Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/7mAVy7QsT3vTPRFdHBYtoR_VMxI.roa
File:                     7mAVy7QsT3vTPRFdHBYtoR_VMxI.roa (raw, json)
Hash identifier:          IPKNozpg+aslvGGQaG8Th1R/ZpXjh6n0/keKp5P83tM=
Subject key identifier:   EE:60:15:CB:B4:2C:4F:7B:D3:3D:11:5D:1C:16:2D:A1:1F:D5:33:12
Certificate issuer:       /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial:       0C960543
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/7mAVy7QsT3vTPRFdHBYtoR_VMxI.roa
Signing time:             Wed 27 Apr 2022 07:57:08 +0000
ROA not before:           Wed 27 Apr 2022 07:57:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        213.181.77.0/24 maxlen: 24
                          213.181.72.0/23 maxlen: 23
                          89.29.190.0/23 maxlen: 23
                          213.181.89.0/24 maxlen: 24
                          213.181.90.0/23 maxlen: 23
                          213.181.94.0/24 maxlen: 24
                          213.181.92.0/23 maxlen: 23
                          89.29.206.0/23 maxlen: 23
                          89.29.225.0/24 maxlen: 24
                          176.57.96.0/24 maxlen: 24
                          89.29.247.0/24 maxlen: 24
                          89.29.253.0/24 maxlen: 24
                          89.29.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 211158339 (0xc960543)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
        Validity
            Not Before: Apr 27 07:57:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee6015cbb42c4f7bd33d115d1c162da11fd53312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f4:26:e3:08:76:f4:cd:2d:d3:be:d0:b3:c9:
                    f1:2e:69:48:08:2e:b4:19:99:7a:ff:45:25:13:d6:
                    b0:a0:8c:ba:cc:55:99:9d:5e:94:1b:ee:47:69:85:
                    00:30:26:b2:f4:12:78:a6:b5:57:44:76:78:be:80:
                    81:c9:3b:35:e1:51:ae:90:ab:7c:bd:01:33:c5:94:
                    b7:3d:e5:e9:d7:ba:3b:1b:2b:10:fd:22:c0:0e:cc:
                    c8:74:69:ca:d8:63:50:e1:2e:35:6f:b1:7a:45:8d:
                    67:9f:8a:12:76:77:ba:89:a8:4c:38:fb:17:58:57:
                    2e:f7:e6:3c:0a:b8:fd:79:08:a1:af:d0:be:b8:02:
                    25:7c:1c:ad:83:3b:9f:a7:52:ca:8d:27:b9:fa:33:
                    90:f5:19:c4:36:8f:c7:d5:33:33:ea:d0:fa:a5:98:
                    a9:96:ef:12:23:5e:4b:b7:d6:8a:37:6f:a9:2a:a8:
                    b4:36:c0:d2:51:d6:ee:ea:40:bb:7e:84:64:1a:b5:
                    78:ec:44:7d:93:c2:28:e2:de:65:92:29:a8:42:ca:
                    ab:29:73:70:d3:b1:0e:bb:da:45:0b:f4:e2:38:0c:
                    33:ef:b9:32:3f:a3:e6:8f:12:5b:f5:72:a0:b7:02:
                    8d:9c:0b:27:87:56:d9:f3:ba:03:8e:17:69:7c:2c:
                    96:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:60:15:CB:B4:2C:4F:7B:D3:3D:11:5D:1C:16:2D:A1:1F:D5:33:12
            X509v3 Authority Key Identifier:
                keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/7mAVy7QsT3vTPRFdHBYtoR_VMxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.29.190.0/23
