Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-hJUMrtzs2BKpDFKJnYPhcvi4xE.roa
File:                     1-hJUMrtzs2BKpDFKJnYPhcvi4xE.roa (raw, json)
Hash identifier:          lT8RTqD0mosf0x2VRGhrysSZeSZPUVGDOOP/XiRpgJg=
Subject key identifier:   FA:12:54:32:BB:73:B3:60:4A:A4:31:4A:26:76:0F:85:CB:E2:E3:11
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1827D3A8
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-hJUMrtzs2BKpDFKJnYPhcvi4xE.roa
Signing time:             Tue 11 Jan 2022 11:54:46 +0000
ROA not before:           Tue 11 Jan 2022 11:54:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54600
IP address blocks:        45.81.236.0/22 maxlen: 32
                          45.135.220.0/22 maxlen: 32
                          45.12.234.0/24 maxlen: 32
                          45.12.235.0/24 maxlen: 32
                          45.12.162.0/24 maxlen: 32
                          185.117.23.0/24 maxlen: 24
                          185.115.129.0/24 maxlen: 24
                          84.39.188.0/24 maxlen: 24
                          45.15.37.0/24 maxlen: 32
                          45.15.36.0/24 maxlen: 32
                          45.15.36.0/23 maxlen: 32
                          185.137.183.0/24 maxlen: 24
                          185.253.249.0/24 maxlen: 24
                          45.83.252.0/23 maxlen: 32
                          45.83.253.0/24 maxlen: 32
                          45.83.252.0/24 maxlen: 32
                          185.133.74.0/24 maxlen: 24
                          185.146.195.0/24 maxlen: 24
                          45.82.204.0/23 maxlen: 32
                          45.94.164.0/22 maxlen: 24
                          185.182.63.0/24 maxlen: 24
                          79.143.50.0/24 maxlen: 24
                          79.143.57.0/24 maxlen: 24
                          79.143.63.0/24 maxlen: 24
                          185.240.236.0/22 maxlen: 24
                          45.128.28.0/22 maxlen: 24
                          45.81.11.0/24 maxlen: 32
                          45.81.10.0/24 maxlen: 32
                          45.135.100.0/22 maxlen: 24
                          45.14.47.0/24 maxlen: 32
                          185.172.144.0/24 maxlen: 24
                          185.120.33.0/24 maxlen: 24
                          45.130.74.0/24 maxlen: 24
                          194.49.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405263272 (0x1827d3a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan 11 11:54:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa125432bb73b3604aa4314a26760f85cbe2e311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:19:9b:9a:a0:32:23:03:1d:0b:f1:a3:ce:6a:
                    d3:49:72:1b:93:a9:ca:cf:fc:cc:2a:d1:3b:20:d8:
                    5a:a0:8a:57:ec:a7:9c:d2:8b:75:9a:0f:6d:61:07:
                    84:34:1c:34:50:da:f8:58:7d:13:5a:37:a3:b2:bd:
                    4c:b5:3a:d7:1b:1d:bb:2b:f9:89:51:e3:33:c8:a6:
                    cf:fc:ac:b7:42:76:81:a4:2a:b1:b4:5d:ca:f0:34:
                    5d:b7:80:30:af:d8:14:b8:51:e7:c3:72:fe:a7:da:
                    da:53:86:03:e2:bc:eb:86:d9:20:eb:49:6f:a7:34:
                    f3:d1:a3:a2:18:38:01:a7:a7:ad:d2:eb:28:51:15:
                    b0:10:df:bc:83:92:6f:dc:c6:ce:82:e1:f6:85:4b:
                    6c:77:1f:60:de:78:37:b8:ef:d3:10:69:3d:85:3a:
                    a2:10:5b:0e:8c:79:83:71:f4:a1:a5:77:c0:8b:f8:
                    2c:02:60:d4:84:ad:ab:a4:82:22:36:5d:cc:31:91:
                    af:0b:8d:7c:97:98:69:3a:80:8b:98:95:d2:0f:8c:
                    6d:81:2f:82:63:22:5d:84:d3:72:81:1a:df:f7:83:
                    b6:97:e2:99:74:b0:18:f2:ca:07:a3:4f:dd:a3:54:
                    09:3b:75:bb:22:b1:0f:c8:14:20:d2:d1:a3:ab:79:
