Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vHDVs4qO2rvia_E5-FhDHFjBj24.roa
File:                     vHDVs4qO2rvia_E5-FhDHFjBj24.roa (raw, json)
Hash identifier:          +fNhf+XamzoxOuMhJr0HwDcC1kV8pHHayD18CcWorAI=
Subject key identifier:   BC:70:D5:B3:8A:8E:DA:BB:E2:6B:F1:39:F8:58:43:1C:58:C1:8F:6E
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0557CBB0
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vHDVs4qO2rvia_E5-FhDHFjBj24.roa
Signing time:             Thu 17 Feb 2022 09:47:30 +0000
ROA not before:           Thu 17 Feb 2022 09:47:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.148.124.0/24 maxlen: 24
                          45.66.208.0/24 maxlen: 24
                          45.138.100.0/24 maxlen: 24
                          185.61.217.0/24 maxlen: 24
                          185.61.219.0/24 maxlen: 24
                          185.61.218.0/24 maxlen: 24
                          147.78.183.0/24 maxlen: 24
                          185.61.221.0/24 maxlen: 24
                          147.78.180.0/24 maxlen: 24
                          185.61.223.0/24 maxlen: 24
                          147.78.182.0/24 maxlen: 24
                          185.61.222.0/24 maxlen: 24
                          147.78.181.0/24 maxlen: 24
                          77.220.194.0/24 maxlen: 24
                          77.220.193.0/24 maxlen: 24
                          185.88.100.0/24 maxlen: 24
                          45.132.184.0/24 maxlen: 24
                          93.177.118.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 89639856 (0x557cbb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Feb 17 09:47:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc70d5b38a8edabbe26bf139f858431c58c18f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1c:c0:15:a9:35:c3:a9:cf:cc:cb:95:5e:e4:
                    f9:85:df:0e:6f:9d:b0:02:a7:cf:5e:5c:3a:fc:8f:
                    64:6e:97:a4:90:12:32:f0:2a:fe:eb:97:48:24:fa:
                    45:cc:30:c7:d4:1c:2d:8d:cf:52:ed:e0:a0:16:ce:
                    c8:35:9d:f4:35:90:83:e5:27:fe:38:61:d3:9c:8e:
                    58:90:42:8e:53:44:05:7a:dc:9d:7f:f4:dd:6a:c8:
                    69:79:50:9b:e7:39:dd:f3:70:e7:ef:70:d1:78:5f:
                    ad:88:2b:30:99:77:51:6a:d4:c0:18:e4:99:c8:31:
                    4a:c2:3d:9d:90:1e:39:63:6d:7a:9c:ff:c4:2b:c5:
                    44:98:fb:d9:d5:7c:e0:34:af:e0:aa:bb:8e:1c:04:
                    40:79:1a:3c:16:4d:70:75:da:17:bf:88:f0:09:d4:
                    6e:8a:4b:2b:5f:f5:01:e3:92:83:02:ba:41:5a:63:
                    70:21:0d:43:76:05:6e:70:96:a0:af:92:2e:4e:f4:
                    3c:84:c2:a1:91:b7:61:a7:9b:c2:44:8c:b0:1c:89:
                    8e:37:1b:f4:a7:df:d0:71:e3:9c:56:20:91:04:ef:
                    6b:fd:58:cd:f7:cf:db:80:67:9b:40:8b:c4:f9:08:
                    6c:03:18:07:31:c7:d8:9e:7d:1a:4f:7c:7a:39:85:
                    6f:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:70:D5:B3:8A:8E:DA:BB:E2:6B:F1:39:F8:58:43:1C:58:C1:8F:6E
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vHDVs4qO2rvia_E5-FhDHFjBj24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.208.0/24
                  45.132.184.0/24
                  45.138.100.0/24
                  45.148.124.0/24
                  77.220.193.0-77.220.194.255
                  93.177.118.0/23
                  147.78.180.0/22
                  185.61.217.0-185.61.219.255
                  185.61.221.0-185.61.223.255
                  185.88.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:26:ed:58:93:d1:64:6f:69:ed:a3:8f:d0:2c:aa:cf:81:5e:
         48:2a:68:4d:4c:f1:79:5d:87:7e:80:13:65:e5:3a:95:f7:a6:
         5b:9a:68:3d:5e:46:3d:98:82:ca:b3:d7:95:18:3e:7b:01:d6:
         23:24:64:aa:6c:bd:48:03:42:01:83:7e:36:c1:2f:26:dd:82:
         ff:76:f9:c2:a0:f6:99:84:a9:2d:5c:d2:77:ad:70:9e:85:73:
         11:67:d7:02:c6:b2:2d:c9:28:dd:cc:7d:94:64:19:6c:1c:bd:
         d9:d6:55:75:49:dc:eb:0e:48:fd:c8:f6:b2:15:bb:e9:ef:3f:
         20:21:b3:e5:32:e7:95:80:d5:f9:70:e0:93:85:78:47:49:7a:
         ee:e3:c3:9c:c7:f7:70:1c:b9:62:a0:89:c3:dc:08:82:1a:01:
         4a:3f:09:d5:e1:c2:e2:d8:d1:bf:6f:5c:93:72:72:a3:28:2f:
         4c:0e:9a:c3:9b:d1:3d:3b:80:77:61:c5:cc:64:d5:bd:1f:5d:
         a0:80:f5:ee:2a:9e:ab:f3:81:4b:91:a3:48:3f:aa:f8:f3:80:
         6c:c9:d1:25:40:28:8d:01:db:ba:5f:7b:b6:82:96:70:ba:4f:
         8d:70:d5:97:20:2c:41:8e:2a:a0:48:01:7b:4e:1e:55:f7:2b:
         87:26:8d:ba
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEBVfLsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDIx
NzA5NDczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmM3MGQ1YjM4YThl
ZGFiYmUyNmJmMTM5Zjg1ODQzMWM1OGMxOGY2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUcwBWpNcOpz8zLlV7k+YXfDm+dsAKnz15cOvyPZG6XpJAS
MvAq/uuXSCT6Rcwwx9QcLY3PUu3goBbOyDWd9DWQg+Un/jhh05yOWJBCjlNEBXrc
nX/03WrIaXlQm+c53fNw5+9w0XhfrYgrMJl3UWrUwBjkmcgxSsI9nZAeOWNtepz/
xCvFRJj72dV84DSv4Kq7jhwEQHkaPBZNcHXaF7+I8AnUbopLK1/1AeOSgwK6QVpj
cCENQ3YFbnCWoK+SLk70PITCoZG3YaebwkSMsByJjjcb9Kff0HHjnFYgkQTva/1Y
zffP24Bnm0CLxPkIbAMYBzHH2J59Gk98ejmFb38CAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBS8cNWzio7au+Jr8Tn4WEMcWMGPbjAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L3ZIRFZzNHFPMnJ2aWFfRTUtRmhESEZqQmoyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAC1C0AMEAC2EuAMEAC2KZAMEAC2U
fDAMAwQATdzBAwQATdzCAwQBXbF2AwQCk060MAwDBAC5PdkDBAK5PdgwDAMEALk9
3QMEBbk9wAMEALlYZDANBgkqhkiG9w0BAQsFAAOCAQEAiSbtWJPRZG9p7aOP0Cyq
z4FeSCpoTUzxeV2HfoATZeU6lfemW5poPV5GPZiCyrPXlRg+ewHWIyRkqmy9SANC
AYN+NsEvJt2C/3b5wqD2mYSpLVzSd61wnoVzEWfXAsayLcko3cx9lGQZbBy92dZV
dUnc6w5I/cj2shW76e8/ICGz5TLnlYDV+XDgk4V4R0l67uPDnMf3cBy5YqCJw9wI
ghoBSj8J1eHC4tjRv29ck3JyoygvTA6aw5vRPTuAd2HFzGTVvR9doID17iqeq/OB
S5GjSD+q+POAbMnRJUAojQHbul97toKWcLpPjXDVlyAsQY4qoEgBe04eVfcrhyaN
ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org