Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S0Vu95hxs665jxGdgsz5QOAJHCk.roa
File:                     S0Vu95hxs665jxGdgsz5QOAJHCk.roa (raw, json)
Hash identifier:          RhNRNKYPdZQqJ88djypDZg935O+LybGnMccp8YIK3Sw=
Subject key identifier:   4B:45:6E:F7:98:71:B3:AE:B9:8F:11:9D:82:CC:F9:40:E0:09:1C:29
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       15144F89
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S0Vu95hxs665jxGdgsz5QOAJHCk.roa
Signing time:             Fri 10 Jun 2022 06:12:03 +0000
ROA not before:           Fri 10 Jun 2022 06:12:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          45.12.68.0/22 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          2a10:cc46:100::/44 maxlen: 48
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 353652617 (0x15144f89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun 10 06:12:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b456ef79871b3aeb98f119d82ccf940e0091c29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:bb:84:48:ef:5e:a8:04:f2:a9:80:62:00:b7:
                    c0:37:ad:69:75:b9:02:81:8a:4b:f0:77:28:7d:91:
                    e9:83:72:61:1f:53:0e:49:c6:78:ed:0a:54:11:8b:
                    e1:c1:60:b2:4d:db:71:36:2f:f6:fd:5b:17:2d:bd:
                    ac:3b:4e:5a:11:0b:78:56:f8:01:b7:cb:90:05:72:
                    a3:ee:3e:bb:e5:f7:7b:5f:de:43:bd:35:8f:c8:39:
                    e0:e4:5e:03:42:43:1c:b6:98:dc:cb:b2:ae:48:09:
                    27:f5:8e:6a:66:b9:f4:90:9a:2c:38:63:aa:cb:7d:
                    62:09:33:ff:ba:0b:18:69:1e:7d:83:59:95:4a:6c:
                    c3:40:ab:4e:39:72:36:ae:24:a4:8d:a1:94:b9:10:
                    80:3d:82:b1:f4:a5:4f:7f:bc:8b:37:56:2f:13:58:
                    6e:5e:84:45:ad:fa:ca:b3:5f:eb:a2:fa:12:b5:7b:
                    3a:d7:23:7a:61:b1:14:13:8d:12:84:7d:f5:0a:5f:
                    93:be:b3:a2:05:bb:df:44:73:61:ba:06:5c:d1:29:
                    0d:13:e2:4d:6d:b1:8d:52:2b:ac:02:d4:2f:d8:8d:
                    31:eb:1d:97:bb:07:38:c7:9a:f8:df:0b:01:0e:13:
                    39:77:32:00:5f:23:4d:a7:a8:b0:cb:6e:5c:e4:0e:
                    30:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:45:6E:F7:98:71:B3:AE:B9:8F:11:9D:82:CC:F9:40:E0:09:1C:29
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/S0Vu95hxs665jxGdgsz5QOAJHCk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.68.0/22
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc46:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         8e:a4:ca:c2:c7:81:be:5c:de:60:2b:8e:c5:00:8a:40:5e:db:
         91:c1:b5:e4:6a:d8:0c:e0:4f:d0:06:cc:1e:26:48:4c:53:8d:
         61:0c:8b:01:be:c5:d7:d3:2a:c0:ed:94:11:53:7b:57:9b:23:
         99:d7:24:e5:1d:e5:f8:b0:d9:0f:cb:85:76:93:75:59:ab:69:
         01:81:ee:db:12:f1:55:35:08:1b:20:91:91:d0:fd:ea:c9:a7:
         95:2f:96:da:b4:92:ab:b9:b5:db:e9:f2:1f:de:8e:32:02:aa:
         66:6d:f4:5b:0e:3c:c6:f6:0a:fb:dc:1f:b8:37:14:3b:a0:43:
         2a:4b:76:ad:4b:83:d3:b4:9e:4b:20:4d:27:a3:86:e2:5e:eb:
         fe:02:17:b8:f0:c4:23:90:d6:fe:db:b3:ae:7e:74:b1:dd:c4:
         a4:72:ad:f1:27:04:80:5d:c4:5c:14:6b:2e:ba:52:e6:6f:e3:
         36:84:25:e8:b2:31:9e:1a:91:fc:55:8e:03:0d:d2:ba:34:62:
         38:1a:a9:3e:16:ac:65:c5:a0:03:d7:fd:00:97:cb:d7:8d:5c:
         2d:1e:11:8a:18:27:50:ef:36:a0:99:fb:87:e5:fc:c2:ff:6d:
         39:db:7b:87:aa:49:96:c6:f7:c9:c5:c9:63:08:5a:45:9b:c4:
         4f:a3:b3:5c
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIEFRRPiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYx
MDA2MTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI0NTZlZjc5ODcx
YjNhZWI5OGYxMTlkODJjY2Y5NDBlMDA5MWMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOa7hEjvXqgE8qmAYgC3wDetaXW5AoGKS/B3KH2R6YNyYR9T
DknGeO0KVBGL4cFgsk3bcTYv9v1bFy29rDtOWhELeFb4AbfLkAVyo+4+u+X3e1/e
Q701j8g54OReA0JDHLaY3MuyrkgJJ/WOama59JCaLDhjqst9Ygkz/7oLGGkefYNZ
lUpsw0CrTjlyNq4kpI2hlLkQgD2CsfSlT3+8izdWLxNYbl6ERa36yrNf66L6ErV7
OtcjemGxFBONEoR99Qpfk76zogW730RzYboGXNEpDRPiTW2xjVIrrALUL9iNMesd
l7sHOMea+N8LAQ4TOXcyAF8jTaeosMtuXOQOME0CAwEAAaOCApQwggKQMB0GA1Ud
DgQWBBRLRW73mHGzrrmPEZ2CzPlA4AkcKTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1MwVnU5NWh4czY2NWp4R2Rnc3o1UU9BSkhDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qQYIKwYBBQUHAQcBAf8EgZkwgZYwNgQCAAEwMAMEAi0MRAMEAi2IiAMEAFXKywME
AF6xegMEAoscYAMEAMIyXAMEAMIyXgMEAMIybzBcBAIAAjBWAwcAIAEH+AEZAwUD
KgkEwAMFAyoMO4ADBwAqDpfAAXADBwQqDpfAAmADBwAqDrEHCfIDBwAqDrEHEWUD
BwAqDrEHF4YDBwAqD+QEAQIDBwQqEMxGAQAwDQYJKoZIhvcNAQELBQADggEBAI6k
ysLHgb5c3mArjsUAikBe25HBteRq2AzgT9AGzB4mSExTjWEMiwG+xdfTKsDtlBFT
e1ebI5nXJOUd5fiw2Q/LhXaTdVmraQGB7tsS8VU1CBsgkZHQ/erJp5Uvltq0kqu5
tdvp8h/ejjICqmZt9FsOPMb2CvvcH7g3FDugQypLdq1Lg9O0nksgTSejhuJe6/4C
F7jwxCOQ1v7bs65+dLHdxKRyrfEnBIBdxFwUay66UuZv4zaEJeiyMZ4akfxVjgMN
0ro0YjgaqT4WrGXFoAPX/QCXy9eNXC0eEYoYJ1DvNqCZ+4fl/ML/bTnbe4eqSZbG
98nFyWMIWkWbxE+js1w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org