Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa
File:                     NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa (raw, json)
Hash identifier:          Ox6uh6vN68yVSJRXPxSKX69AZOC4qYJjVdL2VrdI70c=
Subject key identifier:   35:1A:C0:9E:A2:8D:FD:B3:75:63:2D:3F:80:69:00:18:F7:F0:1D:44
Certificate issuer:       /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial:       0184E3B9B16CEACF0CC57DEBF2CC0599824B
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa
Signing time:             Mon 05 Dec 2022 19:18:28 +0000
ROA not before:           Mon 05 Dec 2022 19:18:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39122
IP address blocks:        185.97.236.0/22 maxlen: 22
                          81.17.240.0/20 maxlen: 24
                          194.36.58.0/23 maxlen: 23
                          91.197.234.0/23 maxlen: 23
                          194.36.64.0/23 maxlen: 23
                          176.52.222.0/23 maxlen: 23
                          185.209.164.0/22 maxlen: 22
                          200.69.8.0/21 maxlen: 21
                          185.206.192.0/22 maxlen: 22
                          78.153.192.0/19 maxlen: 24
                          185.2.64.0/22 maxlen: 22
                          46.22.128.0/20 maxlen: 20
                          2a01:a8::/32 maxlen: 32
                          2a01:ac::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e3:b9:b1:6c:ea:cf:0c:c5:7d:eb:f2:cc:05:99:82:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
        Validity
            Not Before: Dec  5 19:18:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=351ac09ea28dfdb375632d3f80690018f7f01d44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:aa:26:25:fc:77:b9:23:01:60:6e:3e:c9:6b:
                    19:d9:d7:da:60:35:db:74:7e:04:80:ed:23:0b:00:
                    c7:9d:1b:4e:91:72:d3:d8:95:6a:e2:e8:71:e8:05:
                    74:17:40:76:78:9e:d7:81:ae:9c:e6:63:d7:97:b3:
                    94:97:b0:36:3e:d8:1f:e8:7e:a9:8f:1b:26:b0:91:
                    57:ad:d3:36:4c:c3:be:f9:79:e7:e5:3d:60:95:45:
                    7c:de:4e:d1:c3:67:3b:54:0d:d5:94:dd:1a:d7:81:
                    82:b3:00:29:f3:82:1e:14:84:65:cc:ca:8f:e9:3d:
                    45:c0:53:5f:54:41:ad:9e:4b:93:41:80:eb:1e:dc:
                    f7:ad:f3:e2:0c:64:2a:cd:e7:24:c9:bb:8e:55:b1:
                    c5:b6:e2:72:e3:89:e6:e3:2d:3d:f3:0c:3c:30:6e:
                    16:3c:8e:37:cc:73:60:04:76:81:55:74:0c:5e:48:
                    0a:dc:d2:bd:99:48:15:50:28:eb:bf:d1:6a:84:ab:
                    ee:84:5b:6a:03:7a:ad:dc:b5:9d:ff:33:9f:92:45:
                    3a:86:80:37:f1:0e:5a:83:b3:a9:bd:37:7a:5f:25:
                    f0:84:96:8d:ed:fb:c0:4d:c2:a9:36:cf:83:b1:7f:
                    9c:eb:cc:ed:d1:3b:f2:00:20:28:c0:85:46:5e:75:
                    b4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:1A:C0:9E:A2:8D:FD:B3:75:63:2D:3F:80:69:00:18:F7:F0:1D:44
