Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4CoCNEzDiyYqprcWTWS5XH_06KA.roa
File:                     4CoCNEzDiyYqprcWTWS5XH_06KA.roa (raw, json)
Hash identifier:          N1vSI2mSSSpPNCP6ddR51QvhkKrwrppJoVtCoRdxXT0=
Subject key identifier:   E0:2A:02:34:4C:C3:8B:26:2A:A6:B7:16:4D:64:B9:5C:7F:F4:E8:A0
Certificate issuer:       /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial:       0181F62949C4A32244DCA8E7FBF759FC0E45
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4CoCNEzDiyYqprcWTWS5XH_06KA.roa
Signing time:             Wed 13 Jul 2022 06:05:09 +0000
ROA not before:           Wed 13 Jul 2022 06:05:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25192
IP address blocks:        193.29.206.0/24 maxlen: 30
                          194.0.14.0/24 maxlen: 30
                          194.0.12.0/23 maxlen: 30
                          185.43.132.0/24 maxlen: 24
                          185.43.132.0/22 maxlen: 22
                          185.43.133.0/24 maxlen: 24
                          217.31.192.0/20 maxlen: 30
                          185.43.134.0/24 maxlen: 24
                          185.43.135.0/24 maxlen: 24
                          2001:678:10::/47 maxlen: 64
                          2001:678:1::/48 maxlen: 64
                          2001:148f:fffd::/48 maxlen: 48
                          2001:678:f::/48 maxlen: 64
                          2001:1488::/32 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f6:29:49:c4:a3:22:44:dc:a8:e7:fb:f7:59:fc:0e:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
        Validity
            Not Before: Jul 13 06:05:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e02a02344cc38b262aa6b7164d64b95c7ff4e8a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:95:65:b2:fc:aa:eb:cd:ba:9f:21:12:25:6a:
                    9f:f8:a2:c1:5c:47:1c:1b:10:90:4c:4c:29:7b:ad:
                    66:c6:4a:11:ba:e4:78:66:c9:27:d7:23:b0:ac:b2:
                    0e:b6:79:3b:89:ed:50:85:7b:cb:9c:e5:2e:a2:14:
                    04:ce:12:f2:40:13:7c:1c:63:61:30:de:ff:af:97:
                    f0:58:f5:8f:b5:7e:bf:b1:ca:02:0c:17:99:be:17:
                    b4:c2:c7:14:20:00:de:66:d4:f2:2b:58:a1:8f:0e:
                    2a:b4:54:2f:82:73:8d:ed:19:3e:dd:d6:cb:57:df:
                    c4:04:79:b0:2a:46:e3:b0:cb:21:ff:7e:ac:09:26:
                    1f:54:89:10:d5:14:3e:54:33:00:51:50:67:4a:0c:
                    09:f8:b2:7b:59:58:a3:cf:e7:5d:0f:fc:46:2e:88:
                    bc:30:b5:3b:80:da:58:1d:5d:16:56:3b:6c:0e:1f:
                    7d:b8:a8:12:ba:c5:5f:db:6c:2a:a4:ca:79:d9:79:
                    dd:6d:2f:6c:e2:6d:e3:a4:92:9d:ad:70:6d:3a:67:
                    68:9e:c5:41:98:ee:6a:96:17:1c:b1:9e:a0:1d:df:
                    54:e5:c5:a4:0b:10:79:3e:85:da:77:65:74:ab:a8:
                    e7:cc:af:e6:a9:4c:a6:26:82:57:68:b8:43:0a:bc:
                    ec:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:2A:02:34:4C:C3:8B:26:2A:A6:B7:16:4D:64:B9:5C:7F:F4:E8:A0
