Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/xaUPS--i6Nx3c9MwA2THK__gu1c.roa
File:                     xaUPS--i6Nx3c9MwA2THK__gu1c.roa (raw, json)
Hash identifier:          oe5k6MM1eDVtN33uhuYnJc2mEplXig3B8AkQLN89mD4=
Subject key identifier:   C5:A5:0F:4B:EF:A2:E8:DC:77:73:D3:30:03:64:C7:2B:FF:E0:BB:57
Certificate issuer:       /CN=6d9ff4a53a3db0f432820cd737d543f867a972d8
Certificate serial:       373C1BCC
Authority key identifier: 6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/xaUPS--i6Nx3c9MwA2THK__gu1c.roa
Signing time:             Sat 01 Jan 2022 06:57:53 +0000
ROA not before:           Sat 01 Jan 2022 06:57:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41902
IP address blocks:        46.17.129.0/24 maxlen: 24
                          46.17.128.0/24 maxlen: 24
                          46.17.128.0/22 maxlen: 24
                          46.17.128.0/21 maxlen: 24
                          46.17.132.0/24 maxlen: 24
                          46.17.132.0/22 maxlen: 24
                          46.17.131.0/24 maxlen: 24
                          46.17.130.0/24 maxlen: 24
                          46.17.135.0/24 maxlen: 24
                          46.17.134.0/24 maxlen: 24
                          46.17.133.0/24 maxlen: 24
                          194.36.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 926686156 (0x373c1bcc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d9ff4a53a3db0f432820cd737d543f867a972d8
        Validity
            Not Before: Jan  1 06:57:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5a50f4befa2e8dc7773d3300364c72bffe0bb57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:79:95:50:88:c7:ff:da:4c:08:08:d3:d4:79:
                    02:ad:1a:91:a6:66:eb:51:25:4a:b8:98:d0:ec:b3:
                    25:db:f6:f7:a9:90:ef:be:60:22:b1:38:0c:c5:5e:
                    41:ea:be:1c:d8:3c:6e:ca:77:20:69:c9:40:b9:b1:
                    6e:ea:87:e2:e8:bc:ea:b9:00:5c:0e:13:6b:38:6a:
                    2e:c9:64:45:05:39:17:8e:83:56:1b:65:ed:bf:ad:
                    cd:63:74:91:2c:18:fc:0e:66:de:56:d1:20:ea:ab:
                    2b:d0:c7:fa:f4:71:b6:bf:b2:9f:d4:41:b0:4c:10:
                    97:18:8f:9e:2a:20:45:c1:2b:c5:dc:ea:d7:9b:d7:
                    ff:a7:48:df:5a:f8:a8:68:a5:79:80:4e:71:cd:54:
                    56:1d:ff:a6:61:50:5b:06:05:d1:72:6b:a1:0c:2e:
                    5f:27:4d:d3:02:a6:4d:d0:9b:fd:9a:7b:41:4e:ca:
                    9e:a0:ba:c1:ba:95:6c:ed:5c:3f:1b:5f:5d:37:73:
                    04:f3:e1:91:9b:69:9f:55:7a:82:77:88:31:ac:9f:
                    9b:35:bf:6d:ff:fd:c6:9b:63:7a:68:bf:07:83:82:
                    63:3e:ca:4d:c2:91:41:7c:57:3c:c3:d5:61:d2:ba:
                    47:c6:da:74:4a:bc:ba:a0:71:23:48:76:9f:61:5e:
                    ee:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A5:0F:4B:EF:A2:E8:DC:77:73:D3:30:03:64:C7:2B:FF:E0:BB:57
