Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QSVJJG1npkPvXioFR9Ti3Zv601k.roa
File:                     QSVJJG1npkPvXioFR9Ti3Zv601k.roa (raw, json)
Hash identifier:          PHsv5cLIFCYGHE7vcw9DSjPVV8KzZ5Tqa/t3RUaHMaY=
Subject key identifier:   41:25:49:24:6D:67:A6:43:EF:5E:2A:05:47:D4:E2:DD:9B:FA:D3:59
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       198C92B1
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QSVJJG1npkPvXioFR9Ti3Zv601k.roa
Signing time:             Fri 08 Apr 2022 09:21:06 +0000
ROA not before:           Fri 08 Apr 2022 09:21:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46261
IP address blocks:        5.183.204.0/23 maxlen: 32
                          45.12.232.0/24 maxlen: 32
                          45.82.206.0/23 maxlen: 32
                          185.182.60.0/24 maxlen: 32
                          45.15.38.0/23 maxlen: 32
                          92.119.151.0/24 maxlen: 32
                          193.187.153.0/24 maxlen: 32
                          193.187.154.0/23 maxlen: 32
                          45.14.46.0/24 maxlen: 32
                          45.138.210.0/23 maxlen: 24
                          45.10.3.0/24 maxlen: 32
                          193.160.212.0/24 maxlen: 32
                          213.232.104.0/24 maxlen: 32
                          5.181.148.0/23 maxlen: 32
                          45.67.16.0/23 maxlen: 32
                          185.226.75.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 428642993 (0x198c92b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Apr  8 09:21:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=412549246d67a643ef5e2a0547d4e2dd9bfad359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0f:24:52:f6:7e:b8:c2:2f:87:d8:3e:03:07:
                    61:f6:91:7c:0c:dc:c0:88:d2:ef:43:d0:7b:96:0b:
                    a7:9e:c9:cc:33:a0:c1:86:f6:c1:01:d1:91:38:c9:
                    57:96:6c:f8:8a:d0:42:b3:e7:3a:ad:6b:02:2b:71:
                    0a:c3:74:86:af:d5:41:98:37:a9:a1:56:e5:bf:26:
                    71:5f:91:3d:f1:57:8c:e9:c8:1b:62:27:71:5a:d8:
                    7a:c5:15:b4:42:b8:98:76:3f:7e:76:f4:4c:1b:ef:
                    a2:53:c5:55:39:e9:5d:62:3f:12:4f:fb:34:ca:c1:
                    08:24:ca:a0:86:db:c2:e3:ba:d3:92:93:3a:78:08:
                    55:6c:22:d3:29:9d:25:e9:55:a2:85:bf:26:73:51:
                    e4:ed:15:60:25:be:7c:f2:2e:1b:10:eb:a0:10:92:
                    42:2c:52:1c:65:ed:ee:fe:27:a8:45:e4:59:9c:df:
                    92:2a:4f:b4:5c:34:0e:6f:2e:e2:6b:d7:3e:74:58:
                    8e:df:16:1c:96:61:12:18:d3:97:30:9b:b2:a7:f1:
                    22:13:9d:12:6a:13:8b:4f:6f:d4:00:c4:1e:a2:3a:
                    04:87:ef:64:2d:5b:59:b7:35:a5:9b:9e:04:17:6e:
                    ed:c6:9a:28:c4:ca:37:67:a3:9a:79:c0:3b:07:59:
                    bc:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:25:49:24:6D:67:A6:43:EF:5E:2A:05:47:D4:E2:DD:9B:FA:D3:59
