Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1-_YSv4j5-znn-GDcxu2AbbSlaQw.roa
File:                     1-_YSv4j5-znn-GDcxu2AbbSlaQw.roa (raw, json)
Hash identifier:          ERt0UZ0XaqhTF79Q4z3DKSQutq87MkRwDFVFwgOj1n8=
Subject key identifier:   FB:F6:12:BF:88:F9:FB:39:E7:F8:60:DC:C6:ED:80:6D:B4:A5:69:0C
Certificate issuer:       /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial:       26247665
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1-_YSv4j5-znn-GDcxu2AbbSlaQw.roa
Signing time:             Sat 01 Jan 2022 03:57:03 +0000
ROA not before:           Sat 01 Jan 2022 03:57:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42925
IP address blocks:        37.60.44.0/22 maxlen: 22
                          37.60.40.0/21 maxlen: 21
                          37.60.40.0/22 maxlen: 22
                          213.151.32.0/24 maxlen: 24
                          213.151.32.0/19 maxlen: 19
                          213.151.48.0/20 maxlen: 20
                          95.86.64.0/19 maxlen: 19
                          164.138.112.0/21 maxlen: 21
                          164.138.112.0/20 maxlen: 20
                          164.138.120.0/21 maxlen: 21
                          95.86.64.0/18 maxlen: 18
                          185.10.64.0/22 maxlen: 22
                          212.76.112.0/20 maxlen: 20
                          31.44.128.0/21 maxlen: 21
                          31.44.128.0/20 maxlen: 20
                          31.44.136.0/21 maxlen: 21
                          95.86.96.0/19 maxlen: 19
                          212.76.96.0/19 maxlen: 19
                          212.76.96.0/20 maxlen: 20
                          2a01:6507::/32 maxlen: 32
                          2a01:6500::/32 maxlen: 32
                          2a01:6506::/32 maxlen: 32
                          2a01:6500:a040::/46 maxlen: 46
                          2a01:6505::/32 maxlen: 32
                          2a01:6500:a044::/46 maxlen: 46
                          2a01:6502::/32 maxlen: 32
                          2a01:6503::/32 maxlen: 32
                          2a01:6500::/29 maxlen: 29
                          2a01:6500:a050::/46 maxlen: 46
                          2a01:6501::/32 maxlen: 32
                          2a01:6504::/32 maxlen: 32
                          2a01:6500:3::/48 maxlen: 48
                          2a01:6500:a048::/46 maxlen: 46

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 639923813 (0x26247665)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
        Validity
            Not Before: Jan  1 03:57:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fbf612bf88f9fb39e7f860dcc6ed806db4a5690c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:da:85:0d:8a:da:11:06:db:19:11:f3:ca:49:
                    82:d9:9c:ae:54:ce:4a:66:b8:d7:cb:38:d5:b0:96:
                    c1:e4:c9:02:68:02:6b:df:fd:81:4e:94:20:f5:1a:
                    94:0e:12:5f:33:03:48:c0:b1:1d:eb:cb:e3:e6:12:
                    c5:23:50:f4:e9:c0:de:10:cd:3a:09:25:6a:cf:29:
                    d8:5c:81:7c:b0:9d:7b:ed:b2:0b:ff:c6:d5:a7:e0:
                    94:bf:f4:ed:21:b8:72:21:11:30:a8:99:a6:52:ba:
                    9b:76:9d:3f:ba:7c:18:0a:56:32:9d:97:10:61:ac:
                    f7:9c:5a:9b:a1:90:b4:5d:22:07:77:58:43:fb:e0:
                    a0:91:d5:01:2a:0d:20:f2:aa:93:08:8b:ce:4d:dc:
                    b6:26:2e:4c:f4:37:d3:b0:2c:24:8d:39:91:c8:d0:
                    d5:09:18:f0:14:1e:08:94:60:37:7b:20:a2:c3:c4:
                    b1:aa:f4:c5:e8:3c:0d:f2:82:c6:37:8e:10:ec:a4:
                    55:8d:63:9a:b0:e5:38:77:31:ea:03:3a:bd:da:49:
                    f2:3c:97:f6:33:b6:6d:93:7e:97:f1:61:7b:3d:6a:
                    89:a1:ae:1c:54:59:6c:0a:04:a7:31:35:1b:c3:8f:
                    a5:25:5f:2f:2e:cd:61:41:ee:14:2b:83:d0:91:64:
                    32:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:F6:12:BF:88:F9:FB:39:E7:F8:60:DC:C6:ED:80:6D:B4:A5:69:0C
            X509v3 Authority Key Identifier:
                keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/1-_YSv4j5-znn-GDcxu2AbbSlaQw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.128.0/20
                  37.60.40.0/21
                  95.86.64.0/18
                  164.138.112.0/20
                  185.10.64.0/22
                  212.76.96.0/19
                  213.151.32.0/19
                IPv6:
                  2a01:6500::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:05:58:50:71:92:4c:51:e4:0d:a0:b0:ed:4c:dc:7f:cc:02:
         e3:9a:a5:a9:d6:34:c8:7f:9d:19:d0:2f:b8:68:4e:09:53:59:
         33:ca:ad:b3:90:60:b6:74:25:c7:2c:36:62:1e:8f:cf:7e:84:
         df:99:aa:80:74:f8:da:64:04:7e:8d:7c:0a:34:63:62:f3:85:
         06:59:83:5b:30:3e:c4:66:e5:88:e4:15:15:26:0f:ea:b9:15:
         4b:75:bb:b6:40:03:3c:8e:7f:0e:55:4d:60:b9:7a:7e:72:90:
         c8:f6:65:8b:53:92:34:20:38:f7:f2:bb:40:40:c0:92:ea:f9:
         a7:97:cf:76:83:f5:c3:4b:39:84:c5:c7:22:17:8e:5e:18:c7:
         72:40:c9:2d:91:4d:28:4f:c0:0f:77:f4:21:1f:5f:6c:8e:d7:
         0e:86:91:e5:ad:91:86:41:bf:86:6d:c5:98:7b:78:3d:17:66:
         b9:eb:f1:93:e2:b2:07:7f:85:b6:30:35:a8:b1:10:f1:95:8d:
         00:13:89:26:bd:ac:8f:86:a8:46:f4:83:3e:91:2c:ec:e8:22:
         89:99:58:fe:38:61:15:a9:4b:6d:eb:c6:dd:97:66:a2:db:f5:
         c6:6a:28:1d:21:c3:7d:dc:61:4f:d3:00:8d:fd:dd:0f:93:e2:
         5a:6f:63:80
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEJiR2ZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2NkMGNhY2ZhZmEyZTBkMzE0OTVkZDk1MGY3NmFmNWY5OGJhNWQ3MB4XDTIyMDEw
MTAzNTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJmNjEyYmY4OGY5
ZmIzOWU3Zjg2MGRjYzZlZDgwNmRiNGE1NjkwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnahQ2K2hEG2xkR88pJgtmcrlTOSma418s41bCWweTJAmgC
a9/9gU6UIPUalA4SXzMDSMCxHevL4+YSxSNQ9OnA3hDNOgklas8p2FyBfLCde+2y
C//G1afglL/07SG4ciERMKiZplK6m3adP7p8GApWMp2XEGGs95xam6GQtF0iB3dY
Q/vgoJHVASoNIPKqkwiLzk3ctiYuTPQ307AsJI05kcjQ1QkY8BQeCJRgN3sgosPE
sar0xeg8DfKCxjeOEOykVY1jmrDlOHcx6gM6vdpJ8jyX9jO2bZN+l/Fhez1qiaGu
HFRZbAoEpzE1G8OPpSVfLy7NYUHuFCuD0JFkMoMCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBT79hK/iPn7Oef4YNzG7YBttKVpDDAfBgNVHSMEGDAWgBR8zQys+vouDTFJ
XdlQ92r1+Yul1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZNME1yUHI2TGcweFNWM1pVUGRxOWZtTHBkYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvYmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8x
LzEtX1lTdjRqNS16bm4tR0RjeHUyQWJiU2xhUXcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcz
L2JlNWRjZi1jYjA1LTQ2MWEtODY4ZS00MzlmYzhmOWIzODYvMS9mTTBNclByNkxn
MHhTVjNaVVBkcTlmbUxwZGMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
UgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAQfLIADBAMlPCgDBAZfVkADBASk
inADBAK5CkADBAXUTGADBAXVlyAwDQQCAAIwBwMFAyoBZQAwDQYJKoZIhvcNAQEL
BQADggEBAI0FWFBxkkxR5A2gsO1M3H/MAuOapanWNMh/nRnQL7hoTglTWTPKrbOQ
YLZ0JccsNmIej89+hN+ZqoB0+NpkBH6NfAo0Y2LzhQZZg1swPsRm5YjkFRUmD+q5
FUt1u7ZAAzyOfw5VTWC5en5ykMj2ZYtTkjQgOPfyu0BAwJLq+aeXz3aD9cNLOYTF
xyIXjl4Yx3JAyS2RTShPwA939CEfX2yO1w6GkeWtkYZBv4ZtxZh7eD0XZrnr8ZPi
sgd/hbYwNaixEPGVjQATiSa9rI+GqEb0gz6RLOzoIomZWP44YRWpS23rxt2XZqLb
9cZqKB0hw33cYU/TAI393Q+T4lpvY4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:00 2024 by rpki-client on console-fra.rpki-client.org