Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/cUwev3Zn7LtiiOVQlZH_LTLFZdI.roa
File:                     cUwev3Zn7LtiiOVQlZH_LTLFZdI.roa (raw, json)
Hash identifier:          Hb3czusTWPo5UXKw8fqGy3H+cNJzmaa5vzlrAZlOpAA=
Subject key identifier:   71:4C:1E:BF:76:67:EC:BB:62:88:E5:50:95:91:FF:2D:32:C5:65:D2
Certificate issuer:       /CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Certificate serial:       06331841
Authority key identifier: F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/cUwev3Zn7LtiiOVQlZH_LTLFZdI.roa
Signing time:             Sat 01 Jan 2022 08:02:38 +0000
ROA not before:           Sat 01 Jan 2022 08:02:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24929
IP address blocks:        45.66.140.0/22 maxlen: 24
                          83.175.168.0/22 maxlen: 24
                          194.54.24.0/22 maxlen: 22
                          2a0e:84c0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104011841 (0x6331841)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
        Validity
            Not Before: Jan  1 08:02:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=714c1ebf7667ecbb6288e5509591ff2d32c565d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:25:44:8e:26:00:df:1b:50:7a:25:b4:0a:93:
                    12:85:2f:ed:cf:34:f6:5c:3b:f1:87:66:59:2d:2d:
                    68:29:0a:1e:87:d0:03:a5:01:22:11:69:bd:61:39:
                    df:17:aa:00:1f:30:2f:27:bb:d9:b1:4b:8d:a5:98:
                    17:87:c5:39:62:88:8c:05:b7:a3:43:2b:d5:f5:6e:
                    af:7c:5b:3f:44:3d:be:7f:85:e0:ba:47:bf:d4:ce:
                    6e:13:36:d4:93:85:aa:75:90:53:1f:4d:af:8a:6b:
                    79:4e:c5:26:1b:24:1a:df:52:c0:d6:7e:f0:62:aa:
                    9e:94:df:1d:b9:5c:6b:16:dc:6b:3c:c8:28:40:1d:
                    d4:1c:e3:99:af:5a:7c:9c:03:60:0d:80:f2:dc:e9:
                    b5:d9:16:1b:df:b5:f3:bf:e8:e2:2f:90:c4:3d:02:
                    c3:a3:85:0e:f2:b2:b5:b7:56:b0:f5:41:f7:00:1d:
                    5c:87:de:0a:16:d3:f3:ef:15:02:55:18:a1:5c:ce:
                    08:b8:54:a0:72:1f:fd:a5:b5:a2:b8:2a:96:6c:ca:
                    b6:b2:c4:7a:62:45:1a:6b:52:c4:63:5c:f1:62:dd:
                    d2:fb:bb:9c:ce:dd:fe:6b:a8:92:b7:1f:f7:77:67:
                    fd:3f:46:2c:19:98:17:5f:14:37:2f:40:18:8d:f8:
                    5b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:4C:1E:BF:76:67:EC:BB:62:88:E5:50:95:91:FF:2D:32:C5:65:D2
            X509v3 Authority Key Identifier:
                keyid:F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/cUwev3Zn7LtiiOVQlZH_LTLFZdI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.140.0/22
                  83.175.168.0/22
