0000
ROA not before:           Wed 24 Aug 2022 05:16:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24651
IP address blocks:        188.92.16.0/24 maxlen: 32
                          188.92.16.0/21 maxlen: 32
                          77.93.0.0/19 maxlen: 32
                          46.23.32.0/20 maxlen: 32
                          82.193.64.0/19 maxlen: 32
                          89.221.122.0/23 maxlen: 23
                          89.221.122.0/24 maxlen: 24
                          185.31.44.0/22 maxlen: 32
                          89.221.123.0/24 maxlen: 24
                          89.221.121.0/24 maxlen: 24
                          109.73.96.0/20 maxlen: 32
                          185.75.236.0/22 maxlen: 32
                          83.99.128.0/17 maxlen: 32
                          217.195.48.0/20 maxlen: 32
                          212.142.64.0/18 maxlen: 32
                          82.193.83.0/24 maxlen: 32
                          185.141.52.0/22 maxlen: 32
                          2a01:4e1:cc1::/64 maxlen: 64
                          2a04:4e00::/29 maxlen: 29
                          2a01:4e1:460:1::/64 maxlen: 64
                          2a01:4e0::/29 maxlen: 29
                          2a01:4e0::/32 maxlen: 32
                          2a01:4e1:1745::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ce:47:9c:93:a1:14:37:37:e1:66:ae:b5:02:e6:79:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
        Validity
            Not Before: Aug 24 05:16:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b4abe7ed076c7734c950e6378e6c46d109271f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:06:b5:c3:82:a0:ee:b6:14:94:1e:9b:2a:5f:
                    3a:d3:94:da:78:51:62:4f:20:e0:23:18:25:7a:96:
                    5c:d7:51:10:9d:d3:58:98:f5:43:1d:63:b5:1f:63:
                    ce:ae:08:9a:c0:74:cb:58:65:ae:43:d7:37:91:37:
                    c9:71:82:79:6a:62:b6:1d:ca:40:33:f2:92:dd:6e:
                    a1:35:3e:91:63:62:87:79:b8:c9:6e:fb:24:a3:a4:
                    01:a7:8a:4d:2e:fd:4b:98:7b:33:db:74:01:00:e0:
                    ee:49:9e:f8:7c:c7:d3:59:15:22:98:04:ee:95:5f:
                    bc:89:8d:e3:e9:fb:5a:b3:f7:63:86:f9:5b:b6:43:
                    28:1d:4d:b1:df:fa:66:cd:5d:0c:dd:f7:ba:9d:95:
                    3e:6c:6e:d7:51:4a:3b:76:25:23:d8:b7:26:cc:ea:
                    8e:eb:31:38:b0:d1:e6:34:3d:64:02:9e:9e:8e:84:
                    47:0c:1f:14:9a:5d:15:60:7b:7a:04:ed:fe:f9:ac:
                    81:c2:96:36:b9:7c:c9:69:a5:d5:c7:95:e9:02:e3:
                    f1:e4:ae:41:0b:be:dc:2d:a3:20:50:5a:4c:1a:7e:
                    df:e0:2d:a7:e2:8f:81:cd:90:be:6a:2b:64:38:5f:
                    7c:ac:05:61:e1:75:c3:16:06:d1:61:c2:bf:0e:fe:
                    23:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:4A:BE:7E:D0:76:C7:73:4C:95:0E:63:78:E6:C4:6D:10:92:71:F6
            X509v3 Authority Key Identifier:
                keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/S0q-ftB2x3NMlQ5jeObEbRCScfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.23.32.0/20
                  77.93.0.0/19
                  82.193.64.0/19
                  83.99.128.0/17
                  89.221.121.0-89.221.123.255
                  109.73.96.0/20
                  185.31.44.0/22
                  185.75.236.0/22
                  185.141.52.0/22
                  188.92.16.0/21
                  212.142.64.0/18
                  217.195.48.0/20
                IPv6:
                  2a01:4e0::/29
                  2a04:4e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         bb:7c:cc:6f:e4:ae:f2:4b:6a:4a:15:74:f2:b5:67:0f:1a:04:
         ce:15:e9:f7:6d:1e:01:f8:09:9a:4d:72:c8:ec:0d:85:58:ba:
         d6:c9:92:cf:0b:1c:e0:cd:10:b2:52:7b:89:d5:d6:ed:bf:42:
         9c:b0:2e:5f:db:0a:96:1b:ac:5a:69:49:f3:1b:c2:05:55:50:
         ca:83:99:39:e8:92:12:70:6f:0e:cc:3c:08:db:00:c1:36:94:
         66:11:69:28:ae:88:28:9e:e4:02:f5:cc:aa:85:f5:8c:ee:db:
         aa:5e:5d:55:a7:7a:0c:f9:53:ea:2b:f8:bc:60:fc:04:68:48:
         aa:b7:f7:6e:bb:45:5f:67:13:3c:42:b7:89:c3:34:0b:b6:ba:
         35:00:a2:87:a6:ab:21:24:cf:41:90:78:83:ef:a3:a8:05:ea:
         39:92:7a:84:ff:a7:6a:7d:c2:85:29:c6:38:a9:a6:46:55:2d:
         74:2e:2a:88:a3:48:ec:c5:e1:4c:39:85:46:17:ba:b9:83:b4:
         e7:12:28:46:4e:7e:ad:54:76:ae:ef:a2:1d:0a:ee:ff:fd:67:
         e0:c2:24:95:31:db:e8:ed:0c:e8:bd:f6:01:7f:11:12:5a:d6:
         94:b2:33:5e:0c:69:ba:c2:dc:f1:ff:04:f1:9c:2d:84:15:05:
         44:b7:22:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYLOR5yToRQ3N+FmrrUC5nl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjIwODI0MDUxNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRhYmU3ZWQwNzZjNzczNGM5NTBlNjM3OGU2YzQ2ZDEwOTI3MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQa1w4Kg7rYUlB6bKl8605TaeFFi
TyDgIxglepZc11EQndNYmPVDHWO1H2POrgiawHTLWGWuQ9c3kTfJcYJ5amK2HcpA
M/KS3W6hNT6RY2KHebjJbvsko6QBp4pNLv1LmHsz23QBAODuSZ74fMfTWRUimATu
lV+8iY3j6ftas/djhvlbtkMoHU2x3/pmzV0M3fe6nZU+bG7XUUo7diUj2LcmzOqO
6zE4sNHmND1kAp6ejoRHDB8Uml0VYHt6BO3++ayBwpY2uXzJaaXVx5XpAuPx5K5B
C77cLaMgUFpMGn7f4C2n4o+BzZC+aitkOF98rAVh4XXDFgbRYcK/Dv4jZwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEtKvn7QdsdzTJUOY3jmxG0QknH2MB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvUzBxLWZ0QjJ4M05NbFE1amVPYkViUkNTY2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQELhcgAwQF
TV0AAwQFUsFAAwQHU2OAMAwDBABZ3XkDBAJZ3XgDBARtSWADBAK5HywDBAK5S+wD
BAK5jTQDBAO8XBADBAbUjkADBATZwzAwFAQCAAIwDgMFAyoBBOADBQMqBE4AMA0G
CSqGSIb3DQEBCwUAA4IBAQC7fMxv5K7yS2pKFXTytWcPGgTOFen3bR4B+AmaTXLI
7A2FWLrWyZLPCxzgzRCyUnuJ1dbtv0KcsC5f2wqWG6xaaUnzG8IFVVDKg5k56JIS
cG8OzDwI2wDBNpRmEWkorogonuQC9cyqhfWM7tuqXl1Vp3oM+VPqK/i8YPwEaEiq
t/duu0VfZxM8QreJwzQLtro1AKKHpqshJM9BkHiD76OoBeo5knqE/6dqfcKFKcY4
qaZGVS10LiqIo0jsxeFMOYVGF7q5g7TnEihGTn6tVHau76IdCu7//WfgwiSVMdvo
7QzovfYBfxESWtaUsjNeDGm6wtzx/wTxnC2EFQVEtyLl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org