Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Ormiu841VSNBuC5863J4nM2fNd0.roa
File:                     Ormiu841VSNBuC5863J4nM2fNd0.roa (raw, json)
Hash identifier:          4ZUesPyZHaHSBVKgo+MM5umYUtwzgQszZcCy5cRdHBY=
Subject key identifier:   3A:B9:A2:BB:CE:35:55:23:41:B8:2E:7C:EB:72:78:9C:CD:9F:35:DD
Certificate issuer:       /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial:       1191238F
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Ormiu841VSNBuC5863J4nM2fNd0.roa
Signing time:             Wed 12 Jan 2022 23:21:32 +0000
ROA not before:           Wed 12 Jan 2022 23:21:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42926
IP address blocks:        176.53.74.0/24 maxlen: 24
                          213.128.64.0/19 maxlen: 24
                          46.45.186.0/24 maxlen: 24
                          46.45.185.0/24 maxlen: 24
                          94.101.80.0/20 maxlen: 24
                          46.45.188.0/24 maxlen: 24
                          46.45.187.0/24 maxlen: 24
                          94.101.90.0/24 maxlen: 24
                          176.53.96.0/24 maxlen: 24
                          213.128.94.0/24 maxlen: 24
                          213.128.93.0/24 maxlen: 24
                          185.184.208.0/22 maxlen: 24
                          46.45.128.0/18 maxlen: 24
                          185.25.100.0/22 maxlen: 24
                          77.75.32.0/21 maxlen: 24
                          176.53.0.0/17 maxlen: 24
                          79.98.128.0/21 maxlen: 24
                          185.157.40.0/22 maxlen: 24
                          31.210.64.0/18 maxlen: 24
                          178.211.32.0/19 maxlen: 24
                          2a00:56a0::/32 maxlen: 48
                          2a01:790::/32 maxlen: 48
                          2a0b:5f40::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 294724495 (0x1191238f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
        Validity
            Not Before: Jan 12 23:21:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ab9a2bbce35552341b82e7ceb72789ccd9f35dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:57:71:24:fb:e9:1c:98:f8:6b:d9:c4:8a:e5:
                    a9:4c:6a:e7:a8:d8:4f:4f:76:2e:5d:2c:6c:74:78:
                    68:c8:85:c2:d0:56:e1:ae:c0:9f:66:4c:c5:7f:44:
                    82:8e:fe:80:01:66:02:03:ee:29:a8:cb:66:60:20:
                    cd:50:fb:fc:11:75:c4:31:2c:6e:77:cf:88:f8:25:
                    19:c8:be:67:2c:d3:c1:ec:0d:74:f3:1a:76:58:d2:
                    85:05:80:24:ef:85:3c:67:ea:5f:22:c3:1c:eb:8a:
                    3f:1b:a7:be:e6:73:b1:6b:24:c9:c0:c1:86:1a:50:
                    08:55:6e:9a:c6:a1:66:5a:24:b2:3b:e4:3f:10:a8:
                    2c:7e:12:14:eb:60:6c:08:ba:5f:45:86:cf:ca:ab:
                    df:84:7e:e0:19:a8:2a:25:d8:a5:c0:80:8e:cb:78:
                    a0:7b:96:93:b5:92:6d:74:01:13:80:50:3c:fd:69:
                    ed:ed:2e:64:a6:1c:ea:3a:2b:92:0c:30:d2:03:e7:
                    c3:c9:20:63:ba:40:d7:1f:de:77:c0:b8:5f:41:05:
                    a7:71:bf:10:7b:ea:37:83:05:2c:ca:03:64:a0:c2:
                    1c:c0:07:c4:77:38:6d:e8:33:f6:7c:55:85:6e:e9:
                    9a:2b:9d:ff:0c:af:59:e7:6c:64:ae:3f:b4:e4:40:
                    9d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B9:A2:BB:CE:35:55:23:41:B8:2E:7C:EB:72:78:9C:CD:9F:35:DD
