Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/MRTV5DhkzxHi77DxAJt3-AIy1TA.roa
File:                     MRTV5DhkzxHi77DxAJt3-AIy1TA.roa (raw, json)
Hash identifier:          MjSBK5yGt3cQSx8DR0nu05+0uKpJ5ZpZ+MbbPVUdkuk=
Subject key identifier:   31:14:D5:E4:38:64:CF:11:E2:EF:B0:F1:00:9B:77:F8:02:32:D5:30
Certificate issuer:       /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Certificate serial:       1043A6DA
Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/MRTV5DhkzxHi77DxAJt3-AIy1TA.roa
Signing time:             Sat 01 Jan 2022 09:54:31 +0000
ROA not before:           Sat 01 Jan 2022 09:54:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21413
IP address blocks:        93.159.96.0/19 maxlen: 24
                          31.187.67.0/24 maxlen: 24
                          31.187.77.0/24 maxlen: 24
                          85.190.176.0/21 maxlen: 21
                          31.187.79.0/24 maxlen: 24
                          212.99.192.0/19 maxlen: 24
                          185.90.128.0/22 maxlen: 24
                          83.221.224.0/19 maxlen: 24
                          89.187.200.0/21 maxlen: 24
                          94.100.64.0/20 maxlen: 24
                          176.126.88.0/22 maxlen: 22
                          185.175.209.0/24 maxlen: 24
                          77.235.160.0/19 maxlen: 24
                          193.98.112.0/21 maxlen: 21
                          46.227.216.0/21 maxlen: 24
                          87.121.192.0/20 maxlen: 24
                          37.247.64.0/19 maxlen: 24
                          87.121.224.0/20 maxlen: 24
                          80.243.32.0/19 maxlen: 24
                          2a00:1ca0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 272869082 (0x1043a6da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
        Validity
            Not Before: Jan  1 09:54:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3114d5e43864cf11e2efb0f1009b77f80232d530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:60:9c:a8:c9:b0:15:0e:2d:a9:7d:df:71:26:
                    e2:4d:45:26:fe:8d:d1:0c:a5:46:17:c4:95:8c:9f:
                    37:09:fd:8c:e9:69:8c:3d:50:cb:d9:ea:18:4b:14:
                    8f:29:7c:75:a0:69:d1:41:2e:46:39:a6:84:d4:49:
                    84:0d:89:a0:6f:90:45:5e:ce:bf:c1:74:0e:44:1b:
                    96:41:16:3a:e7:65:4c:16:05:40:46:00:e8:cd:d0:
                    1c:bb:6c:6c:ee:8a:43:3a:1e:22:03:01:a0:a1:b9:
                    73:d9:4a:1c:56:9b:ca:c4:0f:c1:f1:63:e1:9c:c8:
                    5c:6c:5a:d8:f0:94:3c:9d:3c:3d:b1:d6:2b:05:e2:
                    b6:e5:c2:8c:93:96:a0:a1:3d:23:08:b2:62:4f:d5:
                    99:eb:a1:f7:25:12:7f:a5:7c:48:3d:87:e7:62:db:
                    b3:89:18:34:f6:f4:7e:e5:41:68:29:40:a4:08:1a:
                    23:93:64:5b:29:2f:ec:17:7c:b0:70:17:9a:39:af:
                    af:a3:e9:f4:eb:3f:aa:72:c8:18:39:0e:d1:43:de:
                    6f:c0:2c:ac:48:3f:07:4c:5a:5c:71:df:8d:d8:2a:
                    42:bf:02:a8:a5:e8:5d:bb:b1:e9:e7:40:21:ac:04:
                    37:c8:cb:75:4b:bd:00:c2:1e:d8:13:7a:18:38:14:
                    d9:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:14:D5:E4:38:64:CF:11:E2:EF:B0:F1:00:9B:77:F8:02:32:D5:30
            X509v3 Authority Key Identifier:
                keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/MRTV5DhkzxHi77DxAJt3-AIy1TA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.187.67.0/24
                  31.187.77.0/24
