Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Mep7z4F_hB9v-i7nn_dME14SRT0.roa
File:                     Mep7z4F_hB9v-i7nn_dME14SRT0.roa (raw, json)
Hash identifier:          kNgCSc1PHY3FxcPRNC9t+Ty1VTsEV6uGd8C/aDS1Jfw=
Subject key identifier:   31:EA:7B:CF:81:7F:84:1F:6F:FA:2E:E7:9F:F7:4C:13:5E:12:45:3D
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       044410DB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Mep7z4F_hB9v-i7nn_dME14SRT0.roa
Signing time:             Mon 21 Mar 2022 14:48:31 +0000
ROA not before:           Mon 21 Mar 2022 14:48:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51765
IP address blocks:        185.204.1.0/24 maxlen: 24
                          185.103.110.0/24 maxlen: 24
                          185.112.82.0/24 maxlen: 24
                          185.212.149.0/24 maxlen: 24
                          91.103.253.0/24 maxlen: 24
                          185.117.118.0/24 maxlen: 24
                          185.217.196.0/23 maxlen: 23
                          82.115.220.0/24 maxlen: 24
                          185.125.51.0/24 maxlen: 24
                          185.221.163.0/24 maxlen: 24
                          194.53.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71569627 (0x44410db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar 21 14:48:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31ea7bcf817f841f6ffa2ee79ff74c135e12453d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c2:b2:79:86:b6:45:9d:16:34:ff:73:9e:1c:
                    f2:a1:45:c2:9f:80:1b:05:40:fe:8a:d2:2a:1d:68:
                    aa:0e:f4:9c:f0:bb:85:cb:e4:5d:91:bf:47:d4:31:
                    64:87:8d:d6:fb:f3:68:f4:aa:2b:9a:99:25:fb:41:
                    e3:be:0d:ba:b9:a0:33:16:37:4d:70:a0:19:7c:e3:
                    c0:17:1c:ab:af:bf:f6:11:33:39:4b:e9:2c:31:91:
                    a4:66:66:d9:6f:4d:9e:5c:16:ad:ba:80:f8:a8:5c:
                    f8:b3:11:1b:cc:c6:a8:2e:f2:5b:fe:60:74:83:f8:
                    96:d4:35:aa:28:99:d3:a3:21:b9:64:da:09:fe:9b:
                    25:b8:b1:9a:12:df:80:e5:eb:ae:8d:53:75:f0:d3:
                    f5:19:e0:c9:5b:8f:1b:09:58:d4:68:a8:57:6d:be:
                    a3:5b:5a:55:01:52:94:65:fd:0c:1f:75:44:ac:03:
                    45:81:b1:ac:a7:96:e8:71:df:25:2c:fc:e0:4f:85:
                    2d:f4:ea:ad:0c:f5:87:5c:9a:94:ec:87:1c:30:60:
                    75:92:79:27:da:97:5e:53:dd:15:78:df:8e:8a:8a:
                    77:9e:c6:83:29:f3:d1:f6:c7:d3:31:87:e8:56:f8:
                    b4:ac:72:82:4e:ee:db:a0:2e:db:9e:f8:a3:2f:23:
                    94:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:EA:7B:CF:81:7F:84:1F:6F:FA:2E:E7:9F:F7:4C:13:5E:12:45:3D
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Mep7z4F_hB9v-i7nn_dME14SRT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.220.0/24
                  91.103.253.0/24
                  185.103.110.0/24
                  185.112.82.0/24
                  185.117.118.0/24
                  185.125.51.0/24
                  185.204.1.0/24
                  185.212.149.0/24
                  185.217.196.0/23
                  185.221.163.0/24
                  194.53.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:9a:e6:3c:11:c7:61:6a:ff:1e:e7:ec:2b:5e:32:63:87:67:
         90:12:45:7d:ef:09:7b:0b:d3:1f:e6:06:0d:bc:37:11:56:a3:
         4f:5f:2a:97:fd:27:e6:2d:35:79:b7:4f:9e:98:5c:95:22:b7:
         cb:2e:c9:68:ae:a0:04:9c:44:30:fa:4a:94:40:81:f1:f1:ff:
         a3:e1:f6:63:0c:e2:a5:01:bc:06:d6:0c:22:0b:e4:6d:11:8e:
         5e:e2:57:c3:2c:54:8e:a9:98:db:ea:d5:37:8d:83:b7:21:21:
         ea:fa:8b:90:15:06:8b:d3:3b:8b:5d:08:25:c0:8e:22:a2:1d:
         9e:9f:1f:77:ca:22:c4:9b:3a:43:a1:b1:2f:b8:a2:0c:37:a9:
         cc:89:b1:1a:78:7a:55:90:dd:c9:65:a2:68:6e:46:dd:7f:b9:
         a9:35:99:93:33:05:45:5c:08:77:9c:21:76:72:2f:c8:70:34:
         0a:c2:b5:c9:a6:f1:f2:a3:92:e7:88:69:7f:82:ec:aa:eb:02:
         55:d8:24:16:5b:4d:e8:d4:24:6e:ed:64:6a:e0:0c:03:03:79:
         67:ea:38:ab:95:b7:16:d8:5c:50:9f:76:0c:fc:52:da:74:bc:
         c3:b3:e9:78:0c:a8:8c:63:ca:b0:e8:d1:ec:8a:6d:a8:a5:82:
         c6:57:ec:49
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBEQQ2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
MTE0NDgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFlYTdiY2Y4MTdm
ODQxZjZmZmEyZWU3OWZmNzRjMTM1ZTEyNDUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvCsnmGtkWdFjT/c54c8qFFwp+AGwVA/orSKh1oqg70nPC7
hcvkXZG/R9QxZIeN1vvzaPSqK5qZJftB474NurmgMxY3TXCgGXzjwBccq6+/9hEz
OUvpLDGRpGZm2W9NnlwWrbqA+Khc+LMRG8zGqC7yW/5gdIP4ltQ1qiiZ06MhuWTa
Cf6bJbixmhLfgOXrro1TdfDT9RngyVuPGwlY1GioV22+o1taVQFSlGX9DB91RKwD
RYGxrKeW6HHfJSz84E+FLfTqrQz1h1yalOyHHDBgdZJ5J9qXXlPdFXjfjoqKd57G
gynz0fbH0zGH6Fb4tKxygk7u26Au2574oy8jlEsCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQx6nvPgX+EH2/6Luef90wTXhJFPTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L01lcDd6NEZfaEI5di1pN25uX2RNRTE0U1JUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAFJz3AMEAFtn/QMEALlnbgMEALlw
UgMEALl1dgMEALl9MwMEALnMAQMEALnUlQMEAbnZxAMEALndowMEAMI1NDANBgkq
hkiG9w0BAQsFAAOCAQEArprmPBHHYWr/HufsK14yY4dnkBJFfe8JewvTH+YGDbw3
EVajT18ql/0n5i01ebdPnphclSK3yy7JaK6gBJxEMPpKlECB8fH/o+H2YwzipQG8
BtYMIgvkbRGOXuJXwyxUjqmY2+rVN42DtyEh6vqLkBUGi9M7i10IJcCOIqIdnp8f
d8oixJs6Q6GxL7iiDDepzImxGnh6VZDdyWWiaG5G3X+5qTWZkzMFRVwId5whdnIv
yHA0CsK1yabx8qOS54hpf4LsqusCVdgkFltN6NQkbu1kauAMAwN5Z+o4q5W3Fthc
UJ92DPxS2nS8w7PpeAyojGPKsOjR7IptqKWCxlfsSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org