Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eAxnRY7h_QBhlo-PENn-AsHYx9E.roa
File:                     eAxnRY7h_QBhlo-PENn-AsHYx9E.roa (raw, json)
Hash identifier:          SuC+zgqvLFJTsXRlrygDoQfpi3z2MPsE32FWciPobBY=
Subject key identifier:   78:0C:67:45:8E:E1:FD:00:61:96:8F:8F:10:D9:FE:02:C1:D8:C7:D1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1285B46B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eAxnRY7h_QBhlo-PENn-AsHYx9E.roa
Signing time:             Wed 02 Mar 2022 16:42:51 +0000
ROA not before:           Wed 02 Mar 2022 16:42:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          45.12.68.0/22 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          2a10:cc46:100::/44 maxlen: 48
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0f:e404:10a::/48 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2a0f:e404:100::/48 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a0f:e404:101::/48 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0f:e404:107::/48 maxlen: 48
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 310752363 (0x1285b46b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar  2 16:42:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=780c67458ee1fd0061968f8f10d9fe02c1d8c7d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:22:93:42:f9:79:d7:12:08:8d:fa:ea:a8:26:
                    f0:60:78:a3:f8:c2:c8:66:e9:0e:e7:c5:1e:8f:a4:
                    5f:4b:7b:db:02:97:e3:de:62:b6:d1:6d:c9:0c:7a:
                    9b:c7:91:db:ea:cc:fd:72:b0:73:cf:4d:f8:45:0b:
                    e6:a1:57:d4:97:f9:14:7f:5f:1b:1f:e4:09:d3:ea:
                    cd:df:d4:a2:86:fc:74:1c:b1:e0:1f:97:32:20:92:
                    3a:4c:cc:da:55:96:d3:a1:64:ad:bd:8b:6a:73:b0:
                    a1:8f:63:05:af:91:7c:4e:8a:b2:79:8e:a7:9c:c6:
                    1e:d7:cf:2f:2e:3d:2e:66:d1:aa:51:15:49:0a:f6:
                    99:ee:a8:05:0b:22:d9:3c:5d:e7:a6:9a:23:42:73:
                    6c:9b:9a:c0:78:83:64:14:bf:3e:7b:5f:5c:45:8e:
                    86:fe:b0:d5:ff:01:5d:88:af:0f:ad:99:b3:be:18:
                    3c:7f:81:aa:2a:69:c0:a2:10:1e:f5:3f:da:cb:a6:
                    66:e3:92:54:fa:0e:29:5d:d5:0e:dc:cc:85:19:7f:
                    13:34:74:79:fd:d2:f8:79:53:e0:c5:1f:2d:eb:41:
                    48:d7:14:26:43:61:c8:27:e0:ea:15:0b:f9:2e:dc:
                    6d:2f:06:41:55:73:8c:6a:58:da:a6:a2:4b:00:ac:
                    d6:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:0C:67:45:8E:E1:FD:00:61:96:8F:8F:10:D9:FE:02:C1:D8:C7:D1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eAxnRY7h_QBhlo-PENn-AsHYx9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.68.0/22
                  45.136.136.0/22
