Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/aktdYZjX2HZU9WEeRSvXKMhMNsk.roa
File:                     aktdYZjX2HZU9WEeRSvXKMhMNsk.roa (raw, json)
Hash identifier:          LzeeUPVQK9R4jg69mKBf5v3O+IR0tis5ZUxOQnSfN+Y=
Subject key identifier:   6A:4B:5D:61:98:D7:D8:76:54:F5:61:1E:45:2B:D7:28:C8:4C:36:C9
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       066736F5
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/aktdYZjX2HZU9WEeRSvXKMhMNsk.roa
Signing time:             Fri 10 Jun 2022 15:41:02 +0000
ROA not before:           Fri 10 Jun 2022 15:41:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.112.58.0/23 maxlen: 24
                          185.177.238.0/23 maxlen: 24
                          185.177.236.0/23 maxlen: 24
                          185.79.138.0/24 maxlen: 24
                          185.100.159.0/24 maxlen: 24
                          185.168.208.0/23 maxlen: 24
                          185.24.108.0/23 maxlen: 24
                          185.77.138.0/23 maxlen: 24
                          89.19.56.0/22 maxlen: 24
                          185.113.138.0/23 maxlen: 24
                          185.175.224.0/23 maxlen: 24
                          185.95.230.0/23 maxlen: 24
                          185.68.244.0/23 maxlen: 24
                          185.105.46.0/23 maxlen: 24
                          185.102.114.0/23 maxlen: 24
                          185.182.130.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107427573 (0x66736f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jun 10 15:41:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6a4b5d6198d7d87654f5611e452bd728c84c36c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c5:5b:3d:5e:77:21:8c:df:d8:9f:2c:cf:6b:
                    36:28:bf:6f:15:bb:18:e1:09:15:01:b7:37:64:00:
                    f1:3f:b8:3e:d6:d6:7d:06:1a:b3:0e:75:e0:e9:c9:
                    8c:53:ed:12:04:a2:18:6d:36:a3:f9:44:14:40:7d:
                    da:65:3c:4a:bb:43:ec:81:4b:6b:fb:c8:7f:e0:42:
                    d0:97:d0:39:d9:f8:48:69:c9:c0:ec:34:37:9d:6d:
                    a6:a1:b4:27:45:21:a7:c6:cf:38:34:c4:c3:e5:fa:
                    9a:75:2b:fd:08:51:b7:df:34:ce:f2:f3:d0:da:13:
                    da:49:70:2f:79:a5:c1:01:8f:43:35:22:70:29:69:
                    fb:fd:73:73:1c:e2:c6:8b:4f:e6:b1:26:78:a4:1e:
                    34:a4:46:62:e8:d3:f9:22:41:02:c5:90:10:d2:d7:
                    89:b6:cb:c2:0d:68:d3:47:e6:1d:58:ae:c0:8c:76:
                    26:ed:85:89:6e:3a:a8:d7:15:2a:b2:47:43:dd:53:
                    61:86:5c:fd:07:68:f3:52:f9:a7:f3:b0:e5:49:f9:
                    4f:31:ce:66:49:dd:73:91:a6:5f:76:80:64:01:de:
                    6b:8a:0c:8c:ca:42:2d:76:de:07:24:24:97:6c:3b:
                    1c:db:5e:fb:ab:2b:0d:c6:52:82:ef:c0:45:33:a6:
                    8e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:4B:5D:61:98:D7:D8:76:54:F5:61:1E:45:2B:D7:28:C8:4C:36:C9
