Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/W9qHJ5ceP8shjD22910-adHhGWs.roa
File:                     W9qHJ5ceP8shjD22910-adHhGWs.roa (raw, json)
Hash identifier:          t4LMZ51DR0plxm6AHammc0pqxKmsFq4Mna1TyEKdbMw=
Subject key identifier:   5B:DA:87:27:97:1E:3F:CB:21:8C:3D:B6:F7:5D:3E:69:D1:E1:19:6B
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018499E38640A6CEE2BC372E24B213431637
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/W9qHJ5ceP8shjD22910-adHhGWs.roa
Signing time:             Mon 21 Nov 2022 11:12:15 +0000
ROA not before:           Mon 21 Nov 2022 11:12:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42237
IP address blocks:        193.105.134.0/24 maxlen: 24
                          91.236.116.0/24 maxlen: 24
                          185.217.2.0/24 maxlen: 24
                          185.217.1.0/24 maxlen: 24
                          185.217.0.0/24 maxlen: 24
                          185.246.130.0/24 maxlen: 24
                          185.246.129.0/24 maxlen: 24
                          185.246.128.0/24 maxlen: 24
                          2a0d:8986::/32 maxlen: 32
                          2a0d:8985::/32 maxlen: 32
                          2a0d:8982::/32 maxlen: 32
                          2a0d:8981::/32 maxlen: 32
                          2a0b:c040::/32 maxlen: 32
                          2a0d:8987::/32 maxlen: 32
                          2a0d:8984::/32 maxlen: 32
                          2a0d:8980::/32 maxlen: 32
                          2a0b:c041::/32 maxlen: 32
                          2a0d:8983::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:e3:86:40:a6:ce:e2:bc:37:2e:24:b2:13:43:16:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Nov 21 11:12:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5bda8727971e3fcb218c3db6f75d3e69d1e1196b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:56:ed:cc:2a:e2:a8:fa:1a:11:f5:a1:8f:5e:
                    bc:7c:7d:c5:08:d9:31:81:3f:59:e0:ae:25:aa:89:
                    07:7a:e0:c6:53:15:6d:c3:cf:d9:83:eb:f1:b2:0c:
                    8b:90:dc:53:28:e2:08:ef:f8:88:4a:4b:90:bd:17:
                    f8:01:a7:42:33:5f:a3:a3:24:fe:df:17:fc:03:fa:
                    0a:db:ec:d4:99:d2:b3:f1:75:6a:bc:1a:9c:12:80:
                    dd:b1:67:f6:1c:26:7c:dd:02:8a:6a:22:b5:8b:8c:
                    d3:0e:16:67:19:f1:84:28:96:c8:77:b8:ee:e9:9b:
                    ee:9b:b7:ba:07:63:da:84:5e:8d:44:69:20:3d:18:
                    97:45:59:bb:07:2f:ef:c6:8d:35:70:bf:c0:a6:a2:
                    5f:3f:c6:3c:63:db:0d:82:09:2c:46:a2:ad:db:87:
                    d2:5c:0c:41:b6:08:26:a7:b6:cf:a1:80:60:86:bb:
                    7a:7c:9b:49:9d:23:9b:ba:cc:7a:b1:6b:88:8b:4b:
                    de:7e:c5:b6:78:a3:38:50:99:6f:c4:5c:3a:46:6f:
                    0e:8f:15:c8:40:2d:96:58:c0:64:69:ab:f7:12:7c:
                    2e:30:34:12:13:8a:ec:d4:77:81:f2:40:71:f6:44:
                    1f:00:da:06:30:8a:a4:5e:90:69:a5:cc:78:88:2d:
                    d2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DA:87:27:97:1E:3F:CB:21:8C:3D:B6:F7:5D:3E:69:D1:E1:19:6B
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/W9qHJ5ceP8shjD22910-adHhGWs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.236.116.0/24
                  185.217.0.0-185.217.2.255
                  185.246.128.0-185.246.130.255
                  193.105.134.0/24
                IPv6:
                  2a0b:c040::/31
                  2a0d:8980::/29

    Signature Algorithm: sha256WithRSAEncryption
         d3:42:72:4b:83:3b:51:51:f4:32:72:94:de:fd:cf:36:2c:63:
         9b:ba:22:30:bf:02:56:53:0c:9f:18:20:d2:2a:0b:a8:b3:54:
         cd:e0:5e:45:e1:31:11:80:32:2a:5c:b2:0d:2e:71:5e:62:b1:
         8f:8f:85:97:75:7b:bc:50:fb:3c:8f:65:23:83:35:7b:ed:6a:
         9b:dd:54:da:3e:d4:b6:44:71:fc:58:0a:da:2a:8a:d4:d2:05:
         98:ab:d8:53:66:ac:4e:69:27:85:24:77:f5:cf:3b:97:92:63:
         21:47:75:99:1d:d4:57:f3:c4:a4:93:7f:eb:18:84:73:cc:1a:
         4f:ec:61:d6:0b:31:20:e8:66:07:a8:cf:70:db:ac:a6:de:e8:
         10:be:93:4e:5c:78:a3:b3:0e:a9:79:35:bb:60:71:17:14:66:
         64:ad:6d:66:45:55:74:f5:ab:2b:93:5b:24:4e:bf:b1:05:a3:
         f9:1a:4b:7c:d0:9f:18:ec:5e:f5:a0:55:c9:1f:71:be:47:de:
         de:b6:01:9c:f3:ba:b2:9c:34:f1:67:77:f0:b3:a5:d7:05:33:
         37:a0:28:b6:1f:71:81:c7:21:fe:31:7a:5c:5c:30:05:a5:37:
         3d:67:71:5d:f0:a1:ec:f6:e8:f4:7d:4f:bb:af:20:03:c1:84:
         d6:06:a9:6e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYSZ44ZAps7ivDcuJLITQxY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjIxMTIxMTExMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRhODcyNzk3MWUzZmNiMjE4YzNkYjZmNzVkM2U2OWQxZTExOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lbtzCriqPoaEfWhj168fH3FCNkx
gT9Z4K4lqokHeuDGUxVtw8/Zg+vxsgyLkNxTKOII7/iISkuQvRf4AadCM1+joyT+
3xf8A/oK2+zUmdKz8XVqvBqcEoDdsWf2HCZ83QKKaiK1i4zTDhZnGfGEKJbId7ju
6Zvum7e6B2PahF6NRGkgPRiXRVm7By/vxo01cL/ApqJfP8Y8Y9sNggksRqKt24fS
XAxBtggmp7bPoYBghrt6fJtJnSObusx6sWuIi0vefsW2eKM4UJlvxFw6Rm8OjxXI
QC2WWMBkaav3EnwuMDQSE4rs1HeB8kBx9kQfANoGMIqkXpBppcx4iC3SyQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFFvahyeXHj/LIYw9tvddPmnR4RlrMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvVzlxSEo1Y2VQOHNoakQyMjkxMC1hZEhoR1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAtBAIAATAnAwQAW+x0MAsD
AwC52QMEALnZAjAMAwQHufaAAwQAufaCAwQAwWmGMBQEAgACMA4DBQEqC8BAAwUD
Kg2JgDANBgkqhkiG9w0BAQsFAAOCAQEA00JyS4M7UVH0MnKU3v3PNixjm7oiML8C
VlMMnxgg0ioLqLNUzeBeReExEYAyKlyyDS5xXmKxj4+Fl3V7vFD7PI9lI4M1e+1q
m91U2j7UtkRx/FgK2iqK1NIFmKvYU2asTmknhSR39c87l5JjIUd1mR3UV/PEpJN/
6xiEc8waT+xh1gsxIOhmB6jPcNuspt7oEL6TTlx4o7MOqXk1u2BxFxRmZK1tZkVV
dPWrK5NbJE6/sQWj+RpLfNCfGOxe9aBVyR9xvkfe3rYBnPO6spw08Wd38LOl1wUz
N6Aoth9xgcch/jF6XFwwBaU3PWdxXfCh7Pbo9H1Pu68gA8GE1gapbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org