Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sElE0NfYXvzlzLTVffn4b4LClDs.roa
File:                     sElE0NfYXvzlzLTVffn4b4LClDs.roa (raw, json)
Hash identifier:          1RxX37nS4P6j9z5zmmmLCr8BPDSmRDxxnRl4F85NAGE=
Subject key identifier:   B0:49:44:D0:D7:D8:5E:FC:E5:CC:B4:D5:7D:F9:F8:6F:82:C2:94:3B
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       06680C8A
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sElE0NfYXvzlzLTVffn4b4LClDs.roa
Signing time:             Fri 10 Jun 2022 15:41:03 +0000
ROA not before:           Fri 10 Jun 2022 15:41:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209372
IP address blocks:        185.100.156.0/23 maxlen: 24
                          185.77.136.0/23 maxlen: 24
                          185.104.150.0/24 maxlen: 24
                          185.104.148.0/23 maxlen: 24
                          185.101.202.0/24 maxlen: 24
                          185.101.200.0/23 maxlen: 24
                          213.170.223.0/24 maxlen: 24
                          185.111.24.0/23 maxlen: 24
                          185.111.26.0/24 maxlen: 24
                          185.78.78.0/23 maxlen: 24
                          185.97.78.0/24 maxlen: 24
                          185.97.76.0/23 maxlen: 24
                          185.98.42.0/24 maxlen: 24
                          185.98.40.0/23 maxlen: 24
                          185.103.62.0/24 maxlen: 24
                          185.103.60.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107482250 (0x6680c8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jun 10 15:41:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b04944d0d7d85efce5ccb4d57df9f86f82c2943b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:41:e8:c1:9e:80:c4:25:d5:08:df:e3:b0:d8:
                    f1:61:56:25:55:96:3f:0c:4e:da:dc:21:d3:94:d7:
                    2f:c6:b8:ee:37:71:36:a4:0e:cd:65:71:4c:82:32:
                    8b:51:30:2c:d8:74:ef:76:80:38:6b:e8:c4:c8:25:
                    13:39:35:10:74:c7:44:48:67:e4:62:01:38:79:c5:
                    33:f7:03:a0:87:c5:f1:a7:69:56:bb:1f:43:db:e5:
                    64:ca:3b:70:72:e0:98:6b:30:3f:28:7d:35:af:4b:
                    67:50:86:36:5a:c3:85:9c:e9:b7:9d:ed:d0:c9:26:
                    e7:91:55:40:69:b4:1f:3e:4a:35:6d:f1:32:9c:aa:
                    50:83:d9:86:4a:dd:55:d7:c5:a9:f5:f3:0b:d7:cb:
                    27:c1:57:26:c0:04:57:cd:6e:fb:e5:9c:cb:8c:5f:
                    38:f9:2e:8a:8d:f9:e9:05:40:23:8f:1f:00:c1:3b:
                    a6:0f:96:28:47:34:b4:07:2f:90:82:c6:ff:66:de:
                    2e:65:5c:64:66:8c:da:46:50:e4:50:84:68:88:9f:
                    c6:62:0b:b5:57:7f:d2:b3:18:d8:b8:3e:2f:5a:8c:
                    a7:7c:bd:58:94:81:32:c3:50:7c:66:62:4c:41:23:
                    a1:aa:fb:01:09:3d:56:a8:17:a3:d7:ed:d7:24:a6:
                    90:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:49:44:D0:D7:D8:5E:FC:E5:CC:B4:D5:7D:F9:F8:6F:82:C2:94:3B
