Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/6k-1rgv0wkD8YUPWKg9pPqxrAF0.roa
File:                     6k-1rgv0wkD8YUPWKg9pPqxrAF0.roa (raw, json)
Hash identifier:          i5EwprHaTEhRzI8PjRGeO/kx3bhctRSwHvG+h4NrZYc=
Subject key identifier:   EA:4F:B5:AE:0B:F4:C2:40:FC:61:43:D6:2A:0F:69:3E:AC:6B:00:5D
Certificate issuer:       /CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
Certificate serial:       1A9AEBE3
Authority key identifier: AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/6k-1rgv0wkD8YUPWKg9pPqxrAF0.roa
Signing time:             Wed 09 Feb 2022 10:25:20 +0000
ROA not before:           Wed 09 Feb 2022 10:25:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199938
IP address blocks:        194.39.215.0/24 maxlen: 24
                          194.40.244.0/24 maxlen: 24
                          185.41.106.0/23 maxlen: 24
                          194.39.187.0/24 maxlen: 24
                          194.41.1.0/24 maxlen: 24
                          2a01:55e0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 446360547 (0x1a9aebe3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
        Validity
            Not Before: Feb  9 10:25:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea4fb5ae0bf4c240fc6143d62a0f693eac6b005d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a4:b7:22:66:f7:c2:42:78:0b:02:9c:10:9d:
                    c9:e4:15:64:e8:a3:b5:fc:07:f4:86:6b:ff:bc:ab:
                    6e:2c:f0:9e:c9:30:0a:9a:2c:a9:6a:12:a1:1a:39:
                    c1:19:ee:5e:de:aa:6f:33:bb:07:31:aa:41:5e:87:
                    ca:d6:81:8c:79:23:2d:e1:5d:27:2c:77:4b:8b:a8:
                    b1:1c:4f:aa:c7:c8:c2:56:14:34:46:30:b3:0e:99:
                    b7:bc:81:d5:b2:c5:2d:4a:98:c2:2f:4d:96:5b:73:
                    41:41:b9:01:81:55:fd:1b:1c:18:0e:f3:19:00:3f:
                    fc:17:15:4a:93:82:fa:1c:97:2c:4e:c2:22:00:03:
                    4e:3a:23:ef:ff:ae:93:59:1b:dd:4e:d2:57:7e:9c:
                    57:8a:63:f3:a4:c2:81:52:d6:64:ad:6f:a3:5d:25:
                    55:9f:0a:00:d7:72:bb:b6:47:1f:f7:79:e2:57:43:
                    56:ee:69:ca:41:71:1d:32:1e:27:6d:dd:a9:37:46:
                    d2:5d:4a:99:b2:00:43:45:70:af:d5:30:a8:34:9b:
                    1f:13:75:4f:0d:6c:1f:83:19:19:5a:e4:70:72:60:
                    58:52:65:7d:c4:5b:59:e9:85:98:90:42:bc:3b:02:
                    87:57:7e:93:77:de:d0:bd:f4:08:94:9e:07:58:33:
                    ed:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:4F:B5:AE:0B:F4:C2:40:FC:61:43:D6:2A:0F:69:3E:AC:6B:00:5D
            X509v3 Authority Key Identifier:
                keyid:AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/6k-1rgv0wkD8YUPWKg9pPqxrAF0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/rF6twAMoUCNv7nVutY-_BeExa14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.41.106.0/23
                  194.39.187.0/24
