Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rNqJXZm92psuzPPVDWwltE39EvM.roa
File:                     rNqJXZm92psuzPPVDWwltE39EvM.roa (raw, json)
Hash identifier:          yAgE+hwU8CkESBwAK0kNOK46JmEh9e+crXQHFaQU/ls=
Subject key identifier:   AC:DA:89:5D:99:BD:DA:9B:2E:CC:F3:D5:0D:6C:25:B4:4D:FD:12:F3
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       04B021A6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rNqJXZm92psuzPPVDWwltE39EvM.roa
Signing time:             Thu 21 Apr 2022 11:42:32 +0000
ROA not before:           Thu 21 Apr 2022 11:42:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200740
IP address blocks:        185.94.164.0/24 maxlen: 24
                          185.200.190.0/24 maxlen: 24
                          185.94.164.0/23 maxlen: 23
                          185.94.165.0/24 maxlen: 24
                          185.103.252.0/24 maxlen: 24
                          185.117.116.0/24 maxlen: 24
                          185.103.253.0/24 maxlen: 24
                          185.103.252.0/23 maxlen: 23
                          45.9.72.0/24 maxlen: 24
                          91.217.76.0/24 maxlen: 24
                          185.103.254.0/24 maxlen: 24
                          185.117.119.0/24 maxlen: 24
                          185.103.255.0/24 maxlen: 24
                          185.103.254.0/23 maxlen: 23
                          185.40.7.0/24 maxlen: 24
                          194.36.178.0/23 maxlen: 23
                          46.17.105.0/24 maxlen: 24
                          2a04:5201:4::/48 maxlen: 48
                          2a04:5200:68::/48 maxlen: 48
                          2a04:5201:6::/48 maxlen: 48
                          2a04:5201:2::/48 maxlen: 48
                          2a04:5201:7::/48 maxlen: 48
                          2a04:5201:8018::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78651814 (0x4b021a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Apr 21 11:42:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=acda895d99bdda9b2eccf3d50d6c25b44dfd12f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7c:ae:5a:0e:f8:58:d2:f2:e5:9d:cc:33:8f:
                    4b:ff:06:77:6a:fd:e9:c2:89:8b:ab:e3:16:f3:93:
                    12:8f:21:cf:43:bb:b2:f3:de:de:80:eb:1f:2f:30:
                    60:0b:7e:b8:bd:81:4e:1c:4f:1f:a1:17:14:f4:60:
                    fc:6e:ed:ab:ee:93:ec:3e:2b:38:98:90:f9:d7:d6:
                    3d:f8:4f:01:36:27:a6:d9:78:ff:2b:89:5a:e2:43:
                    9d:4c:ec:e0:e9:cd:99:90:d5:b2:d5:71:a9:bf:ea:
                    f0:d8:69:05:94:12:7b:19:b5:d5:ae:73:a9:f4:a1:
                    fb:46:57:43:3d:c7:a7:dc:75:48:81:73:96:71:e5:
                    26:55:d0:e5:d4:7a:9b:4e:04:2e:cf:27:1f:7a:9a:
                    9a:cf:a2:da:91:42:7d:55:1b:86:9d:74:10:12:36:
                    c6:28:0a:f9:69:a8:db:fc:ef:81:03:49:39:1d:c3:
                    83:5e:48:8c:ba:f3:3e:f7:a4:8f:5f:6d:db:00:34:
                    7d:d3:4b:3c:ba:55:46:db:6e:f8:66:65:b3:4a:25:
                    b4:4a:02:fd:4e:71:38:3d:91:f6:a4:bc:a5:31:0d:
                    34:58:fd:83:ff:81:ac:98:68:64:a7:03:8d:4f:d1:
                    6a:99:09:63:ff:55:72:d1:cc:8d:bb:cf:57:8b:0a:
                    63:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:DA:89:5D:99:BD:DA:9B:2E:CC:F3:D5:0D:6C:25:B4:4D:FD:12:F3
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rNqJXZm92psuzPPVDWwltE39EvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.72.0/24
                  46.17.105.0/24
                  91.217.76.0/24
                  185.40.7.0/24
                  185.94.164.0/23
                  185.103.252.0/22
                  185.117.116.0/24
                  185.117.119.0/24
                  185.200.190.0/24
                  194.36.178.0/23
                IPv6:
                  2a04:5200:68::/48
                  2a04:5201:2::/48
                  2a04:5201:4::/48
                  2a04:5201:6::/47
                  2a04:5201:8018::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:d0:28:fb:44:ad:37:90:4e:f2:6f:fd:11:c1:55:4a:d9:b7:
         0d:87:69:b1:92:14:31:2f:27:a4:18:bd:06:d9:0b:ec:93:92:
         37:f0:55:ad:95:b3:80:75:51:8b:2e:65:f2:d6:21:d9:84:eb:
         d0:cf:86:0e:3a:6a:84:f2:15:92:5e:96:e1:c0:be:ee:79:0f:
         8b:49:38:ea:52:aa:5e:17:64:df:82:17:10:e6:0c:83:62:c6:
         78:de:f5:6b:a7:37:fd:cc:e1:84:d8:3e:1d:d9:73:a5:cf:ed:
         2b:a1:d4:1e:30:75:e6:7b:9c:14:a8:bb:7d:58:f8:be:99:21:
         bd:f6:27:1a:68:47:7c:f0:2f:cc:eb:41:88:ff:9c:60:e8:f5:
         c0:0d:a6:6c:e7:25:cc:37:a1:7d:d3:75:b8:23:f8:37:33:d7:
         0b:7d:9a:e7:e4:0d:c7:0a:22:91:85:e3:04:19:84:26:a1:d3:
         03:12:fc:c6:18:16:86:af:f4:39:33:10:e2:a0:94:69:61:96:
         92:d1:dc:97:3c:ea:55:75:f7:17:6b:98:63:53:b0:a2:5c:7c:
         36:cb:df:2f:4b:86:0f:f1:e1:81:31:98:bb:6c:48:25:5a:11:
         99:f2:95:2e:2d:2b:b9:28:54:2b:01:ce:49:1e:41:5a:8e:97:
         fc:2a:da:56
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIEBLAhpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDQy
MTExNDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNkYTg5NWQ5OWJk
ZGE5YjJlY2NmM2Q1MGQ2YzI1YjQ0ZGZkMTJmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANB8rloO+FjS8uWdzDOPS/8Gd2r96cKJi6vjFvOTEo8hz0O7
svPe3oDrHy8wYAt+uL2BThxPH6EXFPRg/G7tq+6T7D4rOJiQ+dfWPfhPATYnptl4
/yuJWuJDnUzs4OnNmZDVstVxqb/q8NhpBZQSexm11a5zqfSh+0ZXQz3Hp9x1SIFz
lnHlJlXQ5dR6m04ELs8nH3qams+i2pFCfVUbhp10EBI2xigK+Wmo2/zvgQNJOR3D
g15IjLrzPvekj19t2wA0fdNLPLpVRttu+GZls0oltEoC/U5xOD2R9qS8pTENNFj9
g/+BrJhoZKcDjU/RapkJY/9VctHMjbvPV4sKYx8CAwEAAaOCAnUwggJxMB0GA1Ud
DgQWBBSs2oldmb3amy7M89UNbCW0Tf0S8zAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3JOcUpYWm05MnBzdXpQUFZEV3dsdEUzOUV2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
igYIKwYBBQUHAQcBAf8EezB5MEIEAgABMDwDBAAtCUgDBAAuEWkDBABb2UwDBAC5
KAcDBAG5XqQDBAK5Z/wDBAC5dXQDBAC5dXcDBAC5yL4DBAHCJLIwMwQCAAIwLQMH
ACoEUgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMHACoEUgGAGDANBgkq
hkiG9w0BAQsFAAOCAQEAXdAo+0StN5BO8m/9EcFVStm3DYdpsZIUMS8npBi9BtkL
7JOSN/BVrZWzgHVRiy5l8tYh2YTr0M+GDjpqhPIVkl6W4cC+7nkPi0k46lKqXhdk
34IXEOYMg2LGeN71a6c3/czhhNg+Hdlzpc/tK6HUHjB15nucFKi7fVj4vpkhvfYn
GmhHfPAvzOtBiP+cYOj1wA2mbOclzDehfdN1uCP4NzPXC32a5+QNxwoikYXjBBmE
JqHTAxL8xhgWhq/0OTMQ4qCUaWGWktHclzzqVXX3F2uYY1Owolx8NsvfL0uGD/Hh
gTGYu2xIJVoRmfKVLi0ruShUKwHOSR5BWo6X/CraVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org