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sElE0NfYXvzlzLTVffn4b4LClDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.136.0/23
                  185.78.78.0/23
                  185.97.76.0-185.97.78.255
                  185.98.40.0-185.98.42.255
                  185.100.156.0/23
                  185.101.200.0-185.101.202.255
                  185.103.60.0-185.103.62.255
                  185.104.148.0-185.104.150.255
                  185.111.24.0-185.111.26.255
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:7b:24:96:f7:d4:af:45:d4:4e:73:f2:0e:5c:85:93:84:9f:
         d3:38:b5:77:51:aa:22:cb:58:7f:73:46:65:2f:c3:ad:9f:21:
         71:7d:95:6a:4c:6c:54:df:9c:96:dd:ce:e3:b3:01:6b:2b:3f:
         de:7a:72:0d:f5:3f:49:e7:e7:d1:3b:fa:35:82:0a:8f:a8:ad:
         ce:81:a5:59:2a:4d:45:57:f1:8c:43:cc:e2:83:5e:b9:56:83:
         1f:48:d5:02:a5:fc:6c:95:ab:f3:25:e9:8a:46:dd:2f:da:72:
         ee:d1:1d:b5:10:8f:0e:f2:33:04:7f:54:a8:19:23:d5:b2:10:
         0c:52:81:55:e8:ba:30:34:7b:be:2a:03:d8:a4:8f:4c:82:89:
         5f:92:d8:69:4d:6f:8e:a5:e3:ec:ec:21:4e:7a:28:9b:81:a7:
         db:20:41:be:c9:8c:1e:41:4f:a9:4c:0d:b8:94:e2:f2:70:cf:
         4b:c3:d9:1e:9c:b5:9e:ea:9d:28:f7:54:86:7b:54:77:1d:c3:
         17:ea:55:c5:8d:00:58:5e:04:bc:1a:f5:48:7f:94:68:b7:f1:
         a4:7b:c7:7f:8d:26:05:57:5c:8c:55:01:1c:dd:c5:d1:6c:6b:
         41:e9:54:91:b7:e6:5b:56:6a:a4:95:30:fc:e8:1f:2c:6e:8b:
         fb:d5:d9:d5
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEBmgMijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDYx
MDE1NDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjA0OTQ0ZDBkN2Q4
NWVmY2U1Y2NiNGQ1N2RmOWY4NmY4MmMyOTQzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpB6MGegMQl1Qjf47DY8WFWJVWWPwxO2twh05TXL8a47jdx
NqQOzWVxTIIyi1EwLNh073aAOGvoxMglEzk1EHTHREhn5GIBOHnFM/cDoIfF8adp
VrsfQ9vlZMo7cHLgmGswPyh9Na9LZ1CGNlrDhZzpt53t0Mkm55FVQGm0Hz5KNW3x
MpyqUIPZhkrdVdfFqfXzC9fLJ8FXJsAEV81u++Wcy4xfOPkuio356QVAI48fAME7
pg+WKEc0tAcvkILG/2beLmVcZGaM2kZQ5FCEaIifxmILtVd/0rMY2Lg+L1qMp3y9
WJSBMsNQfGZiTEEjoar7AQk9VqgXo9ft1ySmkMUCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBSwSUTQ19he/OXMtNV9+fhvgsKUOzAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L3NFbEUwTmZZWHZ6bHpMVFZmZm40YjRMQ2xEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAG5TYgDBAG5Tk4wDAMEArlhTAME
ALlhTjAMAwQDuWIoAwQAuWIqAwQBuWScMAwDBAO5ZcgDBAC5ZcowDAMEArlnPAME
ALlnPjAMAwQCuWiUAwQAuWiWMAwDBAO5bxgDBAC5bxoDBADVqt8wDQYJKoZIhvcN
AQELBQADggEBAEV7JJb31K9F1E5z8g5chZOEn9M4tXdRqiLLWH9zRmUvw62fIXF9
lWpMbFTfnJbdzuOzAWsrP956cg31P0nn59E7+jWCCo+orc6BpVkqTUVX8YxDzOKD
XrlWgx9I1QKl/GyVq/Ml6YpG3S/acu7RHbUQjw7yMwR/VKgZI9WyEAxSgVXoujA0
e74qA9ikj0yCiV+S2GlNb46l4+zsIU56KJuBp9sgQb7JjB5BT6lMDbiU4vJwz0vD
2R6ctZ7qnSj3VIZ7VHcdwxfqVcWNAFheBLwa9Uh/lGi38aR7x3+NJgVXXIxVARzd
xdFsa0HpVJG35ltWaqSVMPzoHyxui/vV2dU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org