Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fusgdzg59SdyVbWmKN9xaPbsPPo.roa
File:                     fusgdzg59SdyVbWmKN9xaPbsPPo.roa (raw, json)
Hash identifier:          3Iml9yUTKix5+reK+yhRDfjF1ZZk+EHiB9CEAYDYAtA=
Subject key identifier:   7E:EB:20:77:38:39:F5:27:72:55:B5:A6:28:DF:71:68:F6:EC:3C:FA
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       0183C60C95D04152F255E98FD2B97E81C664
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fusgdzg59SdyVbWmKN9xaPbsPPo.roa
Signing time:             Tue 11 Oct 2022 07:57:37 +0000
ROA not before:           Tue 11 Oct 2022 07:57:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28708
IP address blocks:        194.250.131.0/24 maxlen: 24
                          193.253.141.0/24 maxlen: 24
                          193.253.142.0/23 maxlen: 24
                          80.12.209.0/24 maxlen: 24
                          193.253.170.0/24 maxlen: 24
                          80.12.210.0/24 maxlen: 24
                          193.253.169.0/24 maxlen: 24
                          193.253.168.0/24 maxlen: 24
                          80.10.4.0/23 maxlen: 24
                          90.84.144.0/23 maxlen: 23
                          81.253.0.0/18 maxlen: 24
                          90.84.146.0/24 maxlen: 24
                          193.253.10.0/24 maxlen: 24
                          90.96.0.0/16 maxlen: 24
                          80.10.43.0/24 maxlen: 24
                          80.10.46.0/24 maxlen: 24
                          193.253.78.0/23 maxlen: 24
                          80.12.68.0/23 maxlen: 24
                          80.12.70.0/24 maxlen: 24
                          80.12.66.0/23 maxlen: 24
                          193.251.116.0/24 maxlen: 24
                          80.10.161.0/24 maxlen: 24
                          80.12.100.0/23 maxlen: 24
                          80.12.102.0/24 maxlen: 24
                          81.253.64.0/19 maxlen: 24
                          2a01:cd00::/31 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c6:0c:95:d0:41:52:f2:55:e9:8f:d2:b9:7e:81:c6:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Oct 11 07:57:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7eeb20773839f5277255b5a628df7168f6ec3cfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7c:55:85:49:62:be:4c:4f:21:66:28:13:e4:
                    b8:7a:2c:96:01:12:a5:26:98:f3:9b:9c:65:2c:23:
                    58:6a:e9:06:21:59:3f:ca:a9:4d:c7:fe:30:03:20:
                    c8:d4:ef:b5:e4:62:3a:b8:03:08:c9:60:01:62:ee:
                    96:87:87:16:11:a7:b7:0b:b4:56:0e:85:0a:f9:77:
                    5d:c6:8e:70:45:bf:e1:c2:75:41:ec:f4:3a:a2:e6:
                    18:b3:ba:af:df:5e:08:b2:7e:9c:29:78:70:ff:db:
                    65:50:9a:e4:2b:bf:84:86:39:c7:1c:dc:3e:13:16:
                    cd:2c:16:bc:61:92:e9:51:d1:01:2b:c4:54:0a:3e:
                    a4:b3:39:79:37:de:54:35:42:ad:bf:36:55:98:4c:
                    77:d1:b3:bd:ed:93:8d:48:b2:2a:11:f0:6e:47:ba:
                    cd:91:ce:43:a5:83:c0:3c:0b:29:8b:7e:e0:eb:42:
                    6e:55:84:a7:fb:68:72:69:e7:bf:3a:70:84:fb:f6:
                    45:50:3c:d9:87:aa:6c:a7:98:3b:02:53:bd:43:cf:
                    21:a3:be:8f:a3:1a:b2:4f:18:f9:2e:c8:37:b9:01:
                    40:77:be:9d:56:9b:49:2c:a1:e3:20:06:ff:da:cb:
                    9c:d5:f5:a0:d5:c4:00:23:66:03:93:e0:08:bc:2f:
                    92:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EB:20:77:38:39:F5:27:72:55:B5:A6:28:DF:71:68:F6:EC:3C:FA
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fusgdzg59SdyVbWmKN9xaPbsPPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.10.4.0/23
                  80.10.43.0/24
                  80.10.46.0/24
                  80.10.161.0/24
                  80.12.66.0-80.12.70.255
                  80.12.100.0-80.12.102.255
                  80.12.209.0-80.12.210.255
                  81.253.0.0-81.253.95.255
                  90.84.144.0-90.84.146.255
                  90.96.0.0/16
                  193.251.116.0/24
                  193.253.10.0/24
                  193.253.78.0/23
                  193.253.141.0-193.253.143.255
                  193.253.168.0-193.253.170.255
                  194.250.131.0/24
                IPv6:
                  2a01:cd00::/31

    Signature Algorithm: sha256WithRSAEncryption
         15:4a:76:54:6a:48:f8:c5:10:8b:cf:e7:58:2c:62:09:3b:e0:
         e1:75:53:7e:d6:98:8f:9b:39:2e:bc:8d:c9:25:73:35:4f:81:
         d4:fe:d2:5a:e4:52:20:bf:a9:13:97:ee:1f:22:33:65:9f:53:
         5d:ff:97:3d:b5:64:a3:09:46:a5:f3:81:dd:9d:18:08:04:73:
         dd:2d:54:17:bf:e5:9c:dd:20:54:e3:56:78:e3:c6:f3:e2:05:
         8d:a5:69:a3:84:ea:cc:c4:8a:56:03:14:25:3f:b0:7b:92:91:
         ff:ed:82:65:b3:0f:88:1e:ab:31:d6:1a:92:28:24:62:25:c1:
         16:ae:53:8c:88:78:a4:8e:f7:c8:6d:7b:c2:b9:25:2f:7c:9b:
         47:8b:e9:cb:78:dd:ec:ce:12:91:c7:a0:27:d6:6b:44:17:c0:
         a1:52:c4:a4:85:8d:a3:17:e7:69:d6:78:0e:74:be:09:fe:01:
         b8:b5:a3:31:b7:99:c5:b0:17:ea:78:c1:4a:62:1f:c1:b8:07:
         e5:f9:26:7d:5e:8a:11:f5:0f:2f:7a:07:a5:a1:72:cf:4c:eb:
         f1:bc:c6:b9:3c:84:85:b3:19:a7:9c:70:69:a3:8c:5e:b8:c7:
         67:14:8d:12:34:5c:03:c4:ec:c0:2c:48:a1:2a:00:ac:88:5d:
         67:b1:e6:7c
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYPGDJXQQVLyVemP0rl+gcZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIxMDExMDc1NzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWViMjA3NzM4MzlmNTI3NzI1NWI1YTYyOGRmNzE2OGY2ZWMzY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3xVhUlivkxPIWYoE+S4eiyWARKl
Jpjzm5xlLCNYaukGIVk/yqlNx/4wAyDI1O+15GI6uAMIyWABYu6Wh4cWEae3C7RW
DoUK+Xddxo5wRb/hwnVB7PQ6ouYYs7qv314Isn6cKXhw/9tlUJrkK7+EhjnHHNw+
ExbNLBa8YZLpUdEBK8RUCj6kszl5N95UNUKtvzZVmEx30bO97ZONSLIqEfBuR7rN
kc5DpYPAPAspi37g60JuVYSn+2hyaee/OnCE+/ZFUDzZh6psp5g7AlO9Q88ho76P
oxqyTxj5Lsg3uQFAd76dVptJLKHjIAb/2suc1fWg1cQAI2YDk+AIvC+SGwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFH7rIHc4OfUnclW1pijfcWj27Dz6MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZnVzZ2R6ZzU5U2R5VmJXbUtOOXhhUGJzUFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAFQ
CgQDBABQCisDBABQCi4DBABQCqEwDAMEAVAMQgMEAFAMRjAMAwQCUAxkAwQAUAxm
MAwDBABQDNEDBABQDNIwCwMDAFH9AwQFUf1AMAwDBARaVJADBABaVJIDAwBaYAME
AMH7dAMEAMH9CgMEAcH9TjAMAwQAwf2NAwQEwf2AMAwDBAPB/agDBADB/aoDBADC
+oMwDQQCAAIwBwMFASoBzQAwDQYJKoZIhvcNAQELBQADggEBABVKdlRqSPjFEIvP
51gsYgk74OF1U37WmI+bOS68jcklczVPgdT+0lrkUiC/qROX7h8iM2WfU13/lz21
ZKMJRqXzgd2dGAgEc90tVBe/5ZzdIFTjVnjjxvPiBY2laaOE6szEilYDFCU/sHuS
kf/tgmWzD4geqzHWGpIoJGIlwRauU4yIeKSO98hte8K5JS98m0eL6ct43ezOEpHH
oCfWa0QXwKFSxKSFjaMX52nWeA50vgn+Abi1ozG3mcWwF+p4wUpiH8G4B+X5Jn1e
ihH1Dy96B6Whcs9M6/G8xrk8hIWzGaeccGmjjF64x2cUjRI0XAPE7MAsSKEqAKyI
XWex5nw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org