Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/vTqlcwGNRLbe2BbBXoVgSzXVeDs.roa
File:                     vTqlcwGNRLbe2BbBXoVgSzXVeDs.roa (raw, json)
Hash identifier:          dmKGj5F7wQxZktrGLeoWWVAZ9MnfC7DBGzgI5Jv9qB4=
Subject key identifier:   BD:3A:A5:73:01:8D:44:B6:DE:D8:16:C1:5E:85:60:4B:35:D5:78:3B
Certificate issuer:       /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial:       018287B7705607835490475B05AF18BAE471
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/vTqlcwGNRLbe2BbBXoVgSzXVeDs.roa
Signing time:             Wed 10 Aug 2022 12:25:22 +0000
ROA not before:           Wed 10 Aug 2022 12:25:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44293
IP address blocks:        213.181.76.0/24 maxlen: 24
                          213.181.75.0/24 maxlen: 24
                          89.29.184.0/23 maxlen: 23
                          213.181.74.0/24 maxlen: 24
                          213.181.88.0/24 maxlen: 24
                          89.29.248.0/23 maxlen: 23
                          176.57.97.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:87:b7:70:56:07:83:54:90:47:5b:05:af:18:ba:e4:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
        Validity
            Not Before: Aug 10 12:25:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd3aa573018d44b6ded816c15e85604b35d5783b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ba:9c:43:09:31:ad:3c:e4:4d:e5:13:2f:66:
                    07:b0:4b:74:d8:ce:56:3b:9c:42:34:c6:6c:95:4d:
                    3f:1c:d2:48:21:9e:8e:de:e9:0f:e9:df:7d:f2:10:
                    aa:7f:23:e4:ec:3a:09:6b:b7:a4:d8:a1:ce:28:d2:
                    cd:d4:f9:0a:00:7a:7b:50:4a:d0:9a:1d:da:6f:f3:
                    6b:9c:d0:bc:f5:38:5d:54:72:2d:a0:80:6a:77:4a:
                    35:c4:4d:bb:16:86:67:0e:37:38:5c:d6:3a:58:38:
                    bb:97:b9:9d:38:3e:aa:3b:66:38:d8:8d:1c:96:70:
                    d9:26:51:64:eb:c5:c6:38:df:63:6b:f7:32:3a:79:
                    8e:06:25:b5:75:d5:34:2a:bb:ef:5d:63:76:82:99:
                    03:87:43:bd:f8:0f:c0:60:c3:4b:8e:9f:a1:8e:1f:
                    96:d1:e2:be:a1:a3:43:19:91:4c:27:ac:7a:d0:d4:
                    fe:ae:ba:73:6a:b7:bc:5a:0d:8c:f3:ca:23:82:5e:
                    56:60:c1:c8:02:ac:6e:5a:1a:62:13:5a:5d:27:a8:
                    03:35:e9:a3:56:50:25:9f:4d:11:08:fa:26:d8:48:
                    2f:d0:91:3a:c6:e4:0f:eb:56:e8:b1:b2:f9:b5:7d:
                    1c:58:8b:e1:95:d0:43:7b:d1:59:21:81:29:81:b1:
                    8e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:3A:A5:73:01:8D:44:B6:DE:D8:16:C1:5E:85:60:4B:35:D5:78:3B
            X509v3 Authority Key Identifier:
                keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/vTqlcwGNRLbe2BbBXoVgSzXVeDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.29.184.0/23
                  89.29.248.0/23
                  176.57.97.0/24
                  213.181.74.0-213.181.76.255
                  213.181.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:32:16:59:e4:87:38:04:05:b6:01:40:99:26:7d:2c:e8:c3:
         23:bf:25:4d:50:dc:85:46:1f:7c:be:3d:1e:33:c4:2c:6a:61:
         d3:f3:8c:d6:16:c1:fd:7f:40:25:b6:2c:72:a6:82:90:c2:f6:
         d6:9c:02:1f:ca:56:f7:c6:21:bd:12:f4:00:9b:42:f9:7a:68:
         f4:1e:b8:46:4d:b2:26:76:0d:37:41:9c:d3:95:7c:d8:a3:9b:
         ab:37:01:2c:4d:79:1d:58:fa:81:ff:b0:71:a6:9f:06:3c:5e:
         9e:bd:be:ac:d0:a3:07:13:5a:88:9c:00:6e:d5:ec:a8:ab:80:
         05:3a:f7:db:bb:11:82:7c:1b:9c:eb:c5:d1:9f:18:f6:28:b2:
         25:60:27:e7:c7:c4:35:6e:91:a8:6c:c4:f9:d7:18:bd:78:e0:
         50:30:32:f4:5d:3c:57:c3:66:29:18:fc:e9:95:c4:87:b8:c6:
         62:fa:ae:2f:9e:cc:46:70:91:3b:f3:a1:32:4a:7b:c4:e8:62:
         f9:fb:88:2c:09:a2:25:7a:06:ea:64:ae:c0:cf:40:36:cd:83:
         78:14:2b:73:5c:37:96:c2:8e:ee:b4:42:2c:5c:67:6d:74:d8:
         f7:a3:85:22:5f:09:06:6f:1f:3c:a7:41:d8:88:40:cf:bc:32:
         f4:d1:89:ad
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYKHt3BWB4NUkEdbBa8YuuRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjIwODEwMTIyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNhYTU3MzAxOGQ0NGI2ZGVkODE2YzE1ZTg1NjA0YjM1ZDU3ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLqcQwkxrTzkTeUTL2YHsEt02M5W
O5xCNMZslU0/HNJIIZ6O3ukP6d998hCqfyPk7DoJa7ek2KHOKNLN1PkKAHp7UErQ
mh3ab/NrnNC89ThdVHItoIBqd0o1xE27FoZnDjc4XNY6WDi7l7mdOD6qO2Y42I0c
lnDZJlFk68XGON9ja/cyOnmOBiW1ddU0KrvvXWN2gpkDh0O9+A/AYMNLjp+hjh+W
0eK+oaNDGZFMJ6x60NT+rrpzare8Wg2M88ojgl5WYMHIAqxuWhpiE1pdJ6gDNemj
VlAln00RCPom2Egv0JE6xuQP61bosbL5tX0cWIvhldBDe9FZIYEpgbGOaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL06pXMBjUS23tgWwV6FYEs11Xg7MB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvdlRxbGN3R05STGJlMkJiQlhvVmdTelhWZURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBWR24AwQB
WR34AwQAsDlhMAwDBAHVtUoDBADVtUwDBADVtVgwDQYJKoZIhvcNAQELBQADggEB
ABsyFlnkhzgEBbYBQJkmfSzowyO/JU1Q3IVGH3y+PR4zxCxqYdPzjNYWwf1/QCW2
LHKmgpDC9tacAh/KVvfGIb0S9ACbQvl6aPQeuEZNsiZ2DTdBnNOVfNijm6s3ASxN
eR1Y+oH/sHGmnwY8Xp69vqzQowcTWoicAG7V7KirgAU699u7EYJ8G5zrxdGfGPYo
siVgJ+fHxDVukahsxPnXGL144FAwMvRdPFfDZikY/OmVxIe4xmL6ri+ezEZwkTvz
oTJKe8ToYvn7iCwJoiV6BupkrsDPQDbNg3gUK3NcN5bCju60QixcZ2102PejhSJf
CQZvHzynQdiIQM+8MvTRia0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org