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:b107:1165::/48
                  2a0f:e404:100::-2a0f:e404:102:ffff:ffff:ffff:ffff:ffff
                  2a0f:e404:107::/48
                  2a0f:e404:10a::/48
                  2a10:cc46:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         af:c0:8a:18:e1:63:71:b1:e8:e0:d1:68:12:d4:ac:a1:ae:dd:
         af:26:d8:67:d1:5d:ec:7a:95:15:bd:6b:e3:19:e6:3c:4e:40:
         0b:40:7c:b9:83:57:cb:c3:ed:a9:f1:86:7e:49:03:cf:ef:11:
         ae:38:be:06:57:66:ed:9d:57:38:b7:41:70:98:d2:af:d5:85:
         b7:1d:63:cb:85:06:e8:66:c4:55:68:84:c5:92:29:19:10:dc:
         95:68:2b:8f:4b:00:8a:2c:87:d4:a5:e9:9c:9d:76:69:c4:b0:
         2b:68:65:be:f3:00:cf:b0:c5:21:c4:fc:8f:ec:72:c8:4d:bf:
         49:10:8f:0c:2b:df:18:24:15:e8:38:d0:20:0d:50:d4:d0:7c:
         0c:ff:2a:5b:ab:6b:f9:7d:8f:5f:3e:e7:7c:1c:9b:12:89:a0:
         28:eb:77:cb:4e:3f:42:29:57:c6:35:ec:92:0f:83:d8:c8:ee:
         37:01:39:14:67:38:17:d4:cf:71:89:8b:0e:9b:c1:ad:29:fd:
         48:9b:ac:d4:9f:6b:e9:5c:45:e7:8f:43:9b:b2:a3:9e:77:72:
         a8:70:59:22:95:13:8d:9b:51:b7:60:04:88:fc:06:9b:62:f8:
         d1:a8:89:0f:5e:63:1a:0d:0d:e1:d3:25:72:ce:c4:74:c1:6f:
         eb:03:e7:6a
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIEEoW0azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
MjE2NDI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzgwYzY3NDU4ZWUx
ZmQwMDYxOTY4ZjhmMTBkOWZlMDJjMWQ4YzdkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwik0L5edcSCI366qgm8GB4o/jCyGbpDufFHo+kX0t72wKX
495ittFtyQx6m8eR2+rM/XKwc89N+EUL5qFX1Jf5FH9fGx/kCdPqzd/Uoob8dByx
4B+XMiCSOkzM2lWW06Fkrb2LanOwoY9jBa+RfE6KsnmOp5zGHtfPLy49LmbRqlEV
SQr2me6oBQsi2Txd56aaI0JzbJuawHiDZBS/PntfXEWOhv6w1f8BXYivD62Zs74Y
PH+BqippwKIQHvU/2sumZuOSVPoOKV3VDtzMhRl/EzR0ef3S+HlT4MUfLetBSNcU
JkNhyCfg6hUL+S7cbS8GQVVzjGpY2qaiSwCs1pMCAwEAAaOCApgwggKUMB0GA1Ud
DgQWBBR4DGdFjuH9AGGWj48Q2f4CwdjH0TAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2VBeG5SWTdoX1FCaGxvLVBFTm4tQXNIWXg5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rQYIKwYBBQUHAQcBAf8EgZ0wgZowMAQCAAEwKgMEAi0MRAMEAi2IiAMEAF6xegME
AoscYAMEAMIyXAMEAMIyXgMEAMIybzBmBAIAAjBgAwcAIAEH+AEZAwUDKgkEwAMF
AyoMO4ADBwAqDpfAAXADBwQqDpfAAmADBwAqDrEHEWUwEQMGACoP5AQBAwcAKg/k
BAECAwcAKg/kBAEHAwcAKg/kBAEKAwcEKhDMRgEAMA0GCSqGSIb3DQEBCwUAA4IB
AQCvwIoY4WNxsejg0WgS1Kyhrt2vJthn0V3sepUVvWvjGeY8TkALQHy5g1fLw+2p
8YZ+SQPP7xGuOL4GV2btnVc4t0FwmNKv1YW3HWPLhQboZsRVaITFkikZENyVaCuP
SwCKLIfUpemcnXZpxLAraGW+8wDPsMUhxPyP7HLITb9JEI8MK98YJBXoONAgDVDU
0HwM/ypbq2v5fY9fPud8HJsSiaAo63fLTj9CKVfGNeySD4PYyO43ATkUZzgX1M9x
iYsOm8GtKf1Im6zUn2vpXEXnj0ObsqOed3KocFkilRONm1G3YASI/AabYvjRqIkP
XmMaDQ3h0yVyzsR0wW/rA+dq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org