Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa
File:                     ncIZTOPi7VxKsOVXso65NKSanmU.roa (raw, json)
Hash identifier:          zbqsly6MM+PZOcDQiyogcUIKUgNBZw1upG4R+vlJM0M=
Subject key identifier:   9D:C2:19:4C:E3:E2:ED:5C:4A:B0:E5:57:B2:8E:B9:34:A4:9A:9E:65
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0181EEA1342604AC46CF78CA08B3E3A71C30
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa
Signing time:             Mon 11 Jul 2022 18:59:10 +0000
ROA not before:           Mon 11 Jul 2022 18:59:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          193.58.239.0/24 maxlen: 24
                          45.12.68.0/22 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a10:cc40:1c0::/44 maxlen: 44
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ee:a1:34:26:04:ac:46:cf:78:ca:08:b3:e3:a7:1c:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jul 11 18:59:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9dc2194ce3e2ed5c4ab0e557b28eb934a49a9e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5a:13:ea:5d:0a:b4:bb:ce:54:5b:cc:09:62:
                    a1:f2:8a:06:6d:fb:86:88:56:ca:42:60:8b:af:b8:
                    85:58:d2:b8:19:d1:31:4c:03:8d:02:f8:ab:c2:26:
                    93:2c:38:00:27:93:41:be:f1:38:24:2e:8b:17:6c:
                    e2:31:60:b4:78:d7:b8:2d:d3:ed:5a:b8:d7:16:cc:
                    d1:38:5e:c3:a2:eb:f8:67:fd:54:16:3b:74:7e:74:
                    76:10:dc:15:86:7a:4d:ed:1e:c1:a9:7c:0e:f5:b6:
                    8b:ae:f0:78:b6:ed:64:23:7e:e1:03:71:95:a6:60:
                    ed:55:d3:e5:e2:12:e5:c0:c0:43:40:39:52:26:73:
                    11:39:79:18:d9:fb:61:e0:4b:69:36:8d:ff:b3:66:
                    6a:83:18:22:5e:f3:c4:4b:db:3a:02:4f:80:53:b7:
                    5f:4f:fc:fc:42:21:de:c3:6e:89:42:9a:f0:71:bb:
                    e4:1b:39:b8:a5:a5:c9:d0:14:24:04:07:24:0b:09:
                    6e:68:69:ff:65:b7:07:a4:4a:06:a0:5f:1a:14:c6:
                    a7:4f:ed:82:b7:8b:aa:dd:be:13:6c:1d:3c:a2:13:
                    02:72:de:fe:0a:f4:65:21:d5:10:6e:a3:7f:0c:ad:
                    e4:0d:37:06:e1:b9:85:6a:ff:58:49:69:42:c1:59:
                    ae:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:C2:19:4C:E3:E2:ED:5C:4A:B0:E5:57:B2:8E:B9:34:A4:9A:9E:65
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.68.0/22
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  193.58.239.0/24
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc40:1c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         a7:65:45:ae:ed:09:5b:c2:2d:65:3f:c2:c9:d6:e2:bf:25:f2:
         c0:df:28:c1:22:6e:d4:61:d8:cf:8e:1a:55:43:5a:be:01:1d:
         c9:7f:a6:d6:e6:62:ee:ba:c5:13:f9:e9:b1:aa:07:a6:62:16:
         9b:cb:f7:05:00:5d:35:bf:33:8c:e3:64:bf:83:44:86:25:de:
         3d:fa:f4:37:ef:76:d9:4d:95:07:20:4d:82:93:c4:c2:42:03:
         61:db:40:57:57:ed:ba:a5:1a:c5:34:99:4c:e3:3c:6c:e7:9d:
         f7:b0:fb:af:0d:f1:33:f3:53:2a:e4:07:8e:53:45:ba:c3:0e:
         97:55:ed:c4:61:2a:ab:0c:80:ef:f7:75:1d:a8:be:84:a4:1d:
         2b:d2:a2:05:b1:1b:b2:17:8a:91:3f:20:a6:c4:87:50:82:57:
         df:78:5c:ff:a9:00:77:c9:56:41:d2:0c:be:e3:ae:17:0b:d8:
         eb:66:14:8c:24:47:fb:da:4d:81:7e:f4:3f:51:4b:cc:bc:6b:
         81:65:3c:e5:7e:e5:26:c9:3a:95:ba:be:15:c2:55:99:4d:6b:
         63:a5:cd:62:d2:26:12:b9:91:e7:d1:11:f3:01:c0:cd:c2:32:
         1b:86:ae:21:38:48:e0:c3:f4:dc:7e:2e:72:80:91:a4:1a:1a:
         bc:8c:de:ca
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYHuoTQmBKxGz3jKCLPjpxwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzExMTg1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMyMTk0Y2UzZTJlZDVjNGFiMGU1NTdiMjhlYjkzNGE0OWE5ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFoT6l0KtLvOVFvMCWKh8ooGbfuG
iFbKQmCLr7iFWNK4GdExTAONAvirwiaTLDgAJ5NBvvE4JC6LF2ziMWC0eNe4LdPt
WrjXFszROF7Douv4Z/1UFjt0fnR2ENwVhnpN7R7BqXwO9baLrvB4tu1kI37hA3GV
pmDtVdPl4hLlwMBDQDlSJnMROXkY2fth4EtpNo3/s2ZqgxgiXvPES9s6Ak+AU7df
T/z8QiHew26JQprwcbvkGzm4paXJ0BQkBAckCwluaGn/ZbcHpEoGoF8aFManT+2C
t4uq3b4TbB08ohMCct7+CvRlIdUQbqN/DK3kDTcG4bmFav9YSWlCwVmuwwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFJ3CGUzj4u1cSrDlV7KOuTSkmp5lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbmNJWlRPUGk3VnhLc09WWHNvNjVOS1Nhbm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDA8BAIAATA2AwQCLQxE
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJv
MFwEAgACMFYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMHACoOsQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHACoP5AQBAgMHBCoQzEABwDAN
BgkqhkiG9w0BAQsFAAOCAQEAp2VFru0JW8ItZT/CydbivyXywN8owSJu1GHYz44a
VUNavgEdyX+m1uZi7rrFE/npsaoHpmIWm8v3BQBdNb8zjONkv4NEhiXePfr0N+92
2U2VByBNgpPEwkIDYdtAV1ftuqUaxTSZTOM8bOed97D7rw3xM/NTKuQHjlNFusMO
l1XtxGEqqwyA7/d1Hai+hKQdK9KiBbEbsheKkT8gpsSHUIJX33hc/6kAd8lWQdIM
vuOuFwvY62YUjCRH+9pNgX70P1FLzLxrgWU85X7lJsk6lbq+FcJVmU1rY6XNYtIm
ErmR59ER8wHAzcIyG4auIThI4MP03H4ucoCRpBoavIzeyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org