Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa
File:                     UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa (raw, json)
Hash identifier:          ifYNoVXdjvFa6nnsBL5B8GOzXz3QH9w1M1dfeJRT8Vs=
Subject key identifier:   50:50:41:9A:D1:5E:E4:59:7A:60:34:45:3C:75:48:92:59:0B:1D:C0
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       0101C03D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa
Signing time:             Wed 06 Apr 2022 08:00:03 +0000
ROA not before:           Wed 06 Apr 2022 08:00:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        185.20.215.0/24 maxlen: 24
                          37.9.178.0/24 maxlen: 24
                          37.9.176.0/24 maxlen: 24
                          37.9.179.0/24 maxlen: 24
                          37.9.183.0/24 maxlen: 24
                          37.9.180.0/23 maxlen: 24
                          185.20.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16891965 (0x101c03d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Apr  6 08:00:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5050419ad15ee4597a6034453c754892590b1dc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b3:d8:a8:6c:05:9d:a4:17:ad:9f:22:3f:3a:
                    11:67:67:67:27:43:59:12:f6:03:01:66:d7:88:b3:
                    72:d3:40:1d:c7:bb:1b:51:30:7c:1d:a8:45:e1:b6:
                    68:e4:05:0f:c6:d5:a9:90:22:30:f9:c6:aa:a7:54:
                    38:0b:12:bb:a8:7e:a1:4a:f9:a3:ab:d0:b2:b1:65:
                    d4:97:a2:c4:de:15:60:82:7f:d3:c4:05:78:82:30:
                    de:b5:b0:d1:23:b5:80:b1:e1:c5:31:a0:9d:f2:39:
                    a2:b1:fe:78:bb:40:fb:c1:d5:4c:c5:2d:35:a2:da:
                    a9:4a:73:d1:cf:65:cb:88:7a:79:62:cd:75:ad:8b:
                    f0:ae:8e:00:84:30:32:92:b8:f6:2e:46:14:a0:4d:
                    fd:ea:57:46:b5:41:96:f2:8b:05:d8:fd:d7:d3:07:
                    84:ee:bd:63:3a:23:fd:34:61:6b:9f:c5:08:62:ed:
                    99:49:b1:c3:20:9c:19:57:4d:15:bf:89:f7:e0:62:
                    30:e7:2a:51:84:7f:3a:27:13:bb:7a:4c:bd:c8:b4:
                    53:9b:05:21:0b:32:ec:27:ca:de:86:fa:f7:dd:00:
                    63:3e:8f:3e:05:c8:44:78:98:55:14:b9:7c:37:ed:
                    8c:be:24:a2:1f:61:4f:96:d8:55:9e:64:4d:45:e6:
                    c2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:50:41:9A:D1:5E:E4:59:7A:60:34:45:3C:75:48:92:59:0B:1D:C0
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/UFBBmtFe5Fl6YDRFPHVIklkLHcA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/24
                  37.9.178.0-37.9.181.255
                  37.9.183.0/24
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:a3:be:0f:78:c3:96:d7:56:f5:5b:02:c1:19:b9:a1:d1:16:
         52:a7:0b:fb:e2:f5:9b:5b:cc:af:24:41:4d:24:ab:58:5e:3c:
         57:7b:41:75:43:55:d2:8d:79:32:83:61:db:4f:39:af:09:3e:
         e5:c0:37:eb:68:c5:8e:d1:85:d9:6c:24:53:f3:8c:97:bb:73:
         ce:dc:f7:63:45:89:4e:8f:97:3f:a3:b4:4e:20:4b:1b:d1:b8:
         c1:b4:ab:82:38:53:ac:08:74:88:5c:b0:3f:63:ae:f0:da:51:
         d8:ff:5e:78:77:6f:65:15:6b:45:35:5a:f4:5f:74:dd:9f:c4:
         4a:16:f1:1c:97:77:6f:c1:ac:d0:b6:32:96:66:8e:68:0c:86:
         b3:de:9e:19:71:7a:64:2d:41:e8:1a:04:61:ac:3c:54:80:77:
         ba:4d:a5:31:79:ad:ec:53:f0:64:40:e4:aa:c2:18:c5:8e:94:
         53:c2:d7:e7:a1:c8:26:82:6f:21:06:ac:60:33:0d:bb:a4:9a:
         c5:ff:5b:5c:70:87:3e:24:d0:9c:42:e7:c4:04:6b:c3:35:64:
         2f:7b:ef:fe:dd:bc:13:15:54:37:4c:03:2b:6d:16:f0:fb:96:
         6a:80:88:63:2b:1d:59:0f:e8:88:0a:46:d6:6b:0b:51:5b:c8:
         2a:00:e9:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAQHAPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDQw
NjA4MDAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA1MDQxOWFkMTVl
ZTQ1OTdhNjAzNDQ1M2M3NTQ4OTI1OTBiMWRjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGz2KhsBZ2kF62fIj86EWdnZydDWRL2AwFm14izctNAHce7
G1EwfB2oReG2aOQFD8bVqZAiMPnGqqdUOAsSu6h+oUr5o6vQsrFl1JeixN4VYIJ/
08QFeIIw3rWw0SO1gLHhxTGgnfI5orH+eLtA+8HVTMUtNaLaqUpz0c9ly4h6eWLN
da2L8K6OAIQwMpK49i5GFKBN/epXRrVBlvKLBdj919MHhO69Yzoj/TRha5/FCGLt
mUmxwyCcGVdNFb+J9+BiMOcqUYR/OicTu3pMvci0U5sFIQsy7CfK3ob6990AYz6P
PgXIRHiYVRS5fDftjL4koh9hT5bYVZ5kTUXmwiECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRQUEGa0V7kWXpgNEU8dUiSWQsdwDAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L1VGQkJtdEZlNUZsNllEUkZQSFZJa2xrTEhjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEACUJsDAMAwQBJQmyAwQBJQm0AwQA
JQm3AwQCuRTUMA0GCSqGSIb3DQEBCwUAA4IBAQB3o74PeMOW11b1WwLBGbmh0RZS
pwv74vWbW8yvJEFNJKtYXjxXe0F1Q1XSjXkyg2HbTzmvCT7lwDfraMWO0YXZbCRT
84yXu3PO3PdjRYlOj5c/o7ROIEsb0bjBtKuCOFOsCHSIXLA/Y67w2lHY/154d29l
FWtFNVr0X3Tdn8RKFvEcl3dvwazQtjKWZo5oDIaz3p4ZcXpkLUHoGgRhrDxUgHe6
TaUxea3sU/BkQOSqwhjFjpRTwtfnocgmgm8hBqxgMw27pJrF/1tccIc+JNCcQufE
BGvDNWQve+/+3bwTFVQ3TAMrbRbw+5ZqgIhjKx1ZD+iICkbWawtRW8gqAOlZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:56 2024 by rpki-client on console-ams.rpki-client.org