Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/UWUdLR1fZNa2NvRiAF38UbXXhOE.roa
File:                     UWUdLR1fZNa2NvRiAF38UbXXhOE.roa (raw, json)
Hash identifier:          MtyjbM4hU+dB0C+TUb73CnfUag/7ctuQxsWTa6WNZJA=
Subject key identifier:   51:65:1D:2D:1D:5F:64:D6:B6:36:F4:62:00:5D:FC:51:B5:D7:84:E1
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       39FCD6DF
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/UWUdLR1fZNa2NvRiAF38UbXXhOE.roa
Signing time:             Sat 01 Jan 2022 14:00:34 +0000
ROA not before:           Sat 01 Jan 2022 14:00:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60448
IP address blocks:        89.174.26.0/23 maxlen: 23
                          89.174.25.0/24 maxlen: 24
                          85.219.192.0/24 maxlen: 24
                          89.174.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 972871391 (0x39fcd6df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  1 14:00:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51651d2d1d5f64d6b636f462005dfc51b5d784e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2a:77:5d:f4:77:84:ef:96:7f:46:57:89:77:
                    c9:96:51:35:d2:95:49:2d:00:70:ad:66:6f:29:36:
                    21:15:53:2f:a3:43:dd:78:75:20:16:ee:4c:5c:7a:
                    19:48:80:dc:16:ff:8b:81:72:8d:a5:04:7f:90:63:
                    ea:27:28:c2:bd:13:62:14:31:3f:81:fa:b7:aa:e6:
                    41:38:26:b9:2d:df:7c:f4:77:0e:7c:76:13:c2:64:
                    87:87:a4:d6:1c:3b:aa:67:28:ff:59:4a:e4:69:aa:
                    17:23:ce:4c:9c:ef:6b:2d:4a:51:4f:72:bd:ca:6f:
                    86:7e:33:88:60:b9:f8:92:56:5b:93:98:83:34:75:
                    77:93:d9:58:65:31:9f:4a:4d:e7:d2:bd:0d:1e:06:
                    3a:1c:bf:be:ac:49:77:37:81:b5:6b:88:d3:ad:51:
                    b0:ed:ad:85:b4:73:65:f2:16:a6:98:ba:e5:95:87:
                    a3:ed:be:61:68:fb:b7:43:ea:4c:3c:a4:3a:1e:df:
                    bd:a9:bb:d8:4b:6d:43:54:b7:4a:36:93:f0:9d:60:
                    37:f0:35:05:0a:e3:fe:78:06:9a:42:53:18:68:3c:
                    03:c4:68:72:9b:1d:63:c1:d4:37:e7:4a:5a:93:69:
                    22:f5:22:bb:bd:5e:b4:81:d5:74:2d:8d:76:9c:d6:
                    ce:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:65:1D:2D:1D:5F:64:D6:B6:36:F4:62:00:5D:FC:51:B5:D7:84:E1
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/UWUdLR1fZNa2NvRiAF38UbXXhOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.219.192.0/24
                  89.174.25.0-89.174.27.255
                  89.174.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:29:b9:2a:08:f5:60:a3:a6:3d:4a:32:a7:1d:82:0f:95:b0:
         47:be:b3:9a:59:84:d8:b6:bd:c2:73:ee:70:df:57:93:e6:35:
         95:eb:ea:ee:38:2a:0c:7a:8a:a8:62:6d:c3:db:87:00:41:14:
         9e:c1:69:5b:e4:a5:01:0d:85:f3:c5:40:05:cf:18:6e:c6:2d:
         3a:99:5e:5e:dc:02:26:bd:b3:85:d4:31:a3:fa:43:b5:07:73:
         3b:4d:69:5b:6c:ae:a5:7e:59:7a:e8:92:33:de:f1:be:14:da:
         9c:fe:4a:db:71:31:33:0b:a1:e5:16:48:e9:f9:25:28:20:ff:
         c3:d9:93:99:dc:46:50:bf:6a:a9:84:7c:cf:43:cf:9c:72:de:
         c6:c1:b4:77:75:56:0a:e3:e1:62:40:92:7e:e6:a6:2c:d4:fb:
         9c:9b:38:aa:57:ca:3b:80:e3:f9:f5:c0:82:16:f6:eb:e9:23:
         01:18:0e:67:b7:ca:ac:58:ac:60:7f:b3:76:a2:c1:5f:d4:a8:
         be:60:03:13:b1:8a:33:12:0d:2c:e5:57:0f:43:64:bc:fe:61:
         20:d9:a4:e5:b5:f3:b4:d5:46:92:f8:90:ed:b5:40:6e:3d:ca:
         44:7f:aa:4e:79:0e:bb:bf:30:56:f5:44:ee:e5:1f:8a:b2:ad:
         14:60:9c:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEOfzW3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE2NTFkMmQxZDVm
NjRkNmI2MzZmNDYyMDA1ZGZjNTFiNWQ3ODRlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMqd130d4Tvln9GV4l3yZZRNdKVSS0AcK1mbyk2IRVTL6ND
3Xh1IBbuTFx6GUiA3Bb/i4FyjaUEf5Bj6icowr0TYhQxP4H6t6rmQTgmuS3ffPR3
Dnx2E8Jkh4ek1hw7qmco/1lK5GmqFyPOTJzvay1KUU9yvcpvhn4ziGC5+JJWW5OY
gzR1d5PZWGUxn0pN59K9DR4GOhy/vqxJdzeBtWuI061RsO2thbRzZfIWppi65ZWH
o+2+YWj7t0PqTDykOh7fvam72EttQ1S3SjaT8J1gN/A1BQrj/ngGmkJTGGg8A8Ro
cpsdY8HUN+dKWpNpIvUiu71etIHVdC2NdpzWzv0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRRZR0tHV9k1rY29GIAXfxRtdeE4TAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1VXVWRMUjFmWk5hMk52UmlBRjM4VWJYWGhPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFXbwDAMAwQAWa4ZAwQCWa4YAwQA
Wa64MA0GCSqGSIb3DQEBCwUAA4IBAQAOKbkqCPVgo6Y9SjKnHYIPlbBHvrOaWYTY
tr3Cc+5w31eT5jWV6+ruOCoMeoqoYm3D24cAQRSewWlb5KUBDYXzxUAFzxhuxi06
mV5e3AImvbOF1DGj+kO1B3M7TWlbbK6lfll66JIz3vG+FNqc/krbcTEzC6HlFkjp
+SUoIP/D2ZOZ3EZQv2qphHzPQ8+cct7GwbR3dVYK4+FiQJJ+5qYs1PucmziqV8o7
gOP59cCCFvbr6SMBGA5nt8qsWKxgf7N2osFf1Ki+YAMTsYozEg0s5VcPQ2S8/mEg
2aTltfO01UaS+JDttUBuPcpEf6pOeQ67vzBW9UTu5R+Ksq0UYJy8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org