Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/d6dqZdCF4dmJzJRgY5cFZCIpXLM.roa
File:                     d6dqZdCF4dmJzJRgY5cFZCIpXLM.roa (raw, json)
Hash identifier:          aRL9D7sNlxauE9L7Uc5GBCa/w632AokANaA/mPzoruk=
Subject key identifier:   77:A7:6A:65:D0:85:E1:D9:89:CC:94:60:63:97:05:64:22:29:5C:B3
Certificate issuer:       /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial:       01841F60D901B6B4F926110F683904EBBBAC
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/d6dqZdCF4dmJzJRgY5cFZCIpXLM.roa
Signing time:             Fri 28 Oct 2022 16:15:51 +0000
ROA not before:           Fri 28 Oct 2022 16:15:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56971
IP address blocks:        45.154.3.0/24 maxlen: 32
                          45.154.1.0/24 maxlen: 32
                          45.154.2.0/24 maxlen: 32
                          45.152.86.0/24 maxlen: 32
                          193.43.72.0/24 maxlen: 32
                          45.152.112.0/24 maxlen: 32
                          45.11.92.0/24 maxlen: 32
                          45.152.113.0/24 maxlen: 32
                          193.242.145.0/24 maxlen: 32
                          45.145.6.0/24 maxlen: 32
                          45.145.7.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1f:60:d9:01:b6:b4:f9:26:11:0f:68:39:04:eb:bb:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
        Validity
            Not Before: Oct 28 16:15:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77a76a65d085e1d989cc94606397056422295cb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:50:fa:bf:15:74:87:5e:e1:72:09:e4:71:5d:
                    db:e7:9b:d3:ee:57:07:fd:31:1e:09:bb:03:5e:5b:
                    67:fc:52:d3:22:72:28:ad:ac:d9:1d:14:58:df:ce:
                    2f:b1:d4:58:22:e8:71:46:28:e2:e3:3e:c0:3c:cb:
                    df:7d:cd:05:1c:f0:0c:0e:95:9a:ad:ea:cf:27:6d:
                    81:8d:4d:34:57:21:7e:e4:59:4c:d5:1e:10:ab:5a:
                    69:23:0d:de:3b:ad:c0:83:fe:f3:67:97:1c:56:ef:
                    d4:58:03:9b:cf:c4:a8:67:81:e4:c8:d5:e0:2b:96:
                    5d:ad:fa:8d:a6:ca:0e:a3:18:fa:29:bb:40:58:53:
                    f4:f8:80:f6:54:09:4c:16:2c:02:41:23:a1:a0:50:
                    72:99:5a:a6:10:f5:1f:33:f7:fc:5e:fb:4e:f5:7f:
                    d0:d5:8a:ea:3e:73:90:ac:7e:ae:dc:2e:2b:16:f7:
                    08:70:fd:4e:03:68:1f:d2:23:1b:7e:ba:7e:55:f6:
                    e4:22:e0:cd:2d:c1:1d:27:d1:72:90:09:4b:13:d4:
                    e2:9f:d2:42:ca:31:53:ac:b5:cf:f1:8f:37:84:6d:
                    aa:d0:c5:22:02:78:2e:b4:69:f6:b3:ed:73:b7:a1:
                    97:a1:e6:df:f2:97:d0:12:10:a1:70:e8:8a:5c:ee:
                    53:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:A7:6A:65:D0:85:E1:D9:89:CC:94:60:63:97:05:64:22:29:5C:B3
