Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/VzOiwF9nYvEDFoXs9tMnNXa3rY8.roa
File:                     VzOiwF9nYvEDFoXs9tMnNXa3rY8.roa (raw, json)
Hash identifier:          4ZGGGuWKrXympjMLkmiQYeZVLLI5cXkLnRMhdlraDZg=
Subject key identifier:   57:33:A2:C0:5F:67:62:F1:03:16:85:EC:F6:D3:27:35:76:B7:AD:8F
Certificate issuer:       /CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Certificate serial:       0AB1EDEF
Authority key identifier: B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/VzOiwF9nYvEDFoXs9tMnNXa3rY8.roa
Signing time:             Sat 01 Jan 2022 12:54:15 +0000
ROA not before:           Sat 01 Jan 2022 12:54:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199434
IP address blocks:        5.57.24.0/21 maxlen: 21
                          5.57.24.0/24 maxlen: 24
                          5.57.26.0/24 maxlen: 24
                          5.57.28.0/22 maxlen: 22
                          5.57.27.0/24 maxlen: 24
                          5.57.25.0/24 maxlen: 24
                          185.197.48.0/22 maxlen: 22
                          2a0a:6280::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179432943 (0xab1edef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
        Validity
            Not Before: Jan  1 12:54:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5733a2c05f6762f1031685ecf6d3273576b7ad8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d6:17:25:c3:2a:c3:15:09:8c:f6:5d:0d:26:
                    48:ad:ec:fd:8c:49:5d:c0:57:3c:a4:3f:6b:85:4e:
                    49:6b:af:29:b1:f3:78:3c:13:77:2e:f8:4b:a6:b4:
                    05:95:f4:82:1f:33:5c:9d:ac:f9:58:3c:03:d4:c0:
                    40:ec:8f:e1:a9:ba:8a:d8:7f:09:e3:4f:88:4c:83:
                    d2:05:c8:bf:a4:51:e7:33:e5:86:e2:1d:47:ac:7f:
                    68:19:48:4d:db:3c:d5:08:fc:e0:25:b0:70:14:b6:
                    8c:32:f2:be:2e:6e:5f:3f:6e:46:b1:e7:3f:c0:f5:
                    16:ef:c6:e4:64:d6:45:21:48:c7:c6:76:0b:dc:83:
                    69:c6:2b:f4:94:cd:ca:56:9d:f6:4c:d5:62:d3:35:
                    33:a1:25:0e:29:20:d9:c8:2d:aa:73:97:4b:8e:8f:
                    82:e0:3c:35:33:fe:ad:a0:95:6f:bf:9a:54:af:85:
                    e4:f0:ef:20:48:8e:7a:d9:83:20:8d:73:a7:42:16:
                    87:98:a0:56:46:79:f1:49:13:1f:ca:fc:64:3b:91:
                    09:b6:83:55:dc:7f:b5:b0:f5:05:28:b5:0d:a4:01:
                    04:22:56:a0:d1:2a:30:56:a5:7a:eb:87:de:c1:f4:
                    c3:f3:6f:7e:6b:e4:ba:51:9f:c8:29:39:20:2a:f4:
                    11:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:33:A2:C0:5F:67:62:F1:03:16:85:EC:F6:D3:27:35:76:B7:AD:8F
            X509v3 Authority Key Identifier:
                keyid:B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/VzOiwF9nYvEDFoXs9tMnNXa3rY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.24.0/21
