Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MfZPFJ-DO5wfJyLalUIBzdt3aM8.roa
File:                     MfZPFJ-DO5wfJyLalUIBzdt3aM8.roa (raw, json)
Hash identifier:          8vR1Su+PwMNUtUs1X7HH/stLHgm6SwGj7fii3YXglas=
Subject key identifier:   31:F6:4F:14:9F:83:3B:9C:1F:27:22:DA:95:42:01:CD:DB:77:68:CF
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01829692D7180000A52596ED65BD294B75AA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MfZPFJ-DO5wfJyLalUIBzdt3aM8.roa
Signing time:             Sat 13 Aug 2022 09:39:41 +0000
ROA not before:           Sat 13 Aug 2022 09:39:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210644
IP address blocks:        185.174.136.0/24 maxlen: 24
                          185.229.66.0/24 maxlen: 24
                          185.106.94.0/24 maxlen: 24
                          185.112.83.0/24 maxlen: 24
                          45.142.122.0/24 maxlen: 24
                          185.17.0.0/24 maxlen: 24
                          45.138.74.0/24 maxlen: 24
                          2a0e:d607::/48 maxlen: 48
                          2a0e:d602:1::/48 maxlen: 48
                          2a0e:d602::/48 maxlen: 48
                          2a0e:d606::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:96:92:d7:18:00:00:a5:25:96:ed:65:bd:29:4b:75:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Aug 13 09:39:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=31f64f149f833b9c1f2722da954201cddb7768cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:84:8c:7b:7c:bf:58:03:eb:87:42:3c:4f:95:
                    20:e0:f6:18:8a:7a:09:00:1f:53:9c:42:06:b4:32:
                    02:36:fc:e8:65:30:8a:8c:ab:41:b9:d1:6b:bd:61:
                    af:54:4b:68:9f:77:55:fb:f4:3b:a3:7b:4a:8a:e8:
                    29:d7:1d:12:a7:dc:83:1c:d0:45:b0:9b:34:95:5f:
                    90:0a:d8:d6:90:8e:8b:eb:60:f0:e4:2d:b4:8f:07:
                    93:fc:8b:e5:22:b8:a6:b6:64:4e:b3:31:22:d2:db:
                    a3:a7:13:d0:ea:34:af:7c:6c:3e:4c:0c:6c:b5:d3:
                    7d:ff:96:6b:27:44:18:b1:e8:52:06:af:7d:61:9b:
                    03:69:26:4d:f0:9d:46:f6:78:2d:7f:34:3a:a6:42:
                    f6:14:90:0d:33:2b:3a:25:ee:e7:26:46:7e:0d:af:
                    ec:80:c6:5c:17:0c:52:1a:79:1c:cf:77:e3:d6:ab:
                    80:01:f8:31:8e:ee:f2:d3:81:11:4e:ed:36:3b:7d:
                    c5:da:cc:84:ab:c4:77:56:29:82:5f:be:cf:d4:d8:
                    1a:f9:fa:4b:76:c3:f6:fa:09:14:5f:35:92:03:a9:
                    88:89:6c:f5:93:ff:11:28:df:22:83:cb:55:55:17:
                    7d:1f:95:14:7c:11:88:65:3b:5f:cb:9f:68:fc:51:
                    1a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F6:4F:14:9F:83:3B:9C:1F:27:22:DA:95:42:01:CD:DB:77:68:CF
