Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mwh6eX9_5t9COaPrlyR5fg0xbOM.roa
File:                     Mwh6eX9_5t9COaPrlyR5fg0xbOM.roa (raw, json)
Hash identifier:          bM9Vzi1gWF147+y1Ig2JhTVlHh6Y9yLkUXQYnialnfg=
Subject key identifier:   33:08:7A:79:7F:7F:E6:DF:42:39:A3:EB:97:24:79:7E:0D:31:6C:E3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183E39B6CBBBC7608E35ACAC02D8E21BE2E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mwh6eX9_5t9COaPrlyR5fg0xbOM.roa
Signing time:             Mon 17 Oct 2022 01:42:37 +0000
ROA not before:           Mon 17 Oct 2022 01:42:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          31.42.183.0/24 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0e:97c6:4000::/34 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2a0e:97c1:200::/40 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a10:cc46:1000::/36 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a10:cc40:1c0::/44 maxlen: 44
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e3:9b:6c:bb:bc:76:08:e3:5a:ca:c0:2d:8e:21:be:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 17 01:42:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=33087a797f7fe6df4239a3eb9724797e0d316ce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:31:da:11:a4:fe:c7:2c:79:08:dc:51:15:95:
                    39:94:73:0e:e9:2d:69:5b:3c:5b:4f:d5:13:85:07:
                    54:0f:35:ee:d9:8b:c2:b8:17:26:7e:53:87:55:08:
                    26:d8:59:f4:1c:7d:90:18:bd:de:bd:c2:2c:89:2b:
                    e4:88:83:48:0d:fd:ca:41:07:63:a2:9d:9c:d6:9c:
                    76:83:33:86:aa:29:c1:c2:b7:bb:a3:c1:c9:33:f6:
                    1b:5e:72:2a:49:24:44:55:5f:66:df:c6:4e:7e:fb:
                    7e:a4:83:60:54:62:05:09:a4:60:60:06:7e:aa:ad:
                    f7:05:a8:90:a9:a8:0c:3f:be:f9:ae:1e:f2:1d:6f:
                    b2:b7:5c:84:25:ef:6b:74:f7:2e:e9:a8:38:68:4a:
                    e2:7c:61:fd:54:fe:ca:5a:83:0d:f9:5c:dc:df:e5:
                    52:0f:62:9a:87:db:63:71:fa:8d:a4:33:86:22:57:
                    4d:3e:b2:b1:ba:b1:b2:c2:00:8f:dc:99:49:a8:fd:
                    74:55:66:fe:e3:c7:55:1b:43:5e:7e:88:7c:96:e5:
                    b2:81:c0:6c:93:a8:4c:64:ea:71:ff:d6:74:7e:78:
                    26:1e:f1:65:d4:27:57:12:76:45:7e:f5:90:96:32:
                    4a:47:34:00:1a:96:27:b5:30:56:df:b7:f7:1f:ca:
                    b3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:08:7A:79:7F:7F:E6:DF:42:39:A3:EB:97:24:79:7E:0D:31:6C:E3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mwh6eX9_5t9COaPrlyR5fg0xbOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:97c1:200::/40
                  2a0e:97c6:4000::/34
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc40:1c0::/44
                  2a10:cc46:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a8:34:73:8a:67:a1:c8:14:9a:6f:dd:63:6f:a0:a7:0e:95:ca:
         47:2f:54:59:94:63:26:22:a6:02:71:f2:52:38:0d:da:0e:6c:
         2e:1f:1d:00:d7:ff:c4:ad:7b:7d:a9:e3:ea:fe:c4:9c:44:a2:
         40:a9:d6:1a:5f:0b:75:e2:7e:72:fd:51:ec:9a:32:b3:25:a1:
         7c:1d:51:75:c9:66:2d:69:70:cd:c4:11:96:0e:75:fe:0c:11:
         aa:13:ad:53:89:31:2c:4c:72:3f:15:a7:20:12:56:52:ef:82:
         7a:6c:bc:fb:dd:b0:0c:32:c4:65:3d:2a:28:dd:88:64:cd:8b:
         f7:b5:9e:29:37:1f:88:83:44:17:31:1d:82:ba:b1:28:a9:d0:
         1b:ba:02:5d:e2:f4:f0:b0:cb:6b:cc:e0:f5:a4:4e:a0:5c:28:
         9d:1c:b2:d4:ee:cd:fc:eb:c1:92:38:61:40:36:d4:0f:cd:b3:
         65:2e:0a:6b:95:ea:13:6e:1b:8e:32:1c:61:d5:e5:e0:7b:9e:
         5d:1b:60:4d:9a:d5:49:91:23:a5:19:c6:6f:c7:a9:08:f1:8e:
         7e:fc:63:3b:ea:7e:42:e9:b3:e4:e5:6e:5f:c9:62:39:1e:3d:
         fb:38:a3:66:5b:9f:dc:a4:e6:93:b2:cd:fd:d6:5f:b4:a8:a6:
         25:24:d2:7e
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYPjm2y7vHYI41rKwC2OIb4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE3MDE0MjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA4N2E3OTdmN2ZlNmRmNDIzOWEzZWI5NzI0Nzk3ZTBkMzE2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DHaEaT+xyx5CNxRFZU5lHMO6S1p
WzxbT9UThQdUDzXu2YvCuBcmflOHVQgm2Fn0HH2QGL3evcIsiSvkiINIDf3KQQdj
op2c1px2gzOGqinBwre7o8HJM/YbXnIqSSREVV9m38ZOfvt+pINgVGIFCaRgYAZ+
qq33BaiQqagMP775rh7yHW+yt1yEJe9rdPcu6ag4aErifGH9VP7KWoMN+Vzc3+VS
D2Kah9tjcfqNpDOGIldNPrKxurGywgCP3JlJqP10VWb+48dVG0Nefoh8luWygcBs
k6hMZOpx/9Z0fngmHvFl1CdXEnZFfvWQljJKRzQAGpYntTBW37f3H8qzswIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDMIenl/f+bfQjmj65ckeX4NMWzjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTXdoNmVYOV81dDlDT2FQcmx5UjVmZzB4Yk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMHQEAgAC
MG4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwYGKg6XxkADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAqD+QEAQID
BwQqEMxAAcADBgQqEMxGEDANBgkqhkiG9w0BAQsFAAOCAQEAqDRzimehyBSab91j
b6CnDpXKRy9UWZRjJiKmAnHyUjgN2g5sLh8dANf/xK17fanj6v7EnESiQKnWGl8L
deJ+cv1R7JoysyWhfB1RdclmLWlwzcQRlg51/gwRqhOtU4kxLExyPxWnIBJWUu+C
emy8+92wDDLEZT0qKN2IZM2L97WeKTcfiINEFzEdgrqxKKnQG7oCXeL08LDLa8zg
9aROoFwonRyy1O7N/OvBkjhhQDbUD82zZS4Ka5XqE24bjjIcYdXl4HueXRtgTZrV
SZEjpRnGb8epCPGOfvxjO+p+Qumz5OVuX8liOR49+zijZluf3KTmk7LN/dZftKim
JSTSfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org