Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/7Pts5MFOS4aRccYg3pTDoxbxNp8.roa
File:                     7Pts5MFOS4aRccYg3pTDoxbxNp8.roa (raw, json)
Hash identifier:          mMbWLi69O9ucWlm3YI0zwVGrXKsJTMOIuk3dTIJTSpQ=
Subject key identifier:   EC:FB:6C:E4:C1:4E:4B:86:91:71:C6:20:DE:94:C3:A3:16:F1:36:9F
Certificate issuer:       /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial:       0596951E
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/7Pts5MFOS4aRccYg3pTDoxbxNp8.roa
Signing time:             Thu 27 Jan 2022 22:48:15 +0000
ROA not before:           Thu 27 Jan 2022 22:48:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204035
IP address blocks:        37.228.132.0/24 maxlen: 24
                          37.228.134.0/24 maxlen: 24
                          185.101.92.0/22 maxlen: 22
                          37.228.151.0/24 maxlen: 24
                          37.228.148.0/24 maxlen: 24
                          185.116.156.0/24 maxlen: 24
                          185.116.157.0/24 maxlen: 24
                          185.116.158.0/24 maxlen: 24
                          193.56.156.0/24 maxlen: 24
                          185.107.193.0/24 maxlen: 24
                          194.125.248.0/22 maxlen: 22
                          194.125.250.0/24 maxlen: 24
                          193.46.24.0/22 maxlen: 22
                          185.245.168.0/22 maxlen: 22
                          2a06:7f80::/29 maxlen: 29
                          2a06:1c40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93754654 (0x596951e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
        Validity
            Not Before: Jan 27 22:48:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecfb6ce4c14e4b869171c620de94c3a316f1369f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c2:89:47:fc:a2:45:53:f2:cc:8e:74:d8:13:
                    87:75:36:0c:f6:aa:62:37:1a:71:ab:b5:c4:67:bf:
                    e8:90:5a:5e:6f:93:f2:74:d0:ce:97:32:b4:e8:61:
                    b5:b2:b3:04:04:af:05:97:8d:da:cb:76:a8:63:3e:
                    8f:ae:9c:e4:5e:d7:4c:82:29:1a:f1:2a:e5:65:bd:
                    43:eb:e7:34:74:ed:e1:a0:e2:fa:15:f1:ac:56:60:
                    93:f3:bd:d6:d7:a7:30:c2:e5:69:24:04:db:e1:33:
                    e0:b6:0c:b6:72:fc:07:be:0b:88:ca:09:f1:87:83:
                    92:1c:a2:6c:58:dd:0f:fa:14:d1:0f:9d:31:eb:fd:
                    5a:cd:79:18:3d:a3:81:2d:d8:4f:24:1b:8a:c0:bc:
                    b5:6e:71:1f:00:2c:4c:4f:3e:96:4b:0c:b9:10:97:
                    91:54:c8:bf:e4:68:bb:77:f5:8b:19:f2:fe:3e:8a:
                    a2:92:43:da:b7:aa:0f:ec:64:ba:22:96:af:5c:c0:
                    4f:c3:d5:8e:1d:66:e6:d6:e1:37:c6:0a:17:70:e6:
                    c6:67:5b:18:80:a5:1c:3e:20:d5:ae:66:61:70:d3:
                    ad:47:99:2d:c7:e1:cb:57:0d:f0:24:fe:1b:4a:b0:
                    72:f6:73:ce:c5:65:11:bc:9c:31:5e:db:bf:ed:d4:
                    31:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:FB:6C:E4:C1:4E:4B:86:91:71:C6:20:DE:94:C3:A3:16:F1:36:9F
            X509v3 Authority Key Identifier:
                keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/7Pts5MFOS4aRccYg3pTDoxbxNp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.228.132.0/24
