Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/1BEmLQ5t0zaPmTVAWuCv0OSs3rs.roa
File:                     1BEmLQ5t0zaPmTVAWuCv0OSs3rs.roa (raw, json)
Hash identifier:          xEis7a3U14MO7b8KcPYFB5CoqvVaw4FEKZ65EHaXU8Y=
Subject key identifier:   D4:11:26:2D:0E:6D:D3:36:8F:99:35:40:5A:E0:AF:D0:E4:AC:DE:BB
Certificate issuer:       /CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Certificate serial:       018243BC352024B650C6B39D939C1B2D6E8B
Authority key identifier: 6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/1BEmLQ5t0zaPmTVAWuCv0OSs3rs.roa
Signing time:             Thu 28 Jul 2022 07:36:24 +0000
ROA not before:           Thu 28 Jul 2022 07:36:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62434
IP address blocks:        194.49.177.0/24 maxlen: 24
                          194.49.178.0/24 maxlen: 24
                          194.49.205.0/24 maxlen: 24
                          194.49.207.0/24 maxlen: 24
                          194.49.218.0/24 maxlen: 24
                          194.49.221.0/24 maxlen: 24
                          194.49.220.0/24 maxlen: 24
                          194.49.134.0/24 maxlen: 24
                          193.28.131.0/24 maxlen: 24
                          193.28.132.0/24 maxlen: 24
                          193.28.130.0/24 maxlen: 24
                          194.49.171.0/24 maxlen: 24
                          2001:67c:194c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:43:bc:35:20:24:b6:50:c6:b3:9d:93:9c:1b:2d:6e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
        Validity
            Not Before: Jul 28 07:36:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d411262d0e6dd3368f9935405ae0afd0e4acdebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d6:dd:37:06:0a:1a:bf:42:6b:41:13:ee:5e:
                    20:e5:b7:8f:b9:57:d8:95:6d:c9:c9:4a:79:ff:e1:
                    45:24:75:81:72:f0:97:cf:21:60:7a:68:95:c6:0c:
                    cc:32:9d:2c:2d:8d:4c:f5:ea:dc:40:79:f8:dd:a4:
                    af:8d:25:4a:0a:02:3a:ce:e1:bb:aa:cb:9f:a1:70:
                    55:fb:94:82:d3:68:b8:12:d0:5a:e7:d2:51:4f:e5:
                    72:3b:18:e2:fa:a8:3b:02:41:d7:cb:ef:97:f0:1d:
                    4f:b8:7d:37:d2:7a:b1:e8:1b:df:19:7f:df:12:2b:
                    f0:3a:70:9c:99:03:01:5b:d7:f1:ce:b2:22:2d:ad:
                    53:d6:1d:fe:b7:0b:e6:76:f6:14:ba:ff:ec:3a:26:
                    37:d6:b6:ff:99:e7:0f:62:61:84:bd:77:e6:64:e3:
                    d6:51:48:8b:22:07:c7:c4:5a:f4:5b:58:bb:29:a7:
                    0c:37:b6:ca:83:14:f5:af:bd:61:1f:c4:71:d1:14:
                    41:a8:d9:f5:07:b7:2b:76:0a:2e:9e:af:14:b4:c1:
                    84:5f:ee:47:d9:81:92:01:0a:3a:9a:9d:51:cd:64:
                    0d:70:37:de:e3:55:36:b5:b1:f0:91:87:09:bf:94:
                    95:e2:83:70:c2:e1:ba:0a:35:23:c6:04:e4:82:df:
                    3e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:11:26:2D:0E:6D:D3:36:8F:99:35:40:5A:E0:AF:D0:E4:AC:DE:BB
            X509v3 Authority Key Identifier:
                keyid:6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/1BEmLQ5t0zaPmTVAWuCv0OSs3rs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.28.130.0-193.28.132.255
                  194.49.134.0/24
                  194.49.171.0/24
                  194.49.177.0-194.49.178.255
                  194.49.205.0/24
                  194.49.207.0/24
                  194.49.218.0/24
                  194.49.220.0/23
                IPv6:
                  2001:67c:194c::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:3e:90:15:d3:d2:7d:f8:e2:cc:d1:31:96:4f:e1:7b:24:c8:
         cf:a9:33:45:97:c4:b1:58:77:24:b8:ec:49:2c:44:86:89:72:
         1e:3f:30:d6:fd:e5:b7:42:2d:fb:f4:49:3e:a3:0e:2c:d5:e1:
         6d:6d:ea:94:14:2e:9f:1f:f3:45:0f:3a:d9:66:51:22:a6:c7:
         36:fc:f5:3f:6a:61:ab:3e:53:97:05:e9:d4:78:5e:a0:a5:7a:
         3f:e0:1c:36:66:52:e9:d6:29:d6:fe:7e:b8:75:79:eb:42:36:
         5f:7d:8c:39:24:46:4b:59:02:f8:b9:07:13:33:e8:4a:69:88:
         39:39:0c:e5:36:17:0c:cd:2b:1d:fe:c5:57:ba:41:32:95:34:
         ba:60:f2:93:d5:06:f1:51:08:23:61:5f:f6:bd:24:c8:70:af:
         e5:b2:8c:ef:38:51:0a:92:47:c0:6b:17:63:d4:b5:64:bf:85:
         e1:4d:cc:d6:1f:e1:0e:35:9b:6b:23:b7:02:2c:50:74:3b:4d:
         c5:6f:2c:45:61:c2:48:bb:fd:88:da:88:58:2c:4a:ca:58:9d:
         43:9d:d4:b8:7e:e5:2b:5d:ec:19:2b:87:06:c0:ef:ea:36:da:
         02:08:43:f5:5b:bf:3d:a4:e5:7a:4b:29:fb:5a:0e:0b:64:44:
         b5:28:1f:8b
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYJDvDUgJLZQxrOdk5wbLW6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGM4NjdjOTc5ODcxYzdhZGIwOWY3YzYyMTliYTViMDY0
NTkzMWMwHhcNMjIwNzI4MDczNjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDExMjYyZDBlNmRkMzM2OGY5OTM1NDA1YWUwYWZkMGU0YWNkZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNbdNwYKGr9Ca0ET7l4g5bePuVfY
lW3JyUp5/+FFJHWBcvCXzyFgemiVxgzMMp0sLY1M9ercQHn43aSvjSVKCgI6zuG7
qsufoXBV+5SC02i4EtBa59JRT+VyOxji+qg7AkHXy++X8B1PuH030nqx6BvfGX/f
EivwOnCcmQMBW9fxzrIiLa1T1h3+twvmdvYUuv/sOiY31rb/mecPYmGEvXfmZOPW
UUiLIgfHxFr0W1i7KacMN7bKgxT1r71hH8Rx0RRBqNn1B7crdgounq8UtMGEX+5H
2YGSAQo6mp1RzWQNcDfe41U2tbHwkYcJv5SV4oNwwuG6CjUjxgTkgt8+swIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNQRJi0ObdM2j5k1QFrgr9DkrN67MB8GA1UdIwQY
MBaAFGoMhnyXmHHHrbCffGIZulsGRZMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUt
ZTQ1ODYzZWFjMmI0LzEvMUJFbUxRNXQwemFQbVRWQVd1Q3YwT1NzM3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUtZTQ1ODYzZWFjMmI0
LzEvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAHBHIID
BADBHIQDBADCMYYDBADCMaswDAMEAMIxsQMEAMIxsgMEAMIxzQMEAMIxzwMEAMIx
2gMEAcIx3DAPBAIAAjAJAwcAIAEGfBlMMA0GCSqGSIb3DQEBCwUAA4IBAQC0PpAV
09J9+OLM0TGWT+F7JMjPqTNFl8SxWHckuOxJLESGiXIePzDW/eW3Qi379Ek+ow4s
1eFtbeqUFC6fH/NFDzrZZlEipsc2/PU/amGrPlOXBenUeF6gpXo/4Bw2ZlLp1inW
/n64dXnrQjZffYw5JEZLWQL4uQcTM+hKaYg5OQzlNhcMzSsd/sVXukEylTS6YPKT
1QbxUQgjYV/2vSTIcK/lsozvOFEKkkfAaxdj1LVkv4XhTczWH+EONZtrI7cCLFB0
O03FbyxFYcJIu/2I2ohYLErKWJ1DndS4fuUrXewZK4cGwO/qNtoCCEP1W789pOV6
Syn7Wg4LZES1KB+L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org