Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/70KbSVkL7G9uNeAMAEEXkaMWZ14.roa
File:                     70KbSVkL7G9uNeAMAEEXkaMWZ14.roa (raw, json)
Hash identifier:          cz06jfNC5ccvvv3rx2//E56/7zbhMcYosQJfo+pdlnc=
Subject key identifier:   EF:42:9B:49:59:0B:EC:6F:6E:35:E0:0C:00:41:17:91:A3:16:67:5E
Certificate issuer:       /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial:       0182BC4B6BCD7E1317140F2C7A871A64B997
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/70KbSVkL7G9uNeAMAEEXkaMWZ14.roa
Signing time:             Sat 20 Aug 2022 17:27:15 +0000
ROA not before:           Sat 20 Aug 2022 17:27:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210083
IP address blocks:        199.231.235.0/24 maxlen: 24
                          185.130.44.0/24 maxlen: 24
                          185.130.47.0/24 maxlen: 24
                          185.130.45.0/24 maxlen: 24
                          185.130.46.0/24 maxlen: 24
                          2a07:e00:a::/48 maxlen: 48
                          2a07:e00::/48 maxlen: 48
                          2a07:e00:b::/48 maxlen: 48
                          2a07:e00:bb::/48 maxlen: 48
                          2a07:e03::/32 maxlen: 48
                          2a07:e02:41::/48 maxlen: 48
                          2a07:e00:ff::/48 maxlen: 48
                          2a07:e00:19f::/48 maxlen: 48
                          2a07:e02:1000::/36 maxlen: 40
                          2a07:e02:b00::/40 maxlen: 56
                          2a07:e00:bc::/48 maxlen: 48
                          2a07:e00:ac::/48 maxlen: 48
                          2a07:e00:c::/48 maxlen: 48
                          2a07:e01::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:bc:4b:6b:cd:7e:13:17:14:0f:2c:7a:87:1a:64:b9:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
        Validity
            Not Before: Aug 20 17:27:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef429b49590bec6f6e35e00c00411791a316675e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ad:6f:73:2f:23:df:58:57:f1:7c:e4:ec:ec:
                    98:69:d9:f6:7f:9f:b2:56:ae:6e:44:5a:c2:1a:74:
                    30:34:67:cf:06:f6:43:36:2c:7d:1b:e2:cb:51:80:
                    91:79:6d:7d:a0:56:ce:1d:1d:13:7f:48:2c:3d:8c:
                    04:e4:64:0f:65:39:27:72:64:b1:7a:4b:16:81:b7:
                    05:41:94:3e:76:63:cb:5f:d5:1b:dc:b6:75:72:22:
                    13:ef:4f:53:2b:29:63:67:e3:50:a0:cb:88:d9:2c:
                    2f:5a:24:6e:d5:45:02:e7:88:de:12:e7:bc:eb:65:
                    49:87:e8:c6:28:a3:ec:30:07:a4:c6:fc:d0:a8:45:
                    cb:f2:b8:57:dd:bd:29:a7:49:f4:15:b5:a3:60:48:
                    ea:ba:cc:a1:3f:75:26:50:26:63:0d:30:9d:9b:1e:
                    8d:a8:b6:22:0f:cf:b9:96:3a:e5:c6:75:5c:06:ea:
                    23:b2:30:1e:ce:29:05:1a:3e:45:02:46:47:e8:ef:
                    30:25:0e:fb:56:75:20:f9:7c:47:ee:ee:90:73:c7:
                    cf:aa:12:b4:e5:85:03:12:ff:bf:83:5a:7b:5e:52:
                    9c:17:e0:0b:9f:16:00:72:d1:0d:fe:30:c0:38:5f:
                    89:84:22:24:29:ac:94:75:38:5e:64:d4:c1:c9:54:
                    f2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:42:9B:49:59:0B:EC:6F:6E:35:E0:0C:00:41:17:91:A3:16:67:5E
