Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3_muk-eQvdVousb0HDf8ssiPM58.roa
File:                     3_muk-eQvdVousb0HDf8ssiPM58.roa (raw, json)
Hash identifier:          O6mrX6mzuXYsdAwAQc+fhH/Ef8E/CY3nHIW9DoJqHZ4=
Subject key identifier:   DF:F9:AE:93:E7:90:BD:D5:68:BA:C6:F4:1C:37:FC:B2:C8:8F:33:9F
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01837E7FCF0535A288242D412B3024C3CFD2
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3_muk-eQvdVousb0HDf8ssiPM58.roa
Signing time:             Tue 27 Sep 2022 10:30:48 +0000
ROA not before:           Tue 27 Sep 2022 10:30:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204339
IP address blocks:        185.117.117.0/24 maxlen: 24
                          45.133.246.0/24 maxlen: 24
                          45.95.200.0/24 maxlen: 24
                          2a0d:2dc2::/32 maxlen: 32
                          2a0b:da01::/32 maxlen: 32
                          2a0c:aa42::/32 maxlen: 32
                          2a0b:7782::/32 maxlen: 32
                          2a0d:2dc1::/32 maxlen: 32
                          2a0c:aa41::/32 maxlen: 32
                          2a0b:7781::/32 maxlen: 32
                          2a0b:da02::/32 maxlen: 32
                          2a0d:2dc0::/32 maxlen: 32
                          2a0b:da03::/32 maxlen: 32
                          2a0b:da00::/32 maxlen: 32
                          2a0c:aa46::/32 maxlen: 32
                          2a0b:7786::/32 maxlen: 32
                          2a0d:2dc3::/32 maxlen: 32
                          2a0c:aa43::/32 maxlen: 32
                          2a0b:da06::/32 maxlen: 32
                          2a0b:7783::/32 maxlen: 32
                          2a0c:aa40::/32 maxlen: 32
                          2a0b:7780::/32 maxlen: 32
                          2a0d:2dc6::/32 maxlen: 32
                          2a0b:da04::/32 maxlen: 32
                          2a0d:2dc5::/32 maxlen: 32
                          2a0c:aa45::/32 maxlen: 32
                          2a0b:7785::/32 maxlen: 32
                          2a0d:2dc7::/32 maxlen: 32
                          2a0b:7784::/32 maxlen: 32
                          2a0b:da05::/32 maxlen: 32
                          2a0c:aa44::/32 maxlen: 32
                          2a0b:7787::/32 maxlen: 32
                          2a0c:aa47::/32 maxlen: 32
                          2a0d:2dc4::/32 maxlen: 32
                          2a0b:da07::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7e:7f:cf:05:35:a2:88:24:2d:41:2b:30:24:c3:cf:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep 27 10:30:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dff9ae93e790bdd568bac6f41c37fcb2c88f339f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:27:1c:6b:21:4d:1f:bd:28:62:de:3d:c9:7f:
                    0b:e0:1b:a3:ed:76:d2:90:27:a9:7c:9b:d6:56:6c:
                    57:6d:2d:5c:24:27:6a:87:c3:e8:63:c9:e2:3a:f3:
                    8d:d7:f9:78:94:0e:ac:4a:ff:e8:06:44:03:df:1d:
                    8f:63:3b:a7:15:66:a5:10:16:64:c0:77:29:94:02:
                    ab:27:8f:ce:df:7d:52:fc:c1:60:6b:22:bb:bb:7f:
                    6f:2d:0c:f1:1e:79:25:49:72:94:15:ae:80:ee:ce:
                    18:ec:cd:dd:20:9f:2a:62:05:75:6b:4a:0f:bf:74:
                    53:d3:e4:7c:a9:0a:22:b6:02:a6:08:62:f7:1e:88:
                    9e:15:7a:f8:95:3f:e5:39:de:58:70:0b:96:c2:26:
                    da:e0:f9:71:4b:0c:6c:c2:bf:e5:66:bf:de:88:0f:
                    6e:ad:c0:c9:0b:98:0c:b9:61:ac:c6:0e:69:57:1f:
                    a6:40:40:3a:d1:97:1a:05:ee:d4:d4:b3:6e:e8:87:
                    3a:49:54:c7:1e:33:65:e1:74:d9:82:39:61:37:1c:
                    79:ec:0a:8f:0e:20:52:4f:6f:a0:0d:46:3b:81:96:
                    01:62:5c:16:9a:a3:29:87:03:c3:25:a4:98:8f:81:
                    3e:99:5d:75:2f:bf:3e:13:53:a4:ab:cf:c4:9e:13:
                    51:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:F9:AE:93:E7:90:BD:D5:68:BA:C6:F4:1C:37:FC:B2:C8:8F:33:9F
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3_muk-eQvdVousb0HDf8ssiPM58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.200.0/24
                  45.133.246.0/24
                  185.117.117.0/24
                IPv6:
                  2a0b:7780::/29
                  2a0b:da00::/29
                  2a0c:aa40::/29
                  2a0d:2dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         86:fc:b4:9a:64:c3:ba:1f:81:9b:63:1b:e6:57:7e:84:6a:6d:
         3f:3f:aa:99:49:9e:79:68:66:96:57:ae:a5:2b:f9:25:26:e7:
         45:ea:c8:fb:5f:98:e2:4e:ce:39:41:10:bc:32:47:b3:17:7f:
         4b:7c:18:1b:13:31:54:0d:30:df:bb:05:1d:60:1b:66:3f:13:
         85:d4:23:65:84:e7:15:f8:d5:a5:8c:8c:ed:c1:73:95:08:a8:
         dd:38:87:86:ff:6f:8c:11:bd:f4:ac:cb:06:4f:18:e8:86:7f:
         57:a5:98:75:af:08:b4:9a:c6:0e:54:97:e7:6a:9e:a4:15:39:
         da:8b:ea:e5:fd:9e:45:b3:db:ae:c2:a3:85:4c:c0:46:e9:a7:
         53:77:bb:75:37:48:bb:bf:67:27:98:17:f7:03:e8:c4:7a:bd:
         00:c9:26:96:19:f5:2d:40:33:3c:45:7a:c0:c4:0a:64:59:fa:
         8c:01:b4:a1:34:2d:6a:27:47:52:af:0f:9f:e2:c6:03:c2:56:
         68:dd:5d:54:39:84:e1:e1:b8:b0:56:4b:2a:6f:68:31:a1:fe:
         f7:21:57:77:49:f9:c7:98:56:ad:f3:ee:49:67:76:09:a7:f8:
         2e:14:9f:d2:46:8d:79:6f:ce:2c:a4:87:b4:0b:c3:b1:72:ab:
         ec:3a:1c:fa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYN+f88FNaKIJC1BKzAkw8/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTI3MTAzMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY5YWU5M2U3OTBiZGQ1NjhiYWM2ZjQxYzM3ZmNiMmM4OGYzMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCccayFNH70oYt49yX8L4Buj7XbS
kCepfJvWVmxXbS1cJCdqh8PoY8niOvON1/l4lA6sSv/oBkQD3x2PYzunFWalEBZk
wHcplAKrJ4/O331S/MFgayK7u39vLQzxHnklSXKUFa6A7s4Y7M3dIJ8qYgV1a0oP
v3RT0+R8qQoitgKmCGL3HoieFXr4lT/lOd5YcAuWwiba4PlxSwxswr/lZr/eiA9u
rcDJC5gMuWGsxg5pVx+mQEA60ZcaBe7U1LNu6Ic6SVTHHjNl4XTZgjlhNxx57AqP
DiBST2+gDUY7gZYBYlwWmqMphwPDJaSYj4E+mV11L78+E1Okq8/EnhNRIwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN/5rpPnkL3VaLrG9Bw3/LLIjzOfMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvM19tdWstZVF2ZFZvdXNiMEhEZjhzc2lQTTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQALV/IAwQA
LYX2AwQAuXV1MCIEAgACMBwDBQMqC3eAAwUDKgvaAAMFAyoMqkADBQMqDS3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCG/LSaZMO6H4GbYxvmV36Eam0/P6qZSZ55aGaWV66l
K/klJudF6sj7X5jiTs45QRC8MkezF39LfBgbEzFUDTDfuwUdYBtmPxOF1CNlhOcV
+NWljIztwXOVCKjdOIeG/2+MEb30rMsGTxjohn9XpZh1rwi0msYOVJfnap6kFTna
i+rl/Z5Fs9uuwqOFTMBG6adTd7t1N0i7v2cnmBf3A+jEer0AySaWGfUtQDM8RXrA
xApkWfqMAbShNC1qJ0dSrw+f4sYDwlZo3V1UOYTh4biwVksqb2gxof73IVd3SfnH
mFat8+5JZ3YJp/guFJ/SRo15b84spIe0C8OxcqvsOhz6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org