Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/mT58IblLvktb_Ulp_bGL8Wm9rEI.roa
File:                     mT58IblLvktb_Ulp_bGL8Wm9rEI.roa (raw, json)
Hash identifier:          Dr0ds3VpP7G/08pqrDfovdm6ci3tXQ9iXFyMu2kJV/A=
Subject key identifier:   99:3E:7C:21:B9:4B:BE:4B:5B:FD:49:69:FD:B1:8B:F1:69:BD:AC:42
Certificate issuer:       /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial:       0A3E24B2
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/mT58IblLvktb_Ulp_bGL8Wm9rEI.roa
Signing time:             Tue 10 May 2022 15:58:06 +0000
ROA not before:           Tue 10 May 2022 15:58:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47962
IP address blocks:        176.106.224.0/24 maxlen: 24
                          176.106.230.0/24 maxlen: 24
                          37.122.152.0/22 maxlen: 22
                          37.122.153.0/24 maxlen: 24
                          37.122.157.0/24 maxlen: 24
                          37.122.156.0/23 maxlen: 23
                          37.122.156.0/24 maxlen: 24
                          37.122.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171844786 (0xa3e24b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
        Validity
            Not Before: May 10 15:58:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=993e7c21b94bbe4b5bfd4969fdb18bf169bdac42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:4a:4c:1e:a0:83:4b:2c:6a:c1:17:d2:02:3e:
                    92:c8:72:40:8c:e8:de:b1:ca:45:cc:91:d7:61:20:
                    65:dd:38:25:1e:a6:51:09:62:51:63:4f:a6:f1:55:
                    74:08:e8:6d:61:ad:de:98:bf:78:bc:9e:a7:6b:4f:
                    73:64:d2:4d:9b:1f:11:e8:00:63:a8:50:d4:7b:f1:
                    09:21:20:98:f7:d6:cf:07:b3:70:88:dd:88:df:9d:
                    4a:2b:09:3c:cd:a8:01:6c:e3:af:b5:47:dd:0d:2c:
                    a5:cb:7c:f3:39:63:ea:3f:ba:08:fa:8e:e4:47:0b:
                    50:a2:55:28:99:16:7c:18:8d:ac:4d:11:89:02:41:
                    c1:01:63:03:ac:b9:bd:a8:4c:5c:81:c3:21:de:12:
                    15:18:c3:d6:dd:5a:5e:50:71:b7:35:09:26:9d:0d:
                    b9:63:b1:0c:bd:9e:0c:fa:68:f5:ae:d6:7c:86:61:
                    f0:72:f2:db:6e:c6:13:2b:b6:7c:ab:8e:08:a6:8e:
                    6b:60:88:6f:8a:52:86:f4:bb:d1:12:ff:b1:be:7a:
                    6d:50:c4:34:3f:1b:c3:db:a0:60:e3:1e:dc:50:18:
                    e9:19:e5:a7:e6:dd:37:60:ea:94:74:53:49:07:b9:
                    fc:e8:cc:25:51:c1:9a:6f:71:43:c1:3a:d0:94:59:
                    13:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:3E:7C:21:B9:4B:BE:4B:5B:FD:49:69:FD:B1:8B:F1:69:BD:AC:42
            X509v3 Authority Key Identifier:
                keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/mT58IblLvktb_Ulp_bGL8Wm9rEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.122.152.0-37.122.157.255
