Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/AUe8emcdhVwIh-wERxYopUz4I6c.roa
File:                     AUe8emcdhVwIh-wERxYopUz4I6c.roa (raw, json)
Hash identifier:          ZrNWSmnWE1M1tW9BnWMC17svt4uAXB11CR4r6G5v7ss=
Subject key identifier:   01:47:BC:7A:67:1D:85:5C:08:87:EC:04:47:16:28:A5:4C:F8:23:A7
Certificate issuer:       /CN=e69e45a4481456148e2e00349d87aa57c56b24a0
Certificate serial:       02E1C0EC
Authority key identifier: E6:9E:45:A4:48:14:56:14:8E:2E:00:34:9D:87:AA:57:C5:6B:24:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5p5FpEgUVhSOLgA0nYeqV8VrJKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/AUe8emcdhVwIh-wERxYopUz4I6c.roa
Signing time:             Sat 01 Jan 2022 01:55:15 +0000
ROA not before:           Sat 01 Jan 2022 01:55:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44894
IP address blocks:        91.203.60.0/24 maxlen: 24
                          91.203.63.0/24 maxlen: 24
                          91.203.62.0/24 maxlen: 24
                          91.203.62.0/23 maxlen: 23
                          91.203.61.0/24 maxlen: 24
                          91.203.60.0/22 maxlen: 22
                          91.203.60.0/23 maxlen: 23
                          194.107.231.0/24 maxlen: 24
                          194.107.230.0/23 maxlen: 23
                          194.107.230.0/24 maxlen: 24
                          91.193.130.0/23 maxlen: 23
                          91.193.130.0/24 maxlen: 24
                          91.193.129.0/24 maxlen: 24
                          91.193.128.0/24 maxlen: 24
                          91.193.128.0/23 maxlen: 23
                          91.193.128.0/22 maxlen: 22
                          91.193.131.0/24 maxlen: 24
                          194.150.105.0/24 maxlen: 24
                          194.150.104.0/23 maxlen: 23
                          194.150.104.0/24 maxlen: 24
                          194.110.2.0/23 maxlen: 23
                          2001:67c:2f2c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48349420 (0x2e1c0ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e69e45a4481456148e2e00349d87aa57c56b24a0
        Validity
            Not Before: Jan  1 01:55:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0147bc7a671d855c0887ec04471628a54cf823a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:79:a2:06:fd:d0:5b:91:d7:ef:58:63:0d:06:
                    05:da:37:f5:55:a3:5d:48:8d:20:1e:2a:5f:8f:ae:
                    d0:0a:43:5e:87:98:23:9c:07:33:52:36:c4:f1:d8:
                    88:ca:ea:ab:d4:96:30:3b:96:67:08:9d:61:d6:76:
                    2e:60:9a:90:ff:88:20:85:e6:90:2c:24:bd:4c:49:
                    b9:a4:bf:e8:0f:27:1f:a9:54:88:3a:fc:b7:58:4c:
                    41:2f:73:92:3b:3e:8c:5f:bf:bc:df:07:dd:4b:b8:
                    13:09:b5:41:a1:ec:29:12:ec:ad:25:6c:f2:8c:28:
                    d9:44:63:4a:f2:8f:7e:60:6a:88:a3:c2:c7:7c:46:
                    30:5b:82:77:c1:21:fc:59:69:00:94:59:4b:b6:ec:
                    c0:e0:ad:0c:66:72:9c:50:c0:aa:b4:f6:4f:62:cd:
                    58:98:2f:50:5e:bd:e7:95:e7:d5:c6:79:be:16:95:
                    94:a1:c0:70:aa:7e:b3:de:b4:e5:08:d2:e4:06:75:
                    38:9d:eb:a9:1d:fd:94:92:9b:e8:72:74:0e:70:26:
                    56:f7:38:02:e6:ee:f6:d2:85:98:3a:72:06:cf:fa:
                    63:19:ca:0b:fd:9b:d7:16:8a:ae:8c:23:6d:28:c0:
                    21:7b:99:fc:dc:0d:b4:68:80:06:3c:30:0c:00:f3:
                    0f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:47:BC:7A:67:1D:85:5C:08:87:EC:04:47:16:28:A5:4C:F8:23:A7
            X509v3 Authority Key Identifier:
                keyid:E6:9E:45:A4:48:14:56:14:8E:2E:00:34:9D:87:AA:57:C5:6B:24:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5p5FpEgUVhSOLgA0nYeqV8VrJKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/AUe8emcdhVwIh-wERxYopUz4I6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/44d59e-dc7b-4d2c-ba45-4a91fabd8a8e/1/5p5FpEgUVhSOLgA0nYeqV8VrJKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.128.0/22
                  91.203.60.0/22
                  194.107.230.0/23
                  194.110.2.0/23
                  194.150.104.0/23
                IPv6:
                  2001:67c:2f2c::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:55:99:d9:67:f1:1e:31:5e:94:e4:dc:47:4e:2b:be:d8:8f:
         35:3b:20:f9:81:dd:a0:34:44:ae:81:25:2d:45:26:81:9c:10:
         d9:16:b7:44:f6:ef:52:51:e9:ac:fb:9f:9e:80:42:25:94:91:
         70:2d:59:f4:6f:c0:bc:23:38:10:96:14:08:c1:4e:8f:26:6a:
         b1:ed:c9:14:e5:1d:28:6f:3c:f7:84:af:fc:c3:dd:6d:4d:30:
         d0:89:be:89:98:d7:95:24:5d:de:b7:d4:bf:41:e2:4f:30:d2:
         ce:81:cc:8a:4c:7d:bf:2a:bb:b0:e3:c8:d0:1b:01:fa:4b:de:
         11:a7:cb:11:17:4a:5e:07:e4:bd:81:67:32:54:68:d2:a9:42:
         a5:20:49:fe:e9:6e:72:4f:71:3b:76:eb:f7:73:e1:49:3c:25:
         05:bb:c6:f4:e2:c3:e2:19:1a:65:2b:55:b7:78:61:41:2e:3d:
         0c:f1:04:2e:47:29:9d:86:17:4f:4d:46:88:2e:12:44:65:de:
         31:87:d8:76:5c:52:b5:a8:1f:f0:a7:83:4b:21:bb:3d:bf:04:
         ef:c5:22:04:72:f4:f0:d6:4f:d8:1b:76:f9:2c:f6:2b:8b:39:
         e8:0f:bb:23:af:05:fd:d9:32:d7:ed:09:b2:d1:3f:07:f1:27:
         a1:d1:ef:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEAuHA7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjllNDVhNDQ4MTQ1NjE0OGUyZTAwMzQ5ZDg3YWE1N2M1NmIyNGEwMB4XDTIyMDEw
MTAxNTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE0N2JjN2E2NzFk
ODU1YzA4ODdlYzA0NDcxNjI4YTU0Y2Y4MjNhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKR5ogb90FuR1+9YYw0GBdo39VWjXUiNIB4qX4+u0ApDXoeY
I5wHM1I2xPHYiMrqq9SWMDuWZwidYdZ2LmCakP+IIIXmkCwkvUxJuaS/6A8nH6lU
iDr8t1hMQS9zkjs+jF+/vN8H3Uu4Ewm1QaHsKRLsrSVs8owo2URjSvKPfmBqiKPC
x3xGMFuCd8Eh/FlpAJRZS7bswOCtDGZynFDAqrT2T2LNWJgvUF6955Xn1cZ5vhaV
lKHAcKp+s9605QjS5AZ1OJ3rqR39lJKb6HJ0DnAmVvc4Aubu9tKFmDpyBs/6YxnK
C/2b1xaKrowjbSjAIXuZ/NwNtGiABjwwDADzDxECAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQBR7x6Zx2FXAiH7ARHFiilTPgjpzAfBgNVHSMEGDAWgBTmnkWkSBRWFI4u
ADSdh6pXxWskoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVwNUZwRWdVVmhTT0xnQTBuWWVxVjhWckpLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvNDRkNTllLWRjN2ItNGQyYy1iYTQ1LTRhOTFmYWJkOGE4ZS8x
L0FVZThlbWNkaFZ3SWgtd0VSeFlvcFV6NEk2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
NDRkNTllLWRjN2ItNGQyYy1iYTQ1LTRhOTFmYWJkOGE4ZS8xLzVwNUZwRWdVVmhT
T0xnQTBuWWVxVjhWckpLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAlvBgAMEAlvLPAMEAcJr5gMEAcJu
AgMEAcKWaDAPBAIAAjAJAwcAIAEGfC8sMA0GCSqGSIb3DQEBCwUAA4IBAQBMVZnZ
Z/EeMV6U5NxHTiu+2I81OyD5gd2gNESugSUtRSaBnBDZFrdE9u9SUems+5+egEIl
lJFwLVn0b8C8IzgQlhQIwU6PJmqx7ckU5R0obzz3hK/8w91tTTDQib6JmNeVJF3e
t9S/QeJPMNLOgcyKTH2/Kruw48jQGwH6S94Rp8sRF0peB+S9gWcyVGjSqUKlIEn+
6W5yT3E7duv3c+FJPCUFu8b04sPiGRplK1W3eGFBLj0M8QQuRymdhhdPTUaILhJE
Zd4xh9h2XFK1qB/wp4NLIbs9vwTvxSIEcvTw1k/YG3b5LPYriznoD7sjrwX92TLX
7Qmy0T8H8Seh0e8U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:18 2024 by rpki-client on console-ams.rpki-client.org