Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/tJSm1gcNEchsn0TerBr4pwq0YfU.roa
File:                     tJSm1gcNEchsn0TerBr4pwq0YfU.roa (raw, json)
Hash identifier:          0B2LcxOUno9v0G5dnVCe94QkhAmCUD3N20VM0OHQM8s=
Subject key identifier:   B4:94:A6:D6:07:0D:11:C8:6C:9F:44:DE:AC:1A:F8:A7:0A:B4:61:F5
Certificate issuer:       /CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Certificate serial:       0E2B13BE
Authority key identifier: 3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/tJSm1gcNEchsn0TerBr4pwq0YfU.roa
Signing time:             Fri 13 May 2022 14:54:40 +0000
ROA not before:           Fri 13 May 2022 14:54:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34879
IP address blocks:        78.41.104.0/23 maxlen: 24
                          78.41.106.0/24 maxlen: 24
                          78.41.110.0/23 maxlen: 24
                          78.41.109.0/24 maxlen: 24
                          78.41.108.0/24 maxlen: 24
                          78.41.107.0/24 maxlen: 24
                          46.235.186.0/24 maxlen: 24
                          46.235.184.0/23 maxlen: 24
                          46.235.189.0/24 maxlen: 24
                          46.235.188.0/24 maxlen: 24
                          46.235.188.0/23 maxlen: 23
                          46.235.187.0/24 maxlen: 24
                          46.235.190.0/23 maxlen: 23
                          37.220.162.0/23 maxlen: 24
                          37.220.161.0/24 maxlen: 24
                          37.220.160.0/24 maxlen: 24
                          37.220.166.0/24 maxlen: 24
                          37.220.165.0/24 maxlen: 24
                          37.220.167.0/24 maxlen: 24
                          93.93.91.0/24 maxlen: 24
                          93.93.90.0/24 maxlen: 24
                          93.93.88.0/23 maxlen: 24
                          93.93.94.0/24 maxlen: 24
                          93.93.92.0/23 maxlen: 24
                          93.93.95.0/24 maxlen: 24
                          185.17.168.0/24 maxlen: 24
                          185.17.170.0/23 maxlen: 24
                          2a03:e040:10::/48 maxlen: 48
                          2a03:e040::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 237704126 (0xe2b13be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
        Validity
            Not Before: May 13 14:54:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b494a6d6070d11c86c9f44deac1af8a70ab461f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:31:31:11:e1:a8:9a:aa:7e:78:4e:b8:f7:d1:
                    f1:ac:d2:e9:73:3e:fa:81:fe:a4:56:f7:56:86:9a:
                    66:5c:98:58:b4:c8:b9:0d:f6:c8:ad:73:b3:21:d2:
                    93:96:43:ff:b0:cc:c8:85:10:e5:2d:95:3a:58:70:
                    87:42:f6:8b:85:58:8e:b2:b9:28:91:93:a5:96:ad:
                    6f:1a:79:e0:ef:03:4c:90:aa:00:87:92:e5:ae:0a:
                    c5:31:23:73:a3:58:84:0f:21:95:e0:0d:3d:35:b3:
                    d5:6c:7f:fb:c3:4c:a8:bd:21:1e:da:68:03:a0:76:
                    e1:1b:d2:e9:71:58:8e:98:2d:2e:2c:f7:4c:26:81:
                    4b:6e:aa:e4:97:80:c2:a4:15:af:14:f0:61:55:83:
                    e9:6c:6d:62:fa:c0:25:c6:88:dd:f8:33:e8:a6:06:
                    e4:61:84:53:21:97:fa:83:e6:22:92:85:da:85:ba:
                    47:26:6b:1b:38:8c:b0:fa:82:4f:56:cb:32:44:91:
                    49:43:b0:ad:00:19:5c:73:32:f9:10:5d:ee:8f:ac:
                    c9:eb:c0:f7:5b:08:45:a3:9a:a7:9a:42:bb:81:42:
                    9c:fa:d7:a7:51:82:64:a3:7d:13:9f:e1:9d:78:0a:
                    c4:87:48:19:d1:44:50:c4:7d:7a:87:b4:86:bd:7e:
                    10:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:94:A6:D6:07:0D:11:C8:6C:9F:44:DE:AC:1A:F8:A7:0A:B4:61:F5
            X509v3 Authority Key Identifier:
                keyid:3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/tJSm1gcNEchsn0TerBr4pwq0YfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.220.160.0/22
                  37.220.165.0-37.220.167.255
                  46.235.184.0/21
                  78.41.104.0/21
                  93.93.88.0/21
                  185.17.168.0/24
                  185.17.170.0/23
                IPv6:
                  2a03:e040::/48
                  2a03:e040:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:fe:b1:84:8b:4b:9a:5a:c8:d2:f9:2b:16:0c:09:bd:51:1f:
         22:26:25:e3:b4:ab:ef:fb:02:70:12:67:5b:7e:46:ed:3f:3a:
         95:d2:b7:a6:e7:ba:4a:c4:ce:c2:05:67:5e:9b:8a:94:78:77:
         5a:86:2d:84:b9:8a:1e:e5:21:61:0c:4b:91:3e:31:be:f6:54:
         01:ec:3e:eb:21:02:01:72:63:15:78:ff:b1:43:ca:5d:96:3f:
         cc:c5:7d:a2:84:12:42:2b:1a:ea:8c:a0:c2:b6:ad:d1:7c:21:
         fd:3d:94:f3:a4:e2:96:65:68:46:be:8c:34:39:f1:c2:ec:df:
         69:d6:52:5a:c0:ec:b5:db:eb:b0:4f:13:fc:20:6f:40:b5:c8:
         bd:c6:4b:83:bf:ae:4f:e3:23:e1:cd:b0:20:95:aa:8f:2e:33:
         f9:3f:7a:31:37:0c:87:37:73:4c:38:7d:71:7f:84:b0:a8:14:
         39:b9:5b:74:7c:86:2a:8f:fb:80:a4:16:01:3e:e0:e2:fa:43:
         42:bd:7a:a4:d5:9a:ac:a9:bf:61:b3:2f:05:28:77:cd:9d:b2:
         28:70:12:5b:9c:f6:5b:6c:35:93:c7:f5:ad:20:ec:48:e2:19:
         31:2c:5e:bd:2a:b6:fd:d7:fa:cc:a8:97:dd:26:d4:68:e0:de:
         e7:f8:84:e4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEDisTvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmExNzgyYjZhZmJhN2M2YmNmMDcwYjkzZmVkNGNjODRhZjQxMzUyMB4XDTIyMDUx
MzE0NTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ5NGE2ZDYwNzBk
MTFjODZjOWY0NGRlYWMxYWY4YTcwYWI0NjFmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUxMRHhqJqqfnhOuPfR8azS6XM++oH+pFb3VoaaZlyYWLTI
uQ32yK1zsyHSk5ZD/7DMyIUQ5S2VOlhwh0L2i4VYjrK5KJGTpZatbxp54O8DTJCq
AIeS5a4KxTEjc6NYhA8hleANPTWz1Wx/+8NMqL0hHtpoA6B24RvS6XFYjpgtLiz3
TCaBS26q5JeAwqQVrxTwYVWD6WxtYvrAJcaI3fgz6KYG5GGEUyGX+oPmIpKF2oW6
RyZrGziMsPqCT1bLMkSRSUOwrQAZXHMy+RBd7o+syevA91sIRaOap5pCu4FCnPrX
p1GCZKN9E5/hnXgKxIdIGdFEUMR9eoe0hr1+EDkCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBS0lKbWBw0RyGyfRN6sGvinCrRh9TAfBgNVHSMEGDAWgBQ7oXgravunxrzw
cLk/7UzISvQTUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L082RjRLMnI3cDhhODhIQzVQLTFNeUVyMEUxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvYWQ3YWMzLWI4YWQtNDJiMC1hZDJhLWFlOTY3ZDczOWRkMy8x
L3RKU20xZ2NORWNoc24wVGVyQnI0cHdxMFlmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
YWQ3YWMzLWI4YWQtNDJiMC1hZDJhLWFlOTY3ZDczOWRkMy8xL082RjRLMnI3cDhh
ODhIQzVQLTFNeUVyMEUxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwOAQCAAEwMgMEAiXcoDAMAwQAJdylAwQDJdygAwQD
Luu4AwQDTiloAwQDXV1YAwQAuRGoAwQBuRGqMBgEAgACMBIDBwAqA+BAAAADBwAq
A+BAABAwDQYJKoZIhvcNAQELBQADggEBAFj+sYSLS5payNL5KxYMCb1RHyImJeO0
q+/7AnASZ1t+Ru0/OpXSt6bnukrEzsIFZ16bipR4d1qGLYS5ih7lIWEMS5E+Mb72
VAHsPushAgFyYxV4/7FDyl2WP8zFfaKEEkIrGuqMoMK2rdF8If09lPOk4pZlaEa+
jDQ58cLs32nWUlrA7LXb67BPE/wgb0C1yL3GS4O/rk/jI+HNsCCVqo8uM/k/ejE3
DIc3c0w4fXF/hLCoFDm5W3R8hiqP+4CkFgE+4OL6Q0K9eqTVmqypv2GzLwUod82d
sihwEluc9ltsNZPH9a0g7EjiGTEsXr0qtv3X+syol90m1Gjg3uf4hOQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:44 2024 by rpki-client on console-ams.rpki-client.org