Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa
File:                     u0mnIXXeSW5Cm4BqviHQtZdatK4.roa (raw, json)
Hash identifier:          pZi0LlGosr8doJuXlGJaxxrUce/Bq4ndvyRhriZpdFU=
Subject key identifier:   BB:49:A7:21:75:DE:49:6E:42:9B:80:6A:BE:21:D0:B5:97:5A:B4:AE
Certificate issuer:       /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial:       1B97ED68
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa
Signing time:             Fri 11 Mar 2022 13:18:26 +0000
ROA not before:           Fri 11 Mar 2022 13:18:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15836
IP address blocks:        5.32.168.0/21 maxlen: 21
                          185.46.60.0/22 maxlen: 22
                          212.28.64.0/19 maxlen: 20
                          87.255.64.0/19 maxlen: 20
                          217.26.160.0/20 maxlen: 20
                          2a03:a80::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 462941544 (0x1b97ed68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
        Validity
            Not Before: Mar 11 13:18:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb49a72175de496e429b806abe21d0b5975ab4ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a6:6f:9a:83:c0:52:99:73:52:30:88:a3:20:
                    c7:61:95:b2:f2:5c:58:dc:c1:7c:e1:73:ae:42:64:
                    f6:ab:94:60:54:a2:51:84:89:92:ca:6c:22:f2:8f:
                    c3:8d:fa:2a:ea:f7:84:61:be:c8:83:b1:0f:aa:c7:
                    1b:aa:8d:e6:d1:e7:6d:f9:00:84:a9:f7:68:12:5f:
                    50:c9:40:05:f1:b0:be:23:34:b5:bf:99:1a:e4:ef:
                    93:3e:8c:1d:d4:8b:24:f2:bc:05:41:4a:33:64:b2:
                    f8:3f:2a:6b:b1:c8:97:f6:2f:7a:f1:c7:f7:2d:03:
                    71:a1:b4:56:7b:fb:4b:26:d0:b3:b4:ad:49:1d:90:
                    6c:48:2d:9f:68:4b:cf:cc:fe:0f:89:c2:d9:ff:24:
                    c1:1b:e1:e6:0c:cb:fd:0d:e5:35:a6:2b:cb:29:aa:
                    15:c4:91:f8:6c:65:36:43:8e:0e:ba:db:1e:87:76:
                    59:ac:53:51:26:c9:be:ff:1f:1a:1f:72:11:21:3c:
                    aa:bf:21:98:33:57:f7:88:c6:53:34:16:89:08:2e:
                    33:97:e2:be:73:99:f9:17:66:71:51:b2:0a:71:6f:
                    5a:cd:75:32:28:2b:87:95:98:1f:69:d5:7f:fe:d1:
                    20:c4:8c:cd:a8:9a:63:fa:4a:3a:13:a7:17:62:35:
                    b4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:49:A7:21:75:DE:49:6E:42:9B:80:6A:BE:21:D0:B5:97:5A:B4:AE
            X509v3 Authority Key Identifier:
                keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.32.168.0/21
                  87.255.64.0/19
                  185.46.60.0/22
                  212.28.64.0/19
                  217.26.160.0/20
                IPv6:
                  2a03:a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:d2:77:8b:d3:1f:b7:7d:45:5f:d9:06:f0:ee:8d:a6:de:70:
         f2:18:08:c3:cf:2d:d1:95:e1:ca:71:c7:00:52:ee:3d:a1:bf:
         ba:7b:70:74:42:7b:60:eb:40:27:f3:de:70:98:ee:97:31:10:
         fa:12:65:f1:62:5c:fd:14:c4:a3:c1:b1:23:c0:8a:3a:02:1c:
         15:ed:7d:ea:24:77:ec:9d:58:e6:ff:da:20:67:39:f0:55:d3:
         7d:f6:cf:53:20:0a:a2:66:7e:b7:59:6b:e9:18:19:ac:8c:83:
         f6:86:bc:b3:a2:10:15:fd:ef:86:60:09:2d:ec:1d:f7:c5:e4:
         e8:89:41:cf:5b:89:1d:5e:b6:2a:40:f0:79:9c:17:95:a2:5e:
         85:76:85:02:dd:fe:18:34:6a:78:3d:1e:1a:b7:0d:a7:e8:fe:
         79:30:f9:79:c9:f5:c6:68:b7:20:58:f6:f6:02:a1:31:b7:87:
         b2:04:11:a1:c9:93:17:16:d2:5d:89:88:49:71:4b:92:84:2e:
         22:72:99:3d:fb:9b:42:2b:59:b8:d4:66:2f:8d:0a:60:c3:18:
         41:18:8f:2a:37:53:5e:f3:b3:f4:9d:2c:02:be:56:d2:cc:d0:
         e2:ab:e8:92:c2:73:e7:13:6d:b5:63:10:0e:fe:e4:05:d8:b3:
         27:4f:5b:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEG5ftaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc0MjcyNTg2MmI5MGJkYTQ1MTBhMDJlODA0ZmVmM2FkMTE0MmRjMB4XDTIyMDMx
MTEzMTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0OWE3MjE3NWRl
NDk2ZTQyOWI4MDZhYmUyMWQwYjU5NzVhYjRhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6mb5qDwFKZc1IwiKMgx2GVsvJcWNzBfOFzrkJk9quUYFSi
UYSJkspsIvKPw436Kur3hGG+yIOxD6rHG6qN5tHnbfkAhKn3aBJfUMlABfGwviM0
tb+ZGuTvkz6MHdSLJPK8BUFKM2Sy+D8qa7HIl/YvevHH9y0DcaG0Vnv7SybQs7St
SR2QbEgtn2hLz8z+D4nC2f8kwRvh5gzL/Q3lNaYryymqFcSR+GxlNkOODrrbHod2
WaxTUSbJvv8fGh9yESE8qr8hmDNX94jGUzQWiQguM5fivnOZ+RdmcVGyCnFvWs11
Migrh5WYH2nVf/7RIMSMzaiaY/pKOhOnF2I1tH0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS7Sachdd5JbkKbgGq+IdC1l1q0rjAfBgNVHSMEGDAWgBT3dCclhiuQvaRR
CgLoBP7zrRFC3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzUW5KWVlya0wya1VRb0M2QVQtODYwUlF0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvOGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8x
L3UwbW5JWFhlU1c1Q200QnF2aUhRdFpkYXRLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
OGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8xLzkzUW5KWVlya0wy
a1VRb0M2QVQtODYwUlF0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUgqAMEBVf/QAMEArkuPAMEBdQc
QAMEBNkaoDANBAIAAjAHAwUAKgMKgDANBgkqhkiG9w0BAQsFAAOCAQEAA9J3i9Mf
t31FX9kG8O6Npt5w8hgIw88t0ZXhynHHAFLuPaG/untwdEJ7YOtAJ/PecJjulzEQ
+hJl8WJc/RTEo8GxI8CKOgIcFe196iR37J1Y5v/aIGc58FXTffbPUyAKomZ+t1lr
6RgZrIyD9oa8s6IQFf3vhmAJLewd98Xk6IlBz1uJHV62KkDweZwXlaJehXaFAt3+
GDRqeD0eGrcNp+j+eTD5ecn1xmi3IFj29gKhMbeHsgQRocmTFxbSXYmISXFLkoQu
InKZPfubQitZuNRmL40KYMMYQRiPKjdTXvOz9J0sAr5W0szQ4qvoksJz5xNttWMQ
Dv7kBdizJ09bIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org