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QSVJJG1npkPvXioFR9Ti3Zv601k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.148.0/23
                  5.183.204.0/23
                  45.10.3.0/24
                  45.12.232.0/24
                  45.14.46.0/24
                  45.15.38.0/23
                  45.67.16.0/23
                  45.82.206.0/23
                  45.138.210.0/23
                  92.119.151.0/24
                  185.182.60.0/24
                  185.226.75.0/24
                  193.160.212.0/24
                  193.187.153.0-193.187.155.255
                  213.232.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:cb:1c:6a:19:ab:cd:c4:7b:8e:a7:af:95:89:e3:1a:a3:48:
         a5:45:fc:a7:24:b5:80:1e:52:ec:a2:4d:5c:6d:51:7f:49:98:
         4c:b8:f0:f8:50:39:86:ac:67:0d:ac:82:de:04:1d:bf:17:9c:
         e1:ee:2f:fe:2c:f1:71:d1:ec:cc:d0:6a:25:41:3a:e5:17:fa:
         95:43:ae:a6:14:26:65:81:59:f6:c0:86:6e:22:c7:1b:44:54:
         91:f9:cb:64:d9:d0:fe:22:d7:b5:2f:41:a7:4d:c5:47:e4:a4:
         5a:cb:91:5b:72:24:83:b9:00:2b:bc:49:bf:da:58:ac:dd:ab:
         8d:7d:c3:f1:57:86:be:99:41:c3:2c:c1:e1:72:9f:af:0a:ea:
         22:cd:09:a5:5e:44:89:c7:96:7a:e4:32:2f:a6:a8:df:e3:04:
         20:d9:35:9d:b1:ea:49:f0:b6:ad:d9:4b:e0:17:bd:7d:9a:ac:
         01:e6:d5:0a:0c:dd:3d:95:5a:5b:01:d4:e6:10:67:c1:a3:27:
         c5:92:8f:0a:2e:32:48:91:e4:bc:bf:63:fb:fc:2b:2c:9e:7e:
         b7:38:27:a0:3f:89:98:c9:b4:16:26:df:a8:37:88:bf:5b:72:
         40:eb:f3:6b:41:df:c9:1f:2b:ca:c9:ac:15:00:d4:93:e8:91:
         fd:d1:8d:08
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIEGYySsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
ODA5MjEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDEyNTQ5MjQ2ZDY3
YTY0M2VmNWUyYTA1NDdkNGUyZGQ5YmZhZDM1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0PJFL2frjCL4fYPgMHYfaRfAzcwIjS70PQe5YLp57JzDOg
wYb2wQHRkTjJV5Zs+IrQQrPnOq1rAitxCsN0hq/VQZg3qaFW5b8mcV+RPfFXjOnI
G2IncVrYesUVtEK4mHY/fnb0TBvvolPFVTnpXWI/Ek/7NMrBCCTKoIbbwuO605KT
OngIVWwi0ymdJelVooW/JnNR5O0VYCW+fPIuGxDroBCSQixSHGXt7v4nqEXkWZzf
kipPtFw0Dm8u4mvXPnRYjt8WHJZhEhjTlzCbsqfxIhOdEmoTi09v1ADEHqI6BIfv
ZC1bWbc1pZueBBdu7caaKMTKN2ejmnnAOwdZvK0CAwEAAaOCAmUwggJhMB0GA1Ud
DgQWBBRBJUkkbWemQ+9eKgVH1OLdm/rTWTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1FTVkpKRzFucGtQdlhpb0ZSOVRpM1p2NjAxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7
BggrBgEFBQcBBwEB/wRsMGowaAQCAAEwYgMEAQW1lAMEAQW3zAMEAC0KAwMEAC0M
6AMEAC0OLgMEAS0PJgMEAS1DEAMEAS1SzgMEAS2K0gMEAFx3lwMEALm2PAMEALni
SwMEAMGg1DAMAwQAwbuZAwQCwbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQAi
yxxqGavNxHuOp6+VieMao0ilRfynJLWAHlLsok1cbVF/SZhMuPD4UDmGrGcNrILe
BB2/F5zh7i/+LPFx0ezM0GolQTrlF/qVQ66mFCZlgVn2wIZuIscbRFSR+ctk2dD+
Ite1L0GnTcVH5KRay5FbciSDuQArvEm/2lis3auNfcPxV4a+mUHDLMHhcp+vCuoi
zQmlXkSJx5Z65DIvpqjf4wQg2TWdsepJ8Lat2UvgF719mqwB5tUKDN09lVpbAdTm
EGfBoyfFko8KLjJIkeS8v2P7/Cssnn63OCegP4mYybQWJt+oN4i/W3JA6/NrQd/J
HyvKyawVANST6JH90Y0I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org