Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/Ou0bS8-xC1Fehc_8ri0O0gNh7J0.roa
File:                     Ou0bS8-xC1Fehc_8ri0O0gNh7J0.roa (raw, json)
Hash identifier:          BH1oFp1Q+tmB9IuUSVFSFowz4MEH0KKjO60RK6BFDT8=
Subject key identifier:   3A:ED:1B:4B:CF:B1:0B:51:5E:85:CF:FC:AE:2D:0E:D2:03:61:EC:9D
Certificate issuer:       /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial:       35C0277A
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/Ou0bS8-xC1Fehc_8ri0O0gNh7J0.roa
Signing time:             Sat 01 Jan 2022 12:06:30 +0000
ROA not before:           Sat 01 Jan 2022 12:06:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2259
IP address blocks:        193.49.237.0/24 maxlen: 24
                          194.199.214.0/24 maxlen: 24
                          194.199.215.0/24 maxlen: 24
                          193.48.89.0/24 maxlen: 24
                          193.48.90.0/24 maxlen: 24
                          193.48.86.0/24 maxlen: 24
                          193.48.87.0/24 maxlen: 24
                          193.50.8.0/24 maxlen: 24
                          193.51.107.0/24 maxlen: 24
                          193.54.209.0/24 maxlen: 24
                          193.54.210.0/24 maxlen: 24
                          193.54.211.0/24 maxlen: 24
                          193.54.214.0/24 maxlen: 24
                          193.54.229.0/24 maxlen: 24
                          193.54.230.0/24 maxlen: 24
                          194.167.188.0/24 maxlen: 24
                          193.49.5.0/27 maxlen: 27
                          193.49.5.64/27 maxlen: 27
                          194.254.52.0/23 maxlen: 23
                          194.254.54.0/23 maxlen: 23
                          194.254.56.0/23 maxlen: 23
                          194.254.1.0/24 maxlen: 24
                          194.254.2.0/24 maxlen: 24
                          194.254.3.0/24 maxlen: 24
                          194.254.4.0/24 maxlen: 24
                          194.254.11.0/24 maxlen: 24
                          194.254.12.0/24 maxlen: 24
                          193.50.153.0/24 maxlen: 24
                          194.167.107.0/24 maxlen: 24
                          194.167.108.0/24 maxlen: 24
                          193.54.148.0/24 maxlen: 24
                          193.50.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 901785466 (0x35c0277a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
        Validity
            Not Before: Jan  1 12:06:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3aed1b4bcfb10b515e85cffcae2d0ed20361ec9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b1:c9:88:26:c3:d6:dd:21:0a:e2:ff:33:d4:
                    48:e7:6e:5f:b8:c0:3b:1d:6d:ed:c1:d4:fe:32:fe:
                    c3:0a:86:73:1c:45:25:19:18:d7:d7:9c:e5:86:5a:
                    7d:0b:6e:88:14:4c:4f:b8:6b:78:cc:6b:10:04:a6:
                    2f:0e:92:82:88:4c:45:c0:59:09:7a:89:09:e0:bf:
                    a7:d3:ed:25:4c:42:02:b9:53:b8:59:14:95:13:8b:
                    f5:94:70:c5:c3:ff:10:46:4b:60:34:18:40:91:7d:
                    71:ae:3d:ea:19:e0:6e:58:4d:a9:cc:29:80:06:37:
                    4b:6f:6a:95:b4:63:26:cb:c7:2a:a7:cf:60:d4:f6:
                    17:66:74:b6:3f:36:f4:19:a9:c8:7e:47:d3:60:12:
                    82:d7:d4:f3:bf:7c:cd:af:c0:3e:3b:51:b0:27:8a:
                    27:06:0d:cf:e2:36:7f:4b:c5:04:98:fa:38:d6:7c:
                    0c:00:79:51:a8:6a:3b:a1:76:06:ff:f6:1d:a1:77:
                    ad:4d:0c:fb:62:2a:ec:0e:11:68:85:e7:3d:95:b9:
                    3d:cd:60:db:c6:67:de:7a:5e:ba:20:f4:7a:59:1e:
                    fe:05:c2:cd:b1:bb:dc:98:26:16:64:9e:13:bf:7a:
                    5d:7f:7f:f0:9d:4a:07:e8:ad:13:22:ed:03:65:d9:
                    5c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:ED:1B:4B:CF:B1:0B:51:5E:85:CF:FC:AE:2D:0E:D2:03:61:EC:9D