                  194.39.215.0/24
                  194.40.244.0/24
                  194.41.1.0/24
                IPv6:
                  2a01:55e0::/29

    Signature Algorithm: sha256WithRSAEncryption
         da:95:64:26:7f:df:8f:de:54:bf:d2:e7:a0:d2:e5:e4:4b:5f:
         99:b6:77:99:0e:d4:54:b8:17:a7:73:b0:28:a2:be:02:25:25:
         fe:4f:6d:3e:fc:3d:1e:3f:74:8a:f9:d1:8f:26:71:1b:10:1e:
         62:7d:0d:d4:82:22:4f:fa:b0:93:bc:7b:55:3d:b8:c3:e6:5a:
         65:45:97:4e:ea:f3:0f:ca:77:48:1c:a8:0e:dd:fd:1c:9f:41:
         8f:8e:cd:13:af:d1:d7:a3:17:98:b8:b3:c9:5a:f3:93:0f:d3:
         5e:7a:d5:28:6a:9d:dd:3b:cf:ff:ff:5c:9e:4f:8e:7d:11:fd:
         7e:7c:a4:ca:bc:c2:1d:f6:e8:14:af:cf:23:02:1e:c5:72:93:
         7a:55:92:30:88:26:9b:9d:d1:c2:26:a6:f5:c5:dd:61:f3:a8:
         0f:38:da:23:bf:0f:04:ef:38:ed:a9:58:e1:c9:20:d2:39:b5:
         2a:11:69:b1:39:29:b0:33:7b:8c:c6:78:b4:d8:15:33:28:1e:
         8d:89:13:ba:4c:07:8d:20:41:88:da:d3:fc:8f:54:79:18:80:
         63:01:88:91:5c:0d:80:c1:ce:b3:1d:19:3b:cf:ad:97:be:96:
         66:6b:84:09:10:55:e9:ad:b4:99:1c:7e:ba:90:74:7e:b6:87:
         37:e9:7e:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGprr4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzVlYWRjMDAzMjg1MDIzNmZlZTc1NmViNThmYmYwNWUxMzE2YjVlMB4XDTIyMDIw
OTEwMjUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE0ZmI1YWUwYmY0
YzI0MGZjNjE0M2Q2MmEwZjY5M2VhYzZiMDA1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCktyJm98JCeAsCnBCdyeQVZOijtfwH9IZr/7yrbizwnskw
CposqWoSoRo5wRnuXt6qbzO7BzGqQV6HytaBjHkjLeFdJyx3S4uosRxPqsfIwlYU
NEYwsw6Zt7yB1bLFLUqYwi9NlltzQUG5AYFV/RscGA7zGQA//BcVSpOC+hyXLE7C
IgADTjoj7/+uk1kb3U7SV36cV4pj86TCgVLWZK1vo10lVZ8KANdyu7ZHH/d54ldD
Vu5pykFxHTIeJ23dqTdG0l1KmbIAQ0Vwr9UwqDSbHxN1Tw1sH4MZGVrkcHJgWFJl
fcRbWemFmJBCvDsCh1d+k3fe0L30CJSeB1gz7ckCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTqT7WuC/TCQPxhQ9YqD2k+rGsAXTAfBgNVHSMEGDAWgBSsXq3AAyhQI2/u
dW61j78F4TFrXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JGNnR3QU1vVUNOdjduVnV0WS1fQmVFeGExNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvNTI5NzVmLWZlYjItNDMzYi1iMmRjLWMyMzhjZTQ4MTdkYi8x
LzZrLTFyZ3Ywd2tEOFlVUFdLZzlwUHF4ckFGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
NTI5NzVmLWZlYjItNDMzYi1iMmRjLWMyMzhjZTQ4MTdkYi8xL3JGNnR3QU1vVUNO
djduVnV0WS1fQmVFeGExNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAbkpagMEAMInuwMEAMIn1wMEAMIo
9AMEAMIpATANBAIAAjAHAwUDKgFV4DANBgkqhkiG9w0BAQsFAAOCAQEA2pVkJn/f
j95Uv9LnoNLl5EtfmbZ3mQ7UVLgXp3OwKKK+AiUl/k9tPvw9Hj90ivnRjyZxGxAe
Yn0N1IIiT/qwk7x7VT24w+ZaZUWXTurzD8p3SByoDt39HJ9Bj47NE6/R16MXmLiz
yVrzkw/TXnrVKGqd3TvP//9cnk+OfRH9fnykyrzCHfboFK/PIwIexXKTelWSMIgm
m53Rwiam9cXdYfOoDzjaI78PBO847alY4ckg0jm1KhFpsTkpsDN7jMZ4tNgVMyge
jYkTukwHjSBBiNrT/I9UeRiAYwGIkVwNgMHOsx0ZO8+tl76WZmuECRBV6a20mRx+
upB0fraHN+l+fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:00 2024 by rpki-client on console-ams.rpki-client.org