                  194.54.24.0/22
                IPv6:
                  2a0e:84c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:9a:85:9e:c7:a4:ab:2b:82:1b:d7:fa:cf:a7:e8:ca:45:5f:
         8a:bb:17:ee:55:69:93:d6:ac:5a:bb:67:9f:44:e5:88:8a:d3:
         7c:b1:a3:5a:14:39:67:8e:e9:64:90:6b:f5:a9:56:46:7d:1a:
         e7:7d:7f:c4:b5:04:4b:57:eb:08:fd:48:fc:44:04:ea:96:a7:
         c3:e7:86:cd:72:d8:3a:f0:66:33:a8:dd:4c:c3:da:49:5b:0b:
         ee:72:7f:4d:e5:a7:ee:54:58:1c:ee:43:c3:b5:c5:cb:04:1a:
         4f:a9:7e:e7:60:7e:b5:ad:61:8b:5b:75:6c:30:cb:00:d0:00:
         ac:19:ef:d2:d6:46:36:58:82:85:ee:ad:83:07:45:cd:33:8f:
         02:09:33:46:27:d6:28:22:fe:9d:fb:32:ed:ac:e5:df:11:8f:
         b1:29:54:34:65:98:71:0f:f1:a0:f7:80:ec:b1:be:bc:ce:f1:
         ca:b5:04:65:f6:71:8c:6c:8d:a0:3e:12:0a:7d:23:94:41:9a:
         98:7f:7f:ea:e9:3c:07:d5:89:39:3a:76:a1:33:32:34:75:16:
         f9:18:69:55:a2:86:e8:99:b8:fd:a3:3c:fa:37:a6:26:a0:95:
         d7:70:68:25:08:a3:21:8a:6e:26:21:ca:0e:96:05:6c:26:fb:
         74:02:03:8d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBjMYQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjY5MjBiYmQ3ZmI3MGVmNWRiY2YyZDBmZWEyMDJiZDk1NzY1ZWJhMB4XDTIyMDEw
MTA4MDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0YzFlYmY3NjY3
ZWNiYjYyODhlNTUwOTU5MWZmMmQzMmM1NjVkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwlRI4mAN8bUHoltAqTEoUv7c809lw78YdmWS0taCkKHofQ
A6UBIhFpvWE53xeqAB8wLye72bFLjaWYF4fFOWKIjAW3o0Mr1fVur3xbP0Q9vn+F
4LpHv9TObhM21JOFqnWQUx9Nr4preU7FJhskGt9SwNZ+8GKqnpTfHblcaxbcazzI
KEAd1Bzjma9afJwDYA2A8tzptdkWG9+187/o4i+QxD0Cw6OFDvKytbdWsPVB9wAd
XIfeChbT8+8VAlUYoVzOCLhUoHIf/aW1orgqlmzKtrLEemJFGmtSxGNc8WLd0vu7
nM7d/muokrcf93dn/T9GLBmYF18UNy9AGI34W58CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRxTB6/dmfsu2KI5VCVkf8tMsVl0jAfBgNVHSMEGDAWgBTyaSC71/tw7128
8tD+ogK9lXZeujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzhta2d1OWY3Y085ZHZQTFFfcUlDdlpWMlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYTE4YTk3LThmYzctNDk1NS04N2FmLTBiY2ZjNTMyOTMzYy8x
L2NVd2V2M1puN0x0aWlPVlFsWkhfTFRMRlpkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YTE4YTk3LThmYzctNDk1NS04N2FmLTBiY2ZjNTMyOTMzYy8xLzhta2d1OWY3Y085
ZHZQTFFfcUlDdlpWMlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi1CjAMEAlOvqAMEAsI2GDANBAIA
AjAHAwUAKg6EwDANBgkqhkiG9w0BAQsFAAOCAQEANZqFnsekqyuCG9f6z6foykVf
irsX7lVpk9asWrtnn0TliIrTfLGjWhQ5Z47pZJBr9alWRn0a531/xLUES1frCP1I
/EQE6panw+eGzXLYOvBmM6jdTMPaSVsL7nJ/TeWn7lRYHO5Dw7XFywQaT6l+52B+
ta1hi1t1bDDLANAArBnv0tZGNliChe6tgwdFzTOPAgkzRifWKCL+nfsy7azl3xGP
sSlUNGWYcQ/xoPeA7LG+vM7xyrUEZfZxjGyNoD4SCn0jlEGamH9/6uk8B9WJOTp2
oTMyNHUW+RhpVaKG6Jm4/aM8+jemJqCV13BoJQijIYpuJiHKDpYFbCb7dAIDjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org