Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yS7oMP2BfYj4AWbDXNYgbv6SBPo.roa
File:                     yS7oMP2BfYj4AWbDXNYgbv6SBPo.roa (raw, json)
Hash identifier:          /QDtA7EocvdkKZXn5DX672DDMqMKjbY3Z4lM8Vir7qA=
Subject key identifier:   C9:2E:E8:30:FD:81:7D:88:F8:01:66:C3:5C:D6:20:6E:FE:92:04:FA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183DE34FB28C1EDE7CD072C42CD5304EC74
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yS7oMP2BfYj4AWbDXNYgbv6SBPo.roa
Signing time:             Sun 16 Oct 2022 00:32:37 +0000
ROA not before:           Sun 16 Oct 2022 00:32:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          194.50.94.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          31.42.183.0/24 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a0e:97c6:4000::/34 maxlen: 48
                          2a0c:3b80::/29 maxlen: 48
                          2a0e:97c1:200::/40 maxlen: 48
                          2001:7f8:119::/48 maxlen: 48
                          2a10:cc46:1000::/36 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a10:cc40:1c0::/44 maxlen: 44
                          2a0f:e404:102::/48 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a0e:b107:1786::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:de:34:fb:28:c1:ed:e7:cd:07:2c:42:cd:53:04:ec:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 16 00:32:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c92ee830fd817d88f80166c35cd6206efe9204fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8d:5a:3f:f1:a6:b8:3a:82:d4:58:31:37:59:
                    db:22:8c:eb:21:63:03:9f:5f:d7:b4:a5:94:fc:82:
                    1b:5c:93:16:63:25:17:9d:80:74:78:0d:af:92:8f:
                    e3:15:a2:ca:2f:42:09:61:a4:63:dd:bc:9e:36:7b:
                    f4:43:18:07:9d:d2:bb:2e:aa:5f:83:8e:d9:86:8c:
                    f4:d5:b8:0c:e9:3d:48:04:8d:27:20:fa:ed:ef:31:
                    ca:c1:29:d9:86:5f:2c:20:80:7e:d8:2f:82:a2:fc:
                    e3:13:69:c7:c7:9c:14:c8:ec:3f:e6:67:94:d5:85:
                    65:a7:52:b2:73:c2:96:60:36:ed:07:22:03:45:24:
                    68:02:86:a8:1d:7c:fd:c8:63:c9:8d:b0:b1:91:3e:
                    40:13:74:e4:68:5c:c6:c7:3d:f1:e9:4f:d3:e0:4c:
                    00:6c:7b:8d:fc:a1:bd:b2:b9:db:1a:6a:ec:2b:75:
                    a5:b6:0e:a0:9a:95:1c:56:e6:96:7f:a8:6d:a5:2c:
                    c6:8e:d0:49:81:e8:2e:b5:7f:ee:c5:39:ed:75:49:
                    24:0b:3b:0f:72:ac:e6:a1:7f:92:2e:74:d8:03:8d:
                    a6:83:12:5b:45:32:df:8d:4b:a8:fb:2b:a2:2c:13:
                    74:0e:81:49:f6:fb:4b:71:0c:ef:37:9e:28:51:60:
                    ae:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2E:E8:30:FD:81:7D:88:F8:01:66:C3:5C:D6:20:6E:FE:92:04:FA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yS7oMP2BfYj4AWbDXNYgbv6SBPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                  45.136.136.0/22
                  85.202.203.0/24
