Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/u1dEoUnefxKdg3I7jFwe-GZ31SI.roa
File:                     u1dEoUnefxKdg3I7jFwe-GZ31SI.roa (raw, json)
Hash identifier:          e1I7AKFEBAip1nWyFIrakTdU05qJDT3y7flLbu1+GvI=
Subject key identifier:   BB:57:44:A1:49:DE:7F:12:9D:83:72:3B:8C:5C:1E:F8:66:77:D5:22
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       20B25C29
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/u1dEoUnefxKdg3I7jFwe-GZ31SI.roa
Signing time:             Wed 27 Apr 2022 12:28:47 +0000
ROA not before:           Wed 27 Apr 2022 12:28:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        185.14.94.0/24 maxlen: 24
                          185.14.95.0/24 maxlen: 24
                          37.114.36.0/24 maxlen: 24
                          37.114.33.0/24 maxlen: 24
                          37.114.35.0/24 maxlen: 24
                          37.114.34.0/24 maxlen: 24
                          37.114.38.0/23 maxlen: 24
                          37.114.43.0/24 maxlen: 24
                          37.114.42.0/24 maxlen: 24
                          37.114.50.0/24 maxlen: 24
                          37.114.47.0/24 maxlen: 24
                          37.114.48.0/24 maxlen: 24
                          37.114.53.0/24 maxlen: 24
                          37.114.57.0/24 maxlen: 24
                          37.114.56.0/24 maxlen: 24
                          37.114.55.0/24 maxlen: 24
                          103.252.88.0/22 maxlen: 22
                          37.114.61.0/24 maxlen: 24
                          37.114.60.0/24 maxlen: 24
                          37.114.62.0/24 maxlen: 24
                          37.114.59.0/24 maxlen: 24
                          43.251.162.0/23 maxlen: 23
                          176.100.33.0/24 maxlen: 24
                          176.100.32.0/24 maxlen: 24
                          176.100.34.0/24 maxlen: 24
                          176.100.35.0/24 maxlen: 24
                          2a00:ccc1:100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 548559913 (0x20b25c29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Apr 27 12:28:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb5744a149de7f129d83723b8c5c1ef86677d522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:51:2e:fe:5f:6a:16:1e:b7:25:a2:f6:c3:ba:
                    f4:06:b8:bc:3e:a7:8d:16:b0:71:eb:66:4f:72:f7:
                    7a:bb:3b:e8:78:46:a8:a1:01:29:47:5e:14:dd:c7:
                    4c:0e:61:d5:ca:d2:a5:85:b9:3b:51:61:9d:68:e8:
                    b5:70:d0:8d:6e:88:50:7f:7a:9b:62:c1:7a:ea:48:
                    52:c1:03:59:49:15:45:53:d8:76:12:f6:fc:13:7f:
                    51:52:e3:0d:bb:05:ee:7b:f4:d8:6e:b1:01:05:67:
                    2a:9a:bf:70:c0:65:1f:f0:79:ba:fc:f9:ba:31:3a:
                    66:72:88:7d:fe:9b:a6:ba:b3:8b:c1:da:cb:83:e9:
                    ec:95:19:d5:92:2a:c1:06:50:b9:27:21:ed:73:c6:
                    96:97:f5:36:a8:b7:a8:0e:69:1d:ac:da:17:7a:ac:
                    65:60:6b:05:a1:74:07:bd:61:c1:13:cb:50:e5:2e:
                    f2:dc:dd:53:43:31:71:12:bd:65:e0:a9:0e:68:e8:
                    a5:5f:32:0b:96:e2:56:34:5d:d2:be:26:5b:4e:eb:
                    ea:e8:32:ae:9b:06:c4:15:99:56:1d:70:7a:d3:7f:
                    9c:66:8a:83:b6:39:76:51:dd:4b:8f:57:b1:d8:f6:
                    f0:c5:3f:fc:65:45:9c:a2:40:e6:98:9d:be:3a:e3:
                    b4:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:57:44:A1:49:DE:7F:12:9D:83:72:3B:8C:5C:1E:F8:66:77:D5:22
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/u1dEoUnefxKdg3I7jFwe-GZ31SI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.33.0-37.114.36.255
                  37.114.38.0/23
                  37.114.42.0/23
                  37.114.47.0-37.114.48.255
                  37.114.50.0/24
                  37.114.53.0/24
                  37.114.55.0-37.114.57.255
                  37.114.59.0-37.114.62.255
                  43.251.162.0/23
                  103.252.88.0/22
                  176.100.32.0/22
                  185.14.94.0/23
                IPv6:
                  2a00:ccc1:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         02:d3:10:06:75:75:d3:14:8b:2e:58:b0:5e:4b:8c:df:17:29:
         b8:79:71:d8:a1:63:cf:b3:0f:01:16:39:cc:d5:74:53:8e:41:
         02:02:bd:6b:f5:f4:7f:81:78:bd:ad:6e:f8:94:5d:c6:05:55:
         8c:5c:d5:a0:b1:28:c1:c7:76:ad:c6:bd:88:4b:58:78:40:49:
         5e:c9:a9:d0:05:99:51:40:44:d6:73:aa:5b:42:c2:7b:e8:fc:
         c9:ce:c3:18:1e:e6:58:99:8e:2d:91:c1:c5:4f:9e:fa:dd:0f:
         57:6f:6b:f0:20:34:89:a7:8e:10:89:db:01:d7:a0:5b:52:de:
         12:4a:4c:1b:09:61:4a:01:57:7d:79:bd:bd:4c:94:a0:61:5e:
         5b:49:bc:a6:42:ec:8a:fe:21:c9:40:01:9c:f3:32:44:a0:90:
         11:aa:5b:5a:96:a3:d6:50:c8:b3:d6:61:96:24:84:e0:60:06:
         c9:7c:b9:c4:e5:8e:af:a0:b3:71:74:fd:40:b4:e8:1e:07:41:
         44:c3:8c:57:38:92:0a:09:3e:22:2c:62:ad:d6:7f:44:91:e6:
         58:14:b8:cf:52:41:6f:bc:ff:56:75:82:59:51:3d:f5:e2:24:
         8e:60:04:b0:c8:34:7e:4a:cf:84:22:ee:ab:b4:31:9b:66:3f:
         9a:10:1b:3c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIEILJcKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDQy
NzEyMjg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI1NzQ0YTE0OWRl
N2YxMjlkODM3MjNiOGM1YzFlZjg2Njc3ZDUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO9RLv5fahYetyWi9sO69Aa4vD6njRawcetmT3L3ers76HhG
qKEBKUdeFN3HTA5h1crSpYW5O1FhnWjotXDQjW6IUH96m2LBeupIUsEDWUkVRVPY
dhL2/BN/UVLjDbsF7nv02G6xAQVnKpq/cMBlH/B5uvz5ujE6ZnKIff6bprqzi8Ha
y4Pp7JUZ1ZIqwQZQuSch7XPGlpf1Nqi3qA5pHazaF3qsZWBrBaF0B71hwRPLUOUu
8tzdU0MxcRK9ZeCpDmjopV8yC5biVjRd0r4mW07r6ugyrpsGxBWZVh1wetN/nGaK
g7Y5dlHdS49Xsdj28MU//GVFnKJA5pidvjrjtEkCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBS7V0ShSd5/Ep2DcjuMXB74ZnfVIjAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L3UxZEVvVW5lZnhLZGczSTdqRndlLUdaMzFTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwbgQCAAEwaDAMAwQAJXIhAwQAJXIkAwQBJXIm
AwQBJXIqMAwDBAAlci8DBAAlcjADBAAlcjIDBAAlcjUwDAMEACVyNwMEASVyODAM
AwQAJXI7AwQAJXI+AwQBK/uiAwQCZ/xYAwQCsGQgAwQBuQ5eMA4EAgACMAgDBgAq
AMzBATANBgkqhkiG9w0BAQsFAAOCAQEAAtMQBnV10xSLLliwXkuM3xcpuHlx2KFj
z7MPARY5zNV0U45BAgK9a/X0f4F4va1u+JRdxgVVjFzVoLEowcd2rca9iEtYeEBJ
Xsmp0AWZUUBE1nOqW0LCe+j8yc7DGB7mWJmOLZHBxU+e+t0PV29r8CA0iaeOEInb
AdegW1LeEkpMGwlhSgFXfXm9vUyUoGFeW0m8pkLsiv4hyUABnPMyRKCQEapbWpaj
1lDIs9ZhliSE4GAGyXy5xOWOr6CzcXT9QLToHgdBRMOMVziSCgk+IixirdZ/RJHm
WBS4z1JBb7z/VnWCWVE99eIkjmAEsMg0fkrPhCLuq7Qxm2Y/mhAbPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org