                  176.106.224.0/24
                  176.106.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:2c:89:4f:1c:44:41:d1:99:4b:ac:50:d1:f4:4a:6a:2b:a2:
         bf:b6:b5:5c:65:cf:03:3f:24:90:2b:f8:3e:c5:80:b1:ac:fa:
         7c:dd:9c:27:4b:f4:7c:c1:e0:fd:70:30:5c:5f:79:a7:af:95:
         0a:2a:58:13:22:e0:8e:0b:f5:34:11:0d:1e:31:46:f8:fd:93:
         89:89:6c:d8:31:27:ab:94:4d:ef:cc:59:48:0a:38:e0:ff:b9:
         04:7e:02:8f:0b:8c:a6:b1:24:64:4f:73:64:ab:80:7f:82:11:
         bb:62:f0:0f:ff:82:a4:0f:64:7d:e5:67:55:82:f5:93:51:00:
         ad:99:53:d8:ae:0d:40:d3:a3:46:b7:45:4e:d3:20:33:65:97:
         ed:e0:bb:b5:02:7f:48:3c:72:d1:27:87:27:41:d2:b0:a5:a7:
         39:17:e6:c6:d5:7a:e6:ed:25:3c:1a:1d:59:f9:81:df:03:26:
         bf:2c:95:ee:a9:61:63:dd:c0:2e:24:f6:63:44:1d:19:53:51:
         40:e7:c8:a2:13:cb:45:bb:ff:2c:c2:01:87:3c:6b:46:46:e4:
         cc:c0:76:6c:b3:87:38:26:47:a1:62:37:5a:8a:6e:6e:c8:99:
         fe:26:8b:6d:20:a5:6e:15:4d:b9:8f:0c:6f:05:0a:cc:40:19:
         9a:23:0f:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECj4ksjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGQxNzFmOTNjYzFjYTcxNmZjODA2ZTM2YTU1ODUyY2RmNGYxYzFjMB4XDTIyMDUx
MDE1NTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkzZTdjMjFiOTRi
YmU0YjViZmQ0OTY5ZmRiMThiZjE2OWJkYWM0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlKTB6gg0ssasEX0gI+kshyQIzo3rHKRcyR12EgZd04JR6m
UQliUWNPpvFVdAjobWGt3pi/eLyep2tPc2TSTZsfEegAY6hQ1HvxCSEgmPfWzwez
cIjdiN+dSisJPM2oAWzjr7VH3Q0spct88zlj6j+6CPqO5EcLUKJVKJkWfBiNrE0R
iQJBwQFjA6y5vahMXIHDId4SFRjD1t1aXlBxtzUJJp0NuWOxDL2eDPpo9a7WfIZh
8HLy227GEyu2fKuOCKaOa2CIb4pShvS70RL/sb56bVDEND8bw9ugYOMe3FAY6Rnl
p+bdN2DqlHRTSQe5/OjMJVHBmm9xQ8E60JRZE5MCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSZPnwhuUu+S1v9SWn9sYvxab2sQjAfBgNVHSMEGDAWgBRk0XH5PMHKcW/I
BuNqVYUs308cHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pORngtVHpCeW5GdnlBYmphbFdGTE45UEhCdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvZjJkOWRmLTE2ZWItNDQ5ZS04M2YwLWE0NjM1ZGY0N2Q3MC8x
L21UNThJYmxMdmt0Yl9VbHBfYkdMOFdtOXJFSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
ZjJkOWRmLTE2ZWItNDQ5ZS04M2YwLWE0NjM1ZGY0N2Q3MC8xL1pORngtVHpCeW5G
dnlBYmphbFdGTE45UEhCdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQDJXqYAwQBJXqcAwQAsGrgAwQA
sGrmMA0GCSqGSIb3DQEBCwUAA4IBAQBzLIlPHERB0ZlLrFDR9EpqK6K/trVcZc8D
PySQK/g+xYCxrPp83ZwnS/R8weD9cDBcX3mnr5UKKlgTIuCOC/U0EQ0eMUb4/ZOJ
iWzYMSerlE3vzFlICjjg/7kEfgKPC4ymsSRkT3Nkq4B/ghG7YvAP/4KkD2R95WdV
gvWTUQCtmVPYrg1A06NGt0VO0yAzZZft4Lu1An9IPHLRJ4cnQdKwpac5F+bG1Xrm
7SU8Gh1Z+YHfAya/LJXuqWFj3cAuJPZjRB0ZU1FA58iiE8tFu/8swgGHPGtGRuTM
wHZss4c4JkehYjdaim5uyJn+JottIKVuFU25jwxvBQrMQBmaIw8e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:10 2024 by rpki-client on console-fra.rpki-client.org