            X509v3 Authority Key Identifier:
                keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/70KbSVkL7G9uNeAMAEEXkaMWZ14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.44.0/22
                  199.231.235.0/24
                IPv6:
                  2a07:e00::/48
                  2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
                  2a07:e00:ac::/48
                  2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
                  2a07:e00:ff::/48
                  2a07:e00:19f::/48
                  2a07:e01::/32
                  2a07:e02:41::/48
                  2a07:e02:b00::/40
                  2a07:e02:1000::/36
                  2a07:e03::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:71:9e:18:73:d5:4f:27:29:3e:6c:01:9a:bb:75:c6:48:98:
         5a:9b:90:ab:95:8f:84:66:ec:f6:9a:28:cf:e7:ba:cf:95:4b:
         e0:f4:ab:df:a5:f6:74:b3:27:5b:73:54:e4:d4:8a:fa:1e:eb:
         f4:80:67:02:a1:c9:f0:e2:29:49:dc:29:3f:d5:7a:10:9c:c2:
         d9:ef:4b:76:65:89:a8:b1:e1:a4:ab:65:a7:1d:36:1f:97:1c:
         7b:82:a6:40:7e:78:50:e8:45:47:89:44:d9:7e:ec:1c:6f:49:
         a4:fb:23:1f:78:32:6b:ba:f1:dc:b5:91:9e:c3:1d:96:e1:19:
         86:1b:e5:67:22:d3:85:1a:c7:aa:4b:d8:be:08:9e:ad:5c:a6:
         cd:b7:b9:dd:5c:3e:7d:72:44:32:07:2c:2b:7b:22:35:61:11:
         f4:1f:c6:f1:d8:09:84:fb:98:b1:6d:99:0d:96:41:f9:20:2f:
         07:2a:a3:84:f7:d7:a9:e0:01:16:5d:ea:b0:d5:ba:ee:06:24:
         76:1b:83:bf:5b:c6:bf:0d:f3:5e:c0:9c:51:ed:ec:f5:54:6f:
         27:f1:05:b5:73:99:ce:b8:05:4a:2f:ff:7c:65:04:f5:d3:d5:
         cc:f7:4c:23:a1:d8:14:da:11:d9:73:2d:09:65:49:ef:31:07:
         38:74:13:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYK8S2vNfhMXFA8seocaZLmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjIwODIwMTcyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQyOWI0OTU5MGJlYzZmNmUzNWUwMGMwMDQxMTc5MWEzMTY2NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi61vcy8j31hX8Xzk7OyYadn2f5+y
Vq5uRFrCGnQwNGfPBvZDNix9G+LLUYCReW19oFbOHR0Tf0gsPYwE5GQPZTkncmSx
eksWgbcFQZQ+dmPLX9Ub3LZ1ciIT709TKyljZ+NQoMuI2SwvWiRu1UUC54jeEue8
62VJh+jGKKPsMAekxvzQqEXL8rhX3b0pp0n0FbWjYEjqusyhP3UmUCZjDTCdmx6N
qLYiD8+5ljrlxnVcBuojsjAezikFGj5FAkZH6O8wJQ77VnUg+XxH7u6Qc8fPqhK0
5YUDEv+/g1p7XlKcF+ALnxYActEN/jDAOF+JhCIkKayUdTheZNTByVTyrQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFO9Cm0lZC+xvbjXgDABBF5GjFmdeMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvNzBLYlNWa0w3Rzl1TmVBTUFFRVhrYU1XWjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzASBAIAATAMAwQCuYIs
AwQAx+frMHkEAgACMHMDBwAqBw4AAAAwEgMHASoHDgAACgMHACoHDgAADAMHACoH
DgAArDASAwcAKgcOAAC7AwcAKgcOAAC8AwcAKgcOAAD/AwcAKgcOAAGfAwUAKgcO
AQMHACoHDgIAQQMGACoHDgILAwYEKgcOAhADBQAqBw4DMA0GCSqGSIb3DQEBCwUA
A4IBAQAvcZ4Yc9VPJyk+bAGau3XGSJham5CrlY+EZuz2mijP57rPlUvg9KvfpfZ0
sydbc1Tk1Ir6Huv0gGcCocnw4ilJ3Ck/1XoQnMLZ70t2ZYmoseGkq2WnHTYflxx7
gqZAfnhQ6EVHiUTZfuwcb0mk+yMfeDJruvHctZGewx2W4RmGG+VnItOFGseqS9i+
CJ6tXKbNt7ndXD59ckQyBywreyI1YRH0H8bx2AmE+5ixbZkNlkH5IC8HKqOE99ep
4AEWXeqw1bruBiR2G4O/W8a/DfNewJxR7ez1VG8n8QW1c5nOuAVKL/98ZQT109XM
90wjodgU2hHZcy0JZUnvMQc4dBPE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:28 2024 by rpki-client on console-fra.rpki-client.org