Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UwvoesuTgHRr9Sh1Om39sCjGd3g.roa
File:                     UwvoesuTgHRr9Sh1Om39sCjGd3g.roa (raw, json)
Hash identifier:          nWpdkmsR8GYFkRYSgtFsHhlTJXB9zguSrF907OsQw2Q=
Subject key identifier:   53:0B:E8:7A:CB:93:80:74:6B:F5:28:75:3A:6D:FD:B0:28:C6:77:78
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01854E0532F1C3E38E8370E820943371546F
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UwvoesuTgHRr9Sh1Om39sCjGd3g.roa
Signing time:             Mon 26 Dec 2022 10:40:41 +0000
ROA not before:           Mon 26 Dec 2022 10:40:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        185.95.102.0/23 maxlen: 24
                          185.95.101.0/24 maxlen: 24
                          185.76.240.0/23 maxlen: 24
                          185.81.174.0/24 maxlen: 24
                          185.81.184.0/24 maxlen: 24
                          185.81.187.0/24 maxlen: 24
                          185.97.3.0/24 maxlen: 24
                          185.97.1.0/24 maxlen: 24
                          185.68.246.0/24 maxlen: 24
                          185.89.43.0/24 maxlen: 24
                          185.89.42.0/24 maxlen: 24
                          185.68.247.0/24 maxlen: 24
                          194.104.10.0/24 maxlen: 24
                          185.68.184.0/24 maxlen: 24
                          5.181.169.0/24 maxlen: 24
                          5.181.168.0/24 maxlen: 24
                          185.96.80.0/24 maxlen: 24
                          213.232.122.0/24 maxlen: 24
                          213.232.120.0/24 maxlen: 24
                          83.171.226.0/24 maxlen: 24
                          83.171.224.0/24 maxlen: 24
                          83.171.227.0/24 maxlen: 24
                          185.96.38.0/24 maxlen: 24
                          185.89.104.0/23 maxlen: 24
                          185.89.108.0/22 maxlen: 24
                          141.98.87.0/24 maxlen: 24
                          185.81.172.0/23 maxlen: 24
                          5.183.255.0/24 maxlen: 24
                          185.88.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:4e:05:32:f1:c3:e3:8e:83:70:e8:20:94:33:71:54:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Dec 26 10:40:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=530be87acb9380746bf528753a6dfdb028c67778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:dc:8d:f2:50:45:be:fd:69:c9:ef:f8:2c:b1:
                    78:f1:02:86:95:0d:35:55:28:9a:1f:15:40:75:8d:
                    8a:83:a4:ff:9b:83:19:3a:bb:50:47:1a:68:a4:a9:
                    4b:68:a2:cd:51:75:7f:36:53:a6:c1:c3:da:f1:25:
                    43:71:f4:b5:ef:9d:7d:e5:1e:8f:2c:3d:0b:87:ea:
                    69:bb:7c:16:df:6e:da:26:1c:44:28:f2:a1:33:5c:
                    e9:79:eb:ae:4b:dc:94:cf:34:b1:10:9d:53:59:bb:
                    a9:32:9f:c2:92:44:99:13:7d:f3:f7:06:aa:6f:ed:
                    46:fc:35:1c:b9:b9:ba:a0:15:0a:71:9a:45:e4:96:
                    f2:e2:b5:1b:91:fc:fb:10:3f:7e:ac:6e:5e:f5:f9:
                    50:60:79:6c:49:93:f3:d9:3c:26:cf:5f:96:75:ee:
                    89:80:38:2d:f7:5c:d7:23:95:95:ef:be:b3:25:bb:
                    2c:29:11:88:e0:93:25:68:da:aa:37:6e:35:e2:82:
                    64:64:4f:71:c2:b6:d1:6d:e4:ff:f4:ff:59:94:ae:
                    1f:75:43:85:11:96:9d:51:f2:b8:87:f8:3d:13:8b:
                    82:64:52:c4:dc:97:d6:54:90:94:d6:b8:f5:18:f2:
                    2b:dd:2b:9c:65:d7:bb:e9:95:da:68:3e:53:b2:6f:
                    77:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:0B:E8:7A:CB:93:80:74:6B:F5:28:75:3A:6D:FD:B0:28:C6:77:78
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UwvoesuTgHRr9Sh1Om39sCjGd3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.168.0/23
                  5.183.255.0/24
                  83.171.224.0/24
                  83.171.226.0/23
                  141.98.87.0/24
                  185.68.184.0/24
                  185.68.246.0/23
                  185.76.240.0/23
                  185.81.172.0-185.81.174.255
                  185.81.184.0/24
                  185.81.187.0/24
                  185.88.36.0/24
                  185.89.42.0/23
                  185.89.104.0/23
                  185.89.108.0/22
                  185.95.101.0-185.95.103.255
                  185.96.38.0/24
                  185.96.80.0/24
                  185.97.1.0/24
                  185.97.3.0/24
                  194.104.10.0/24
                  213.232.120.0/24
                  213.232.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:98:9b:6d:e0:c3:cc:e0:ed:f8:ca:dd:d7:68:30:0f:bd:94:
         51:e9:a6:2c:bb:a3:73:7f:86:cf:d8:17:f4:f2:f8:69:5e:1f:
         d3:f1:1f:e7:06:ce:5b:9d:5e:13:21:a1:be:fb:c5:1d:ef:ac:
         72:96:b9:30:d6:cd:9e:ad:4d:55:e4:06:31:b8:fe:9a:ce:98:
         77:fe:27:f0:bf:de:88:87:cc:ef:7d:eb:94:d5:5f:15:1f:15:
         17:4a:82:f8:b9:04:31:64:ff:0f:61:0a:35:38:8a:e2:fa:3b:
         36:12:ec:7d:56:43:32:d6:9e:93:13:87:62:78:c6:4d:7e:c9:
         d3:18:d5:eb:e6:d5:10:e6:37:2e:39:f2:27:4f:69:9b:62:3a:
         56:61:ea:03:0d:df:36:95:29:d5:67:87:46:6c:ec:ad:4d:e9:
         cb:b3:6b:8e:64:25:bd:e5:94:16:a5:9c:3b:94:54:a0:a9:e0:
         42:b1:94:f7:77:f8:0e:fe:1d:e1:44:18:b8:c7:02:b2:03:f7:
         ac:ea:5e:e7:b4:c7:25:1e:3f:30:d6:c9:ba:83:1c:61:fc:37:
         7d:ef:b8:58:29:82:f2:45:2b:6b:5b:cf:85:3f:57:cb:8c:3a:
         10:e9:49:2d:06:51:7b:95:c9:03:31:bb:80:60:d5:0e:3e:ab:
         0e:e3:7c:c1
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVOBTLxw+OOg3DoIJQzcVRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIxMjI2MTA0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBiZTg3YWNiOTM4MDc0NmJmNTI4NzUzYTZkZmRiMDI4YzY3Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotyN8lBFvv1pye/4LLF48QKGlQ01
VSiaHxVAdY2Kg6T/m4MZOrtQRxpopKlLaKLNUXV/NlOmwcPa8SVDcfS175195R6P
LD0Lh+ppu3wW327aJhxEKPKhM1zpeeuuS9yUzzSxEJ1TWbupMp/CkkSZE33z9waq
b+1G/DUcubm6oBUKcZpF5Jby4rUbkfz7ED9+rG5e9flQYHlsSZPz2Twmz1+Wde6J
gDgt91zXI5WV776zJbssKRGI4JMlaNqqN2414oJkZE9xwrbRbeT/9P9ZlK4fdUOF
EZadUfK4h/g9E4uCZFLE3JfWVJCU1rj1GPIr3SucZde76ZXaaD5Tsm93wwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFFML6HrLk4B0a/UodTpt/bAoxnd4MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvVXd2b2VzdVRnSFJyOVNoMU9tMzlzQ2pHZDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYDBAG5TPAwDAME
ArlRrAMEALlRrgMEALlRuAMEALlRuwMEALlYJAMEAblZKgMEAblZaAMEArlZbDAM
AwQAuV9lAwQDuV9gAwQAuWAmAwQAuWBQAwQAuWEBAwQAuWEDAwQAwmgKAwQA1eh4
AwQA1eh6MA0GCSqGSIb3DQEBCwUAA4IBAQCXmJtt4MPM4O34yt3XaDAPvZRR6aYs
u6Nzf4bP2Bf08vhpXh/T8R/nBs5bnV4TIaG++8Ud76xylrkw1s2erU1V5AYxuP6a
zph3/ifwv96Ih8zvfeuU1V8VHxUXSoL4uQQxZP8PYQo1OIri+js2Eux9VkMy1p6T
E4dieMZNfsnTGNXr5tUQ5jcuOfInT2mbYjpWYeoDDd82lSnVZ4dGbOytTenLs2uO
ZCW95ZQWpZw7lFSgqeBCsZT3d/gO/h3hRBi4xwKyA/es6l7ntMclHj8w1sm6gxxh
/Dd977hYKYLyRStrW8+FP1fLjDoQ6UktBlF7lckDMbuAYNUOPqsO43zB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org