Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/dPc9O7pbbgglKBbLhou-8P9aOsc.roa
File:                     dPc9O7pbbgglKBbLhou-8P9aOsc.roa (raw, json)
Hash identifier:          zSVfiHttF9B1gW7lziD6oz5CPc1ThSGeVQBRLi9jVM8=
Subject key identifier:   74:F7:3D:3B:BA:5B:6E:08:25:28:16:CB:86:8B:BE:F0:FF:5A:3A:C7
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       1F9067D2
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/dPc9O7pbbgglKBbLhou-8P9aOsc.roa
Signing time:             Sat 01 Jan 2022 14:06:38 +0000
ROA not before:           Sat 01 Jan 2022 14:06:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        185.14.94.0/24 maxlen: 24
                          185.14.95.0/24 maxlen: 24
                          37.114.36.0/24 maxlen: 24
                          37.114.33.0/24 maxlen: 24
                          37.114.35.0/24 maxlen: 24
                          37.114.34.0/24 maxlen: 24
                          37.114.38.0/23 maxlen: 24
                          37.114.44.0/24 maxlen: 24
                          37.114.43.0/24 maxlen: 24
                          37.114.42.0/24 maxlen: 24
                          37.114.46.0/24 maxlen: 24
                          37.114.45.0/24 maxlen: 24
                          37.114.50.0/24 maxlen: 24
                          37.114.47.0/24 maxlen: 24
                          37.114.48.0/24 maxlen: 24
                          37.114.53.0/24 maxlen: 24
                          37.114.54.0/24 maxlen: 24
                          37.114.56.0/24 maxlen: 24
                          37.114.55.0/24 maxlen: 24
                          103.252.88.0/22 maxlen: 22
                          37.114.61.0/24 maxlen: 24
                          37.114.60.0/24 maxlen: 24
                          37.114.62.0/24 maxlen: 24
                          37.114.59.0/24 maxlen: 24
                          43.251.162.0/23 maxlen: 23
                          176.100.33.0/24 maxlen: 24
                          176.100.32.0/24 maxlen: 24
                          176.100.34.0/24 maxlen: 24
                          176.100.35.0/24 maxlen: 24
                          2a00:ccc1:100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 529557458 (0x1f9067d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Jan  1 14:06:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74f73d3bba5b6e08252816cb868bbef0ff5a3ac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:15:91:ca:ea:fb:ea:06:5e:b0:68:5b:93:f2:
                    1b:5b:8c:dc:10:75:22:25:9c:66:3b:16:59:30:68:
                    18:74:e9:44:ed:f0:30:bb:06:b9:aa:54:cb:54:90:
                    65:3d:b8:1e:c4:46:8c:aa:22:92:39:22:f9:87:b6:
                    fc:0b:11:cf:8b:b6:51:d8:2a:72:8f:55:ef:7e:48:
                    e3:19:cc:a3:34:85:07:70:f6:ff:5a:50:f1:73:b5:
                    ba:3c:8b:da:31:e5:68:77:7b:81:66:69:98:84:05:
                    45:48:2b:af:10:7e:7f:9b:2b:14:da:85:9b:48:4b:
                    c5:86:c3:33:f7:89:cd:e7:d0:1d:ab:fe:a0:34:ac:
                    d8:c9:fe:8e:10:92:c5:52:06:a7:c5:88:a4:9b:47:
                    51:79:40:7f:30:f3:fd:15:54:8e:f6:85:1e:0b:01:
                    cf:a8:91:6d:3c:6b:0c:9d:71:f8:d0:a3:29:b4:09:
                    22:2d:dc:d1:f7:44:5f:d0:24:53:95:57:53:b7:89:
                    1f:b7:a8:ca:a5:04:c5:70:ba:4a:e8:56:a2:8c:23:
                    5c:08:e7:7b:3d:9b:c1:48:31:76:93:29:f2:fb:e1:
                    b3:65:07:22:ef:2c:f8:ed:83:33:6e:fe:82:be:22:
                    79:59:c5:9d:72:90:5c:53:88:4f:d2:be:a1:f9:79:
                    bc:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:F7:3D:3B:BA:5B:6E:08:25:28:16:CB:86:8B:BE:F0:FF:5A:3A:C7
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/dPc9O7pbbgglKBbLhou-8P9aOsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.33.0-37.114.36.255
                  37.114.38.0/23
                  37.114.42.0-37.114.48.255
                  37.114.50.0/24
                  37.114.53.0-37.114.56.255
                  37.114.59.0-37.114.62.255
                  43.251.162.0/23
                  103.252.88.0/22
                  176.100.32.0/22
                  185.14.94.0/23
                IPv6:
                  2a00:ccc1:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         86:ce:33:c7:af:f0:f8:49:98:ee:82:38:34:79:95:1e:e7:87:
         ff:f7:d5:19:22:cc:76:01:f9:6d:0e:0d:4e:cf:81:c9:6a:89:
         60:18:bc:e8:d6:97:ac:29:ba:81:cd:53:0e:aa:a4:1a:7e:96:
         b8:bf:f3:9e:d2:12:9e:62:5b:56:ee:15:93:ff:35:ac:d2:97:
         5c:75:4c:42:59:54:9e:c4:53:37:38:6f:c6:fd:57:ce:88:40:
         69:ce:6f:cc:cd:4c:be:28:95:ce:40:bb:65:ca:55:b2:15:55:
         69:b6:33:d9:f4:fe:0b:19:81:40:14:7a:83:5d:25:cd:93:3c:
         67:20:bc:87:8b:93:9b:09:6c:17:64:f1:17:46:e3:06:b9:0c:
         38:d8:86:04:fe:71:95:c6:b4:17:4e:9f:cc:07:df:f9:2b:0f:
         62:45:9e:a2:47:aa:d7:84:39:90:26:e6:a6:15:2a:a4:93:95:
         70:d4:40:fb:da:e9:6b:5e:49:e3:5c:b9:d7:66:48:2c:60:bd:
         2d:60:5f:6e:75:0a:46:34:77:9d:ce:63:22:77:4d:9e:c6:52:
         68:95:e5:32:c2:b2:fc:f9:b1:da:09:91:63:63:2e:67:75:d2:
         32:5f:6f:c4:5f:2f:d9:15:8f:00:ef:29:aa:7c:0b:b4:8f:af:
         b1:65:b0:51
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEH5Bn0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRmNzNkM2JiYTVi
NmUwODI1MjgxNmNiODY4YmJlZjBmZjVhM2FjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcVkcrq++oGXrBoW5PyG1uM3BB1IiWcZjsWWTBoGHTpRO3w
MLsGuapUy1SQZT24HsRGjKoikjki+Ye2/AsRz4u2Udgqco9V735I4xnMozSFB3D2
/1pQ8XO1ujyL2jHlaHd7gWZpmIQFRUgrrxB+f5srFNqFm0hLxYbDM/eJzefQHav+
oDSs2Mn+jhCSxVIGp8WIpJtHUXlAfzDz/RVUjvaFHgsBz6iRbTxrDJ1x+NCjKbQJ
Ii3c0fdEX9AkU5VXU7eJH7eoyqUExXC6SuhWoowjXAjnez2bwUgxdpMp8vvhs2UH
Iu8s+O2DM27+gr4ieVnFnXKQXFOIT9K+ofl5vHkCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBR09z07ultuCCUoFsuGi77w/1o6xzAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L2RQYzlPN3BiYmdnbEtCYkxob3UtOFA5YU9zYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MGIEAgABMFwwDAMEACVyIQMEACVyJAMEASVyJjAM
AwQBJXIqAwQAJXIwAwQAJXIyMAwDBAAlcjUDBAAlcjgwDAMEACVyOwMEACVyPgME
ASv7ogMEAmf8WAMEArBkIAMEAbkOXjAOBAIAAjAIAwYAKgDMwQEwDQYJKoZIhvcN
AQELBQADggEBAIbOM8ev8PhJmO6CODR5lR7nh//31RkizHYB+W0ODU7PgclqiWAY
vOjWl6wpuoHNUw6qpBp+lri/857SEp5iW1buFZP/NazSl1x1TEJZVJ7EUzc4b8b9
V86IQGnOb8zNTL4olc5Au2XKVbIVVWm2M9n0/gsZgUAUeoNdJc2TPGcgvIeLk5sJ
bBdk8RdG4wa5DDjYhgT+cZXGtBdOn8wH3/krD2JFnqJHqteEOZAm5qYVKqSTlXDU
QPva6WteSeNcuddmSCxgvS1gX251CkY0d53OYyJ3TZ7GUmiV5TLCsvz5sdoJkWNj
Lmd10jJfb8RfL9kVjwDvKap8C7SPr7FlsFE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org