                  89.29.206.0/23
                  89.29.225.0/24
                  89.29.247.0/24
                  89.29.253.0/24
                  89.29.255.0/24
                  176.57.96.0/24
                  213.181.72.0/23
                  213.181.77.0/24
                  213.181.89.0-213.181.94.255

    Signature Algorithm: sha256WithRSAEncryption
         94:83:2e:14:aa:93:1e:fc:d8:ea:be:d8:3f:d2:95:37:4a:e3:
         72:87:cb:16:ee:43:95:6e:6f:9b:d9:e3:5a:56:72:60:86:c1:
         96:20:6b:2c:94:88:d3:b0:67:76:f1:e0:55:15:89:c0:4f:67:
         72:1a:55:ed:ad:62:73:4d:c1:b3:7a:13:a6:46:55:a6:f6:bc:
         f1:64:08:b7:e4:c3:9a:95:94:ae:38:c3:a3:0f:b0:ca:45:28:
         6d:0e:17:ac:9e:43:65:57:82:7b:ec:47:be:30:47:91:ba:6f:
         a3:9b:1e:6a:2e:6e:53:ab:f9:8e:58:70:16:a2:2e:fc:3b:6d:
         80:23:43:75:22:ac:ce:7f:7c:45:05:43:97:f4:c0:69:b4:b5:
         6e:e3:da:73:60:fa:2b:8e:c6:58:2e:09:96:2b:4e:bf:22:fa:
         bf:b8:6f:0b:dd:30:70:5b:bb:8d:0b:7f:e5:b5:da:2e:ca:11:
         d2:19:20:59:c8:8b:b9:6c:30:c5:9c:f4:96:47:9c:c3:7c:8e:
         74:34:c6:1c:94:f1:b2:a8:a3:54:4c:d0:38:f1:6f:6e:63:2b:
         37:04:2b:c9:8f:9b:24:c4:24:85:16:3e:fd:f4:07:64:5b:a5:
         47:4c:1b:61:45:a8:93:d7:c6:50:21:c3:e7:92:18:77:c9:a4:
         7b:e0:de:90
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEDJYFQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTJjNDE1ZDE3NzVhZTk5OTNlOTAwYTc1MzZiNDZhYjE0NGE5YWEyMB4XDTIyMDQy
NzA3NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU2MDE1Y2JiNDJj
NGY3YmQzM2QxMTVkMWMxNjJkYTExZmQ1MzMxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKf0JuMIdvTNLdO+0LPJ8S5pSAgutBmZev9FJRPWsKCMusxV
mZ1elBvuR2mFADAmsvQSeKa1V0R2eL6Agck7NeFRrpCrfL0BM8WUtz3l6de6Oxsr
EP0iwA7MyHRpythjUOEuNW+xekWNZ5+KEnZ3uomoTDj7F1hXLvfmPAq4/XkIoa/Q
vrgCJXwcrYM7n6dSyo0nufozkPUZxDaPx9UzM+rQ+qWYqZbvEiNeS7fWijdvqSqo
tDbA0lHW7upAu36EZBq1eOxEfZPCKOLeZZIpqELKqylzcNOxDrvaRQv04jgMM++5
Mj+j5o8SW/VyoLcCjZwLJ4dW2fO6A44XaXwslsUCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTuYBXLtCxPe9M9EV0cFi2hH9UzEjAfBgNVHSMEGDAWgBTpLEFdF3WumZPp
AKdTa0arFEqaojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZTeEJYUmQxcnBtVDZRQ25VMnRHcXhSS21xSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMDg5OGJlLWIwMzctNDI5Zi1iNTA0LTFkOTM0YTA0ODQ3NC8x
LzdtQVZ5N1FzVDN2VFBSRmRIQll0b1JfVk14SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MDg5OGJlLWIwMzctNDI5Zi1iNTA0LTFkOTM0YTA0ODQ3NC8xLzZTeEJYUmQxcnBt
VDZRQ25VMnRHcXhSS21xSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAVkdvgMEAVkdzgMEAFkd4QMEAFkd
9wMEAFkd/QMEAFkd/wMEALA5YAMEAdW1SAMEANW1TTAMAwQA1bVZAwQA1bVeMA0G
CSqGSIb3DQEBCwUAA4IBAQCUgy4UqpMe/Njqvtg/0pU3SuNyh8sW7kOVbm+b2eNa
VnJghsGWIGsslIjTsGd28eBVFYnAT2dyGlXtrWJzTcGzehOmRlWm9rzxZAi35MOa
lZSuOMOjD7DKRShtDhesnkNlV4J77Ee+MEeRum+jmx5qLm5Tq/mOWHAWoi78O22A
I0N1IqzOf3xFBUOX9MBptLVu49pzYPorjsZYLgmWK06/Ivq/uG8L3TBwW7uNC3/l
tdouyhHSGSBZyIu5bDDFnPSWR5zDfI50NMYclPGyqKNUTNA48W9uYys3BCvJj5sk
xCSFFj799AdkW6VHTBthRaiT18ZQIcPnkhh3yaR74N6Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:48 2024 by rpki-client on console-ams.rpki-client.org