Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa
File:                     xmQcIAImputoLsTcvy3DIQkhrT0.roa (raw, json)
Hash identifier:          lLdFurPLAmvwvngNd4MnHroL1JfuAAIMM2ZIkiXEYTk=
Subject key identifier:   C6:64:1C:20:02:26:A6:EB:68:2E:C4:DC:BF:2D:C3:21:09:21:AD:3D
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       01849B137C4D16CD58B22552750B82BB5A0B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa
Signing time:             Mon 21 Nov 2022 16:44:16 +0000
ROA not before:           Mon 21 Nov 2022 16:44:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199552
IP address blocks:        146.66.219.0/24 maxlen: 24
                          146.66.218.0/24 maxlen: 24
                          188.74.128.0/24 maxlen: 24
                          178.157.125.0/24 maxlen: 24
                          188.119.162.0/24 maxlen: 24
                          37.35.55.0/24 maxlen: 24
                          178.157.92.0/24 maxlen: 24
                          178.157.111.0/24 maxlen: 24
                          178.157.110.0/24 maxlen: 24
                          188.119.144.0/22 maxlen: 22
                          5.157.240.0/21 maxlen: 21
                          188.74.155.0/24 maxlen: 24
                          188.74.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9b:13:7c:4d:16:cd:58:b2:25:52:75:0b:82:bb:5a:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Nov 21 16:44:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6641c200226a6eb682ec4dcbf2dc3210921ad3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c6:5b:e2:4d:c5:40:49:1c:63:d0:c8:4e:d1:
                    76:79:50:2a:07:a7:83:cd:88:2c:dc:bc:23:02:07:
                    1b:ea:d7:49:be:d8:83:67:51:d8:5e:91:e7:92:37:
                    7d:94:46:de:4b:13:e0:be:ee:73:19:f1:f5:3a:b7:
                    fb:ab:33:c1:10:cb:28:85:63:6c:8e:af:f1:bd:7c:
                    3e:b5:57:dd:a8:93:15:bd:de:e5:96:66:03:03:d0:
                    2b:1c:0b:34:25:74:4e:8f:8c:4d:e9:e0:43:97:a7:
                    6c:c9:1c:e2:2c:6c:b9:18:df:57:95:29:7d:fa:e8:
                    9d:2b:fa:53:9f:ff:4c:e1:d1:0b:3b:ce:2d:47:6a:
                    94:17:9b:e2:7f:86:fa:92:c3:a9:86:7f:1d:fe:19:
                    85:e2:de:bd:b7:e4:7f:cb:20:f1:97:23:69:f1:52:
                    76:50:c9:b2:29:14:f1:ac:4d:ff:fe:50:29:2a:e9:
                    5e:79:6b:d3:46:6a:41:43:bf:c8:a5:be:5d:46:11:
                    45:d0:41:ac:b7:c8:a8:14:20:e4:c6:94:bd:e6:13:
                    ee:24:dd:58:29:55:83:4f:60:39:74:d6:a5:cd:62:
                    ba:1d:70:da:4e:34:cb:62:76:39:bb:61:e7:4a:8a:
                    24:2d:fe:c9:ce:f4:40:21:84:53:04:d9:dc:3a:8e:
                    6b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:64:1C:20:02:26:A6:EB:68:2E:C4:DC:BF:2D:C3:21:09:21:AD:3D
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xmQcIAImputoLsTcvy3DIQkhrT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.157.240.0/21
                  37.35.55.0/24
                  146.66.218.0/23
                  178.157.92.0/24
                  178.157.110.0/23
                  178.157.125.0/24
                  188.74.128.0/24
                  188.74.155.0/24
                  188.74.171.0/24
                  188.119.144.0/22
                  188.119.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:c1:9a:b2:3f:a3:cc:25:d6:3a:42:f2:32:a4:c4:a5:5a:c7:
         7c:15:ed:b8:c6:52:78:dd:54:20:d4:8f:eb:ba:d5:38:d6:46:
         af:75:15:6c:33:34:9f:ab:cf:bd:95:ec:0e:c2:71:78:8b:b2:
         33:30:4e:50:4e:e1:a9:f7:c8:f0:9b:8a:a9:e0:34:83:83:18:
         71:66:77:c4:1a:d4:33:fb:98:e3:4e:87:9d:8e:b2:7e:3a:e3:
         25:2a:45:94:bb:83:8b:64:a4:ea:2d:69:64:d6:4f:5c:44:bf:
         17:21:bc:ed:65:13:bd:5d:8c:41:59:e0:63:e3:33:90:d5:2c:
         bd:fa:22:b5:9d:0b:4c:7b:3b:bd:2b:aa:f7:90:84:ae:c0:34:
         79:04:8d:59:ae:41:0a:84:9d:28:a5:d1:73:0d:06:a0:76:51:
         6e:20:fe:2d:d4:bf:9f:c4:50:9f:1d:9e:e8:2e:f0:08:66:5f:
         71:5f:9f:d2:25:e8:5b:2c:6a:fc:f8:06:5d:89:97:3e:fc:63:
         25:aa:48:bd:2c:5a:92:98:b7:f4:75:3d:d0:54:74:43:d6:b4:
         fa:0d:46:af:36:42:88:dd:5d:ef:bb:5a:b8:7b:71:af:99:d7:
         aa:e0:1a:55:9d:12:77:94:12:d8:77:2a:fd:99:b6:99:15:91:
         66:63:b2:3b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYSbE3xNFs1YsiVSdQuCu1oLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIxMTIxMTY0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY0MWMyMDAyMjZhNmViNjgyZWM0ZGNiZjJkYzMyMTA5MjFhZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Zb4k3FQEkcY9DITtF2eVAqB6eD
zYgs3LwjAgcb6tdJvtiDZ1HYXpHnkjd9lEbeSxPgvu5zGfH1Orf7qzPBEMsohWNs
jq/xvXw+tVfdqJMVvd7llmYDA9ArHAs0JXROj4xN6eBDl6dsyRziLGy5GN9XlSl9
+uidK/pTn/9M4dELO84tR2qUF5vif4b6ksOphn8d/hmF4t69t+R/yyDxlyNp8VJ2
UMmyKRTxrE3//lApKuleeWvTRmpBQ7/Ipb5dRhFF0EGst8ioFCDkxpS95hPuJN1Y
KVWDT2A5dNalzWK6HXDaTjTLYnY5u2HnSookLf7JzvRAIYRTBNncOo5r2wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMZkHCACJqbraC7E3L8twyEJIa09MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEveG1RY0lBSW1wdXRvTHNUY3Z5M0RJUWtoclQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQBsp1uAwQAsp19AwQAvEqAAwQAvEqbAwQAvEqrAwQC
vHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUAA4IBAQBXwZqyP6PMJdY6QvIypMSlWsd8
Fe24xlJ43VQg1I/rutU41kavdRVsMzSfq8+9lewOwnF4i7IzME5QTuGp98jwm4qp
4DSDgxhxZnfEGtQz+5jjToedjrJ+OuMlKkWUu4OLZKTqLWlk1k9cRL8XIbztZRO9
XYxBWeBj4zOQ1Sy9+iK1nQtMezu9K6r3kISuwDR5BI1ZrkEKhJ0opdFzDQagdlFu
IP4t1L+fxFCfHZ7oLvAIZl9xX5/SJehbLGr8+AZdiZc+/GMlqki9LFqSmLf0dT3Q
VHRD1rT6DUavNkKI3V3vu1q4e3Gvmdeq4BpVnRJ3lBLYdyr9mbaZFZFmY7I7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org