Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa
File:                     WYaegW1K9tyMfc1bys8k7PXMSUk.roa (raw, json)
Hash identifier:          h5uDvEJv3tY06N2kjyqKWpcENivzfoeXxeNsit0qdIw=
Subject key identifier:   59:86:9E:81:6D:4A:F6:DC:8C:7D:CD:5B:CA:CF:24:EC:F5:CC:49:49
Certificate issuer:       /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial:       04AA81AC
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa
Signing time:             Thu 24 Mar 2022 09:23:40 +0000
ROA not before:           Thu 24 Mar 2022 09:23:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204279
IP address blocks:        185.49.244.0/22 maxlen: 22
                          185.108.250.0/24 maxlen: 24
                          185.108.249.0/24 maxlen: 24
                          185.108.248.0/22 maxlen: 22
                          178.249.192.0/21 maxlen: 23
                          178.249.192.0/23 maxlen: 24
                          178.249.194.0/23 maxlen: 24
                          153.94.16.0/20 maxlen: 20
                          2a06:4942:200::/40 maxlen: 40
                          2a06:4942::/41 maxlen: 41
                          2a01:a4a0::/32 maxlen: 32
                          2a06:4940::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78283180 (0x4aa81ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
        Validity
            Not Before: Mar 24 09:23:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59869e816d4af6dc8c7dcd5bcacf24ecf5cc4949
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:48:4e:94:e9:4a:73:68:96:e6:db:39:b5:76:
                    ac:33:4e:86:12:97:56:77:05:16:17:53:75:80:60:
                    bd:74:c0:ac:c5:09:50:e4:13:63:1c:53:a9:33:d2:
                    98:4b:06:15:c6:24:e2:00:d5:20:1c:fd:15:8a:12:
                    29:59:b6:ea:b7:19:9f:6e:1c:e8:9f:89:1f:dd:16:
                    64:ff:83:2d:06:41:f5:9a:72:35:a1:28:1e:b2:d8:
                    6b:47:6c:9c:08:b4:ed:99:83:af:64:e2:cb:bb:c7:
                    f8:de:1b:c4:78:f3:65:f6:34:da:80:36:7f:14:3d:
                    91:02:b2:4b:83:fd:6b:f9:a4:20:3c:85:91:9d:02:
                    71:ae:a6:6b:3d:a0:1d:e7:c0:96:1b:b2:49:5f:54:
                    96:b3:2f:20:90:74:f8:53:07:1b:c1:b0:07:12:12:
                    86:12:0e:d4:e3:61:57:0a:29:87:28:be:24:44:4c:
                    c4:10:69:44:15:78:cb:2b:c0:5f:12:5c:e3:10:5c:
                    28:68:57:c8:92:16:91:27:fc:f8:61:2b:8e:f4:6d:
                    27:22:32:30:4e:2c:1a:a2:64:57:20:a6:36:01:bf:
                    0f:e3:08:13:d6:95:a4:77:9f:1c:c4:20:0d:63:ec:
                    af:00:0b:b0:22:00:10:46:3d:fa:8e:4d:bd:fc:3a:
                    41:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:86:9E:81:6D:4A:F6:DC:8C:7D:CD:5B:CA:CF:24:EC:F5:CC:49:49
            X509v3 Authority Key Identifier:
                keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  153.94.16.0/20
