Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MblzsEICdX5lfSh0iyYcS6hrFbE.roa
File:                     MblzsEICdX5lfSh0iyYcS6hrFbE.roa (raw, json)
Hash identifier:          9US8aFf2WFOQxsrhbt3wfLj9yOy62xTDER4PxgzBoQc=
Subject key identifier:   31:B9:73:B0:42:02:75:7E:65:7D:28:74:8B:26:1C:4B:A8:6B:15:B1
Certificate issuer:       /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial:       0460B912
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MblzsEICdX5lfSh0iyYcS6hrFbE.roa
Signing time:             Wed 30 Mar 2022 07:47:05 +0000
ROA not before:           Wed 30 Mar 2022 07:47:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207967
IP address blocks:        81.19.131.0/24 maxlen: 32
                          81.19.136.0/24 maxlen: 32
                          81.19.139.0/24 maxlen: 32
                          81.19.135.0/24 maxlen: 32
                          81.19.134.0/24 maxlen: 32
                          81.19.140.0/24 maxlen: 32
                          81.19.141.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73447698 (0x460b912)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
        Validity
            Not Before: Mar 30 07:47:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31b973b04202757e657d28748b261c4ba86b15b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c9:f1:3f:ca:88:b5:f1:99:2e:d1:30:90:42:
                    b8:44:7f:ec:99:c4:32:08:5e:90:c2:fe:69:38:2a:
                    3b:78:a7:28:1a:3d:10:81:32:88:d1:3e:42:e8:1f:
                    ec:4b:bb:42:3c:7e:d0:58:52:71:03:cc:48:6e:3f:
                    a4:c9:8d:12:30:4a:48:fd:05:44:6c:d2:ee:44:5c:
                    aa:68:63:82:55:eb:4e:d2:d8:ad:4d:e4:86:36:ba:
                    e4:5c:73:d2:59:1a:90:bb:77:e9:a9:2b:34:4e:fc:
                    5f:99:02:bc:b2:f7:dc:1f:b1:72:69:62:e9:7c:38:
                    cc:c6:50:53:1f:b8:ed:3b:11:b2:33:79:44:73:34:
                    3b:3b:49:a3:e2:64:bb:6f:5f:29:c2:a9:84:72:1f:
                    d4:9b:ac:8f:22:b5:7d:98:e6:19:58:bf:63:71:2e:
                    58:c1:77:8c:ed:7f:32:8b:83:fa:f4:fc:4c:b3:8f:
                    aa:2b:12:87:c4:d7:1d:94:c9:42:12:68:1b:82:13:
                    43:24:78:c6:8e:61:02:9d:80:95:dc:b2:62:be:41:
                    11:44:11:dd:9f:9f:2c:6b:f8:8b:30:fb:ea:48:4d:
                    7a:20:c9:e6:85:23:c0:9c:c7:a4:eb:5e:d1:0f:5f:
                    a0:aa:d9:09:96:74:4e:7d:0b:8e:1e:96:d2:e5:45:
                    7b:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B9:73:B0:42:02:75:7E:65:7D:28:74:8B:26:1C:4B:A8:6B:15:B1
            X509v3 Authority Key Identifier:
                keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MblzsEICdX5lfSh0iyYcS6hrFbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.19.131.0/24
