Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQjWm6N3VGSwV3N5QEob1KOQ4LU.roa
File:                     PQjWm6N3VGSwV3N5QEob1KOQ4LU.roa (raw, json)
Hash identifier:          iC3V+LrYK5LbmlGPh6whfs9/SnBBa87yA+flfr9eX7E=
Subject key identifier:   3D:08:D6:9B:A3:77:54:64:B0:57:73:79:40:4A:1B:D4:A3:90:E0:B5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1E5AD8CA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQjWm6N3VGSwV3N5QEob1KOQ4LU.roa
Signing time:             Wed 11 May 2022 07:39:02 +0000
ROA not before:           Wed 11 May 2022 07:39:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     393398
IP address blocks:        81.161.237.0/24 maxlen: 24
                          193.58.120.0/24 maxlen: 24
                          193.58.122.0/24 maxlen: 24
                          193.58.121.0/24 maxlen: 24
                          193.58.123.0/24 maxlen: 24
                          193.42.33.0/24 maxlen: 24
                          193.42.35.0/24 maxlen: 24
                          193.42.32.0/24 maxlen: 24
                          193.42.34.0/24 maxlen: 24
                          82.115.208.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 509270218 (0x1e5ad8ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 11 07:39:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d08d69ba3775464b0577379404a1bd4a390e0b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3f:2a:42:06:bf:65:74:6d:62:3f:69:c0:f6:
                    16:16:4e:ea:ae:f9:4e:27:8f:40:f3:2f:43:10:79:
                    f1:79:95:8b:77:7f:f6:41:d2:f4:5f:e7:2b:c1:73:
                    84:2d:bb:3d:9c:73:72:a6:19:34:c3:e8:c5:be:77:
                    b3:3b:b8:75:68:fe:9a:e4:b0:41:21:82:ac:cb:4f:
                    27:a2:95:25:13:cd:fc:00:1b:20:6c:d7:6a:90:ae:
                    54:81:f1:f9:ad:1d:8a:d3:21:82:56:38:6e:5b:99:
                    b0:27:0d:0a:4a:18:4e:41:2b:57:37:7f:0c:0d:6f:
                    ba:e4:73:43:23:d4:ac:f5:6d:f8:69:2a:8f:f5:1e:
                    c2:2f:70:f2:d8:14:4e:79:37:5a:8e:f2:ad:e3:07:
                    48:e6:9c:ed:dd:91:36:1d:20:29:c0:a4:ed:9d:6e:
                    ff:06:d5:ed:9d:46:fc:58:be:c3:cf:ab:ed:77:65:
                    a0:4d:48:26:32:c3:19:2d:78:33:1f:0d:00:ad:e7:
                    5b:27:eb:e4:98:c0:26:e5:40:a9:56:2f:21:98:78:
                    9f:30:02:d7:5d:b5:6e:e3:30:53:d6:93:b6:c1:fa:
                    6f:29:73:6c:59:30:eb:f4:8b:7d:c0:ba:ca:f6:e0:
                    ef:a2:d7:c9:75:40:2d:df:fb:ed:92:09:10:ed:5e:
                    03:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:08:D6:9B:A3:77:54:64:B0:57:73:79:40:4A:1B:D4:A3:90:E0:B5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PQjWm6N3VGSwV3N5QEob1KOQ4LU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.237.0/24
                  82.115.208.0/22
                  193.42.32.0/22
                  193.58.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:34:10:37:4f:9b:86:d0:8a:dd:91:ae:52:46:c2:65:79:1d:
         c1:d1:38:b5:3b:8b:eb:7b:14:f3:1c:51:b0:0c:ab:91:f3:66:
         23:44:da:04:1c:82:33:59:c4:7f:2e:dd:b2:bd:3d:e6:47:31:
         f5:e5:ef:6e:05:1b:a4:2c:87:46:cf:e4:8b:53:5f:f7:4f:ca:
         93:62:dd:d1:2c:b2:ca:5c:0b:0c:28:a1:bf:5a:32:b3:de:05:
         08:c7:e8:9e:bd:3e:0a:d9:78:fe:0b:ae:93:8b:7c:87:2c:b9:
         3b:f0:27:3b:46:d8:bc:b2:1d:ef:55:e2:33:28:cd:0c:c8:a9:
         44:c5:5a:c0:5c:17:78:4c:e3:71:a3:d3:a0:21:bb:7f:97:c2:
         1e:84:b1:b1:98:da:f5:2e:93:93:5f:6d:b2:c8:74:34:90:63:
         2f:64:26:79:f6:fa:8e:58:06:5b:fb:7a:3c:23:dc:21:8e:35:
         2e:ee:34:9d:17:d5:0e:a0:03:bc:a4:9e:40:72:1c:09:1c:17:
         74:8c:98:cd:3e:5c:1f:4e:97:b2:7f:eb:d0:d5:8f:58:37:4b:
         c0:bb:73:2c:06:46:91:ff:12:2f:e3:e5:15:a5:3e:b7:89:f7:
         62:45:8d:b7:3f:80:18:b1:0e:b8:2b:08:9f:cd:c5:b7:3a:b5:
         0d:b1:9b:46
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHlrYyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
MTA3MzkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QwOGQ2OWJhMzc3
NTQ2NGIwNTc3Mzc5NDA0YTFiZDRhMzkwZTBiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKc/KkIGv2V0bWI/acD2FhZO6q75TiePQPMvQxB58XmVi3d/
9kHS9F/nK8FzhC27PZxzcqYZNMPoxb53szu4dWj+muSwQSGCrMtPJ6KVJRPN/AAb
IGzXapCuVIHx+a0ditMhglY4bluZsCcNCkoYTkErVzd/DA1vuuRzQyPUrPVt+Gkq
j/Uewi9w8tgUTnk3Wo7yreMHSOac7d2RNh0gKcCk7Z1u/wbV7Z1G/Fi+w8+r7Xdl
oE1IJjLDGS14Mx8NAK3nWyfr5JjAJuVAqVYvIZh4nzAC1121buMwU9aTtsH6bylz
bFkw6/SLfcC6yvbg76LXyXVALd/77ZIJEO1eAykCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ9CNabo3dUZLBXc3lAShvUo5DgtTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1BRaldtNk4zVkdTd1YzTjVRRW9iMUtPUTRMVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFGh7QMEAlJz0AMEAsEqIAMEAsE6
eDANBgkqhkiG9w0BAQsFAAOCAQEAQzQQN0+bhtCK3ZGuUkbCZXkdwdE4tTuL63sU
8xxRsAyrkfNmI0TaBByCM1nEfy7dsr095kcx9eXvbgUbpCyHRs/ki1Nf90/Kk2Ld
0SyyylwLDCihv1oys94FCMfonr0+Ctl4/guuk4t8hyy5O/AnO0bYvLId71XiMyjN
DMipRMVawFwXeEzjcaPToCG7f5fCHoSxsZja9S6Tk19tssh0NJBjL2Qmefb6jlgG
W/t6PCPcIY41Lu40nRfVDqADvKSeQHIcCRwXdIyYzT5cH06Xsn/r0NWPWDdLwLtz
LAZGkf8SL+PlFaU+t4n3YkWNtz+AGLEOuCsIn83Ftzq1DbGbRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:32 2024 by rpki-client on console-ams.rpki-client.org