Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ws4LN1MFsJf0Ve57RLqF4eya4lo.roa
File:                     ws4LN1MFsJf0Ve57RLqF4eya4lo.roa (raw, json)
Hash identifier:          eZK4jyZQbABqC/lzFBMD6JPlGqsoMPW7ExHWYblv5q4=
Subject key identifier:   C2:CE:0B:37:53:05:B0:97:F4:55:EE:7B:44:BA:85:E1:EC:9A:E2:5A
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       04C3417B
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ws4LN1MFsJf0Ve57RLqF4eya4lo.roa
Signing time:             Fri 01 Apr 2022 16:20:32 +0000
ROA not before:           Fri 01 Apr 2022 16:20:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        185.28.51.0/24 maxlen: 24
                          185.231.186.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          31.15.7.0/24 maxlen: 24
                          31.15.6.0/24 maxlen: 24
                          31.15.5.0/24 maxlen: 24
                          89.190.152.0/24 maxlen: 24
                          89.190.152.0/22 maxlen: 22
                          185.225.246.0/24 maxlen: 24
                          185.225.245.0/24 maxlen: 24
                          185.225.244.0/22 maxlen: 22
                          185.225.244.0/24 maxlen: 24
                          89.190.154.0/24 maxlen: 24
                          89.190.153.0/24 maxlen: 24
                          89.190.155.0/24 maxlen: 24
                          185.225.247.0/24 maxlen: 24
                          185.246.15.0/24 maxlen: 24
                          185.246.14.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.12.0/24 maxlen: 24
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.244.229.0/24 maxlen: 24
                          185.244.228.0/24 maxlen: 24
                          80.66.122.0/24 maxlen: 24
                          194.32.112.0/22 maxlen: 22
                          194.32.112.0/24 maxlen: 24
                          194.32.115.0/24 maxlen: 24
                          194.32.114.0/24 maxlen: 24
                          194.32.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79905147 (0x4c3417b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Apr  1 16:20:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2ce0b375305b097f455ee7b44ba85e1ec9ae25a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8c:02:e2:99:cf:c0:a7:a5:18:82:f7:46:27:
                    fd:f7:34:b2:7b:88:65:3e:29:f2:12:cb:09:48:ec:
                    c2:49:41:c9:47:28:2b:00:f0:c6:df:66:45:78:14:
                    14:3b:14:74:44:ff:33:80:89:91:66:8f:a5:53:f8:
                    fb:cb:e9:8e:82:fb:10:ed:a9:70:da:1f:18:63:ff:
                    ff:c8:cc:b3:5d:10:cd:e3:72:cd:91:6c:95:82:9a:
                    3b:ab:f6:cd:b8:b7:42:d1:66:d5:cd:fb:cd:2f:e9:
                    95:e8:9b:df:74:b7:04:6d:93:f6:14:9b:b6:da:44:
                    a4:cc:a5:ae:e5:c8:12:53:4d:72:c8:05:ed:c4:d5:
                    63:b0:4d:3a:86:e5:72:a6:05:55:9f:e1:cd:b4:26:
                    eb:f2:1a:2a:37:52:05:eb:56:0c:23:0a:06:8c:ac:
                    1e:00:9d:40:74:13:ea:d8:ef:41:91:9a:e2:0e:68:
                    16:9b:0e:f7:c1:11:1a:fe:08:a6:e1:15:40:95:f1:
                    97:bd:6e:f2:f2:28:52:3a:e4:c7:e9:64:4d:03:ca:
                    f7:d1:fc:77:71:8e:e3:7f:8a:12:ba:e9:65:e2:3b:
                    2c:6f:e9:ec:e9:bc:23:f6:86:1d:5a:4d:b0:20:f3:
                    46:76:3d:cb:e5:57:ee:47:33:e2:ed:43:c0:51:8b:
                    9f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:CE:0B:37:53:05:B0:97:F4:55:EE:7B:44:BA:85:E1:EC:9A:E2:5A
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ws4LN1MFsJf0Ve57RLqF4eya4lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.15.5.0-31.15.7.255
                  80.66.122.0/24
                  89.190.152.0/22
                  185.28.51.0/24
                  185.225.244.0/22
                  185.231.186.0/23
                  185.244.228.0/22
                  185.246.12.0/22
                  194.32.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:72:20:43:9a:2b:42:24:53:f8:f0:5d:7f:be:4d:49:65:a4:
         a2:da:64:e0:69:74:c0:a9:1b:f2:7f:14:bc:0c:bd:ca:a3:26:
         96:ae:77:f5:0d:0d:84:3c:ab:0a:04:38:d1:5c:e4:38:95:68:
         0f:80:b2:cd:14:fa:98:16:2b:2c:83:3a:2c:72:26:73:09:de:
         6a:71:2e:ce:f5:b4:23:f2:e9:03:a0:2f:2a:86:36:a3:38:e1:
         62:74:fa:85:eb:94:05:b5:4d:49:0c:f5:42:77:b0:6f:f7:df:
         15:6c:fd:b3:45:72:8e:26:a6:f7:44:73:88:22:d3:e4:d8:62:
         b1:ed:60:01:d3:17:1c:4a:94:c6:ef:89:c7:56:c2:5c:3b:7f:
         dc:72:d9:31:fe:60:c6:75:4d:f5:ea:82:d9:b2:da:45:eb:93:
         81:6c:70:4c:22:b4:38:06:93:46:cc:4b:d3:b7:47:47:c6:96:
         28:36:c1:4d:27:2f:cf:0d:5c:03:b1:26:30:79:3d:8d:2f:6d:
         f1:2f:c7:bb:52:c8:07:de:24:a8:d3:77:aa:15:61:cb:7d:1f:
         6d:ae:26:c7:89:82:24:40:60:59:ce:8e:c1:d9:62:05:29:b4:
         44:84:c0:c4:a7:24:12:aa:74:d1:38:a0:d2:b2:72:c0:70:db:
         c2:ea:e4:10
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEBMNBezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDQw
MTE2MjAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJjZTBiMzc1MzA1
YjA5N2Y0NTVlZTdiNDRiYTg1ZTFlYzlhZTI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2MAuKZz8CnpRiC90Yn/fc0snuIZT4p8hLLCUjswklByUco
KwDwxt9mRXgUFDsUdET/M4CJkWaPpVP4+8vpjoL7EO2pcNofGGP//8jMs10QzeNy
zZFslYKaO6v2zbi3QtFm1c37zS/pleib33S3BG2T9hSbttpEpMylruXIElNNcsgF
7cTVY7BNOoblcqYFVZ/hzbQm6/IaKjdSBetWDCMKBoysHgCdQHQT6tjvQZGa4g5o
FpsO98ERGv4IpuEVQJXxl71u8vIoUjrkx+lkTQPK99H8d3GO43+KErrpZeI7LG/p
7Om8I/aGHVpNsCDzRnY9y+VX7kcz4u1DwFGLnz8CAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBTCzgs3UwWwl/RV7ntEuoXh7JriWjAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L3dzNExOMU1Gc0pmMFZlNTdSTHFGNGV5YTRsby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPjAMAwQAHw8FAwQDHw8AAwQAUEJ6AwQC
Wb6YAwQAuRwzAwQCueH0AwQBuee6AwQCufTkAwQCufYMAwQCwiBwMA0GCSqGSIb3
DQEBCwUAA4IBAQBfciBDmitCJFP48F1/vk1JZaSi2mTgaXTAqRvyfxS8DL3KoyaW
rnf1DQ2EPKsKBDjRXOQ4lWgPgLLNFPqYFissgzosciZzCd5qcS7O9bQj8ukDoC8q
hjajOOFidPqF65QFtU1JDPVCd7Bv998VbP2zRXKOJqb3RHOIItPk2GKx7WAB0xcc
SpTG74nHVsJcO3/cctkx/mDGdU316oLZstpF65OBbHBMIrQ4BpNGzEvTt0dHxpYo
NsFNJy/PDVwDsSYweT2NL23xL8e7UsgH3iSo03eqFWHLfR9tribHiYIkQGBZzo7B
2WIFKbREhMDEpyQSqnTROKDSsnLAcNvC6uQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org