Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/X6QYrt6S1_2UuVibqkAmZQbQnrE.roa
File:                     X6QYrt6S1_2UuVibqkAmZQbQnrE.roa (raw, json)
Hash identifier:          FNjBG39G5rT1gX3eISnRPjBadOLho49W59GCv1Cp714=
Subject key identifier:   5F:A4:18:AE:DE:92:D7:FD:94:B9:58:9B:AA:40:26:65:06:D0:9E:B1
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       01836AC18D73F5B0BE34278C860B056D7986
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/X6QYrt6S1_2UuVibqkAmZQbQnrE.roa
Signing time:             Fri 23 Sep 2022 14:30:12 +0000
ROA not before:           Fri 23 Sep 2022 14:30:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203380
IP address blocks:        82.118.245.0/24 maxlen: 24
                          79.124.7.0/24 maxlen: 24
                          91.148.141.0/24 maxlen: 24
                          78.128.99.0/24 maxlen: 24
                          94.72.140.0/24 maxlen: 24
                          94.72.141.0/24 maxlen: 24
                          94.72.143.0/24 maxlen: 24
                          82.118.227.0/24 maxlen: 24
                          82.118.230.0/24 maxlen: 24
                          82.118.234.0/24 maxlen: 24
                          82.118.235.0/24 maxlen: 24
                          130.185.251.0/24 maxlen: 24
                          79.124.77.0/24 maxlen: 24
                          78.128.127.0/24 maxlen: 24
                          2a01:8740:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:6a:c1:8d:73:f5:b0:be:34:27:8c:86:0b:05:6d:79:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Sep 23 14:30:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5fa418aede92d7fd94b9589baa40266506d09eb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e4:15:59:01:56:3d:63:a8:c3:90:0a:e8:33:
                    2f:74:2a:57:5e:3e:d7:e8:3f:bb:47:6d:12:7a:a9:
                    27:fb:a7:5c:e1:5b:e5:b9:02:3f:5a:55:7b:1c:5f:
                    92:9f:3b:d0:52:bf:3f:59:bf:eb:35:e1:df:cf:37:
                    e5:f4:82:6e:da:43:f6:0e:c1:1a:b1:12:9c:ac:82:
                    ed:04:9f:a7:27:8a:12:8e:5d:6b:bf:97:8e:e3:d4:
                    5d:90:83:fe:72:78:01:d2:c2:9a:51:ff:bb:05:dc:
                    b0:83:83:ea:a4:f9:d3:05:60:f7:74:60:4c:b1:5b:
                    4d:b6:25:50:1e:92:1e:94:61:f7:d3:f5:08:56:90:
                    81:ca:22:32:c0:51:cd:9c:10:ea:a9:bb:b5:b2:d2:
                    b1:fe:a5:72:a6:95:db:b2:c7:7f:84:68:f1:83:56:
                    cf:7f:73:85:02:44:e5:90:d3:dd:70:1d:20:52:e5:
                    ad:97:35:51:03:4f:55:5f:eb:91:eb:93:e9:31:e6:
                    94:95:87:56:3b:f4:2e:b0:6c:5b:15:2a:fd:13:71:
                    71:42:0b:e5:a8:ae:ea:f5:d8:50:fc:a5:84:20:3b:
                    d7:12:4e:88:dc:a9:d2:1b:ac:eb:be:e1:d0:cf:c8:
                    42:e3:c1:51:e4:cc:3d:c3:b7:1c:76:3f:00:30:68:
                    b9:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A4:18:AE:DE:92:D7:FD:94:B9:58:9B:AA:40:26:65:06:D0:9E:B1
