Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/EYNFy3qzwR-Rg1fw0fg0ajNj7yk.roa
File:                     EYNFy3qzwR-Rg1fw0fg0ajNj7yk.roa (raw, json)
Hash identifier:          zuyBdLkn9j0/908kWfoVzSP6KKWSn4usXR9Lw3k98FE=
Subject key identifier:   11:83:45:CB:7A:B3:C1:1F:91:83:57:F0:D1:F8:34:6A:33:63:EF:29
Certificate issuer:       /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial:       03A305DC
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/EYNFy3qzwR-Rg1fw0fg0ajNj7yk.roa
Signing time:             Sat 01 Jan 2022 04:57:32 +0000
ROA not before:           Sat 01 Jan 2022 04:57:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42512
IP address blocks:        91.208.65.0/24 maxlen: 24
                          193.110.79.0/24 maxlen: 24
                          91.225.120.0/22 maxlen: 22
                          91.225.120.0/24 maxlen: 24
                          91.225.123.0/24 maxlen: 24
                          91.225.122.0/24 maxlen: 24
                          91.225.121.0/24 maxlen: 24
                          31.43.168.0/24 maxlen: 24
                          31.43.168.0/22 maxlen: 22
                          31.43.171.0/24 maxlen: 24
                          31.43.170.0/24 maxlen: 24
                          31.43.169.0/24 maxlen: 24
                          31.43.182.0/24 maxlen: 24
                          31.43.181.0/24 maxlen: 24
                          31.43.180.0/22 maxlen: 22
                          31.43.180.0/24 maxlen: 24
                          31.43.183.0/24 maxlen: 24
                          193.110.78.0/24 maxlen: 24
                          193.110.77.0/24 maxlen: 24
                          193.110.76.0/22 maxlen: 22
                          193.110.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61015516 (0x3a305dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
        Validity
            Not Before: Jan  1 04:57:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=118345cb7ab3c11f918357f0d1f8346a3363ef29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f9:a5:d2:a3:f8:0f:82:ea:ca:05:0f:47:7e:
                    49:7e:19:ff:13:90:51:5c:75:b2:f3:cf:f5:fc:e6:
                    9c:63:5b:7d:0d:6e:6f:35:56:d6:6c:48:fb:ba:77:
                    73:51:75:c9:35:65:26:b5:c1:42:82:ba:90:2c:4a:
                    29:39:25:4a:ff:b3:1c:07:10:b9:36:a4:5a:d6:c2:
                    b5:1f:7f:54:87:1e:88:94:82:a7:c8:55:3c:17:2c:
                    67:81:46:61:39:23:da:72:a7:a2:78:c8:5a:44:a7:
                    37:50:dc:13:88:80:a8:96:d8:5a:95:a8:03:7f:a7:
                    27:0b:a0:74:76:0b:0a:e1:db:68:78:f1:1f:5c:d6:
                    e4:f8:05:ed:d9:88:81:ec:e7:4a:6b:50:17:d9:5b:
                    66:dd:b5:de:79:fa:54:14:b8:c5:39:62:15:22:2f:
                    6f:a0:2e:f5:4b:60:c7:0a:3d:05:d5:e5:80:47:12:
                    13:96:0f:02:0a:5e:12:cd:26:fe:8a:8b:df:22:dd:
                    0a:1e:b0:91:02:a3:cf:ec:98:4c:d9:50:f8:db:68:
                    e2:c4:9e:84:ba:8c:30:5e:5e:60:ac:7d:c7:72:ad:
                    cf:b0:58:85:98:bf:95:74:33:99:9b:95:4c:bc:85:
                    55:10:b1:10:83:c0:1d:b5:8a:bc:a2:5f:e6:67:dc:
                    2f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:83:45:CB:7A:B3:C1:1F:91:83:57:F0:D1:F8:34:6A:33:63:EF:29
            X509v3 Authority Key Identifier:
                keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/EYNFy3qzwR-Rg1fw0fg0ajNj7yk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.168.0/22
                  31.43.180.0/22
                  91.208.65.0/24
                  91.225.120.0/22
                  193.110.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:8c:ff:d6:be:ff:da:ac:6f:8a:ee:51:95:1b:4d:d5:ee:9d:
         3e:03:e7:68:24:99:63:23:29:e7:d7:59:63:98:76:44:a3:87:
         ef:bf:4f:8a:7b:99:45:c2:05:84:99:ea:0b:9a:46:8c:ee:0f:
         d1:bf:ae:9f:d2:95:80:3d:f4:35:6c:25:be:66:b4:7a:3c:16:
         c6:51:b0:37:9b:b5:1f:c4:fa:e8:b1:b2:68:cc:47:7e:c2:2a:
         06:4a:cb:54:52:73:0c:d6:90:8d:08:72:2b:29:7b:26:02:b1:
         7d:a5:da:27:f7:34:67:3d:b4:95:d3:e3:80:bb:9d:22:72:42:
         e1:ab:e9:8b:98:be:35:2f:be:f2:6e:2d:20:ca:06:11:ee:db:
         51:1b:da:e9:ac:10:58:0a:fb:76:3f:ae:10:c7:fc:d6:95:d8:
         47:0a:d7:ec:68:f7:17:c0:f8:46:53:b2:d1:52:7e:3e:27:a4:
         ff:4f:bb:38:9b:c0:50:7e:fc:ca:01:ce:ff:1d:b2:18:f2:7a:
         ac:ae:1f:89:24:a9:41:7a:7d:01:6a:50:e5:96:a8:e0:4e:ab:
         96:88:70:7b:a8:9b:d7:c2:5b:f1:9c:22:c1:42:c8:58:5f:36:
         42:89:6d:6d:87:07:0d:5a:96:5a:9c:6d:1e:fd:d7:97:76:db:
         4a:39:24:f5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA6MF3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTBmNzYyODJkZjUzMjA5YTU4YzAzMDJlNzRmOGE5N2NhM2FmZjA1MB4XDTIyMDEw
MTA0NTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE4MzQ1Y2I3YWIz
YzExZjkxODM1N2YwZDFmODM0NmEzMzYzZWYyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJb5pdKj+A+C6soFD0d+SX4Z/xOQUVx1svPP9fzmnGNbfQ1u
bzVW1mxI+7p3c1F1yTVlJrXBQoK6kCxKKTklSv+zHAcQuTakWtbCtR9/VIceiJSC
p8hVPBcsZ4FGYTkj2nKnonjIWkSnN1DcE4iAqJbYWpWoA3+nJwugdHYLCuHbaHjx
H1zW5PgF7dmIgeznSmtQF9lbZt213nn6VBS4xTliFSIvb6Au9Utgxwo9BdXlgEcS
E5YPAgpeEs0m/oqL3yLdCh6wkQKjz+yYTNlQ+Nto4sSehLqMMF5eYKx9x3Ktz7BY
hZi/lXQzmZuVTLyFVRCxEIPAHbWKvKJf5mfcL7kCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQRg0XLerPBH5GDV/DR+DRqM2PvKTAfBgNVHSMEGDAWgBTqD3YoLfUyCaWM
AwLnT4qXyjr/BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZnOTJLQzMxTWdtbGpBTUM1MC1LbDhvNl93VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZTdmYTU1LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMyNC8x
L0VZTkZ5M3F6d1ItUmcxZncwZmcwYWpOajd5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZTdmYTU1LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMyNC8xLzZnOTJLQzMxTWdt
bGpBTUM1MC1LbDhvNl93VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAh8rqAMEAh8rtAMEAFvQQQMEAlvh
eAMEAsFuTDANBgkqhkiG9w0BAQsFAAOCAQEAq4z/1r7/2qxviu5RlRtN1e6dPgPn
aCSZYyMp59dZY5h2RKOH779PinuZRcIFhJnqC5pGjO4P0b+un9KVgD30NWwlvma0
ejwWxlGwN5u1H8T66LGyaMxHfsIqBkrLVFJzDNaQjQhyKyl7JgKxfaXaJ/c0Zz20
ldPjgLudInJC4avpi5i+NS++8m4tIMoGEe7bURva6awQWAr7dj+uEMf81pXYRwrX
7Gj3F8D4RlOy0VJ+Piek/0+7OJvAUH78ygHO/x2yGPJ6rK4fiSSpQXp9AWpQ5Zao
4E6rlohwe6ib18Jb8ZwiwULIWF82QoltbYcHDVqWWpxtHv3Xl3bbSjkk9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:35 2024 by rpki-client on console-ams.rpki-client.org