            X509v3 Authority Key Identifier:
                keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Ormiu841VSNBuC5863J4nM2fNd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.64.0/18
                  46.45.128.0/18
                  77.75.32.0/21
                  79.98.128.0/21
                  94.101.80.0/20
                  176.53.0.0/17
                  178.211.32.0/19
                  185.25.100.0/22
                  185.157.40.0/22
                  185.184.208.0/22
                  213.128.64.0/19
                IPv6:
                  2a00:56a0::/32
                  2a01:790::/32
                  2a0b:5f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         c7:56:74:f0:80:fd:98:4c:4c:1c:99:d1:c6:2b:bd:a1:1d:ab:
         03:04:7c:cf:0a:a2:b3:95:90:69:4a:a1:e3:5b:b3:b0:3f:21:
         2e:33:ea:ae:c4:a5:c2:b8:6a:bd:17:14:ea:9c:f7:5a:fc:bc:
         2d:31:99:01:d1:63:53:29:5e:08:b5:a5:31:b3:7d:a2:36:9c:
         7c:35:4b:36:06:c7:6e:df:bf:e9:f4:67:14:0d:c7:48:5c:dc:
         52:f5:f7:a1:7f:70:cd:81:8f:a6:f5:33:59:22:82:89:53:81:
         71:84:dd:04:f7:64:a8:1e:f4:00:bb:0c:43:ad:11:b6:ee:07:
         d6:ac:74:8a:34:be:1c:fe:26:b4:b2:60:6a:d4:82:1b:67:ab:
         e3:17:89:17:b6:1d:54:bc:4f:94:8c:a5:50:2d:d2:66:4a:15:
         99:20:02:47:8d:a4:3d:c5:19:a4:1f:c7:b2:52:34:e9:bb:84:
         70:e6:81:4a:b8:cf:27:c9:b3:ca:33:c6:e6:f2:47:fa:72:d8:
         42:4e:3b:5d:be:b7:8b:b2:83:7f:8f:22:fc:d2:9d:fb:b0:ae:
         93:4a:a6:8c:1a:16:53:29:58:2a:01:70:90:4e:91:02:1b:9b:
         27:42:94:8d:1b:c5:0f:fe:92:c5:d4:e3:a4:31:92:c9:56:ef:
         f0:e4:74:b7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEEZEjjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTcxYmJmMWQzZDNjMGVmZTM2ZGUxMTAzOTJiZTBjN2FjNDQ3YTg0MB4XDTIyMDEx
MjIzMjEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiOWEyYmJjZTM1
NTUyMzQxYjgyZTdjZWI3Mjc4OWNjZDlmMzVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJXcST76RyY+GvZxIrlqUxq56jYT092Ll0sbHR4aMiFwtBW
4a7An2ZMxX9Ego7+gAFmAgPuKajLZmAgzVD7/BF1xDEsbnfPiPglGci+ZyzTwewN
dPMadljShQWAJO+FPGfqXyLDHOuKPxunvuZzsWskycDBhhpQCFVumsahZloksjvk
PxCoLH4SFOtgbAi6X0WGz8qr34R+4BmoKiXYpcCAjst4oHuWk7WSbXQBE4BQPP1p
7e0uZKYc6jorkgww0gPnw8kgY7pA1x/ed8C4X0EFp3G/EHvqN4MFLMoDZKDCHMAH
xHc4begz9nxVhW7pmiud/wyvWedsZK4/tORAnSECAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQ6uaK7zjVVI0G4LnzrcniczZ813TAfBgNVHSMEGDAWgBT1cbvx09PA7+Nt
4RA5K+DHrER6hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlYRzc4ZFBUd09famJlRVFPU3ZneDZ4RWVvUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8x
L09ybWl1ODQxVlNOQnVDNTg2M0o0bk0yZk5kMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8xLzlYRzc4ZFBUd09f
amJlRVFPU3ZneDZ4RWVvUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwSAQCAAEwQgMEBh/SQAMEBi4tgAMEA01LIAMEA09i
gAMEBF5lUAMEB7A1AAMEBbLTIAMEArkZZAMEArmdKAMEArm40AMEBdWAQDAbBAIA
AjAVAwUAKgBWoAMFACoBB5ADBQMqC19AMA0GCSqGSIb3DQEBCwUAA4IBAQDHVnTw
gP2YTEwcmdHGK72hHasDBHzPCqKzlZBpSqHjW7OwPyEuM+quxKXCuGq9FxTqnPda
/LwtMZkB0WNTKV4ItaUxs32iNpx8NUs2Bsdu37/p9GcUDcdIXNxS9fehf3DNgY+m
9TNZIoKJU4FxhN0E92SoHvQAuwxDrRG27gfWrHSKNL4c/ia0smBq1IIbZ6vjF4kX
th1UvE+UjKVQLdJmShWZIAJHjaQ9xRmkH8eyUjTpu4Rw5oFKuM8nybPKM8bm8kf6
cthCTjtdvreLsoN/jyL80p37sK6TSqaMGhZTKVgqAXCQTpECG5snQpSNG8UP/pLF
1OOkMZLJVu/w5HS3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:47 2024 by rpki-client on console-ams.rpki-client.org