Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa
File:                     P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa (raw, json)
Hash identifier:          778XnBxzrd0+uwpwnGfG8avuXYbiNILgYjYMc+zsnWo=
Subject key identifier:   3F:B5:5F:80:2B:F8:6F:15:F6:6B:98:F3:3B:8D:18:83:67:49:8C:77
Certificate issuer:       /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial:       0387822E
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa
Signing time:             Mon 23 May 2022 12:35:30 +0000
ROA not before:           Mon 23 May 2022 12:35:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49074
IP address blocks:        193.242.196.0/22 maxlen: 22
                          109.166.32.0/22 maxlen: 22
                          91.228.140.0/22 maxlen: 22
                          194.40.204.0/22 maxlen: 22
                          91.234.56.0/22 maxlen: 22
                          151.248.64.0/24 maxlen: 24
                          151.248.65.0/24 maxlen: 24
                          151.248.66.0/24 maxlen: 24
                          151.248.67.0/24 maxlen: 24
                          151.248.95.0/24 maxlen: 24
                          176.124.72.0/22 maxlen: 22
                          176.124.76.0/22 maxlen: 22
                          176.113.104.0/22 maxlen: 22
                          176.113.108.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59212334 (0x387822e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
        Validity
            Not Before: May 23 12:35:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3fb55f802bf86f15f66b98f33b8d188367498c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ad:08:13:e8:ac:d3:7c:fc:9f:f2:27:b0:6b:
                    b4:42:c4:7d:dc:e4:06:44:df:f5:cf:92:46:db:d6:
                    5d:64:a8:ea:e1:6b:02:9a:67:04:ba:13:b7:5e:ea:
                    86:29:34:22:70:10:a9:2e:b1:56:04:c6:a5:a1:5a:
                    f9:29:02:a1:23:22:ba:b2:1c:b8:29:6f:25:32:3a:
                    ec:f3:a8:c5:84:be:5f:bb:53:64:85:cf:bb:a5:85:
                    a1:e1:b0:a2:74:92:30:6d:bd:d7:99:1e:40:6f:c1:
                    05:58:f4:39:8c:0b:f7:5b:bd:f9:59:e9:e4:22:4b:
                    d2:d7:62:a2:88:4c:09:ed:18:c8:9e:40:57:71:82:
                    78:ea:8e:a5:f6:3f:a3:f0:8f:7e:1e:d3:fd:54:2a:
                    ce:61:b4:90:2a:02:fa:79:14:62:2e:03:fa:a8:4d:
                    c1:d4:61:27:1f:65:dd:b4:6c:94:57:9c:f8:ee:97:
                    43:a2:a7:c2:3a:0b:df:4d:25:36:b6:7f:12:9a:99:
                    6d:1d:79:b6:ce:7d:5b:11:3f:8b:56:24:82:b7:28:
                    19:bc:5e:7a:79:c5:26:90:3a:6c:b9:d8:a8:db:63:
                    70:87:05:2e:22:34:ff:ac:23:cb:9d:a1:1c:9e:08:
                    8d:66:54:71:25:f7:1a:79:e3:0b:a7:1e:9e:f7:58:
                    6b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B5:5F:80:2B:F8:6F:15:F6:6B:98:F3:3B:8D:18:83:67:49:8C:77
            X509v3 Authority Key Identifier:
                keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/P7VfgCv4bxX2a5jzO40Yg2dJjHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.140.0/22
                  91.234.56.0/22
                  109.166.32.0/22
                  151.248.64.0/22
                  151.248.95.0/24
                  176.113.104.0/21
                  176.124.72.0/21
                  193.242.196.0/22
                  194.40.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:7b:f2:ce:2b:d8:58:66:ad:05:e0:24:09:ac:b6:5e:f3:55:
         38:eb:9d:d8:47:f3:5a:48:0e:fc:e1:45:d6:d9:8a:ca:d8:02:
         37:7b:99:87:55:8b:02:7c:92:bf:1f:93:3d:e3:10:12:96:e7:
         dc:e5:a9:3e:4b:4b:b7:5a:e6:ba:e4:ba:15:d5:f1:79:43:42:
         2c:c8:2d:f0:19:08:20:72:bd:1e:9a:84:c2:38:9e:0d:28:d5:
         0d:04:a4:7d:0b:9f:e2:01:c0:93:ff:7a:3d:52:e8:49:d9:f7:
         fb:1e:b6:e8:4d:b3:06:2f:a8:43:1b:26:76:45:b0:68:f6:06:
         eb:f9:41:cf:c5:5e:16:9d:02:f9:42:6e:c6:a3:b0:07:58:3a:
         c1:4c:69:94:42:93:ff:5a:4e:4b:2c:4d:1e:46:00:0d:95:d8:
         4a:9f:9b:e4:64:22:ee:20:8f:44:52:b8:ad:9b:60:4f:cc:56:
         04:05:ab:02:d6:e2:89:1a:cd:02:72:ca:57:fe:3c:bf:18:cb:
         a5:d9:e9:b7:01:57:4b:66:5b:c3:6e:d3:a8:3c:70:3f:f7:af:
         81:33:5e:83:11:a8:6f:5b:40:a8:4f:d8:fb:5c:65:6a:b9:5c:
         aa:d1:2a:e0:37:1d:93:27:30:69:12:80:c8:a6:ea:79:3e:83:
         1c:a8:32:bd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEA4eCLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYyYzJlN2JjMWRhNTRkOTE5Y2E1YjU5NDFkMzc4ODkyYjJjY2IyMB4XDTIyMDUy
MzEyMzUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZiNTVmODAyYmY4
NmYxNWY2NmI5OGYzM2I4ZDE4ODM2NzQ5OGM3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJytCBPorNN8/J/yJ7BrtELEfdzkBkTf9c+SRtvWXWSo6uFr
AppnBLoTt17qhik0InAQqS6xVgTGpaFa+SkCoSMiurIcuClvJTI67POoxYS+X7tT
ZIXPu6WFoeGwonSSMG2915keQG/BBVj0OYwL91u9+Vnp5CJL0tdioohMCe0YyJ5A
V3GCeOqOpfY/o/CPfh7T/VQqzmG0kCoC+nkUYi4D+qhNwdRhJx9l3bRslFec+O6X
Q6KnwjoL300lNrZ/EpqZbR15ts59WxE/i1YkgrcoGbxeennFJpA6bLnYqNtjcIcF
LiI0/6wjy52hHJ4IjWZUcSX3GnnjC6cenvdYa58CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQ/tV+AK/hvFfZrmPM7jRiDZ0mMdzAfBgNVHSMEGDAWgBQi8sLnvB2lTZGc
pbWUHTeIkrLMsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TEM1N3dkcFUyUm5LVzFsQjAzaUpLeXpMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8x
L1A3VmZnQ3Y0YnhYMmE1anpPNDBZZzJkSmpIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8xL0l2TEM1N3dkcFUy
Um5LVzFsQjAzaUpLeXpMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvkjAMEAlvqOAMEAm2mIAMEApf4
QAMEAJf4XwMEA7BxaAMEA7B8SAMEAsHyxAMEAsIozDANBgkqhkiG9w0BAQsFAAOC
AQEAYXvyzivYWGatBeAkCay2XvNVOOud2EfzWkgO/OFF1tmKytgCN3uZh1WLAnyS
vx+TPeMQEpbn3OWpPktLt1rmuuS6FdXxeUNCLMgt8BkIIHK9HpqEwjieDSjVDQSk
fQuf4gHAk/96PVLoSdn3+x626E2zBi+oQxsmdkWwaPYG6/lBz8VeFp0C+UJuxqOw
B1g6wUxplEKT/1pOSyxNHkYADZXYSp+b5GQi7iCPRFK4rZtgT8xWBAWrAtbiiRrN
AnLKV/48vxjLpdnptwFXS2Zbw27TqDxwP/evgTNegxGob1tAqE/Y+1xlarlcqtEq
4DcdkycwaRKAyKbqeT6DHKgyvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:29 2024 by rpki-client on console-ams.rpki-client.org