                  37.228.134.0/24
                  37.228.148.0/24
                  37.228.151.0/24
                  185.101.92.0/22
                  185.107.193.0/24
                  185.116.156.0-185.116.158.255
                  185.245.168.0/22
                  193.46.24.0/22
                  193.56.156.0/24
                  194.125.248.0/22
                IPv6:
                  2a06:1c40::/29
                  2a06:7f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         08:01:a8:16:ab:73:2b:d6:12:28:4a:12:60:17:74:9f:97:9e:
         52:35:3e:6a:8e:b2:4d:d9:56:03:d0:49:36:8d:23:e1:ec:ff:
         9f:9d:9e:da:d4:e2:87:49:75:a9:37:f9:56:d7:2f:86:5a:87:
         e8:4b:b3:e2:2a:4e:b1:06:92:15:f8:18:ab:e8:03:b6:ee:75:
         a7:4a:e8:ea:fe:ad:b5:ff:b4:82:a2:1d:5b:06:0d:e0:1a:68:
         30:d4:69:9d:c5:e3:9c:34:c8:ba:e8:7b:57:b9:71:17:90:7f:
         ab:f1:21:81:96:53:43:6b:83:52:8f:a3:4c:8b:92:86:ab:f7:
         42:c2:64:a6:f7:7e:0b:40:e9:69:15:b5:3e:9a:ae:ce:b6:1b:
         fe:f1:77:f1:5c:0a:5c:19:8b:ab:a4:a6:08:e2:3c:81:2c:21:
         6c:96:e5:4f:48:d4:7c:48:8a:c0:fd:33:95:81:bd:ab:c8:69:
         96:ed:65:ff:f8:ca:05:02:33:77:21:90:1f:32:6c:f7:8d:d4:
         30:fd:9a:67:9c:c1:8b:5a:81:e2:3a:cc:ff:1e:d8:85:9e:39:
         2f:68:c7:2f:90:58:de:73:15:ca:72:1c:7d:0d:87:07:3b:43:
         0f:20:12:3d:b9:ae:4d:cf:02:c1:ab:ab:20:2c:c4:32:1d:b1:
         fc:ee:3e:95
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEBZaVHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGQxODE5NmIyOWY2MGU4NWQ4NzEyZGU0MDM5YTUzMWNmYzFhYjMxMB4XDTIyMDEy
NzIyNDgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNmYjZjZTRjMTRl
NGI4NjkxNzFjNjIwZGU5NGMzYTMxNmYxMzY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLCiUf8okVT8syOdNgTh3U2DPaqYjcacau1xGe/6JBaXm+T
8nTQzpcytOhhtbKzBASvBZeN2st2qGM+j66c5F7XTIIpGvEq5WW9Q+vnNHTt4aDi
+hXxrFZgk/O91tenMMLlaSQE2+Ez4LYMtnL8B74LiMoJ8YeDkhyibFjdD/oU0Q+d
Mev9Ws15GD2jgS3YTyQbisC8tW5xHwAsTE8+lksMuRCXkVTIv+Rou3f1ixny/j6K
opJD2reqD+xkuiKWr1zAT8PVjh1m5tbhN8YKF3DmxmdbGIClHD4g1a5mYXDTrUeZ
Lcfhy1cN8CT+G0qwcvZzzsVlEbycMV7bv+3UMX8CAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBTs+2zkwU5LhpFxxiDelMOjFvE2nzAfBgNVHSMEGDAWgBRQ0YGWsp9g6F2H
Et5AOaUxz8GrMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VOR0JscktmWU9oZGh4TGVRRG1sTWNfQnF6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvY2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8x
LzdQdHM1TUZPUzRhUmNjWWczcFREb3hieE5wOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Y2JlY2Y0LWJjZWQtNGQ4My1iZmNhLWI0YTE4MWNkNDBmNi8xL1VOR0JscktmWU9o
ZGh4TGVRRG1sTWNfQnF6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEACXkhAMEACXkhgMEACXklAMEACXk
lwMEArllXAMEALlrwTAMAwQCuXScAwQAuXSeAwQCufWoAwQCwS4YAwQAwTicAwQC
wn34MBQEAgACMA4DBQMqBhxAAwUDKgZ/gDANBgkqhkiG9w0BAQsFAAOCAQEACAGo
FqtzK9YSKEoSYBd0n5eeUjU+ao6yTdlWA9BJNo0j4ez/n52e2tTih0l1qTf5Vtcv
hlqH6Euz4ipOsQaSFfgYq+gDtu51p0ro6v6ttf+0gqIdWwYN4BpoMNRpncXjnDTI
uuh7V7lxF5B/q/EhgZZTQ2uDUo+jTIuShqv3QsJkpvd+C0DpaRW1PpquzrYb/vF3
8VwKXBmLq6SmCOI8gSwhbJblT0jUfEiKwP0zlYG9q8hplu1l//jKBQIzdyGQHzJs
943UMP2aZ5zBi1qB4jrM/x7YhZ45L2jHL5BY3nMVynIcfQ2HBztDDyASPbmuTc8C
waurICzEMh2x/O4+lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:08 2024 by rpki-client on console-fra.rpki-client.org