            X509v3 Authority Key Identifier:
                keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/d6dqZdCF4dmJzJRgY5cFZCIpXLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.92.0/24
                  45.145.6.0/23
                  45.152.86.0/24
                  45.152.112.0/23
                  45.154.1.0-45.154.3.255
                  193.43.72.0/24
                  193.242.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:fd:f2:7d:3a:fb:04:d8:e3:17:51:6a:ef:da:3c:87:07:9c:
         88:40:99:5b:16:aa:59:99:0c:a8:39:37:f8:f5:67:4d:8e:a6:
         27:65:8b:20:f1:d3:da:7a:d0:e3:b9:bc:01:a7:63:ff:22:10:
         2b:03:f2:92:57:4a:e1:e7:75:f9:82:73:99:d5:4f:e0:03:03:
         43:4b:78:a6:9c:f1:42:7c:47:15:6f:23:74:e3:6d:3a:a6:8d:
         f6:12:95:f3:43:49:09:fd:8e:f2:a7:f6:72:9c:c4:11:ba:b4:
         22:a5:6b:a8:fe:a8:6c:b5:9e:74:fb:a7:8f:bd:a0:11:85:34:
         2c:4d:41:81:8c:a8:7d:8f:96:7e:f5:02:1e:28:f0:1b:39:9d:
         dd:08:84:b7:ed:d7:c2:63:55:44:a8:4d:63:22:36:55:64:f8:
         40:d2:45:b1:97:95:fb:7e:b3:14:f0:30:34:89:1f:7c:ba:8d:
         83:44:19:59:a0:1a:4e:1f:88:08:c5:8f:f2:19:e2:b9:2b:b2:
         3d:70:b2:e3:30:12:04:ea:88:27:74:80:01:e6:93:da:09:c3:
         6c:02:d4:b3:a7:0f:ab:70:bf:ff:ef:8d:9d:6d:ac:80:3b:93:
         5d:f5:65:a6:eb:fc:5b:e2:74:84:c3:3a:67:4f:b7:d6:ae:28:
         d1:7d:16:e6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYQfYNkBtrT5JhEPaDkE67usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjIxMDI4MTYxNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E3NmE2NWQwODVlMWQ5ODljYzk0NjA2Mzk3MDU2NDIyMjk1Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFD6vxV0h17hcgnkcV3b55vT7lcH
/TEeCbsDXltn/FLTInIorazZHRRY384vsdRYIuhxRiji4z7APMvffc0FHPAMDpWa
rerPJ22BjU00VyF+5FlM1R4Qq1ppIw3eO63Ag/7zZ5ccVu/UWAObz8SoZ4HkyNXg
K5ZdrfqNpsoOoxj6KbtAWFP0+ID2VAlMFiwCQSOhoFBymVqmEPUfM/f8XvtO9X/Q
1YrqPnOQrH6u3C4rFvcIcP1OA2gf0iMbfrp+VfbkIuDNLcEdJ9FykAlLE9Tin9JC
yjFTrLXP8Y83hG2q0MUiAngutGn2s+1zt6GXoebf8pfQEhChcOiKXO5TvQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHenamXQheHZicyUYGOXBWQiKVyzMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvZDZkcVpkQ0Y0ZG1KekpSZ1k1Y0ZaQ0lwWExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQtcAwQB
LZEGAwQALZhWAwQBLZhwMAwDBAAtmgEDBAItmgADBADBK0gDBADB8pEwDQYJKoZI
hvcNAQELBQADggEBAAX98n06+wTY4xdRau/aPIcHnIhAmVsWqlmZDKg5N/j1Z02O
pidliyDx09p60OO5vAGnY/8iECsD8pJXSuHndfmCc5nVT+ADA0NLeKac8UJ8RxVv
I3TjbTqmjfYSlfNDSQn9jvKn9nKcxBG6tCKla6j+qGy1nnT7p4+9oBGFNCxNQYGM
qH2Pln71Ah4o8Bs5nd0IhLft18JjVUSoTWMiNlVk+EDSRbGXlft+sxTwMDSJH3y6
jYNEGVmgGk4fiAjFj/IZ4rkrsj1wsuMwEgTqiCd0gAHmk9oJw2wC1LOnD6twv//v
jZ1trIA7k131Zabr/FvidITDOmdPt9auKNF9FuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:22 2024 by rpki-client on console-ams.rpki-client.org