                  178.249.192.0/21
                  185.49.244.0/22
                  185.108.248.0/22
                IPv6:
                  2a01:a4a0::/32
                  2a06:4940::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:23:fa:60:be:46:6b:60:51:40:bc:17:dd:a7:c8:99:aa:b9:
         30:2e:d9:01:0e:ed:d2:d7:a4:34:dc:40:b5:cc:a7:26:d5:c4:
         12:e7:14:26:4f:a8:fa:bf:49:ad:eb:d9:b3:66:09:54:e8:13:
         3c:9f:95:1a:c3:0b:a8:ae:67:fe:25:ba:7e:ce:37:4a:cc:ea:
         9f:ba:ef:c6:3f:89:08:72:00:80:d7:74:f3:29:bb:ac:20:fe:
         ee:83:7f:7b:65:22:0e:cb:2c:6e:ff:75:0a:b2:9c:a2:ff:21:
         90:a5:83:2f:7b:20:03:92:c7:9f:ba:52:47:6a:cd:5b:bf:8c:
         85:1b:c2:dd:2d:15:23:40:ca:cb:39:c5:db:98:70:39:ee:85:
         0e:3f:1f:50:48:08:f1:74:02:86:21:40:74:e6:f0:d1:da:b2:
         18:95:f1:c2:ff:e0:c8:7b:a6:e6:39:12:aa:a5:14:66:73:cc:
         44:92:80:05:ee:00:b9:cd:0d:30:2b:28:0b:02:83:7a:72:65:
         e0:6c:ec:14:45:d3:f9:5a:a2:2f:1a:3c:a3:87:e5:ba:87:71:
         f3:c2:5d:51:67:f9:a6:8e:e5:db:c0:d3:7a:23:26:9b:17:f1:
         96:eb:97:c9:de:78:2c:e3:28:ad:9c:3a:c7:ae:12:21:5b:32:
         ec:36:1a:6a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBKqBrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWQ1MDAxNjRmMDczODEzNWI5YWVjMDRlMzhmYzI0Y2I5MGUwZjVmMB4XDTIyMDMy
NDA5MjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTk4NjllODE2ZDRh
ZjZkYzhjN2RjZDViY2FjZjI0ZWNmNWNjNDk0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFITpTpSnNolubbObV2rDNOhhKXVncFFhdTdYBgvXTArMUJ
UOQTYxxTqTPSmEsGFcYk4gDVIBz9FYoSKVm26rcZn24c6J+JH90WZP+DLQZB9Zpy
NaEoHrLYa0dsnAi07ZmDr2Tiy7vH+N4bxHjzZfY02oA2fxQ9kQKyS4P9a/mkIDyF
kZ0Cca6maz2gHefAlhuySV9UlrMvIJB0+FMHG8GwBxIShhIO1ONhVwophyi+JERM
xBBpRBV4yyvAXxJc4xBcKGhXyJIWkSf8+GErjvRtJyIyME4sGqJkVyCmNgG/D+MI
E9aVpHefHMQgDWPsrwALsCIAEEY9+o5Nvfw6QbsCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRZhp6BbUr23Ix9zVvKzyTs9cxJSTAfBgNVHSMEGDAWgBR+1QAWTwc4E1ua
7ATjj8JMuQ4PXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z0VUFGazhIT0JOYm11d0U0NF9DVExrT0QxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvOWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8x
L1dZYWVnVzFLOXR5TWZjMWJ5czhrN1BYTVNVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
OWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8xL2Z0VUFGazhIT0JO
Ym11d0U0NF9DVExrT0QxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEBJleEAMEA7L5wAMEArkx9AMEArls
+DAUBAIAAjAOAwUAKgGkoAMFAyoGSUAwDQYJKoZIhvcNAQELBQADggEBAGIj+mC+
RmtgUUC8F92nyJmquTAu2QEO7dLXpDTcQLXMpybVxBLnFCZPqPq/Sa3r2bNmCVTo
EzyflRrDC6iuZ/4lun7ON0rM6p+678Y/iQhyAIDXdPMpu6wg/u6Df3tlIg7LLG7/
dQqynKL/IZClgy97IAOSx5+6UkdqzVu/jIUbwt0tFSNAyss5xduYcDnuhQ4/H1BI
CPF0AoYhQHTm8NHashiV8cL/4Mh7puY5EqqlFGZzzESSgAXuALnNDTArKAsCg3py
ZeBs7BRF0/laoi8aPKOH5bqHcfPCXVFn+aaO5dvA03ojJpsX8Zbrl8neeCzjKK2c
OseuEiFbMuw2Gmo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:49 2024 by rpki-client on console-fra.rpki-client.org