Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/b4xbjPdWc0GppuDzXCEKOHNuvOs.roa
File:                     b4xbjPdWc0GppuDzXCEKOHNuvOs.roa (raw, json)
Hash identifier:          viHu0QVjr0KFMZPTpgUtjvhP4caLdSa9aO7dtSvOVbA=
Subject key identifier:   6F:8C:5B:8C:F7:56:73:41:A9:A6:E0:F3:5C:21:0A:38:73:6E:BC:EB
Certificate issuer:       /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial:       056ABF54
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/b4xbjPdWc0GppuDzXCEKOHNuvOs.roa
Signing time:             Thu 09 Jun 2022 14:31:02 +0000
ROA not before:           Thu 09 Jun 2022 14:31:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48158
IP address blocks:        176.58.41.0/24 maxlen: 24
                          176.58.40.0/23 maxlen: 24
                          176.58.39.0/24 maxlen: 24
                          176.58.38.0/23 maxlen: 24
                          176.58.43.0/24 maxlen: 24
                          176.58.42.0/24 maxlen: 24
                          176.58.48.0/23 maxlen: 23
                          176.58.47.0/24 maxlen: 24
                          176.58.46.0/24 maxlen: 24
                          176.58.45.0/24 maxlen: 24
                          176.58.50.0/24 maxlen: 24
                          176.58.55.0/24 maxlen: 24
                          176.58.54.0/24 maxlen: 24
                          176.58.53.0/24 maxlen: 24
                          176.58.57.0/24 maxlen: 24
                          185.190.190.0/24 maxlen: 24
                          212.124.96.0/22 maxlen: 24
                          212.124.100.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90881876 (0x56abf54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
        Validity
            Not Before: Jun  9 14:31:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f8c5b8cf7567341a9a6e0f35c210a38736ebceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:73:8f:22:b7:c1:fe:dc:2c:33:d7:e1:bb:69:
                    f2:df:91:e1:c5:1a:e5:ca:4f:0c:a7:d1:1e:90:81:
                    90:48:ec:0e:4a:85:06:da:ee:2b:17:32:53:9f:80:
                    3c:42:32:b2:cb:d7:32:18:c7:c7:44:90:98:6a:ed:
                    55:93:b9:ed:12:c6:af:15:cb:90:a6:a4:7c:00:24:
                    39:f5:27:a0:83:79:0b:c3:e6:37:57:a6:13:40:3f:
                    76:51:ac:0a:fd:97:43:79:07:0c:6f:dd:91:a9:16:
                    7c:29:14:a0:79:c2:77:af:81:a5:2e:68:7e:f9:57:
                    bd:ea:30:e8:71:68:84:e5:2a:74:c9:26:b0:4f:ed:
                    3c:c0:53:5b:15:8b:05:05:f4:10:ce:57:35:5a:13:
                    69:68:d6:fd:7b:94:8e:3e:6d:58:4c:b9:ff:b6:6c:
                    3a:5c:e6:79:e3:43:2c:d4:c4:de:75:fe:f8:4e:46:
                    91:e6:d6:ca:fe:6f:f3:7e:c8:fd:a0:03:6b:81:c6:
                    2c:91:43:6b:49:ea:c1:02:c0:91:0e:30:6f:a8:5d:
                    a4:b5:5f:36:ff:c3:a6:be:8d:5a:cf:97:95:0c:27:
                    8e:af:77:98:c6:ed:28:f1:3c:33:a2:15:b4:ac:a0:
                    c9:74:09:e5:cc:91:13:54:b7:07:84:ec:97:49:39:
                    68:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:8C:5B:8C:F7:56:73:41:A9:A6:E0:F3:5C:21:0A:38:73:6E:BC:EB