            X509v3 Authority Key Identifier:
                keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/Ou0bS8-xC1Fehc_8ri0O0gNh7J0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.48.86.0/23
                  193.48.89.0-193.48.90.255
                  193.49.5.0/27
                  193.49.5.64/27
                  193.49.237.0/24
                  193.50.8.0/24
                  193.50.153.0/24
                  193.50.251.0/24
                  193.51.107.0/24
                  193.54.148.0/24
                  193.54.209.0-193.54.211.255
                  193.54.214.0/24
                  193.54.229.0-193.54.230.255
                  194.167.107.0-194.167.108.255
                  194.167.188.0/24
                  194.199.214.0/23
                  194.254.1.0-194.254.4.255
                  194.254.11.0-194.254.12.255
                  194.254.52.0-194.254.57.255

    Signature Algorithm: sha256WithRSAEncryption
         3c:86:7d:01:d5:a9:48:e5:68:93:18:a4:03:f0:fc:58:b3:08:
         c7:82:37:e5:5b:59:48:ea:51:3a:3e:55:f9:5c:b5:81:5d:aa:
         9c:6d:bb:d4:16:08:25:4d:1c:27:7e:0d:ca:e3:aa:21:d4:51:
         c6:08:b2:a4:da:b0:62:94:de:cf:18:19:76:46:1c:a5:be:2d:
         fd:62:97:7f:d7:50:cd:b2:ef:2b:9b:26:85:c9:c9:2e:99:26:
         8c:45:3c:f2:14:f3:c2:96:90:c3:ef:5b:67:de:31:db:8e:79:
         73:5f:c7:d4:40:eb:16:09:de:74:d0:32:13:b7:7a:ae:61:9a:
         1d:a0:51:67:ee:54:77:bd:b3:1c:df:18:fd:72:1d:98:db:a4:
         28:c0:2a:6b:b5:a0:a0:9f:51:bf:dd:32:bc:2a:76:32:88:0d:
         47:83:2b:2f:69:bc:e6:d5:5d:d3:9e:5b:fd:cd:bc:cc:63:84:
         92:20:81:a9:a5:c2:f5:c6:2f:a5:62:31:13:62:ea:5f:8e:25:
         5b:d7:57:38:f3:ad:e2:cf:0f:2d:b5:e3:62:f3:c7:4a:6b:96:
         6a:62:aa:fe:8b:73:b5:6d:65:e5:05:14:e3:fe:02:64:f9:4b:
         ad:7f:ac:43:78:08:ec:2d:b6:20:ab:48:2f:1c:8e:25:48:1d:
         7e:3c:c6:82
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIENcAnejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWY5NTdhYmEyZWYwMDM1Mjg1MGUyMDI0NjRjNzFkMzNjYTgxNDQ4MB4XDTIyMDEw
MTEyMDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FlZDFiNGJjZmIx
MGI1MTVlODVjZmZjYWUyZDBlZDIwMzYxZWM5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmxyYgmw9bdIQri/zPUSOduX7jAOx1t7cHU/jL+wwqGcxxF
JRkY19ec5YZafQtuiBRMT7hreMxrEASmLw6SgohMRcBZCXqJCeC/p9PtJUxCArlT
uFkUlROL9ZRwxcP/EEZLYDQYQJF9ca496hngblhNqcwpgAY3S29qlbRjJsvHKqfP
YNT2F2Z0tj829BmpyH5H02ASgtfU8798za/APjtRsCeKJwYNz+I2f0vFBJj6ONZ8
DAB5UahqO6F2Bv/2HaF3rU0M+2Iq7A4RaIXnPZW5Pc1g28Zn3npeuiD0elke/gXC
zbG73JgmFmSeE796XX9/8J1KB+itEyLtA2XZXKECAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBQ67RtLz7ELUV6Fz/yuLQ7SA2HsnTAfBgNVHSMEGDAWgBQu+Verou8ANShQ
4gJGTHHTPKgUSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2bFhxNkx2QURVb1VPSUNSa3h4MHp5b0ZFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8x
L091MGJTOC14QzFGZWhjXzhyaTBPMGdOaDdKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YTU4NGU0LWNjZDQtNGM0Zi05ZDE2LTA0YTI3YzRkNTQ1My8xL0x2bFhxNkx2QURV
b1VPSUNSa3h4MHp5b0ZFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
yQYIKwYBBQUHAQcBAf8EgbkwgbYwgbMEAgABMIGsAwQBwTBWMAwDBADBMFkDBADB
MFoDBQXBMQUAAwUFwTEFQAMEAMEx7QMEAMEyCAMEAMEymQMEAMEy+wMEAMEzawME
AME2lDAMAwQAwTbRAwQCwTbQAwQAwTbWMAwDBADBNuUDBADBNuYwDAMEAMKnawME
AMKnbAMEAMKnvAMEAcLH1jAMAwQAwv4BAwQAwv4EMAwDBADC/gsDBADC/gwwDAME
AsL+NAMEAcL+ODANBgkqhkiG9w0BAQsFAAOCAQEAPIZ9AdWpSOVokxikA/D8WLMI
x4I35VtZSOpROj5V+Vy1gV2qnG271BYIJU0cJ34NyuOqIdRRxgiypNqwYpTezxgZ
dkYcpb4t/WKXf9dQzbLvK5smhcnJLpkmjEU88hTzwpaQw+9bZ94x2455c1/H1EDr
FgnedNAyE7d6rmGaHaBRZ+5Ud72zHN8Y/XIdmNukKMAqa7WgoJ9Rv90yvCp2MogN
R4MrL2m85tVd055b/c28zGOEkiCBqaXC9cYvpWIxE2LqX44lW9dXOPOt4s8PLbXj
YvPHSmuWamKq/otztW1l5QUU4/4CZPlLrX+sQ3gI7C22IKtILxyOJUgdfjzGgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:37 2024 by rpki-client on console-ams.rpki-client.org