Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/dpZxNMtidrCaI5iGNjUWWFTUrrY.roa
File:                     dpZxNMtidrCaI5iGNjUWWFTUrrY.roa (raw, json)
Hash identifier:          YGeNSkkuBpIe3NxOQGFL5QurOqaeDwREt/eu+heLBLg=
Subject key identifier:   76:96:71:34:CB:62:76:B0:9A:23:98:86:36:35:16:58:54:D4:AE:B6
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       04A539CD
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/dpZxNMtidrCaI5iGNjUWWFTUrrY.roa
Signing time:             Sun 20 Mar 2022 11:05:24 +0000
ROA not before:           Sun 20 Mar 2022 11:05:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        185.28.51.0/24 maxlen: 24
                          185.231.186.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          31.15.7.0/24 maxlen: 24
                          31.15.6.0/24 maxlen: 24
                          31.15.5.0/24 maxlen: 24
                          89.190.152.0/24 maxlen: 24
                          89.190.152.0/22 maxlen: 22
                          185.225.246.0/24 maxlen: 24
                          185.225.245.0/24 maxlen: 24
                          185.225.244.0/22 maxlen: 22
                          185.225.244.0/24 maxlen: 24
                          89.190.154.0/24 maxlen: 24
                          89.190.153.0/24 maxlen: 24
                          89.190.155.0/24 maxlen: 24
                          185.225.247.0/24 maxlen: 24
                          185.246.15.0/24 maxlen: 24
                          185.246.14.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.12.0/24 maxlen: 24
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.244.229.0/24 maxlen: 24
                          185.244.228.0/24 maxlen: 24
                          80.66.122.0/24 maxlen: 24
                          194.32.112.0/24 maxlen: 24
                          194.32.115.0/24 maxlen: 24
                          194.32.114.0/24 maxlen: 24
                          194.32.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 77937101 (0x4a539cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Mar 20 11:05:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76967134cb6276b09a2398863635165854d4aeb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ae:98:6f:6c:0f:11:92:79:18:8f:5d:d7:92:
                    50:2a:39:ff:b8:02:d2:f0:36:e5:25:60:96:6e:55:
                    31:49:ac:1f:d2:af:09:45:96:75:0c:e1:71:d8:7a:
                    1c:2a:74:36:81:49:c1:5a:52:ff:e8:7e:40:42:0c:
                    87:b0:39:c0:e0:f0:40:9f:23:55:a1:3b:0e:17:4f:
                    ee:77:10:88:2b:c5:4d:85:75:59:0f:d9:bf:64:ff:
                    3c:a3:d5:ee:74:7b:ec:e7:1d:13:b3:bf:26:11:68:
                    da:82:13:06:0b:2f:5f:7b:c9:e8:e4:45:b8:bc:f2:
                    7f:cf:65:c8:a5:44:28:ae:85:9d:59:14:19:8c:b1:
                    ec:9c:55:f4:ee:83:f5:e0:6a:7e:f7:70:94:81:ff:
                    cb:2f:70:4e:1a:91:59:c8:19:98:55:9b:09:08:d0:
                    42:dc:4b:cb:20:52:a8:67:e9:7e:aa:55:71:ab:ad:
                    52:d8:8a:04:48:e4:42:f6:db:c5:44:80:e8:5d:81:
                    e2:76:d7:cf:1d:c6:0a:40:5e:10:8d:69:c3:f9:9d:
                    c2:19:7f:87:f2:02:af:16:7d:6d:f7:85:f7:5b:1c:
                    4c:13:e3:c4:2b:63:a2:89:f8:55:df:50:56:b7:0e:
                    41:a6:1d:69:ef:ea:e9:7c:b6:c5:1e:3f:36:9f:15:
                    30:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:96:71:34:CB:62:76:B0:9A:23:98:86:36:35:16:58:54:D4:AE:B6
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/dpZxNMtidrCaI5iGNjUWWFTUrrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.15.5.0-31.15.7.255
                  80.66.122.0/24
                  89.190.152.0/22
                  185.28.51.0/24
                  185.225.244.0/22
                  185.231.186.0/23
                  185.244.228.0/22
                  185.246.12.0/22
                  194.32.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:66:bb:04:20:0a:ee:f8:d4:18:d3:3e:f9:2d:a2:9b:b2:5d:
         95:f5:03:c3:34:9a:39:93:eb:57:58:85:94:60:97:b9:3b:21:
         4f:7b:5f:56:bf:ce:93:68:ed:26:97:0a:a7:b9:d9:28:fd:25:
         1b:83:a6:90:67:33:f4:74:2c:9e:9a:50:85:f5:28:0e:7d:2d:
         1a:3d:9c:7e:cf:bd:c2:d4:01:3d:60:0d:90:eb:08:a4:87:44:
         80:9f:4d:5e:20:2f:51:3b:71:03:96:dd:80:01:2b:ba:f3:ad:
         a0:32:d2:c9:b1:8c:ae:e3:5a:df:3f:b2:2a:ec:79:9d:ab:d5:
         14:0c:80:5f:10:a4:aa:15:ae:37:1a:65:36:8d:5b:ea:c8:af:
         65:21:e6:4f:db:7f:30:cc:4f:07:14:69:09:e7:af:b0:b4:67:
         1d:de:7c:79:f3:37:14:2c:e9:08:93:98:b7:4f:5c:84:92:6a:
         99:f2:fd:ff:7d:7e:95:58:28:8e:32:b3:88:ea:b6:67:4d:86:
         73:e9:46:ed:c1:1f:f4:43:63:2d:d9:b6:41:2e:5a:98:63:6e:
         41:fc:27:f9:ac:af:c0:34:8a:3c:e2:e6:cb:c8:ca:75:1d:9e:
         1d:f2:15:29:66:ab:6f:c9:94:32:63:38:05:9e:5d:c1:97:fc:
         bf:e3:44:85
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEBKU5zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDMy
MDExMDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY5NjcxMzRjYjYy
NzZiMDlhMjM5ODg2MzYzNTE2NTg1NGQ0YWViNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKumG9sDxGSeRiPXdeSUCo5/7gC0vA25SVglm5VMUmsH9Kv
CUWWdQzhcdh6HCp0NoFJwVpS/+h+QEIMh7A5wODwQJ8jVaE7DhdP7ncQiCvFTYV1
WQ/Zv2T/PKPV7nR77OcdE7O/JhFo2oITBgsvX3vJ6ORFuLzyf89lyKVEKK6FnVkU
GYyx7JxV9O6D9eBqfvdwlIH/yy9wThqRWcgZmFWbCQjQQtxLyyBSqGfpfqpVcaut
UtiKBEjkQvbbxUSA6F2B4nbXzx3GCkBeEI1pw/mdwhl/h/ICrxZ9bfeF91scTBPj
xCtjoon4Vd9QVrcOQaYdae/q6Xy2xR4/Np8VMAMCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBR2lnE0y2J2sJojmIY2NRZYVNSutjAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L2RwWnhOTXRpZHJDYUk1aUdOalVXV0ZUVXJyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPjAMAwQAHw8FAwQDHw8AAwQAUEJ6AwQC
Wb6YAwQAuRwzAwQCueH0AwQBuee6AwQCufTkAwQCufYMAwQCwiBwMA0GCSqGSIb3
DQEBCwUAA4IBAQAgZrsEIAru+NQY0z75LaKbsl2V9QPDNJo5k+tXWIWUYJe5OyFP
e19Wv86TaO0mlwqnudko/SUbg6aQZzP0dCyemlCF9SgOfS0aPZx+z73C1AE9YA2Q
6wikh0SAn01eIC9RO3EDlt2AASu6862gMtLJsYyu41rfP7Iq7Hmdq9UUDIBfEKSq
Fa43GmU2jVvqyK9lIeZP238wzE8HFGkJ56+wtGcd3nx58zcULOkIk5i3T1yEkmqZ
8v3/fX6VWCiOMrOI6rZnTYZz6UbtwR/0Q2Mt2bZBLlqYY25B/Cf5rK/ANIo84ubL
yMp1HZ4d8hUpZqtvyZQyYzgFnl3Bl/y/40SF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org