Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa
File:                     cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa (raw, json)
Hash identifier:          3eC5W/JPkqvvOQV3SoZbnvIof6FBuHqynwq7jcZQXLY=
Subject key identifier:   71:62:79:B4:9F:D6:81:55:C7:57:67:6B:41:B2:5B:11:B1:7C:7E:E3
Certificate issuer:       /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial:       129B2661
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa
Signing time:             Sun 15 May 2022 06:25:41 +0000
ROA not before:           Sun 15 May 2022 06:25:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29484
IP address blocks:        185.73.22.0/24 maxlen: 24
                          185.73.23.0/24 maxlen: 24
                          185.73.22.0/25 maxlen: 25
                          185.73.20.0/23 maxlen: 23
                          185.73.20.0/22 maxlen: 22
                          134.147.0.0/16 maxlen: 16
                          2a05:3e04::/32 maxlen: 32
                          2a05:3e06::/31 maxlen: 31
                          2a05:3e05::/32 maxlen: 32
                          2a05:3e00::/30 maxlen: 30
                          2a05:3e00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 312157793 (0x129b2661)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
        Validity
            Not Before: May 15 06:25:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=716279b49fd68155c757676b41b25b11b17c7ee3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:77:b7:d7:06:b6:b6:3e:d8:68:aa:6a:eb:98:
                    84:c3:d4:a3:66:3f:f8:ab:5c:85:09:e2:c0:2d:1a:
                    a2:bb:14:92:7c:7c:60:e6:f5:dd:4b:3c:2e:7c:ac:
                    32:8b:fd:79:62:9e:b7:ef:e5:08:a3:c2:61:0e:ba:
                    6d:60:af:2d:5c:40:4a:cc:63:2b:d0:a6:77:41:e2:
                    f1:02:46:3f:e4:0e:9d:e3:4d:c4:da:c4:56:d1:f9:
                    ee:f2:39:be:2e:40:ec:e5:e5:92:b9:4e:e7:c7:7d:
                    57:62:9f:5c:59:2f:3b:73:3c:55:3a:25:b6:35:2c:
                    97:e9:fd:e2:e6:8c:1a:66:15:25:aa:f6:c1:8e:72:
                    c7:9c:dc:3f:fd:7d:bd:4d:e0:39:d5:9d:fd:e3:57:
                    60:48:1d:47:9b:d6:a4:60:cd:20:04:af:3c:85:5e:
                    2e:6f:e6:2b:d4:4a:db:c3:d8:bf:bd:7a:6a:b2:bc:
                    7f:45:e4:80:11:23:17:5c:cb:fd:32:af:07:5e:12:
                    85:fa:82:9e:b6:27:74:ef:39:f6:be:8d:85:56:54:
                    b8:0c:e9:39:cb:d4:50:9c:cc:bb:51:d4:a3:ef:19:
                    2f:65:de:cd:58:3b:b1:5d:07:a0:03:8b:9a:d1:f7:
                    2f:29:66:10:90:1e:4d:28:87:35:0b:83:02:79:d3:
                    16:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:62:79:B4:9F:D6:81:55:C7:57:67:6B:41:B2:5B:11:B1:7C:7E:E3
            X509v3 Authority Key Identifier:
                keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.147.0.0/16
                  185.73.20.0/22
                IPv6:
                  2a05:3e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         1b:16:4b:80:ac:18:7d:fd:47:fd:7e:4a:fc:15:56:a2:ea:34:
         ff:09:57:6d:27:e1:8a:1d:2d:73:90:97:65:37:b8:43:81:13:
         20:bc:1c:5e:f8:5f:d6:7c:06:8c:29:e7:a9:92:73:a2:68:ad:
         21:c4:5c:97:34:bc:fe:c3:ee:92:03:9c:d8:b5:7e:7b:28:99:
         4f:d2:3c:92:68:c2:bb:00:d4:1b:5a:82:f5:61:16:21:e3:28:
         aa:cd:5e:8b:2c:e9:84:03:b0:4f:ca:ef:19:b0:5d:10:f5:3c:
         85:8f:90:fc:0d:5a:65:5b:f9:0c:0e:72:c1:df:ae:a5:98:ed:
         3b:0b:7a:30:65:77:70:f4:2c:49:e3:b0:03:0a:c2:39:3c:85:
         8d:0e:1f:0c:60:46:db:d4:f5:42:a6:b1:f3:72:9b:e2:32:6c:
         07:a0:16:01:b8:e3:4f:fb:6b:98:d8:58:f1:a3:74:e6:26:bd:
         8f:a7:c7:f5:ef:1f:e6:0f:05:9f:8d:04:60:ab:16:78:8d:65:
         c9:48:f2:09:a0:92:b1:e4:39:0b:98:36:e4:44:f3:65:66:e1:
         a7:17:f7:a2:31:09:22:1e:e1:87:7d:ed:16:be:e7:15:7d:52:
         4e:bf:40:7b:19:5f:b1:18:ca:3f:1f:31:8d:39:ea:f7:93:b4:
         dc:a5:27:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEpsmYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBkZGFhNzQ5NGQ2OWJhMWNhY2I0NTdlZjkxYjZkY2QyMmU4ZGQ5MB4XDTIyMDUx
NTA2MjU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE2Mjc5YjQ5ZmQ2
ODE1NWM3NTc2NzZiNDFiMjViMTFiMTdjN2VlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp3t9cGtrY+2GiqauuYhMPUo2Y/+KtchQniwC0aorsUknx8
YOb13Us8LnysMov9eWKet+/lCKPCYQ66bWCvLVxASsxjK9Cmd0Hi8QJGP+QOneNN
xNrEVtH57vI5vi5A7OXlkrlO58d9V2KfXFkvO3M8VToltjUsl+n94uaMGmYVJar2
wY5yx5zcP/19vU3gOdWd/eNXYEgdR5vWpGDNIASvPIVeLm/mK9RK28PYv716arK8
f0XkgBEjF1zL/TKvB14ShfqCnrYndO859r6NhVZUuAzpOcvUUJzMu1HUo+8ZL2Xe
zVg7sV0HoAOLmtH3LylmEJAeTSiHNQuDAnnTFicCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRxYnm0n9aBVcdXZ2tBslsRsXx+4zAfBgNVHSMEGDAWgBSjDdqnSU1puhys
tFfvkbbc0i6N2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293M2FwMGxOYWJvY3JMUlg3NUcyM05JdWpkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8x
L2NXSjV0Sl9XZ1ZYSFYyZHJRYkpiRWJGOGZ1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8xL293M2FwMGxOYWJv
Y3JMUlg3NUcyM05JdWpkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAIaTAwQCuUkUMA0EAgACMAcDBQMq
BT4AMA0GCSqGSIb3DQEBCwUAA4IBAQAbFkuArBh9/Uf9fkr8FVai6jT/CVdtJ+GK
HS1zkJdlN7hDgRMgvBxe+F/WfAaMKeepknOiaK0hxFyXNLz+w+6SA5zYtX57KJlP
0jySaMK7ANQbWoL1YRYh4yiqzV6LLOmEA7BPyu8ZsF0Q9TyFj5D8DVplW/kMDnLB
366lmO07C3owZXdw9CxJ47ADCsI5PIWNDh8MYEbb1PVCprHzcpviMmwHoBYBuONP
+2uY2Fjxo3TmJr2Pp8f17x/mDwWfjQRgqxZ4jWXJSPIJoJKx5DkLmDbkRPNlZuGn
F/eiMQkiHuGHfe0WvucVfVJOv0B7GV+xGMo/HzGNOer3k7TcpSec
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org