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/X6QYrt6S1_2UuVibqkAmZQbQnrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.128.99.0/24
                  78.128.127.0/24
                  79.124.7.0/24
                  79.124.77.0/24
                  82.118.227.0/24
                  82.118.230.0/24
                  82.118.234.0/23
                  82.118.245.0/24
                  91.148.141.0/24
                  94.72.140.0/23
                  94.72.143.0/24
                  130.185.251.0/24
                IPv6:
                  2a01:8740:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:be:3f:73:04:ff:6b:37:b1:31:f5:75:7f:78:17:28:b4:a0:
         fc:4a:bb:a5:68:b9:57:bd:e4:18:7a:3a:5a:9f:01:70:73:2b:
         e1:9b:15:9c:4d:a1:0c:9d:70:66:a2:dd:84:f4:82:7b:76:91:
         f0:9e:a5:c4:84:65:5f:f3:85:2d:3a:fb:91:4c:ff:a6:ee:a3:
         5d:c7:50:6c:a0:7a:27:49:d2:09:33:56:a7:c1:21:02:d5:ec:
         a4:5c:ce:91:aa:b9:82:be:57:05:71:2d:b4:03:60:9a:84:2a:
         92:47:56:75:7d:49:3c:e5:23:2b:95:c7:6d:2b:a3:db:00:8b:
         2e:7f:18:92:69:1b:2f:a3:0b:6d:8d:ff:5e:e4:e3:cf:2d:3b:
         16:9e:12:15:ca:4e:c3:2e:f2:4e:8b:ed:a7:10:6e:69:8d:f9:
         18:19:28:83:96:db:ca:b3:55:aa:04:26:27:1d:78:16:65:ad:
         14:c6:a6:d4:c5:ab:44:74:b0:1d:32:26:54:8b:0f:64:cb:51:
         5a:bb:80:32:8d:bf:ad:44:d7:4b:75:11:9a:0b:da:19:9f:af:
         76:f5:af:91:63:f2:1c:f4:fe:92:99:4c:71:0f:ff:bd:e9:57:
         7d:18:a8:54:fc:c5:70:f8:03:4a:56:1c:21:80:36:0a:ef:4f:
         e7:05:66:27
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYNqwY1z9bC+NCeMhgsFbXmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjIwOTIzMTQzMDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE0MThhZWRlOTJkN2ZkOTRiOTU4OWJhYTQwMjY2NTA2ZDA5ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluQVWQFWPWOow5AK6DMvdCpXXj7X
6D+7R20Seqkn+6dc4VvluQI/WlV7HF+SnzvQUr8/Wb/rNeHfzzfl9IJu2kP2DsEa
sRKcrILtBJ+nJ4oSjl1rv5eO49RdkIP+cngB0sKaUf+7Bdywg4PqpPnTBWD3dGBM
sVtNtiVQHpIelGH30/UIVpCByiIywFHNnBDqqbu1stKx/qVyppXbssd/hGjxg1bP
f3OFAkTlkNPdcB0gUuWtlzVRA09VX+uR65PpMeaUlYdWO/QusGxbFSr9E3FxQgvl
qK7q9dhQ/KWEIDvXEk6I3KnSG6zrvuHQz8hC48FR5Mw9w7ccdj8AMGi5twIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFF+kGK7ektf9lLlYm6pAJmUG0J6xMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvWDZRWXJ0NlMxXzJVdVZpYnFrQW1aUWJRbnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBOBAIAATBIAwQAToBjAwQA
ToB/AwQAT3wHAwQAT3xNAwQAUnbjAwQAUnbmAwQBUnbqAwQAUnb1AwQAW5SNAwQB
XkiMAwQAXkiPAwQAgrn7MA8EAgACMAkDBwAqAYdAAAEwDQYJKoZIhvcNAQELBQAD
ggEBALa+P3ME/2s3sTH1dX94Fyi0oPxKu6VouVe95Bh6OlqfAXBzK+GbFZxNoQyd
cGai3YT0gnt2kfCepcSEZV/zhS06+5FM/6buo13HUGygeidJ0gkzVqfBIQLV7KRc
zpGquYK+VwVxLbQDYJqEKpJHVnV9STzlIyuVx20ro9sAiy5/GJJpGy+jC22N/17k
488tOxaeEhXKTsMu8k6L7acQbmmN+RgZKIOW28qzVaoEJicdeBZlrRTGptTFq0R0
sB0yJlSLD2TLUVq7gDKNv61E10t1EZoL2hmfr3b1r5Fj8hz0/pKZTHEP/73pV30Y
qFT8xXD4A0pWHCGANgrvT+cFZic=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org