            X509v3 Authority Key Identifier:
                keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.22.128.0/20
                  78.153.192.0/19
                  81.17.240.0/20
                  91.197.234.0/23
                  176.52.222.0/23
                  185.2.64.0/22
                  185.97.236.0/22
                  185.206.192.0/22
                  185.209.164.0/22
                  194.36.58.0/23
                  194.36.64.0/23
                  200.69.8.0/21
                IPv6:
                  2a01:a8::/32
                  2a01:ac::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:0f:a7:ef:fb:6d:ad:06:c3:5b:f1:1a:5a:9c:9d:66:e1:3b:
         37:b3:ee:29:10:8f:e6:48:70:40:26:7a:22:bc:f2:fa:48:ad:
         9b:b8:2b:0a:1f:7d:97:ba:6b:3b:15:33:6a:de:d9:a7:03:b8:
         a6:38:8d:24:2b:02:88:32:c3:65:13:b7:08:aa:8c:c9:d8:ba:
         83:2b:75:ee:ae:4a:87:78:56:1c:a8:bf:e9:4e:e8:b5:0e:a7:
         84:0c:2e:0d:69:c6:30:91:ff:86:10:69:f1:f7:b5:41:a0:68:
         a5:83:ee:2e:8b:ed:0a:07:63:3a:60:31:1c:d4:06:b6:a5:23:
         00:e5:4d:73:bf:1d:3f:3f:51:2a:69:3f:a5:3b:8a:55:6a:a4:
         e6:29:b5:63:ca:6d:fa:71:02:96:e2:04:11:59:89:4c:c8:14:
         5a:4c:ed:8c:fc:fa:e9:30:ac:8f:9c:e9:fa:a8:5c:b1:4e:62:
         50:b1:36:8a:f3:42:33:52:50:d4:39:61:e5:32:2c:19:0e:0e:
         bd:e8:b2:f9:c4:43:ef:c0:7e:2e:87:9a:e2:b1:88:05:bd:81:
         54:e3:3d:8a:0a:59:7f:92:76:0a:7d:1a:c5:c3:d9:64:ea:26:
         fa:1f:27:95:c8:36:8e:22:5f:ec:5c:67:20:83:a1:dc:c9:0a:
         66:51:ee:c4
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYTjubFs6s8MxX3r8swFmYJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjIxMjA1MTkxODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFhYzA5ZWEyOGRmZGIzNzU2MzJkM2Y4MDY5MDAxOGY3ZjAxZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6omJfx3uSMBYG4+yWsZ2dfaYDXb
dH4EgO0jCwDHnRtOkXLT2JVq4uhx6AV0F0B2eJ7Xga6c5mPXl7OUl7A2Ptgf6H6p
jxsmsJFXrdM2TMO++Xnn5T1glUV83k7Rw2c7VA3VlN0a14GCswAp84IeFIRlzMqP
6T1FwFNfVEGtnkuTQYDrHtz3rfPiDGQqzeckybuOVbHFtuJy44nm4y098ww8MG4W
PI43zHNgBHaBVXQMXkgK3NK9mUgVUCjrv9FqhKvuhFtqA3qt3LWd/zOfkkU6hoA3
8Q5ag7OpvTd6XyXwhJaN7fvATcKpNs+DsX+c68zt0TvyACAowIVGXnW0swIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDUawJ6ijf2zdWMtP4BpABj38B1EMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvTlJyQW5xS05fYk4xWXkwX2dHa0FHUGZ3SFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCuWHsAwQCuc7AAwQCudGkAwQB
wiQ6AwQBwiRAAwQDyEUIMBQEAgACMA4DBQAqAQCoAwUAKgEArDANBgkqhkiG9w0B
AQsFAAOCAQEAYg+n7/ttrQbDW/EaWpydZuE7N7PuKRCP5khwQCZ6Irzy+kitm7gr
Ch99l7prOxUzat7ZpwO4pjiNJCsCiDLDZRO3CKqMydi6gyt17q5Kh3hWHKi/6U7o
tQ6nhAwuDWnGMJH/hhBp8fe1QaBopYPuLovtCgdjOmAxHNQGtqUjAOVNc78dPz9R
Kmk/pTuKVWqk5im1Y8pt+nECluIEEVmJTMgUWkztjPz66TCsj5zp+qhcsU5iULE2
ivNCM1JQ1Dlh5TIsGQ4Oveiy+cRD78B+Loea4rGIBb2BVOM9igpZf5J2Cn0axcPZ
ZOom+h8nlcg2jiJf7FxnIIOh3MkKZlHuxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org