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/aktdYZjX2HZU9WEeRSvXKMhMNsk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.56.0/22
                  185.24.108.0/23
                  185.68.244.0/23
                  185.77.138.0/23
                  185.79.138.0/24
                  185.95.230.0/23
                  185.100.159.0/24
                  185.102.114.0/23
                  185.105.46.0/23
                  185.112.58.0/23
                  185.113.138.0/23
                  185.168.208.0/23
                  185.175.224.0/23
                  185.177.236.0/22
                  185.182.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:0a:eb:ac:2c:13:f6:fe:78:31:9e:d7:6b:94:f0:04:77:79:
         7b:cc:bf:69:64:79:8b:91:e0:df:f1:f8:69:80:10:2b:f7:de:
         36:cc:cc:1d:86:f7:4f:7b:d0:3a:49:a8:b1:2e:e7:07:da:2b:
         4b:d3:98:e4:45:ed:81:c2:5e:75:62:a4:a2:e4:bc:a4:e4:2e:
         96:c0:d4:0b:40:52:80:da:b0:4d:56:84:1e:41:f2:bc:22:bb:
         d6:32:00:65:1f:6a:52:05:4c:24:ff:e4:0d:f5:2b:e0:f5:a4:
         ed:2d:72:7b:a4:cd:4d:c4:60:07:c2:2d:fa:79:d2:5d:78:21:
         6a:c5:81:e5:b8:c2:b2:2c:db:cf:30:d5:95:8f:e2:4e:f5:81:
         72:1d:2d:f9:a9:45:00:df:ce:6e:a8:93:4d:df:8b:ef:0b:32:
         7a:70:43:7c:ce:22:36:63:97:e2:cb:0e:1a:84:e8:32:29:99:
         a6:ec:2f:ce:6b:8d:dc:e2:f2:cb:0a:19:03:71:1c:4e:30:94:
         8a:79:ef:c5:74:c0:83:a7:6c:e4:28:5c:de:43:99:4e:e6:66:
         e3:ac:a1:05:b1:24:81:d0:33:ed:a5:39:68:4e:b7:7c:4e:3f:
         c7:86:8f:d7:81:60:46:db:ad:bd:b4:b5:da:84:d4:47:e1:69:
         96:21:dc:6b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEBmc29TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDYx
MDE1NDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE0YjVkNjE5OGQ3
ZDg3NjU0ZjU2MTFlNDUyYmQ3MjhjODRjMzZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3FWz1edyGM39ifLM9rNii/bxW7GOEJFQG3N2QA8T+4PtbW
fQYasw514OnJjFPtEgSiGG02o/lEFEB92mU8SrtD7IFLa/vIf+BC0JfQOdn4SGnJ
wOw0N51tpqG0J0Uhp8bPODTEw+X6mnUr/QhRt980zvLz0NoT2klwL3mlwQGPQzUi
cClp+/1zcxzixotP5rEmeKQeNKRGYujT+SJBAsWQENLXibbLwg1o00fmHViuwIx2
Ju2FiW46qNcVKrJHQ91TYYZc/Qdo81L5p/Ow5Un5TzHOZkndc5GmX3aAZAHea4oM
jMpCLXbeByQkl2w7HNte+6srDcZSgu/ARTOmjisCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBRqS11hmNfYdlT1YR5FK9coyEw2yTAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L2FrdGRZWmpYMkhaVTlXRWVSU3ZYS01oTU5zay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAlkTOAMEAbkYbAMEAblE9AMEAblN
igMEALlPigMEAblf5gMEALlknwMEAblmcgMEAblpLgMEAblwOgMEAblxigMEAbmo
0AMEAbmv4AMEArmx7AMEAbm2gjANBgkqhkiG9w0BAQsFAAOCAQEAEQrrrCwT9v54
MZ7Xa5TwBHd5e8y/aWR5i5Hg3/H4aYAQK/feNszMHYb3T3vQOkmosS7nB9orS9OY
5EXtgcJedWKkouS8pOQulsDUC0BSgNqwTVaEHkHyvCK71jIAZR9qUgVMJP/kDfUr
4PWk7S1ye6TNTcRgB8It+nnSXXghasWB5bjCsizbzzDVlY/iTvWBch0t+alFAN/O
bqiTTd+L7wsyenBDfM4iNmOX4ssOGoToMimZpuwvzmuN3OLyywoZA3EcTjCUinnv
xXTAg6ds5Chc3kOZTuZm46yhBbEkgdAz7aU5aE63fE4/x4aP14FgRtutvbS12oTU
R+FpliHcaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org