                    bb:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:12:54:32:BB:73:B3:60:4A:A4:31:4A:26:76:0F:85:CB:E2:E3:11
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-hJUMrtzs2BKpDFKJnYPhcvi4xE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.162.0/24
                  45.12.234.0/23
                  45.14.47.0/24
                  45.15.36.0/23
                  45.81.10.0/23
                  45.81.236.0/22
                  45.82.204.0/23
                  45.83.252.0/23
                  45.94.164.0/22
                  45.128.28.0/22
                  45.130.74.0/24
                  45.135.100.0/22
                  45.135.220.0/22
                  79.143.50.0/24
                  79.143.57.0/24
                  79.143.63.0/24
                  84.39.188.0/24
                  185.115.129.0/24
                  185.117.23.0/24
                  185.120.33.0/24
                  185.133.74.0/24
                  185.137.183.0/24
                  185.146.195.0/24
                  185.172.144.0/24
                  185.182.63.0/24
                  185.240.236.0/22
                  185.253.249.0/24
                  194.49.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:71:9c:49:5e:34:fd:bd:da:7b:da:67:ed:d4:f3:9b:5d:00:
         88:7d:ae:10:b1:bb:19:57:94:f4:4f:6d:fa:3c:68:fe:ee:29:
         52:f3:c5:7e:22:1f:08:ed:51:a9:20:1c:d2:70:37:35:de:9b:
         1c:dc:9b:38:6e:5f:7d:51:05:5a:45:72:8f:59:b6:51:78:3a:
         41:da:93:3c:f3:9e:3f:38:16:12:1a:86:f5:18:3d:bc:27:dd:
         7a:da:5f:35:d6:c2:15:c3:77:25:a6:49:0b:36:b9:61:4a:6b:
         5b:88:68:a3:3d:d1:4d:2b:05:af:b4:cb:db:bd:05:ce:1c:8d:
         4c:f7:bd:46:89:c7:72:a0:a8:34:65:f8:8b:cd:e2:bf:0c:59:
         26:2f:5d:22:be:8f:1a:4d:ae:74:f2:8d:0f:69:9d:86:03:5d:
         01:87:55:99:b8:1f:62:d2:a8:fd:5b:9b:d7:13:46:2e:25:74:
         14:46:38:4a:ee:7d:04:a2:9b:9a:9e:48:13:b3:3b:6c:ae:22:
         67:b5:75:29:df:fb:e6:1d:6d:6c:37:8d:29:b6:7a:56:d8:3b:
         44:e4:25:e5:4c:f0:df:64:8b:9d:c3:ef:64:cc:fa:6f:4b:17:
         9a:53:71:33:58:4e:c6:d5:18:05:14:fe:b6:f2:08:93:6d:2d:
         5e:f5:5b:4e
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIEGCfTqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEx
MTExNTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmExMjU0MzJiYjcz
YjM2MDRhYTQzMTRhMjY3NjBmODVjYmUyZTMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgZm5qgMiMDHQvxo85q00lyG5Opys/8zCrROyDYWqCKV+yn
nNKLdZoPbWEHhDQcNFDa+Fh9E1o3o7K9TLU61xsduyv5iVHjM8imz/yst0J2gaQq
sbRdyvA0XbeAMK/YFLhR58Ny/qfa2lOGA+K864bZIOtJb6c089Gjohg4AaenrdLr
KFEVsBDfvIOSb9zGzoLh9oVLbHcfYN54N7jv0xBpPYU6ohBbDox5g3H0oaV3wIv4
LAJg1IStq6SCIjZdzDGRrwuNfJeYaTqAi5iV0g+MbYEvgmMiXYTTcoEa3/eDtpfi
mXSwGPLKB6NP3aNUCTt1uyKxD8gUINLRo6t5u8ECAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBT6ElQyu3OzYEqkMUomdg+Fy+LjETAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzEtaEpVTXJ0enMyQktwREZLSm5ZUGhjdmk0eEUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Qw
LzQ5MjU5MC1hMDJmLTQ0M2UtYWFhMy1mZWFjMjZlYWVjYzIvMS9iSV9ScUs1Wmxz
SGxhU3dhakVLXzZjTzZWMFUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gcUGCCsGAQUFBwEHAQH/BIG1MIGyMIGvBAIAATCBqAMEAC0MogMEAS0M6gMEAC0O
LwMEAS0PJAMEAS1RCgMEAi1R7AMEAS1SzAMEAS1T/AMEAi1epAMEAi2AHAMEAC2C
SgMEAi2HZAMEAi2H3AMEAE+PMgMEAE+POQMEAE+PPwMEAFQnvAMEALlzgQMEALl1
FwMEALl4IQMEALmFSgMEALmJtwMEALmSwwMEALmskAMEALm2PwMEArnw7AMEALn9
+QMEAMIxcTANBgkqhkiG9w0BAQsFAAOCAQEAo3GcSV40/b3ae9pn7dTzm10AiH2u
ELG7GVeU9E9t+jxo/u4pUvPFfiIfCO1RqSAc0nA3Nd6bHNybOG5ffVEFWkVyj1m2
UXg6QdqTPPOePzgWEhqG9Rg9vCfdetpfNdbCFcN3JaZJCza5YUprW4hooz3RTSsF
r7TL270FzhyNTPe9RonHcqCoNGX4i83ivwxZJi9dIr6PGk2udPKND2mdhgNdAYdV
mbgfYtKo/Vub1xNGLiV0FEY4Su59BKKbmp5IE7M7bK4iZ7V1Kd/75h1tbDeNKbZ6
Vtg7ROQl5Uzw32SLncPvZMz6b0sXmlNxM1hOxtUYBRT+tvIIk20tXvVbTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org