            X509v3 Authority Key Identifier:
                keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4CoCNEzDiyYqprcWTWS5XH_06KA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.132.0/22
                  193.29.206.0/24
                  194.0.12.0-194.0.14.255
                  217.31.192.0/20
                IPv6:
                  2001:678:1::/48
                  2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
                  2001:1488::/32
                  2001:148f:fffd::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:4f:8c:31:ee:2b:8d:c6:77:1b:cd:72:db:a5:78:96:6a:f6:
         da:58:79:c4:b0:e3:14:24:ee:65:f5:54:93:7c:f2:75:3d:b2:
         0d:5f:cc:0c:c6:53:6d:e8:51:e8:3c:53:4f:01:11:7c:0a:28:
         4e:ab:3a:7a:3c:96:ab:53:94:66:47:7b:a7:8b:f9:99:45:e4:
         12:6b:68:df:df:63:db:8e:48:79:50:53:53:e0:b0:07:39:22:
         e1:6e:c0:4f:5f:01:cd:f3:2b:53:4b:36:72:b7:b9:f7:54:6e:
         7f:84:0a:df:c4:87:6b:89:96:83:59:1f:f5:81:ff:24:7c:00:
         82:c7:7d:ba:ed:ed:90:53:34:3a:28:37:62:19:f1:4b:e0:bc:
         34:26:15:20:6a:43:50:75:ba:5a:5d:ff:65:c7:08:5d:da:6e:
         94:cf:73:37:07:44:94:d3:62:30:02:99:90:e4:3e:3a:5d:b7:
         76:35:98:35:c8:f7:dc:66:29:0d:02:0f:f5:f8:b5:fa:1c:dd:
         c7:b0:58:03:f0:77:a8:0f:b6:a0:e1:42:9b:c7:dd:8c:1c:8b:
         b0:db:ba:34:a7:c3:e3:a3:3c:e8:fd:41:04:8e:34:23:53:9c:
         c9:f2:22:07:d6:96:6a:43:ea:27:fb:6d:f2:ff:fa:db:5c:0d:
         d6:58:69:0c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYH2KUnEoyJE3Kjn+/dZ/A5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjIwNzEzMDYwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJhMDIzNDRjYzM4YjI2MmFhNmI3MTY0ZDY0Yjk1YzdmZjRlOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpVlsvyq6826nyESJWqf+KLBXEcc
GxCQTEwpe61mxkoRuuR4Zskn1yOwrLIOtnk7ie1QhXvLnOUuohQEzhLyQBN8HGNh
MN7/r5fwWPWPtX6/scoCDBeZvhe0wscUIADeZtTyK1ihjw4qtFQvgnON7Rk+3dbL
V9/EBHmwKkbjsMsh/36sCSYfVIkQ1RQ+VDMAUVBnSgwJ+LJ7WVijz+ddD/xGLoi8
MLU7gNpYHV0WVjtsDh99uKgSusVf22wqpMp52XndbS9s4m3jpJKdrXBtOmdonsVB
mO5qlhccsZ6gHd9U5cWkCxB5PoXad2V0q6jnzK/mqUymJoJXaLhDCrzscwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOAqAjRMw4smKqa3Fk1kuVx/9OigMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvNENvQ05FekRpeVlxcHJjV1RXUzVYSF8wNktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAmBAIAATAgAwQCuSuEAwQA
wR3OMAwDBALCAAwDBADCAA4DBATZH8AwMwQCAAIwLQMHACABBngAATASAwcAIAEG
eAAPAwcBIAEGeAAQAwUAIAEUiAMHACABFI///TANBgkqhkiG9w0BAQsFAAOCAQEA
AE+MMe4rjcZ3G81y26V4lmr22lh5xLDjFCTuZfVUk3zydT2yDV/MDMZTbehR6DxT
TwERfAooTqs6ejyWq1OUZkd7p4v5mUXkEmto399j245IeVBTU+CwBzki4W7AT18B
zfMrU0s2cre591Ruf4QK38SHa4mWg1kf9YH/JHwAgsd9uu3tkFM0Oig3YhnxS+C8
NCYVIGpDUHW6Wl3/ZccIXdpulM9zNwdElNNiMAKZkOQ+Ol23djWYNcj33GYpDQIP
9fi1+hzdx7BYA/B3qA+2oOFCm8fdjByLsNu6NKfD46M86P1BBI40I1OcyfIiB9aW
akPqJ/tt8v/621wN1lhpDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org