            X509v3 Authority Key Identifier:
                keyid:6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/xaUPS--i6Nx3c9MwA2THK__gu1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.17.128.0/21
                  194.36.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:98:6e:9d:27:19:35:cb:2e:bd:5e:eb:90:31:76:e6:82:8c:
         c6:ca:8c:02:bb:46:3a:31:d3:fb:92:d5:b8:99:bd:08:f1:63:
         fc:04:90:5f:f8:49:0a:a9:5e:c0:fb:e0:91:56:30:bb:3b:f3:
         f5:a5:86:60:ec:5b:88:26:65:9a:5c:c2:b2:fb:83:fe:58:ed:
         b4:45:bc:57:6a:ac:70:9f:8b:85:c0:26:c6:64:8e:09:3d:05:
         69:b0:92:16:74:22:30:a8:b2:c4:e4:1e:9d:81:3e:76:f0:54:
         ab:13:a5:af:28:b9:ea:2f:db:9d:a8:bc:48:f3:16:bf:c5:ca:
         44:b3:01:63:f0:6e:33:df:30:65:ae:b4:f8:86:ec:a1:95:c9:
         c2:3f:96:d6:d7:32:56:21:e9:6d:cf:8e:88:50:f1:9a:41:4b:
         7b:c8:b0:f6:3e:cf:d0:0b:1a:60:0e:5e:1b:76:91:93:2a:f7:
         dd:9d:24:47:a2:0c:80:b5:2c:29:14:69:95:df:b0:21:6f:fc:
         f4:86:f3:8d:84:d4:ab:8e:f9:35:68:b5:82:c3:b8:2b:7a:45:
         76:a8:90:53:f1:8d:88:a8:7d:4c:87:2f:9c:6d:07:af:5b:56:
         45:e4:3c:16:69:8a:99:80:bc:14:ac:5b:c4:e7:8f:55:bd:78:
         8a:96:c7:65
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENzwbzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDlmZjRhNTNhM2RiMGY0MzI4MjBjZDczN2Q1NDNmODY3YTk3MmQ4MB4XDTIyMDEw
MTA2NTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVhNTBmNGJlZmEy
ZThkYzc3NzNkMzMwMDM2NGM3MmJmZmUwYmI1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh5lVCIx//aTAgI09R5Aq0akaZm61ElSriY0OyzJdv296mQ
775gIrE4DMVeQeq+HNg8bsp3IGnJQLmxbuqH4ui86rkAXA4TazhqLslkRQU5F46D
Vhtl7b+tzWN0kSwY/A5m3lbRIOqrK9DH+vRxtr+yn9RBsEwQlxiPniogRcErxdzq
15vX/6dI31r4qGileYBOcc1UVh3/pmFQWwYF0XJroQwuXydN0wKmTdCb/Zp7QU7K
nqC6wbqVbO1cPxtfXTdzBPPhkZtpn1V6gneIMayfmzW/bf/9xptjemi/B4OCYz7K
TcKRQXxXPMPVYdK6R8badEq8uqBxI0h2n2Fe7q0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTFpQ9L76Lo3Hdz0zADZMcr/+C7VzAfBgNVHSMEGDAWgBRtn/SlOj2w9DKC
DNc31UP4Z6ly2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JaXzBwVG85c1BReWdnelhOOVZELUdlcGN0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNjE5NzlhLWVhODMtNGVlNy1iN2Y3LWUxNjhkYjJjNTRiNC8x
L3hhVVBTLS1pNk54M2M5TXdBMlRIS19fZ3UxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NjE5NzlhLWVhODMtNGVlNy1iN2Y3LWUxNjhkYjJjNTRiNC8xL2JaXzBwVG85c1BR
eWdnelhOOVZELUdlcGN0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy4RgAMEAMIkoDANBgkqhkiG9w0B
AQsFAAOCAQEAOZhunScZNcsuvV7rkDF25oKMxsqMArtGOjHT+5LVuJm9CPFj/ASQ
X/hJCqlewPvgkVYwuzvz9aWGYOxbiCZlmlzCsvuD/ljttEW8V2qscJ+LhcAmxmSO
CT0FabCSFnQiMKiyxOQenYE+dvBUqxOlryi56i/bnai8SPMWv8XKRLMBY/BuM98w
Za60+IbsoZXJwj+W1tcyViHpbc+OiFDxmkFLe8iw9j7P0AsaYA5eG3aRkyr33Z0k
R6IMgLUsKRRpld+wIW/89IbzjYTUq475NWi1gsO4K3pFdqiQU/GNiKh9TIcvnG0H
r1tWReQ8FmmKmYC8FKxbxOePVb14ipbHZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org