                  81.19.134.0-81.19.136.255
                  81.19.139.0-81.19.141.255

    Signature Algorithm: sha256WithRSAEncryption
         a7:b3:70:e7:a7:3b:3d:8c:c1:6c:35:16:36:2d:83:1b:30:c4:
         c8:75:e6:96:54:4b:6c:4d:76:88:21:fe:7f:a2:d0:00:11:19:
         01:43:70:5d:75:d7:50:3f:93:1a:11:92:5f:ae:57:47:9b:99:
         89:1e:36:34:88:b3:bc:de:fb:76:46:5b:4d:37:b3:3b:a8:bf:
         04:d5:d1:5a:fe:a5:89:12:eb:83:77:85:5e:81:d3:e3:d5:6a:
         e8:e5:3f:3e:3c:7e:8b:70:0d:89:3f:b3:32:48:48:0f:4f:29:
         82:d2:99:40:80:24:a7:1a:ff:d5:6a:97:3e:5c:ff:b2:8b:a3:
         58:f2:06:cb:59:5d:f7:1d:5e:6f:a9:07:96:0e:31:be:11:50:
         b5:d8:b2:10:ac:f7:65:46:83:6b:f3:4a:a4:27:b7:01:6d:d7:
         b0:f4:7d:2f:c5:d7:d2:a4:23:90:21:90:f3:0e:72:cd:0f:0f:
         79:c0:72:d6:3a:e9:e6:03:d2:08:bb:49:39:43:92:5f:ed:d1:
         de:eb:57:a3:ad:10:a7:24:ae:58:db:dd:0a:bd:aa:dd:34:a1:
         e7:e4:03:2a:6a:43:79:7b:d1:a8:84:8d:2e:58:ed:d3:6a:77:
         6c:4e:73:70:83:ef:a9:25:c5:df:44:90:8a:41:88:af:67:92:
         2f:56:ad:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBGC5EjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGNlOTY0MGEzZWYyZmVhMTkzNzRhZDhmOTlmNDIzZDdhYTdjNzZiMB4XDTIyMDMz
MDA3NDcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFiOTczYjA0MjAy
NzU3ZTY1N2QyODc0OGIyNjFjNGJhODZiMTViMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/J8T/KiLXxmS7RMJBCuER/7JnEMghekML+aTgqO3inKBo9
EIEyiNE+Qugf7Eu7Qjx+0FhScQPMSG4/pMmNEjBKSP0FRGzS7kRcqmhjglXrTtLY
rU3khja65Fxz0lkakLt36akrNE78X5kCvLL33B+xcmli6Xw4zMZQUx+47TsRsjN5
RHM0OztJo+Jku29fKcKphHIf1JusjyK1fZjmGVi/Y3EuWMF3jO1/MouD+vT8TLOP
qisSh8TXHZTJQhJoG4ITQyR4xo5hAp2AldyyYr5BEUQR3Z+fLGv4izD76khNeiDJ
5oUjwJzHpOte0Q9foKrZCZZ0Tn0Ljh6W0uVFewMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQxuXOwQgJ1fmV9KHSLJhxLqGsVsTAfBgNVHSMEGDAWgBSkzpZAo+8v6hk3
Stj5n0I9eqfHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BNNldRS1B2TC1vWk4wclktWjlDUFhxbngycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8x
L01ibHpzRUlDZFg1bGZTaDBpeVljUzZockZiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZjhhNWQxLTI2MGEtNDZhNC1hOGU0LTI4M2ZlNTRhNmYyZi8xL3BNNldRS1B2TC1v
Wk4wclktWjlDUFhxbngycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIgMEAFETgzAMAwQBUROGAwQAUROIMAwD
BABRE4sDBAFRE4wwDQYJKoZIhvcNAQELBQADggEBAKezcOenOz2MwWw1FjYtgxsw
xMh15pZUS2xNdogh/n+i0AARGQFDcF1111A/kxoRkl+uV0ebmYkeNjSIs7ze+3ZG
W003szuovwTV0Vr+pYkS64N3hV6B0+PVaujlPz48fotwDYk/szJISA9PKYLSmUCA
JKca/9Vqlz5c/7KLo1jyBstZXfcdXm+pB5YOMb4RULXYshCs92VGg2vzSqQntwFt
17D0fS/F19KkI5AhkPMOcs0PD3nActY66eYD0gi7STlDkl/t0d7rV6OtEKckrljb
3Qq9qt00oefkAypqQ3l70aiEjS5Y7dNqd2xOc3CD76klxd9EkIpBiK9nki9Wrfg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org