Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa
File:                     WSb4zaTWXHAyTO69X4l6qYl4j-E.roa (raw, json)
Hash identifier:          9qCYGk+u3DNcM2vEhgfZua1BW+q18Mt2zJk6GCNjvDM=
Subject key identifier:   59:26:F8:CD:A4:D6:5C:70:32:4C:EE:BD:5F:89:7A:A9:89:78:8F:E1
Certificate issuer:       /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial:       095B93D1
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa
Signing time:             Fri 03 Jun 2022 10:41:29 +0000
ROA not before:           Fri 03 Jun 2022 10:41:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35237
IP address blocks:        185.157.96.0/23 maxlen: 24
                          84.252.144.0/24 maxlen: 24
                          84.252.144.0/23 maxlen: 24
                          84.252.145.0/24 maxlen: 24
                          185.157.99.0/24 maxlen: 24
                          84.252.149.0/24 maxlen: 24
                          84.252.147.0/24 maxlen: 24
                          84.252.146.0/24 maxlen: 24
                          91.217.194.0/24 maxlen: 24
                          194.54.15.0/24 maxlen: 24
                          194.54.14.0/24 maxlen: 24
                          195.43.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156996561 (0x95b93d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
        Validity
            Not Before: Jun  3 10:41:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5926f8cda4d65c70324ceebd5f897aa989788fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:87:48:b7:d6:84:a0:6a:10:29:b4:4f:ae:e2:
                    56:16:a6:65:40:38:49:54:d3:80:c6:9b:9c:e5:66:
                    cc:25:91:be:60:ec:7a:65:b4:77:be:fc:3a:2f:6d:
                    ba:6e:5c:59:a4:bd:81:dc:59:f3:ab:44:56:b1:fb:
                    86:61:1e:94:ea:0a:7a:07:40:cd:02:6d:ac:72:3c:
                    33:13:3d:fe:3d:a5:7c:cd:37:62:82:63:0d:44:98:
                    36:ae:4b:8a:c8:e4:b9:33:86:51:65:7f:dd:aa:04:
                    6c:7b:ca:0a:0c:ee:99:cc:42:a8:59:53:74:03:29:
                    7c:49:8d:fb:47:bc:92:f0:0c:5a:dc:9f:bd:02:2c:
                    2a:78:be:c7:3c:d4:0c:5e:0c:80:ee:58:66:af:30:
                    19:17:e0:a9:60:18:dd:cc:5a:dd:10:3e:f2:81:32:
                    cb:06:08:2c:84:82:fa:ad:fd:7f:05:30:0b:a5:03:
                    14:b4:fe:4c:8a:46:db:1b:66:a6:3a:4a:02:2b:43:
                    15:cf:2b:9e:5b:6c:df:89:a6:2a:be:82:66:78:00:
                    7d:7c:dd:87:5a:c2:30:b0:06:40:42:cc:77:0b:36:
                    cf:47:9d:aa:e9:da:25:ed:60:63:0d:57:58:15:1b:
                    77:25:b2:04:53:c9:c3:5f:73:47:7d:97:d0:3e:13:
                    af:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:26:F8:CD:A4:D6:5C:70:32:4C:EE:BD:5F:89:7A:A9:89:78:8F:E1
            X509v3 Authority Key Identifier:
                keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.252.144.0/22
