Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Lz_m-urvxkrgVYpgngzD7RUw-A.roa
File:                     0Lz_m-urvxkrgVYpgngzD7RUw-A.roa (raw, json)
Hash identifier:          zJqsss2kVOBnB+opOpp2s0kbxt54cK7vtq+m4QIaAhM=
Subject key identifier:   D0:BC:FF:9B:EB:AB:BF:19:2B:81:56:29:82:78:33:0F:B4:54:C3:E0
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183E8D8E85DEBEA2E8AA9CC7081642B76B8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Lz_m-urvxkrgVYpgngzD7RUw-A.roa
Signing time:             Tue 18 Oct 2022 02:07:52 +0000
ROA not before:           Tue 18 Oct 2022 02:07:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          31.42.183.0/24 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0e:97c6:4000::/34 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2a0e:97c1:200::/40 maxlen: 48
                          2a0e:b100::/32 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a10:cc46:1000::/36 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a10:cc40:1c0::/44 maxlen: 44
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e8:d8:e8:5d:eb:ea:2e:8a:a9:cc:70:81:64:2b:76:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 18 02:07:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0bcff9bebabbf192b8156298278330fb454c3e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:36:2d:8b:2e:c2:f6:ad:c6:94:2a:6a:0b:3e:
                    f8:1e:b1:4a:75:7e:44:cb:38:9a:80:3d:e5:2a:2f:
                    90:d8:20:21:5d:35:af:2b:32:98:e9:bc:31:a4:45:
                    68:5e:6d:03:9c:fa:f0:02:20:26:bd:20:ad:23:02:
                    57:12:30:d4:08:03:9e:7f:4d:65:94:4e:0c:3f:aa:
                    e1:4b:36:7f:7d:c3:8c:00:3a:88:15:ea:e5:dc:85:
                    26:f7:b2:63:5e:12:ad:95:53:96:8b:69:6f:63:7c:
                    c7:13:c7:33:ec:16:e9:12:b1:d9:f3:02:3b:b7:e2:
                    a5:c8:f8:9d:96:c8:e3:c6:10:41:0f:50:5e:cc:e6:
                    24:f4:57:38:0a:15:0c:bf:c3:92:a0:97:b9:07:85:
                    cd:04:ff:2e:a7:1e:e0:18:e2:31:30:28:f4:3e:d5:
                    41:ec:e1:35:aa:19:42:6c:61:58:73:d6:2d:ee:45:
                    78:85:8b:62:04:27:5a:9a:8f:3a:5b:4e:40:c5:ad:
                    08:84:68:ea:62:aa:0e:40:72:ef:e6:a4:a4:f5:60:
                    93:61:6e:56:3c:0c:51:cd:ad:87:ae:16:21:4f:2f:
                    04:96:c7:c0:05:78:2d:62:c5:b0:47:f0:0d:62:99:
                    fe:a0:96:5e:02:19:37:23:eb:5d:b5:58:c4:bb:4a:
                    ed:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:BC:FF:9B:EB:AB:BF:19:2B:81:56:29:82:78:33:0F:B4:54:C3:E0
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Lz_m-urvxkrgVYpgngzD7RUw-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:97c1:200::/40
                  2a0e:97c6:4000::/34
                  2a0e:b100::/32
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc40:1c0::/44
                  2a10:cc46:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a6:01:c2:69:2d:65:39:83:71:a1:e1:d1:c1:ac:95:ad:26:62:
         5e:9d:ae:e4:90:e0:88:9d:1f:31:aa:01:82:d5:0e:34:74:9a:
         78:e3:f2:1c:cd:57:57:78:10:60:47:af:98:78:9f:71:a7:fb:
         13:de:ef:49:cd:87:ff:f2:ff:dc:d4:44:f6:79:66:ff:6f:82:
         66:ce:e3:6d:e1:b3:06:3d:ee:43:89:74:76:34:85:f5:11:66:
         05:da:8c:ad:3b:0e:73:be:1e:d9:b2:df:22:63:80:28:9f:78:
         a9:cb:c4:0e:88:72:63:72:ee:2d:0a:cf:7c:a9:a7:47:c7:1f:
         17:c3:82:72:16:92:5c:6f:22:0a:37:ef:7a:e4:5a:18:d5:3f:
         bb:36:4d:1f:90:45:e7:94:3f:03:dd:49:f2:94:ce:87:8c:85:
         43:b2:f4:47:fc:84:dc:20:8f:20:47:df:dc:9e:46:fa:3a:70:
         72:e7:40:95:ed:77:8a:cd:4b:e3:96:78:1d:b4:da:f7:f3:a5:
         c4:3c:a3:cd:66:9b:c5:d8:62:69:05:a7:c2:39:94:87:64:a8:
         40:d1:1b:50:ec:28:29:e7:cd:4a:86:b3:3e:38:a2:e0:be:24:
         85:27:5f:9b:a8:9f:69:16:82:74:39:22:b4:45:9a:02:89:44:
         3f:e0:b7:e6
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYPo2Ohd6+ouiqnMcIFkK3a4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE4MDIwNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJjZmY5YmViYWJiZjE5MmI4MTU2Mjk4Mjc4MzMwZmI0NTRjM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDYtiy7C9q3GlCpqCz74HrFKdX5E
yziagD3lKi+Q2CAhXTWvKzKY6bwxpEVoXm0DnPrwAiAmvSCtIwJXEjDUCAOef01l
lE4MP6rhSzZ/fcOMADqIFerl3IUm97JjXhKtlVOWi2lvY3zHE8cz7BbpErHZ8wI7
t+KlyPidlsjjxhBBD1BezOYk9Fc4ChUMv8OSoJe5B4XNBP8upx7gGOIxMCj0PtVB
7OE1qhlCbGFYc9Yt7kV4hYtiBCdamo86W05Axa0IhGjqYqoOQHLv5qSk9WCTYW5W
PAxRza2HrhYhTy8ElsfABXgtYsWwR/ANYpn+oJZeAhk3I+tdtVjEu0rtIwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFNC8/5vrq78ZK4FWKYJ4Mw+0VMPgMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMEx6X20tdXJ2eGtyZ1ZZcGduZ3pEN1JVdy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMHsEAgAC
MHUDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwYGKg6XxkADBQAqDrEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcA
Kg/kBAECAwcEKhDMQAHAAwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAKYBwmkt
ZTmDcaHh0cGsla0mYl6druSQ4IidHzGqAYLVDjR0mnjj8hzNV1d4EGBHr5h4n3Gn
+xPe70nNh//y/9zURPZ5Zv9vgmbO423hswY97kOJdHY0hfURZgXajK07DnO+Htmy
3yJjgCifeKnLxA6IcmNy7i0Kz3ypp0fHHxfDgnIWklxvIgo373rkWhjVP7s2TR+Q
ReeUPwPdSfKUzoeMhUOy9Ef8hNwgjyBH39yeRvo6cHLnQJXtd4rNS+OWeB202vfz
pcQ8o81mm8XYYmkFp8I5lIdkqEDRG1DsKCnnzUqGsz44ouC+JIUnX5uon2kWgnQ5
IrRFmgKJRD/gt+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org