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MfZPFJ-DO5wfJyLalUIBzdt3aM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.74.0/24
                  45.142.122.0/24
                  185.17.0.0/24
                  185.106.94.0/24
                  185.112.83.0/24
                  185.174.136.0/24
                  185.229.66.0/24
                IPv6:
                  2a0e:d602::/47
                  2a0e:d606::/48
                  2a0e:d607::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:a3:e0:16:88:62:d7:c3:48:6f:c9:31:8d:5a:03:d7:b7:59:
         9a:1f:f5:7a:1d:56:5a:2c:47:0f:31:e9:ad:cc:a1:c7:c5:a2:
         53:31:c2:43:27:9e:38:68:76:a5:60:5e:e9:86:74:0e:a1:8d:
         4d:e6:32:e8:f3:d3:1f:88:ec:b7:de:3b:c9:83:85:18:3d:c8:
         19:d0:77:e1:1a:5c:1d:96:ea:96:b2:17:fc:fa:18:47:5b:34:
         1c:8f:7f:25:ac:2c:26:86:74:54:21:94:46:47:24:6f:94:04:
         d6:55:7b:ae:2c:4a:c8:66:04:74:42:63:14:c8:b6:d2:ea:c7:
         f6:fa:48:99:8f:58:14:a9:66:0b:5f:eb:dd:68:06:4f:cb:65:
         5e:07:a5:a2:ff:86:0b:8d:74:2d:68:67:d8:2f:a5:1d:d9:d1:
         b1:7b:c0:12:03:c3:9d:aa:55:63:1d:5f:3e:dd:33:a2:b8:7e:
         a1:b5:80:6e:0d:03:bf:46:9f:a0:c8:3d:1b:06:0a:c5:c3:47:
         f1:f6:8b:58:b8:43:bd:25:9e:3a:7a:3d:a5:1f:fe:09:a2:da:
         ab:08:f4:f4:94:da:66:c1:4b:f3:b6:31:88:d8:c3:2c:f5:51:
         15:49:92:1b:c0:4f:ad:4a:8b:38:f6:84:7e:3e:b4:3a:bf:5c:
         d8:1b:67:3e
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYKWktcYAAClJZbtZb0pS3WqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwODEzMDkzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY2NGYxNDlmODMzYjljMWYyNzIyZGE5NTQyMDFjZGRiNzc2OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoSMe3y/WAPrh0I8T5Ug4PYYinoJ
AB9TnEIGtDICNvzoZTCKjKtBudFrvWGvVEton3dV+/Q7o3tKiugp1x0Sp9yDHNBF
sJs0lV+QCtjWkI6L62Dw5C20jweT/IvlIrimtmROszEi0tujpxPQ6jSvfGw+TAxs
tdN9/5ZrJ0QYsehSBq99YZsDaSZN8J1G9ngtfzQ6pkL2FJANMys6Je7nJkZ+Da/s
gMZcFwxSGnkcz3fj1quAAfgxju7y04ERTu02O33F2syEq8R3VimCX77P1Nga+fpL
dsP2+gkUXzWSA6mIiWz1k/8RKN8ig8tVVRd9H5UUfBGIZTtfy59o/FEaIQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDH2TxSfgzucHyci2pVCAc3bd2jPMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTWZaUEZKLURPNXdmSnlMYWxVSUJ6ZHQzYU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQALYpKAwQA
LY56AwQAuREAAwQAuWpeAwQAuXBTAwQAua6IAwQAueVCMCEEAgACMBsDBwEqDtYC
AAADBwAqDtYGAAADBwAqDtYHAAAwDQYJKoZIhvcNAQELBQADggEBALGj4BaIYtfD
SG/JMY1aA9e3WZof9XodVlosRw8x6a3MocfFolMxwkMnnjhodqVgXumGdA6hjU3m
Mujz0x+I7LfeO8mDhRg9yBnQd+EaXB2W6payF/z6GEdbNByPfyWsLCaGdFQhlEZH
JG+UBNZVe64sSshmBHRCYxTIttLqx/b6SJmPWBSpZgtf691oBk/LZV4HpaL/hguN
dC1oZ9gvpR3Z0bF7wBIDw52qVWMdXz7dM6K4fqG1gG4NA79Gn6DIPRsGCsXDR/H2
i1i4Q70lnjp6PaUf/gmi2qsI9PSU2mbBS/O2MYjYwyz1URVJkhvAT61Kizj2hH4+
tDq/XNgbZz4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org