            X509v3 Authority Key Identifier:
                keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/b4xbjPdWc0GppuDzXCEKOHNuvOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.38.0-176.58.43.255
                  176.58.45.0-176.58.50.255
                  176.58.53.0-176.58.55.255
                  176.58.57.0/24
                  185.190.190.0/24
                  212.124.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         91:e6:ab:ae:a0:f6:72:22:fc:50:a4:8d:03:66:40:ff:62:30:
         d2:ba:e3:a0:d1:17:88:6e:aa:f0:18:89:9e:48:9b:ce:1b:21:
         89:20:34:cc:7c:fc:d3:aa:59:f3:7e:97:09:d2:c9:0c:db:f1:
         bd:d8:eb:7d:9b:ea:de:a9:8a:9d:42:44:cc:a2:9b:8b:20:ee:
         7d:a8:df:ca:b5:fb:7b:8d:c6:ee:2d:d8:15:4d:e5:6f:ee:4e:
         ba:12:80:ac:cb:1a:f8:2c:f6:68:ec:16:0f:62:1b:e7:e9:a7:
         27:75:9b:89:84:c1:f9:cc:be:e3:8a:35:64:22:25:ac:5d:c0:
         1b:a8:d8:8d:04:f6:16:8b:a8:6c:a8:f8:9f:30:c5:b8:fb:41:
         73:7d:67:28:8d:6e:fd:85:d5:aa:62:24:a9:05:56:b5:85:d9:
         4c:69:68:24:e2:77:cd:f4:22:50:25:8f:af:3a:5b:f0:26:07:
         3a:09:00:76:c3:76:95:92:57:6c:54:63:50:d5:9a:e9:34:b8:
         38:69:a1:ea:34:e9:99:33:a6:8d:2f:9e:23:2c:d5:b4:c9:81:
         fe:68:a1:44:bf:22:e3:9e:54:73:32:25:e9:06:6b:36:44:c3:
         6c:58:a3:f9:db:48:4a:f3:e2:c7:7d:f7:85:14:b9:6d:e1:42:
         52:48:0f:d3
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEBWq/VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzY3NGQ1ODg0YTUwYTg0ZTA3ZGJkZjY3OThkZGNiYjljYzIwMzJlMB4XDTIyMDYw
OTE0MzEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY4YzViOGNmNzU2
NzM0MWE5YTZlMGYzNWMyMTBhMzg3MzZlYmNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJzjyK3wf7cLDPX4btp8t+R4cUa5cpPDKfRHpCBkEjsDkqF
BtruKxcyU5+APEIyssvXMhjHx0SQmGrtVZO57RLGrxXLkKakfAAkOfUnoIN5C8Pm
N1emE0A/dlGsCv2XQ3kHDG/dkakWfCkUoHnCd6+BpS5ofvlXveow6HFohOUqdMkm
sE/tPMBTWxWLBQX0EM5XNVoTaWjW/XuUjj5tWEy5/7ZsOlzmeeNDLNTE3nX++E5G
kebWyv5v837I/aADa4HGLJFDa0nqwQLAkQ4wb6hdpLVfNv/Dpr6NWs+XlQwnjq93
mMbtKPE8M6IVtKygyXQJ5cyRE1S3B4Tsl0k5aOcCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRvjFuM91ZzQamm4PNcIQo4c2686zAfBgNVHSMEGDAWgBSjZ01YhKUKhOB9
vfZ5jdy7nMIDLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28yZE5XSVNsQ29UZ2ZiMzJlWTNjdTV6Q0F5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvODA2NTMyLTU0ZTktNGI0OS1iOGE3LTllMjIwZjA0YTkwMS8x
L2I0eGJqUGRXYzBHcHB1RHpYQ0VLT0hOdXZPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ODA2NTMyLTU0ZTktNGI0OS1iOGE3LTllMjIwZjA0YTkwMS8xL28yZE5XSVNsQ29U
Z2ZiMzJlWTNjdTV6Q0F5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPDAMAwQBsDomAwQCsDooMAwDBACwOi0D
BACwOjIwDAMEALA6NQMEA7A6MAMEALA6OQMEALm+vgMEA9R8YDANBgkqhkiG9w0B
AQsFAAOCAQEAkearrqD2ciL8UKSNA2ZA/2Iw0rrjoNEXiG6q8BiJnkibzhshiSA0
zHz806pZ836XCdLJDNvxvdjrfZvq3qmKnUJEzKKbiyDufajfyrX7e43G7i3YFU3l
b+5OuhKArMsa+Cz2aOwWD2Ib5+mnJ3WbiYTB+cy+44o1ZCIlrF3AG6jYjQT2Fouo
bKj4nzDFuPtBc31nKI1u/YXVqmIkqQVWtYXZTGloJOJ3zfQiUCWPrzpb8CYHOgkA
dsN2lZJXbFRjUNWa6TS4OGmh6jTpmTOmjS+eIyzVtMmB/mihRL8i455UczIl6QZr
NkTDbFij+dtISvPix333hRS5beFCUkgP0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org