Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/16UL1M62tu4O-nsmoZfsgY6zjoo.roa
File:                     16UL1M62tu4O-nsmoZfsgY6zjoo.roa (raw, json)
Hash identifier:          dfCDC3j/AowfF5h9dobpq9JUZYZjXtmoLPFJ7xuPch0=
Subject key identifier:   D7:A5:0B:D4:CE:B6:B6:EE:0E:FA:7B:26:A1:97:EC:81:8E:B3:8E:8A
Certificate issuer:       /CN=47edf8f1bf0c4fbc469e71c99d82489ea1f3da4a
Certificate serial:       142E5CFC
Authority key identifier: 47:ED:F8:F1:BF:0C:4F:BC:46:9E:71:C9:9D:82:48:9E:A1:F3:DA:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R-348b8MT7xGnnHJnYJInqHz2ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/16UL1M62tu4O-nsmoZfsgY6zjoo.roa
Signing time:             Tue 01 Feb 2022 01:21:51 +0000
ROA not before:           Tue 01 Feb 2022 01:21:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41627
IP address blocks:        89.251.40.0/21 maxlen: 21
                          185.167.92.0/22 maxlen: 22
                          31.171.224.0/20 maxlen: 20
                          46.251.14.0/23 maxlen: 23
                          91.147.236.0/22 maxlen: 22
                          89.251.32.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338582780 (0x142e5cfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47edf8f1bf0c4fbc469e71c99d82489ea1f3da4a
        Validity
            Not Before: Feb  1 01:21:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7a50bd4ceb6b6ee0efa7b26a197ec818eb38e8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f0:01:11:be:11:aa:ab:6f:79:1e:c6:d9:f8:
                    7e:71:7b:6c:f4:cd:7d:f3:7b:72:99:5f:42:a3:69:
                    ff:e9:d5:ce:0a:e5:42:2a:ce:59:d8:4d:27:72:50:
                    be:b0:94:4a:a1:b4:d3:fa:20:71:b2:4a:c1:77:88:
                    d0:e7:6b:63:d6:a3:af:3c:1f:12:72:b4:57:b4:ec:
                    1c:9d:90:46:36:c8:4c:46:6b:1b:4f:11:67:27:e7:
                    6a:af:ab:52:18:98:70:a0:a0:93:3c:d0:31:e5:c5:
                    1d:dd:ab:2a:cf:a7:94:03:b0:c6:2c:57:9a:92:27:
                    56:a0:82:35:9e:a4:f4:b2:74:ed:de:a4:b5:de:0c:
                    b0:9b:42:a1:e4:3b:c2:e5:58:2a:86:16:26:aa:3c:
                    f7:ff:4a:3f:e6:1d:e0:39:b4:05:90:0e:07:b0:93:
                    ed:25:b3:79:56:05:86:50:4c:d4:42:4a:bc:30:62:
                    b0:fc:41:05:4d:fa:ea:6e:fc:7b:9a:84:df:8c:2d:
                    a6:55:51:37:7e:2c:3f:ce:ad:21:90:bb:4f:f3:25:
                    d7:69:cf:f7:7e:93:93:9a:57:6b:3f:90:26:e6:32:
                    b2:c0:3c:e3:81:1c:75:68:e0:71:58:68:ad:f5:6b:
                    fc:89:d3:ce:19:a3:7e:18:76:07:64:fb:0a:4c:25:
                    39:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:A5:0B:D4:CE:B6:B6:EE:0E:FA:7B:26:A1:97:EC:81:8E:B3:8E:8A
            X509v3 Authority Key Identifier:
                keyid:47:ED:F8:F1:BF:0C:4F:BC:46:9E:71:C9:9D:82:48:9E:A1:F3:DA:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-348b8MT7xGnnHJnYJInqHz2ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/16UL1M62tu4O-nsmoZfsgY6zjoo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/R-348b8MT7xGnnHJnYJInqHz2ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.171.224.0/20