                  94.177.122.0/24
                  139.28.96.0/22
                  194.50.92.0/24
                  194.50.94.0/24
                  194.50.111.0/24
                IPv6:
                  2001:7f8:119::/48
                  2a09:4c0::/29
                  2a0c:3b80::/29
                  2a0e:97c0:170::/48
                  2a0e:97c0:260::/44
                  2a0e:97c1:200::/40
                  2a0e:97c6:4000::/34
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0f:e404:102::/48
                  2a10:cc40:1c0::/44
                  2a10:cc46:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         2a:4f:86:27:d5:9f:42:ef:8e:69:6f:4c:34:da:37:68:6b:6c:
         f1:6d:35:f9:03:16:ff:92:74:3a:27:ba:7d:dd:96:6e:e7:5d:
         51:fc:5c:e8:80:aa:c9:3f:eb:41:98:c7:9e:f2:90:a7:3c:ce:
         5d:66:3f:43:6e:0e:1e:37:0c:44:79:f5:a1:00:52:9f:ee:94:
         bc:db:2c:3e:ca:67:3a:96:c6:93:9d:02:c0:b9:7c:bf:0d:a7:
         19:66:a3:11:a8:ba:d9:ba:8c:09:2a:4f:70:7c:10:0b:f2:75:
         04:c3:5e:6a:99:96:33:73:58:22:32:c4:6c:56:e1:cc:f4:29:
         d9:ba:5c:3f:42:3a:13:a1:af:9b:10:3e:ff:ea:db:60:5a:8e:
         9c:ee:57:3e:ac:40:e1:15:a2:1e:9e:8e:90:e3:33:7f:2b:ba:
         50:18:0c:dd:21:30:95:7a:2c:47:57:6f:1b:00:da:97:14:0e:
         5e:44:dc:fc:4c:70:61:55:de:b4:72:57:3f:b4:65:3c:a2:d6:
         06:08:fa:dd:e3:1f:4e:c0:7c:71:19:94:4e:d4:89:c8:61:7d:
         0a:c0:e7:0a:a5:5b:aa:63:3a:75:2e:c1:b0:b8:93:13:b1:15:
         db:c6:84:4b:1c:84:90:45:5b:1f:0c:80:95:3e:43:2b:b5:e6:
         53:84:b5:59
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYPeNPsowe3nzQcsQs1TBOx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE2MDAzMjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJlZTgzMGZkODE3ZDg4ZjgwMTY2YzM1Y2Q2MjA2ZWZlOTIwNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp41aP/GmuDqC1FgxN1nbIozrIWMD
n1/XtKWU/IIbXJMWYyUXnYB0eA2vko/jFaLKL0IJYaRj3byeNnv0QxgHndK7Lqpf
g47Zhoz01bgM6T1IBI0nIPrt7zHKwSnZhl8sIIB+2C+CovzjE2nHx5wUyOw/5meU
1YVlp1Kyc8KWYDbtByIDRSRoAoaoHXz9yGPJjbCxkT5AE3TkaFzGxz3x6U/T4EwA
bHuN/KG9srnbGmrsK3Wltg6gmpUcVuaWf6htpSzGjtBJgegutX/uxTntdUkkCzsP
cqzmoX+SLnTYA42mgxJbRTLfjUuo+yuiLBN0DoFJ9vtLcQzvN54oUWCu6wIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFMku6DD9gX2I+AFmw1zWIG7+kgT6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVM3b01QMkJmWWo0QVdiRFhOWWdidjZTQlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMHQEAgAC
MG4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwYGKg6XxkADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAqD+QEAQID
BwQqEMxAAcADBgQqEMxGEDANBgkqhkiG9w0BAQsFAAOCAQEAKk+GJ9WfQu+OaW9M
NNo3aGts8W01+QMW/5J0Oie6fd2WbuddUfxc6ICqyT/rQZjHnvKQpzzOXWY/Q24O
HjcMRHn1oQBSn+6UvNssPspnOpbGk50CwLl8vw2nGWajEai62bqMCSpPcHwQC/J1
BMNeapmWM3NYIjLEbFbhzPQp2bpcP0I6E6GvmxA+/+rbYFqOnO5XPqxA4RWiHp6O
kOMzfyu6UBgM3SEwlXosR1dvGwDalxQOXkTc/ExwYVXetHJXP7RlPKLWBgj63eMf
TsB8cRmUTtSJyGF9CsDnCqVbqmM6dS7BsLiTE7EV28aESxyEkEVbHwyAlT5DK7Xm
U4S1WQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org