Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NV0f1OuB52TPHbUXsG8DIh1b8LA.roa
File:                     NV0f1OuB52TPHbUXsG8DIh1b8LA.roa (raw, json)
Hash identifier:          C6vFAPW4tmXlO8QTBwvUjdNoy4dD5ugoHe3QbvaBcFI=
Subject key identifier:   35:5D:1F:D4:EB:81:E7:64:CF:1D:B5:17:B0:6F:03:22:1D:5B:F0:B0
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018499460F10064576D17FF3680DC36A7A48
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NV0f1OuB52TPHbUXsG8DIh1b8LA.roa
Signing time:             Mon 21 Nov 2022 08:20:16 +0000
ROA not before:           Mon 21 Nov 2022 08:20:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        45.8.184.0/22 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.196.0/22 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          45.8.205.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          85.208.105.0/24 maxlen: 24
                          45.66.152.0/22 maxlen: 24
                          5.180.82.0/24 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.232.0/22 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          85.209.160.0/22 maxlen: 24
                          5.180.48.0/22 maxlen: 24
                          85.208.112.0/22 maxlen: 24
                          5.253.36.0/22 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          45.8.252.0/22 maxlen: 24
                          5.253.46.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.0.0/22 maxlen: 24
                          45.9.4.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:46:0f:10:06:45:76:d1:7f:f3:68:0d:c3:6a:7a:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Nov 21 08:20:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=355d1fd4eb81e764cf1db517b06f03221d5bf0b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b7:5e:e6:ec:0f:da:bf:30:2e:8a:f2:df:2e:
                    91:94:66:c3:17:64:90:d1:70:b4:6a:49:40:c7:3d:
                    ac:51:7e:c5:44:a6:56:a3:2e:c9:be:8a:79:57:f7:
                    2a:7f:9f:14:50:a3:6d:84:e4:6e:de:2b:eb:26:f7:
                    c7:15:34:de:86:d7:6e:88:8f:a7:3d:ad:8e:23:21:
                    8b:4e:8e:58:c1:cd:01:cf:ae:e4:90:ec:3e:b2:29:
                    01:77:f1:22:1f:79:72:04:97:3c:97:6e:9f:82:4f:
                    04:5c:51:5c:0b:9f:22:b5:9f:c4:81:0a:87:d2:73:
                    5a:59:2e:0c:2e:5c:22:3a:39:c5:e6:b1:12:49:b0:
                    e1:11:8d:48:cf:83:16:d4:5e:ed:46:c8:28:b3:4b:
                    6a:c7:f6:3e:30:5e:50:bd:d9:5a:cd:9c:17:1a:11:
                    66:cb:2c:ae:7c:fb:ee:a3:66:71:dd:63:3e:4b:5f:
                    48:9d:d0:28:3c:e3:4b:0e:ca:5a:ec:e8:5a:12:fb:
                    20:8a:6e:47:8f:3d:fd:34:bb:61:45:0e:69:9a:97:
                    c2:58:71:d0:a7:5c:41:88:49:79:56:d9:cf:e0:30:
                    c7:9e:6a:a5:76:4d:06:5a:cb:bc:31:40:83:a8:25:
                    1d:87:0c:e8:cb:d4:cc:1f:b5:09:14:95:2e:bc:b4:
                    42:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:5D:1F:D4:EB:81:E7:64:CF:1D:B5:17:B0:6F:03:22:1D:5B:F0:B0