                  46.251.14.0/23
                  89.251.32.0/20
                  91.147.236.0/22
                  185.167.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:a6:11:dc:5f:cd:03:ad:0d:14:06:37:66:3a:fe:e4:01:6a:
         11:e6:87:1b:7b:ff:83:e9:f5:98:58:d4:00:07:e8:c4:ea:63:
         2a:8b:b5:ea:7d:72:4b:cd:e1:89:d3:c1:da:ea:e3:1b:26:19:
         3c:97:fa:66:29:2c:be:d8:df:83:c5:0e:8f:c8:b6:9b:90:a9:
         32:fc:44:af:6b:29:51:19:24:1c:13:3f:d2:bf:48:b2:06:97:
         f3:77:71:28:71:89:07:54:02:db:7c:29:a7:cf:26:b4:67:64:
         8a:5b:fd:f0:d9:52:a4:14:4e:af:52:95:c9:49:22:ab:9f:01:
         71:f0:91:ae:37:4f:8f:9e:35:98:fa:38:fc:2a:ac:70:21:18:
         d2:25:0d:01:ff:e2:a8:46:c5:4a:3d:32:9c:68:bc:73:a8:cb:
         63:34:c3:fe:44:13:7e:d4:7e:a4:15:37:cd:13:ea:cf:70:5c:
         1f:6a:d5:ef:ea:be:64:ef:57:a1:ec:8d:c6:ba:62:54:56:19:
         12:09:f7:2a:f7:4e:ac:45:51:47:b9:95:d8:b9:43:8c:db:6c:
         32:22:c3:91:16:96:ea:6a:9d:de:39:6a:80:cf:a3:33:03:4e:
         f9:4c:5b:99:a3:46:10:cf:f8:9b:af:83:75:a7:c0:b5:b8:2d:
         dc:4f:cc:97
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEFC5c/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2VkZjhmMWJmMGM0ZmJjNDY5ZTcxYzk5ZDgyNDg5ZWExZjNkYTRhMB4XDTIyMDIw
MTAxMjE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdhNTBiZDRjZWI2
YjZlZTBlZmE3YjI2YTE5N2VjODE4ZWIzOGU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrwARG+Eaqrb3kextn4fnF7bPTNffN7cplfQqNp/+nVzgrl
QirOWdhNJ3JQvrCUSqG00/ogcbJKwXeI0OdrY9ajrzwfEnK0V7TsHJ2QRjbITEZr
G08RZyfnaq+rUhiYcKCgkzzQMeXFHd2rKs+nlAOwxixXmpInVqCCNZ6k9LJ07d6k
td4MsJtCoeQ7wuVYKoYWJqo89/9KP+Yd4Dm0BZAOB7CT7SWzeVYFhlBM1EJKvDBi
sPxBBU366m78e5qE34wtplVRN34sP86tIZC7T/Ml12nP936Tk5pXaz+QJuYyssA8
44EcdWjgcVhorfVr/InTzhmjfhh2B2T7CkwlOY0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTXpQvUzra27g76eyahl+yBjrOOijAfBgNVHSMEGDAWgBRH7fjxvwxPvEae
ccmdgkieofPaSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ItMzQ4YjhNVDd4R25uSEpuWUpJbnFIejJrby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNmRiMzRiLThhZmEtNDljNS1iNzNmLTkyMDRjMTk3YWE2NS8x
LzE2VUwxTTYydHU0Ty1uc21vWmZzZ1k2empvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NmRiMzRiLThhZmEtNDljNS1iNzNmLTkyMDRjMTk3YWE2NS8xL1ItMzQ4YjhNVDd4
R25uSEpuWUpJbnFIejJrby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBB+r4AMEAS77DgMEBFn7IAMEAluT
7AMEArmnXDANBgkqhkiG9w0BAQsFAAOCAQEAe6YR3F/NA60NFAY3Zjr+5AFqEeaH
G3v/g+n1mFjUAAfoxOpjKou16n1yS83hidPB2urjGyYZPJf6Ziksvtjfg8UOj8i2
m5CpMvxEr2spURkkHBM/0r9IsgaX83dxKHGJB1QC23wpp88mtGdkilv98NlSpBRO
r1KVyUkiq58BcfCRrjdPj541mPo4/CqscCEY0iUNAf/iqEbFSj0ynGi8c6jLYzTD
/kQTftR+pBU3zRPqz3BcH2rV7+q+ZO9XoeyNxrpiVFYZEgn3KvdOrEVRR7mV2LlD
jNtsMiLDkRaW6mqd3jlqgM+jMwNO+UxbmaNGEM/4m6+DdafAtbgt3E/Mlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:16 2024 by rpki-client on console-fra.rpki-client.org