                  84.252.149.0/24
                  91.217.194.0/24
                  185.157.96.0/23
                  185.157.99.0/24
                  194.54.14.0/23
                  195.43.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:9e:3e:f7:2d:4b:e5:96:3f:1f:d8:9b:d9:5b:4a:a8:28:c2:
         4e:9c:ef:74:1e:7b:85:ae:e1:66:34:18:49:fe:88:be:a4:26:
         27:88:03:03:8f:48:b0:47:7e:43:dd:41:50:96:52:f9:24:2a:
         da:b7:9d:55:91:e8:f5:34:66:52:fc:ea:21:33:b1:0e:58:bb:
         15:7f:b6:83:71:1c:2c:c7:d0:9c:ac:3d:b2:97:ef:2b:41:5e:
         c7:ba:1a:a0:df:f8:22:ca:f0:20:1c:3b:55:41:64:f8:60:f1:
         25:a7:ab:70:d0:dc:46:86:43:80:71:60:e3:1e:c5:93:6a:51:
         e1:53:50:6a:77:a9:3e:04:09:13:08:72:8a:61:ff:5f:e0:9c:
         1d:84:49:45:59:2e:46:13:87:9d:ea:0a:61:f6:f2:8c:7b:f3:
         40:30:f2:a0:61:4d:0c:1d:78:9d:12:53:ff:aa:82:3b:d5:bb:
         89:f3:c6:2a:cd:a3:d6:6c:ef:78:7e:59:43:43:e5:e8:3c:4d:
         dd:4f:df:e0:37:75:15:f8:99:ef:d0:5c:5a:bd:7f:3d:34:2f:
         2f:fe:3b:52:55:09:8d:17:c3:d7:be:74:71:51:8e:a3:0a:ae:
         7c:b5:b6:c0:60:9f:ac:3f:b1:ba:b7:c4:1e:67:85:8a:44:9f:
         63:96:b6:86
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECVuT0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUyNmE3M2NlOGY5ZjYyYzE0YTExYTJlYTkxM2VjMjczZDU4YzQ2MB4XDTIyMDYw
MzEwNDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkyNmY4Y2RhNGQ2
NWM3MDMyNGNlZWJkNWY4OTdhYTk4OTc4OGZlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuHSLfWhKBqECm0T67iVhamZUA4SVTTgMabnOVmzCWRvmDs
emW0d778Oi9tum5cWaS9gdxZ86tEVrH7hmEelOoKegdAzQJtrHI8MxM9/j2lfM03
YoJjDUSYNq5LisjkuTOGUWV/3aoEbHvKCgzumcxCqFlTdAMpfEmN+0e8kvAMWtyf
vQIsKni+xzzUDF4MgO5YZq8wGRfgqWAY3cxa3RA+8oEyywYILISC+q39fwUwC6UD
FLT+TIpG2xtmpjpKAitDFc8rnlts34mmKr6CZngAfXzdh1rCMLAGQELMdws2z0ed
qunaJe1gYw1XWBUbdyWyBFPJw19zR32X0D4TryMCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRZJvjNpNZccDJM7r1fiXqpiXiP4TAfBgNVHSMEGDAWgBSaUmpzzo+fYsFK
EaLqkT7Cc9WMRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sSnFjODZQbjJMQlNoR2k2cEUtd25QVmpFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8x
L1dTYjR6YVRXWEhBeVRPNjlYNGw2cVlsNGotRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8xL21sSnFjODZQbjJM
QlNoR2k2cEUtd25QVmpFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAlT8kAMEAFT8lQMEAFvZwgMEAbmd
YAMEALmdYwMEAcI2DgMEAMMrkDANBgkqhkiG9w0BAQsFAAOCAQEAX54+9y1L5ZY/
H9ib2VtKqCjCTpzvdB57ha7hZjQYSf6IvqQmJ4gDA49IsEd+Q91BUJZS+SQq2red
VZHo9TRmUvzqITOxDli7FX+2g3EcLMfQnKw9spfvK0Fex7oaoN/4IsrwIBw7VUFk
+GDxJaercNDcRoZDgHFg4x7Fk2pR4VNQanepPgQJEwhyimH/X+CcHYRJRVkuRhOH
neoKYfbyjHvzQDDyoGFNDB14nRJT/6qCO9W7ifPGKs2j1mzveH5ZQ0Pl6DxN3U/f
4Dd1FfiZ79BcWr1/PTQvL/47UlUJjRfD1750cVGOowqufLW2wGCfrD+xurfEHmeF
ikSfY5a2hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:26 2024 by rpki-client on console-ams.rpki-client.org