                  31.187.79.0/24
                  37.247.64.0/19
                  46.227.216.0/21
                  77.235.160.0/19
                  80.243.32.0/19
                  83.221.224.0/19
                  85.190.176.0/21
                  87.121.192.0/20
                  87.121.224.0/20
                  89.187.200.0/21
                  93.159.96.0/19
                  94.100.64.0/20
                  176.126.88.0/22
                  185.90.128.0/22
                  185.175.209.0/24
                  193.98.112.0/21
                  212.99.192.0/19
                IPv6:
                  2a00:1ca0::/32

    Signature Algorithm: sha256WithRSAEncryption
         04:76:eb:6a:75:a5:27:c4:48:ca:ab:c5:d5:51:f7:59:11:cd:
         1b:a1:64:21:89:21:54:64:78:d5:6d:0a:8b:c7:b8:42:02:b3:
         e9:fc:16:cb:bf:75:21:4b:fd:52:97:b0:63:d7:4f:b9:80:12:
         b6:4b:6a:41:bf:a5:fb:21:33:1d:f3:5d:88:9d:40:3c:a4:77:
         eb:d1:f3:09:89:cd:10:6d:6b:20:1b:b4:5f:ed:d0:f0:32:7e:
         0b:3a:31:c0:29:2c:93:59:32:df:9d:51:ea:69:b4:f7:de:a0:
         08:5b:66:b2:ac:ac:35:50:06:51:e5:2b:1e:2f:17:1e:e9:8d:
         1b:43:f9:b1:48:6d:8d:db:3d:cc:13:23:4a:ed:5e:1a:e7:27:
         ee:76:1f:55:3d:56:98:98:58:b1:28:15:37:48:5a:ed:f4:0a:
         4d:c5:aa:29:14:7f:e8:d8:9c:96:cb:e2:32:d7:3c:2b:a4:e5:
         3c:04:59:a6:0f:1e:e7:86:94:e9:1d:a5:10:e0:e4:cb:be:ab:
         96:5d:ab:16:35:aa:01:2f:fb:da:02:7b:da:40:c1:24:39:3e:
         a0:3f:b0:71:45:00:ca:11:d9:5b:24:54:0e:42:75:bb:6a:ab:
         c4:02:a8:a0:9b:34:54:03:3e:17:b7:ea:30:6e:8b:5f:41:d7:
         bf:82:57:8e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIEEEOm2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Zjk2YWUyNzcwMjY1YWYzMmU3ZDRiZTg2YmFiMDdhMDdjMmQzMzUzMB4XDTIyMDEw
MTA5NTQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzExNGQ1ZTQzODY0
Y2YxMWUyZWZiMGYxMDA5Yjc3ZjgwMjMyZDUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBgnKjJsBUOLal933Em4k1FJv6N0QylRhfElYyfNwn9jOlp
jD1Qy9nqGEsUjyl8daBp0UEuRjmmhNRJhA2JoG+QRV7Ov8F0DkQblkEWOudlTBYF
QEYA6M3QHLtsbO6KQzoeIgMBoKG5c9lKHFabysQPwfFj4ZzIXGxa2PCUPJ08PbHW
KwXituXCjJOWoKE9IwiyYk/Vmeuh9yUSf6V8SD2H52Lbs4kYNPb0fuVBaClApAga
I5NkWykv7Bd8sHAXmjmvr6Pp9Os/qnLIGDkO0UPeb8AsrEg/B0xaXHHfjdgqQr8C
qKXoXbux6edAIawEN8jLdUu9AMIe2BN6GDgU2S0CAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBQxFNXkOGTPEeLvsPEAm3f4AjLVMDAfBgNVHSMEGDAWgBSflq4ncCZa8y59
S+hrqwegfC0zUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L241YXVKM0FtV3ZNdWZVdm9hNnNIb0h3dE0xTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNmJiNWIxLTFlNmEtNDQ1NS05ZDc1LWU2NGM4ODVmNjJjZS8x
L01SVFY1RGhrenhIaTc3RHhBSnQzLUFJeTFUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NmJiNWIxLTFlNmEtNDQ1NS05ZDc1LWU2NGM4ODVmNjJjZS8xL241YXVKM0FtV3ZN
dWZVdm9hNnNIb0h3dE0xTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkweAQCAAEwcgMEAB+7QwMEAB+7TQMEAB+7TwME
BSX3QAMEAy7j2AMEBU3roAMEBVDzIAMEBVPd4AMEA1W+sAMEBFd5wAMEBFd54AME
A1m7yAMEBV2fYAMEBF5kQAMEArB+WAMEArlagAMEALmv0QMEA8FicAMEBdRjwDAN
BAIAAjAHAwUAKgAcoDANBgkqhkiG9w0BAQsFAAOCAQEABHbranWlJ8RIyqvF1VH3
WRHNG6FkIYkhVGR41W0Ki8e4QgKz6fwWy791IUv9UpewY9dPuYAStktqQb+l+yEz
HfNdiJ1APKR369HzCYnNEG1rIBu0X+3Q8DJ+CzoxwCksk1ky351R6mm0996gCFtm
sqysNVAGUeUrHi8XHumNG0P5sUhtjds9zBMjSu1eGucn7nYfVT1WmJhYsSgVN0ha
7fQKTcWqKRR/6NiclsviMtc8K6TlPARZpg8e54aU6R2lEODky76rll2rFjWqAS/7
2gJ72kDBJDk+oD+wcUUAyhHZWyRUDkJ1u2qrxAKooJs0VAM+F7fqMG6LX0HXv4JX
jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:45 2024 by rpki-client on console-ams.rpki-client.org