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NV0f1OuB52TPHbUXsG8DIh1b8LA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.48.0/22
                  5.180.80.0/24
                  5.180.82.0/24
                  5.180.232.0/22
                  5.253.36.0/22
                  5.253.44.0/22
                  45.8.184.0-45.8.199.255
                  45.8.203.0/24
                  45.8.205.0/24
                  45.8.252.0-45.9.7.255
                  45.66.152.0/22
                  85.208.105.0/24
                  85.208.112.0/22
                  85.209.160.0/22
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:d7:9e:61:7d:cc:b2:7c:16:e1:13:7b:4e:5a:6d:9c:b1:88:
         ff:00:27:99:85:55:42:a6:36:34:34:57:fd:b5:93:23:d2:29:
         66:82:94:1a:04:f1:01:5f:8a:52:34:78:77:f9:90:fa:91:44:
         72:34:74:16:38:59:71:e0:8a:dd:2a:88:7e:51:53:94:65:53:
         d8:d6:0a:bd:5b:06:7d:6a:15:06:c5:1d:c2:41:0a:d4:c3:69:
         74:64:60:77:40:44:fb:2f:ba:01:23:88:aa:69:c9:1c:28:94:
         7c:0e:91:9d:85:ce:83:c1:dc:89:3b:f2:df:65:41:3b:90:4f:
         41:1e:b9:01:c9:f2:95:f9:14:f8:89:ba:7e:64:3a:ad:71:7c:
         98:be:f3:6e:ec:fd:df:62:0c:55:62:66:11:e9:26:09:23:b6:
         9a:a4:48:03:a6:a9:49:3b:a9:a9:be:69:38:70:61:8a:9f:97:
         90:00:23:4b:93:8a:28:14:f6:de:61:2c:a0:4e:0d:a4:85:44:
         f2:2f:fc:55:c8:67:d3:bf:6d:b6:77:a8:d0:73:50:7e:44:07:
         e4:bd:35:b4:de:3a:c7:36:a4:9f:ff:8b:a1:25:25:6a:94:d4:
         0a:8b:28:7e:0d:c3:3d:0b:5e:31:f2:f6:23:44:3c:d6:92:87:
         e9:3f:1f:de
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYSZRg8QBkV20X/zaA3DanpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIxMTIxMDgyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTVkMWZkNGViODFlNzY0Y2YxZGI1MTdiMDZmMDMyMjFkNWJmMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorde5uwP2r8wLory3y6RlGbDF2SQ
0XC0aklAxz2sUX7FRKZWoy7Jvop5V/cqf58UUKNthORu3ivrJvfHFTTehtduiI+n
Pa2OIyGLTo5Ywc0Bz67kkOw+sikBd/EiH3lyBJc8l26fgk8EXFFcC58itZ/EgQqH
0nNaWS4MLlwiOjnF5rESSbDhEY1Iz4MW1F7tRsgos0tqx/Y+MF5QvdlazZwXGhFm
yyyufPvuo2Zx3WM+S19IndAoPONLDspa7OhaEvsgim5Hjz39NLthRQ5pmpfCWHHQ
p1xBiEl5VtnP4DDHnmqldk0GWsu8MUCDqCUdhwzoy9TMH7UJFJUuvLRCWQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFDVdH9Trgedkzx21F7BvAyIdW/CwMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTlYwZjFPdUI1MlRQSGJVWHNHOERJaDFiOExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgW0IAME
AgW0MAMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQDLQi4AwQDLQjA
AwQALQjLAwQALQjNMAwDBAItCPwDBAMtCQADBAItQpgDBABV0GkDBAJV0HADBAJV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBADzXnmF9zLJ8FuETe05abZyxiP8A
J5mFVUKmNjQ0V/21kyPSKWaClBoE8QFfilI0eHf5kPqRRHI0dBY4WXHgit0qiH5R
U5RlU9jWCr1bBn1qFQbFHcJBCtTDaXRkYHdARPsvugEjiKppyRwolHwOkZ2FzoPB
3Ik78t9lQTuQT0EeuQHJ8pX5FPiJun5kOq1xfJi+827s/d9iDFViZhHpJgkjtpqk
SAOmqUk7qam+aThwYYqfl5AAI0uTiigU9t5hLKBODaSFRPIv/FXIZ9O/bbZ3qNBz
UH5EB+S9NbTeOsc2pJ//i6ElJWqU1AqLKH4Nwz0LXjHy9iNEPNaSh+k/H94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org