Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h0mo2Nl9irdNCwzlVRdMayh5gLs.roa
File:                     h0mo2Nl9irdNCwzlVRdMayh5gLs.roa (raw, json)
Hash identifier:          U0WoGgM5LLydMiiJJAa4Mf1cngxHe13CFL7+vWcxuxw=
Subject key identifier:   87:49:A8:D8:D9:7D:8A:B7:4D:0B:0C:E5:55:17:4C:6B:28:79:80:BB
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183D2748FC11FA5C09563EA0F28202BD0C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h0mo2Nl9irdNCwzlVRdMayh5gLs.roa
Signing time:             Thu 13 Oct 2022 17:46:37 +0000
ROA not before:           Thu 13 Oct 2022 17:46:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          31.42.183.0/24 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2a0e:97c1:200::/40 maxlen: 48
                          2a0e:b100::/32 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a10:cc46:1000::/36 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a10:cc40:1c0::/44 maxlen: 44
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d2:74:8f:c1:1f:a5:c0:95:63:ea:0f:28:20:2b:d0:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 13 17:46:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8749a8d8d97d8ab74d0b0ce555174c6b287980bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2b:c2:b5:bd:bf:cc:f0:e6:2f:3a:54:cb:59:
                    17:1d:43:17:d8:b8:2c:9e:ea:6b:b9:5e:d4:49:a6:
                    54:1f:fc:27:3d:26:ac:f4:03:07:73:35:22:16:33:
                    ed:b4:d9:57:6c:a9:20:90:21:6e:e7:52:d2:77:e5:
                    74:00:00:a5:bf:65:41:42:c9:49:f7:d5:ea:66:c1:
                    d4:e2:91:7f:19:99:59:58:63:6a:3e:2a:16:b2:5c:
                    b9:d3:e9:8e:63:6e:77:a8:f4:7a:2c:cd:ad:f1:77:
                    30:18:35:9c:8d:29:da:87:2e:9c:af:38:7b:c9:1d:
                    8e:28:5d:08:b1:65:96:d6:ac:b0:41:4c:70:8d:b9:
                    d6:c2:ab:cc:44:d7:e9:a3:eb:c0:1f:86:b3:ff:64:
                    f6:c8:03:5f:34:71:0a:3c:2c:bd:d5:1e:69:90:e5:
                    b2:17:cc:f0:7f:32:ce:bc:63:41:94:86:90:2e:6b:
                    12:a7:b5:0c:d0:89:af:c6:9a:93:92:ec:ca:f6:6c:
                    8b:9a:92:e2:35:2c:18:96:54:49:76:e2:f0:d6:1a:
                    49:4a:19:32:46:4e:a6:04:8a:de:0b:f1:37:09:e5:
                    ed:c9:4a:1f:b0:18:5f:56:c4:19:86:12:39:11:bd:
                    12:4e:5b:ee:e2:d7:4e:5c:3f:fe:b2:93:4c:15:70:
                    b3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:49:A8:D8:D9:7D:8A:B7:4D:0B:0C:E5:55:17:4C:6B:28:79:80:BB
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/h0mo2Nl9irdNCwzlVRdMayh5gLs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:97c1:200::/40
                  2a0e:b100::/32
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc40:1c0::/44
                  2a10:cc46:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         6d:6d:09:7c:74:c3:81:82:84:cc:92:b9:05:38:3a:8c:8b:28:
         55:95:ab:85:b7:32:19:57:8a:5e:a3:2d:6f:95:4d:89:4d:66:
         74:84:f4:b7:b0:83:a5:c8:ea:5a:cb:66:a0:8d:98:9a:ea:be:
         57:46:0e:80:15:ec:5a:c8:96:5c:b6:42:63:d4:85:92:80:c6:
         77:40:51:ec:b0:d9:1c:38:d3:96:cd:19:04:1e:38:32:60:a7:
         27:b5:f4:a7:c8:82:0d:b1:ed:22:1e:e2:c1:bd:19:34:ea:2d:
         ee:ef:20:95:b8:93:7e:b5:85:45:3f:4e:be:e9:85:d7:e4:2f:
         fc:06:d5:a0:b3:10:36:b0:44:43:4c:18:59:03:99:18:60:f5:
         98:6a:74:87:9c:4c:6c:da:08:0e:c4:e3:9d:7e:d9:e5:71:83:
         3f:83:3b:c0:f0:68:9f:b8:f5:05:f9:77:e4:e2:9f:a5:d4:7d:
         de:88:47:18:f7:0b:86:5b:45:35:1e:09:18:cd:27:4a:43:b4:
         c7:f6:cc:c7:40:58:b5:50:26:80:5b:d6:1e:cb:eb:c3:3d:c0:
         cd:eb:f6:3c:2e:75:57:3f:fc:95:44:fb:53:d7:86:62:c9:a1:
         c1:6e:ce:ee:b9:4f:83:24:06:df:6b:28:24:01:ae:f9:1e:03:
         1d:6f:8d:ee
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYPSdI/BH6XAlWPqDyggK9DAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDEzMTc0NjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ5YThkOGQ5N2Q4YWI3NGQwYjBjZTU1NTE3NGM2YjI4Nzk4MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSvCtb2/zPDmLzpUy1kXHUMX2Lgs
nupruV7USaZUH/wnPSas9AMHczUiFjPttNlXbKkgkCFu51LSd+V0AAClv2VBQslJ
99XqZsHU4pF/GZlZWGNqPioWsly50+mOY253qPR6LM2t8XcwGDWcjSnahy6crzh7
yR2OKF0IsWWW1qywQUxwjbnWwqvMRNfpo+vAH4az/2T2yANfNHEKPCy91R5pkOWy
F8zwfzLOvGNBlIaQLmsSp7UM0ImvxpqTkuzK9myLmpLiNSwYllRJduLw1hpJShky
Rk6mBIreC/E3CeXtyUofsBhfVsQZhhI5Eb0STlvu4tdOXD/+spNMFXCzqQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFIdJqNjZfYq3TQsM5VUXTGsoeYC7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaDBtbzJObDlpcmROQ3d6bFZSZE1heWg1Z0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMHMEAgAC
MG0DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwUAKg6xAAMHACoOsQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHACoP5AQBAgMH
BCoQzEABwAMGBCoQzEYQMA0GCSqGSIb3DQEBCwUAA4IBAQBtbQl8dMOBgoTMkrkF
ODqMiyhVlauFtzIZV4peoy1vlU2JTWZ0hPS3sIOlyOpay2agjZia6r5XRg6AFexa
yJZctkJj1IWSgMZ3QFHssNkcONOWzRkEHjgyYKcntfSnyIINse0iHuLBvRk06i3u
7yCVuJN+tYVFP06+6YXX5C/8BtWgsxA2sERDTBhZA5kYYPWYanSHnExs2ggOxOOd
ftnlcYM/gzvA8GifuPUF+Xfk4p+l1H3eiEcY9wuGW0U1HgkYzSdKQ7TH9szHQFi1
UCaAW9Yey+vDPcDN6/Y8LnVXP/yVRPtT14ZiyaHBbs7uuU+DJAbfaygkAa75HgMd
b43u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org