                  185.197.48.0/22
                IPv6:
                  2a0a:6280::/29

    Signature Algorithm: sha256WithRSAEncryption
         44:cf:d8:49:4a:18:0f:6f:50:51:e6:83:6e:70:23:6c:a8:09:
         61:59:95:bc:14:49:b8:05:e0:a6:21:96:62:b5:44:21:36:5b:
         9e:36:9f:84:fa:29:44:c2:25:18:2c:b4:49:e8:2b:1f:b8:10:
         0a:a5:72:a8:16:ab:5d:da:d9:90:38:7a:ae:85:1b:15:98:cd:
         9e:5b:7a:8a:3d:ac:be:57:68:1d:d8:51:bb:bc:2b:aa:73:a8:
         01:14:db:ae:2d:db:fd:05:0d:78:a4:7e:6a:0a:6b:51:80:69:
         f8:5f:d6:29:54:a3:b9:99:9e:69:c5:f3:1f:8a:83:00:c9:dc:
         d5:4e:55:73:38:46:78:e0:4f:ae:72:1c:75:c0:1b:73:7d:2f:
         16:a2:9b:2e:66:9f:7d:02:33:f2:b8:d2:fe:ed:00:59:90:41:
         d4:00:e8:ed:fd:a6:2c:4d:38:46:dc:56:70:b9:fd:65:09:02:
         f5:46:62:e7:63:ce:88:be:31:0e:da:e0:7d:28:33:5b:5a:6b:
         f8:41:d3:0b:82:40:98:97:db:2c:64:4a:eb:62:6e:99:a4:68:
         9e:ea:2c:c3:aa:b7:d3:19:21:d5:8c:d8:40:78:46:56:d9:cc:
         5b:3e:53:b4:73:74:f0:22:f1:79:27:c3:f4:16:96:71:01:4e:
         66:81:bf:ac
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECrHt7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmZlNjNlZThhMjNmNDkxNmU0MDUzNTMxZTY5NTBkYjZjMzFlODA1MB4XDTIyMDEw
MTEyNTQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTczM2EyYzA1ZjY3
NjJmMTAzMTY4NWVjZjZkMzI3MzU3NmI3YWQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODWFyXDKsMVCYz2XQ0mSK3s/YxJXcBXPKQ/a4VOSWuvKbHz
eDwTdy74S6a0BZX0gh8zXJ2s+Vg8A9TAQOyP4am6ith/CeNPiEyD0gXIv6RR5zPl
huIdR6x/aBlITds81Qj84CWwcBS2jDLyvi5uXz9uRrHnP8D1Fu/G5GTWRSFIx8Z2
C9yDacYr9JTNylad9kzVYtM1M6ElDikg2cgtqnOXS46PguA8NTP+raCVb7+aVK+F
5PDvIEiOetmDII1zp0IWh5igVkZ58UkTH8r8ZDuRCbaDVdx/tbD1BSi1DaQBBCJW
oNEqMFaleuuH3sH0w/NvfmvkulGfyCk5ICr0EUkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRXM6LAX2di8QMWhez20yc1dretjzAfBgNVHSMEGDAWgBS2/mPuiiP0kW5A
U1MeaVDbbDHoBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R2NWo3b29qOUpGdVFGTlRIbWxRMjJ3eDZBVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvN2VkYmNmLWI5MGYtNDcwNy1iMjg5LWEzZDM3N2M2ZmVlZi8x
L1Z6T2l3RjluWXZFREZvWHM5dE1uTlhhM3JZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
N2VkYmNmLWI5MGYtNDcwNy1iMjg5LWEzZDM3N2M2ZmVlZi8xL3R2NWo3b29qOUpG
dVFGTlRIbWxRMjJ3eDZBVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwU5GAMEArnFMDANBAIAAjAHAwUD
KgpigDANBgkqhkiG9w0BAQsFAAOCAQEARM/YSUoYD29QUeaDbnAjbKgJYVmVvBRJ
uAXgpiGWYrVEITZbnjafhPopRMIlGCy0SegrH7gQCqVyqBarXdrZkDh6roUbFZjN
nlt6ij2svldoHdhRu7wrqnOoARTbri3b/QUNeKR+agprUYBp+F/WKVSjuZmeacXz
H4qDAMnc1U5VczhGeOBPrnIcdcAbc30vFqKbLmaffQIz8rjS/u0AWZBB1ADo7f2m
LE04RtxWcLn9ZQkC9UZi52POiL4xDtrgfSgzW1pr+EHTC4JAmJfbLGRK62JumaRo
nuosw6q30xkh1YzYQHhGVtnMWz5TtHN08CLxeSfD9BaWcQFOZoG/rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:35 2024 by rpki-client on console-fra.rpki-client.org