Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Zh-MZ18UeUXZuP81SlUMF3EeO7M.roa
File:                     Zh-MZ18UeUXZuP81SlUMF3EeO7M.roa (raw, json)
Hash identifier:          ExKufNGdmevaQ9R0jevzOAxYOsE9qFVCatsTaJL/mSo=
Subject key identifier:   66:1F:8C:67:5F:14:79:45:D9:B8:FF:35:4A:55:0C:17:71:1E:3B:B3
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       0183D1D198951725E9ED4D294F84D21722D7
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Zh-MZ18UeUXZuP81SlUMF3EeO7M.roa
Signing time:             Thu 13 Oct 2022 14:48:37 +0000
ROA not before:           Thu 13 Oct 2022 14:48:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49199
IP address blocks:        195.19.74.0/23 maxlen: 24
                          194.226.137.0/24 maxlen: 24
                          195.208.220.0/23 maxlen: 24
                          194.226.34.0/23 maxlen: 24
                          195.19.10.0/23 maxlen: 24
                          62.76.74.0/23 maxlen: 24
                          194.190.6.0/24 maxlen: 24
                          62.76.96.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d1:d1:98:95:17:25:e9:ed:4d:29:4f:84:d2:17:22:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Oct 13 14:48:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=661f8c675f147945d9b8ff354a550c17711e3bb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:74:72:50:30:30:83:c0:00:cf:93:c6:c8:eb:
                    d3:0d:d7:0f:2b:25:d0:45:35:5e:24:97:95:2f:d1:
                    dc:bd:a7:26:72:66:96:a9:35:ed:cf:f4:8d:34:af:
                    13:6b:3d:bf:b8:30:30:fd:76:e4:bb:0c:a3:4e:fb:
                    07:f1:68:68:8c:bf:e3:fd:97:36:fc:48:11:0a:04:
                    c9:2e:27:8d:54:e7:47:d6:22:0a:01:e5:cb:a7:69:
                    bb:4e:7a:ce:81:39:93:cb:5d:fe:8c:36:c8:d6:56:
                    bf:04:c5:da:f3:b1:29:f0:a2:8e:c0:30:ce:73:5d:
                    17:ac:c2:19:57:a2:8c:ed:96:35:0c:59:c6:55:cb:
                    71:a7:c3:9c:a4:e8:c0:11:77:9b:10:34:44:96:6d:
                    8e:70:b0:ea:73:a8:52:40:0a:df:5e:44:90:35:eb:
                    e0:52:64:06:8e:56:ff:ef:1c:26:12:fa:36:ae:73:
                    ce:78:ea:f0:80:34:3a:81:11:6e:e2:74:20:c2:d0:
                    c8:be:c7:c0:f1:c9:1e:22:cd:07:b6:85:ca:cc:2c:
                    1b:98:1c:a1:78:80:a4:77:98:28:4d:1b:e0:82:71:
                    dd:c6:57:c6:f1:a0:6b:88:2b:1b:c6:56:7e:93:a2:
                    de:29:9e:a5:6b:47:91:2c:d5:e1:d6:50:62:11:fd:
                    9e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:1F:8C:67:5F:14:79:45:D9:B8:FF:35:4A:55:0C:17:71:1E:3B:B3
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Zh-MZ18UeUXZuP81SlUMF3EeO7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.74.0/23
                  62.76.96.0/23
                  194.190.6.0/24
                  194.226.34.0/23
                  194.226.137.0/24
                  195.19.10.0/23
                  195.19.74.0/23
                  195.208.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bc:a3:27:ba:11:bd:80:25:0b:f8:ed:16:16:e1:ec:43:36:4d:
         bb:5c:c3:86:bb:58:4a:3b:de:a1:d2:8f:13:58:27:d8:c3:a9:
         e0:a5:48:ef:93:6f:47:c9:69:2d:43:27:f3:97:f9:04:16:e3:
         de:c2:84:e6:3e:77:f1:5b:e2:6e:11:10:88:2c:92:39:3c:70:
         0c:31:ea:84:8f:0d:4c:54:52:db:82:5e:88:9c:2b:43:e6:2f:
         7f:68:4d:d4:79:c9:05:fc:b9:0d:05:49:7e:dd:9c:2b:99:af:
         49:97:65:04:fd:fc:c6:2c:be:7a:ea:e0:95:6c:1d:66:12:4b:
         49:0c:5b:9c:cc:7d:11:e4:4d:bd:3e:cd:36:b1:a8:46:3e:02:
         86:3b:9e:88:b9:af:07:f6:5c:52:74:8e:18:49:07:67:00:9e:
         b2:f5:6e:a2:f7:f8:05:58:ac:0a:26:f8:fa:32:f4:e8:2b:b3:
         4e:d6:2a:f0:f2:7e:f5:96:0f:10:ec:ac:a5:0b:34:5a:d6:89:
         7f:6f:eb:38:a5:9c:fc:b1:3e:5b:ca:85:38:c0:a6:43:f4:e4:
         1d:94:b6:a5:06:9a:6c:0f:c2:f7:4a:e3:e8:6d:b0:61:2e:22:
         38:3a:db:b5:89:25:ce:d5:c4:93:0f:e5:2a:4c:d3:be:ad:e6:
         58:fc:7f:7c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYPR0ZiVFyXp7U0pT4TSFyLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjIxMDEzMTQ0ODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFmOGM2NzVmMTQ3OTQ1ZDliOGZmMzU0YTU1MGMxNzcxMWUzYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXRyUDAwg8AAz5PGyOvTDdcPKyXQ
RTVeJJeVL9HcvacmcmaWqTXtz/SNNK8Taz2/uDAw/XbkuwyjTvsH8WhojL/j/Zc2
/EgRCgTJLieNVOdH1iIKAeXLp2m7TnrOgTmTy13+jDbI1la/BMXa87Ep8KKOwDDO
c10XrMIZV6KM7ZY1DFnGVctxp8OcpOjAEXebEDRElm2OcLDqc6hSQArfXkSQNevg
UmQGjlb/7xwmEvo2rnPOeOrwgDQ6gRFu4nQgwtDIvsfA8ckeIs0HtoXKzCwbmByh
eICkd5goTRvggnHdxlfG8aBriCsbxlZ+k6LeKZ6la0eRLNXh1lBiEf2eAQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGYfjGdfFHlF2bj/NUpVDBdxHjuzMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvWmgtTVoxOFVlVVhadVA4MVNsVU1GM0VlTzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPkxKAwQB
PkxgAwQAwr4GAwQBwuIiAwQAwuKJAwQBwxMKAwQBwxNKAwQBw9DcMA0GCSqGSIb3
DQEBCwUAA4IBAQC8oye6Eb2AJQv47RYW4exDNk27XMOGu1hKO96h0o8TWCfYw6ng
pUjvk29HyWktQyfzl/kEFuPewoTmPnfxW+JuERCILJI5PHAMMeqEjw1MVFLbgl6I
nCtD5i9/aE3UeckF/LkNBUl+3Zwrma9Jl2UE/fzGLL566uCVbB1mEktJDFuczH0R
5E29Ps02sahGPgKGO56Iua8H9lxSdI4YSQdnAJ6y9W6i9/gFWKwKJvj6MvToK7NO
1irw8n71lg8Q7KylCzRa1ol/b+s4pZz8sT5byoU4wKZD9OQdlLalBppsD8L3SuPo
bbBhLiI4Otu1iSXO1cSTD+UqTNO+reZY/H98
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org