Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MUqRKn8ZtQ1rFVUJxilfxehKYxU.roa
File:                     MUqRKn8ZtQ1rFVUJxilfxehKYxU.roa (raw, json)
Hash identifier:          T0Jz/ndSvXa6OsgM6Hw2H4xoxxiiQ8WEewr1jDKNeVI=
Subject key identifier:   31:4A:91:2A:7F:19:B5:0D:6B:15:55:09:C6:29:5F:C5:E8:4A:63:15
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       200D647B
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MUqRKn8ZtQ1rFVUJxilfxehKYxU.roa
Signing time:             Thu 17 Feb 2022 20:01:46 +0000
ROA not before:           Thu 17 Feb 2022 20:01:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        185.14.94.0/24 maxlen: 24
                          185.14.95.0/24 maxlen: 24
                          37.114.36.0/24 maxlen: 24
                          37.114.33.0/24 maxlen: 24
                          37.114.35.0/24 maxlen: 24
                          37.114.34.0/24 maxlen: 24
                          37.114.38.0/23 maxlen: 24
                          37.114.43.0/24 maxlen: 24
                          37.114.42.0/24 maxlen: 24
                          37.114.46.0/24 maxlen: 24
                          37.114.50.0/24 maxlen: 24
                          37.114.47.0/24 maxlen: 24
                          37.114.48.0/24 maxlen: 24
                          37.114.53.0/24 maxlen: 24
                          37.114.57.0/24 maxlen: 24
                          37.114.56.0/24 maxlen: 24
                          37.114.55.0/24 maxlen: 24
                          103.252.88.0/22 maxlen: 22
                          37.114.61.0/24 maxlen: 24
                          37.114.60.0/24 maxlen: 24
                          37.114.62.0/24 maxlen: 24
                          37.114.59.0/24 maxlen: 24
                          43.251.162.0/23 maxlen: 23
                          176.100.33.0/24 maxlen: 24
                          176.100.32.0/24 maxlen: 24
                          176.100.34.0/24 maxlen: 24
                          176.100.35.0/24 maxlen: 24
                          2a00:ccc1:100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 537748603 (0x200d647b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Feb 17 20:01:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=314a912a7f19b50d6b155509c6295fc5e84a6315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3f:b7:2c:4f:58:70:e5:76:45:79:39:56:40:
                    b7:72:1f:f7:6d:af:86:80:52:e0:ca:83:7d:be:b1:
                    0d:26:32:c3:f7:18:e8:bb:2a:ca:c4:bc:bd:31:56:
                    73:30:f3:78:63:61:1e:67:49:5f:2c:30:4d:ff:a9:
                    fd:4b:ba:ce:bf:b5:30:78:f7:eb:d5:f0:de:1a:9e:
                    e0:e1:31:d8:f8:57:cb:7a:b5:1e:48:f9:8a:e9:c2:
                    b4:98:f5:07:ff:12:98:8b:1c:59:47:59:07:20:30:
                    0c:0f:1f:e7:76:79:e4:25:1b:59:f1:cf:03:98:33:
                    4a:02:a9:58:e2:0d:19:9a:f3:72:52:97:78:18:d5:
                    17:1e:9c:b0:46:b0:b4:e3:96:ce:2c:c7:91:dd:16:
                    c6:83:4a:2c:34:a9:71:fb:e9:2e:00:cc:ce:ec:1b:
                    87:4e:e0:bb:7d:c7:95:d6:ad:23:e1:b7:f2:ba:c0:
                    2c:ef:0d:79:2d:7c:aa:cb:33:b9:f7:41:c3:70:02:
                    10:39:8f:28:ac:ba:b7:2a:26:09:9d:8f:95:1f:ed:
                    b9:3c:15:c5:1e:1d:f9:10:a4:4a:c8:79:cf:25:14:
                    3b:0d:6a:6e:59:52:52:49:6d:6c:4b:f5:4a:e6:4d:
                    e5:74:30:0b:82:f4:15:89:42:f1:2f:9f:8f:23:de:
                    ca:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:4A:91:2A:7F:19:B5:0D:6B:15:55:09:C6:29:5F:C5:E8:4A:63:15
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/MUqRKn8ZtQ1rFVUJxilfxehKYxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.33.0-37.114.36.255
                  37.114.38.0/23
                  37.114.42.0/23
                  37.114.46.0-37.114.48.255
                  37.114.50.0/24
                  37.114.53.0/24
                  37.114.55.0-37.114.57.255
                  37.114.59.0-37.114.62.255
                  43.251.162.0/23
                  103.252.88.0/22
                  176.100.32.0/22
                  185.14.94.0/23
                IPv6:
                  2a00:ccc1:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         21:9b:e6:3c:88:6d:13:57:f3:31:38:75:41:ce:2b:73:fd:74:
         f8:eb:61:26:80:eb:db:29:19:9d:15:10:a1:6a:2d:0b:34:b7:
         58:ce:71:ea:a8:e7:c4:a2:56:9c:84:dc:15:ea:ef:51:ee:17:
         98:2d:06:29:45:25:06:5b:b3:85:1e:1e:11:6a:7d:9f:3f:7c:
         9c:fa:dc:3a:f1:57:92:9c:36:ef:d2:d6:e8:7b:a6:fb:e7:d6:
         49:e0:0c:b2:3c:ba:8a:c1:a3:0c:5e:da:1a:66:8f:d6:b0:18:
         72:3e:12:fe:8e:ae:a9:72:a3:24:b9:5e:fe:e2:ef:2c:70:26:
         6c:57:30:d7:e9:5e:17:b2:18:b1:6c:ae:55:11:28:78:ef:b4:
         c8:f9:1c:f0:7a:f8:a3:5b:fb:8e:7e:ad:cc:00:2a:a6:7c:dd:
         ee:39:de:f5:2d:a8:b1:f1:a2:75:06:2d:9a:68:b9:e3:43:d6:
         54:5b:58:c5:9e:fd:8b:e5:64:ed:f0:7e:06:ad:63:8a:0d:2d:
         c7:25:d7:72:40:43:3e:35:89:37:ac:1a:24:e9:33:d2:38:bf:
         18:b6:c2:bd:20:46:da:2b:4e:ab:ef:24:11:30:a7:db:72:ac:
         46:ae:d1:f7:6c:c9:ab:8e:dd:fb:df:17:5f:d9:9c:b3:ef:9c:
         14:68:41:3f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIEIA1kezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDIx
NzIwMDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE0YTkxMmE3ZjE5
YjUwZDZiMTU1NTA5YzYyOTVmYzVlODRhNjMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk/tyxPWHDldkV5OVZAt3If922vhoBS4MqDfb6xDSYyw/cY
6LsqysS8vTFWczDzeGNhHmdJXywwTf+p/Uu6zr+1MHj369Xw3hqe4OEx2PhXy3q1
Hkj5iunCtJj1B/8SmIscWUdZByAwDA8f53Z55CUbWfHPA5gzSgKpWOINGZrzclKX
eBjVFx6csEawtOOWzizHkd0WxoNKLDSpcfvpLgDMzuwbh07gu33HldatI+G38rrA
LO8NeS18qsszufdBw3ACEDmPKKy6tyomCZ2PlR/tuTwVxR4d+RCkSsh5zyUUOw1q
bllSUkltbEv1SuZN5XQwC4L0FYlC8S+fjyPeylsCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBQxSpEqfxm1DWsVVQnGKV/F6EpjFTAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L01VcVJLbjhadFExckZWVUp4aWxmeGVoS1l4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwbgQCAAEwaDAMAwQAJXIhAwQAJXIkAwQBJXIm
AwQBJXIqMAwDBAElci4DBAAlcjADBAAlcjIDBAAlcjUwDAMEACVyNwMEASVyODAM
AwQAJXI7AwQAJXI+AwQBK/uiAwQCZ/xYAwQCsGQgAwQBuQ5eMA4EAgACMAgDBgAq
AMzBATANBgkqhkiG9w0BAQsFAAOCAQEAIZvmPIhtE1fzMTh1Qc4rc/10+OthJoDr
2ykZnRUQoWotCzS3WM5x6qjnxKJWnITcFervUe4XmC0GKUUlBluzhR4eEWp9nz98
nPrcOvFXkpw279LW6Hum++fWSeAMsjy6isGjDF7aGmaP1rAYcj4S/o6uqXKjJLle
/uLvLHAmbFcw1+leF7IYsWyuVREoeO+0yPkc8Hr4o1v7jn6tzAAqpnzd7jne9S2o
sfGidQYtmmi540PWVFtYxZ79i+Vk7fB+Bq1jig0txyXXckBDPjWJN6waJOkz0ji/
GLbCvSBG2itOq+8kETCn23KsRq7R92zJq47d+98XX9mcs++cFGhBPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org