Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yPh3MFuQIQN-olKdS95oSWFI2U0.roa
File:                     yPh3MFuQIQN-olKdS95oSWFI2U0.roa (raw, json)
Hash identifier:          2A61FFGYtZ+pSaWCUB/9ATI55/NaZl56sdO6R0S4uis=
Subject key identifier:   C8:F8:77:30:5B:90:21:03:7E:A2:52:9D:4B:DE:68:49:61:48:D9:4D
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       05B8E2EC
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yPh3MFuQIQN-olKdS95oSWFI2U0.roa
Signing time:             Fri 25 Mar 2022 18:10:52 +0000
ROA not before:           Fri 25 Mar 2022 18:10:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35830
IP address blocks:        45.66.211.0/24 maxlen: 24
                          45.66.210.0/24 maxlen: 24
                          185.61.216.0/24 maxlen: 24
                          185.61.220.0/24 maxlen: 24
                          45.132.186.0/24 maxlen: 24
                          185.102.112.0/24 maxlen: 24
                          45.132.187.0/24 maxlen: 24
                          185.102.113.0/24 maxlen: 24
                          5.181.171.0/24 maxlen: 24
                          45.148.125.0/24 maxlen: 24
                          45.148.126.0/24 maxlen: 24
                          45.148.127.0/24 maxlen: 24
                          45.138.103.0/24 maxlen: 24
                          45.138.102.0/24 maxlen: 24
                          5.183.253.0/24 maxlen: 24
                          213.232.121.0/24 maxlen: 24
                          213.232.123.0/24 maxlen: 24
                          185.96.37.0/24 maxlen: 24
                          141.98.85.0/24 maxlen: 24
                          141.98.86.0/24 maxlen: 24
                          185.81.145.0/24 maxlen: 24
                          185.81.144.0/24 maxlen: 24
                          185.88.102.0/24 maxlen: 24
                          185.88.101.0/24 maxlen: 24
                          185.88.103.0/24 maxlen: 24
                          5.183.254.0/24 maxlen: 24
                          185.88.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96002796 (0x5b8e2ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Mar 25 18:10:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8f877305b9021037ea2529d4bde68496148d94d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ed:d8:3a:79:4d:02:22:b4:09:85:2c:3d:f8:
                    85:52:0c:88:dd:49:13:cb:c8:61:c8:69:a1:5e:40:
                    c7:de:21:f8:73:a0:35:d3:3e:32:63:32:32:4f:08:
                    84:a5:fc:69:50:aa:ab:5e:9c:41:24:c4:35:84:34:
                    3a:34:18:80:14:f2:48:ae:28:82:95:3c:5a:93:7e:
                    b5:af:96:6f:a7:ed:8a:0c:32:0c:1f:03:2b:c9:de:
                    6b:48:45:8a:ce:f9:a2:0c:ab:1e:e0:be:74:31:42:
                    b7:85:ec:59:e8:aa:34:5f:eb:ef:6b:01:cc:5e:01:
                    28:81:0a:5b:50:27:b2:b1:e4:b3:82:27:72:37:ff:
                    3a:8a:ce:15:8f:a9:f2:0b:e4:cd:3f:cc:a8:51:8c:
                    de:23:31:32:7a:f6:63:ef:e5:8a:db:a6:22:9d:ea:
                    28:e7:a0:67:eb:42:9c:99:0b:3c:18:6b:66:66:a5:
                    bc:3e:88:e0:95:bb:8f:05:f7:39:d2:8f:fd:4c:06:
                    be:1f:c2:a7:27:2e:d0:b9:26:67:ea:ce:bc:fd:68:
                    23:0b:b6:dc:bc:7c:9a:8f:6c:36:f2:87:82:7e:79:
                    36:ab:e4:3e:f8:4a:cd:a7:53:34:33:9b:ae:45:c5:
                    8b:33:46:95:82:4b:30:e9:18:d6:d4:84:2d:43:7a:
                    c3:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:F8:77:30:5B:90:21:03:7E:A2:52:9D:4B:DE:68:49:61:48:D9:4D
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yPh3MFuQIQN-olKdS95oSWFI2U0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.171.0/24
                  5.183.253.0-5.183.254.255
                  45.66.210.0/23
                  45.132.186.0/23
                  45.138.102.0/23
                  45.148.125.0-45.148.127.255
                  141.98.85.0-141.98.86.255
                  185.61.216.0/24
                  185.61.220.0/24
                  185.81.144.0/23
                  185.88.37.0/24
                  185.88.101.0-185.88.103.255
                  185.96.37.0/24
                  185.102.112.0/23
                  213.232.121.0/24
                  213.232.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:84:4a:67:40:4d:95:27:a1:0c:a2:f7:64:e1:68:a2:b0:9e:
         5e:29:d1:18:49:4d:45:01:55:0b:e1:2a:84:4e:2d:5e:37:50:
         da:99:d5:5d:93:cb:ba:df:f8:06:1e:b7:f0:4e:88:62:c6:7c:
         70:80:50:82:b1:d0:9f:bb:d3:dc:8d:43:b7:17:90:47:96:c7:
         7f:8c:11:78:77:f7:b8:11:21:0b:0a:a6:44:a5:4c:43:46:b2:
         b3:bd:09:dc:68:12:80:2d:92:4b:0c:64:95:c0:28:29:cd:f8:
         10:ac:9c:c9:e1:61:a7:aa:30:0f:9f:67:95:89:c8:ab:34:2e:
         21:c9:db:4a:ce:9a:ae:a8:0f:fc:7a:20:a7:1a:cc:71:20:09:
         61:88:47:34:a3:01:41:b2:99:7b:12:f9:75:ac:2a:a6:d1:b9:
         ac:22:22:33:62:11:1f:4d:fd:2f:85:d3:0a:14:31:45:7f:20:
         13:1c:3a:1f:d0:57:ad:32:83:b7:2c:3c:eb:5e:1e:fa:b3:c1:
         cb:7d:4d:a4:00:22:09:28:3d:3c:07:97:ce:cc:cd:e8:bb:48:
         ae:be:51:e9:ad:b7:57:da:11:f3:4e:94:d0:9c:9d:09:47:4d:
         95:0c:51:7a:d9:c8:72:9c:71:af:f2:9c:3e:6d:c3:4f:83:48:
         2d:30:28:2f
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIEBbji7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDMy
NTE4MTA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhmODc3MzA1Yjkw
MjEwMzdlYTI1MjlkNGJkZTY4NDk2MTQ4ZDk0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLt2Dp5TQIitAmFLD34hVIMiN1JE8vIYchpoV5Ax94h+HOg
NdM+MmMyMk8IhKX8aVCqq16cQSTENYQ0OjQYgBTySK4ogpU8WpN+ta+Wb6ftigwy
DB8DK8nea0hFis75ogyrHuC+dDFCt4XsWeiqNF/r72sBzF4BKIEKW1AnsrHks4In
cjf/OorOFY+p8gvkzT/MqFGM3iMxMnr2Y+/litumIp3qKOegZ+tCnJkLPBhrZmal
vD6I4JW7jwX3OdKP/UwGvh/Cpycu0LkmZ+rOvP1oIwu23Lx8mo9sNvKHgn55Nqvk
PvhKzadTNDObrkXFizNGlYJLMOkY1tSELUN6w5sCAwEAAaOCAogwggKEMB0GA1Ud
DgQWBBTI+HcwW5AhA36iUp1L3mhJYUjZTTAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L3lQaDNNRnVRSVFOLW9sS2RTOTVvU1dGSTJVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQABbWrMAwDBAAFt/0DBAAF
t/4DBAEtQtIDBAEthLoDBAEtimYwDAMEAC2UfQMEBy2UADAMAwQAjWJVAwQAjWJW
AwQAuT3YAwQAuT3cAwQBuVGQAwQAuVglMAwDBAC5WGUDBAO5WGADBAC5YCUDBAG5
ZnADBADV6HkDBADV6HswDQYJKoZIhvcNAQELBQADggEBAASESmdATZUnoQyi92Th
aKKwnl4p0RhJTUUBVQvhKoROLV43UNqZ1V2Ty7rf+AYet/BOiGLGfHCAUIKx0J+7
09yNQ7cXkEeWx3+MEXh397gRIQsKpkSlTENGsrO9CdxoEoAtkksMZJXAKCnN+BCs
nMnhYaeqMA+fZ5WJyKs0LiHJ20rOmq6oD/x6IKcazHEgCWGIRzSjAUGymXsS+XWs
KqbRuawiIjNiER9N/S+F0woUMUV/IBMcOh/QV60yg7csPOteHvqzwct9TaQAIgko
PTwHl87Mzei7SK6+Uemtt1faEfNOlNCcnQlHTZUMUXrZyHKcca/ynD5tw0+DSC0w
KC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:18 2024 by rpki-client on console-ams.rpki-client.org