Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/34b4-lovHOdgtA874O-M8GCIInw.roa
File:                     34b4-lovHOdgtA874O-M8GCIInw.roa (raw, json)
Hash identifier:          atjMhq4lBPE+6sJD636ZZD211R1MHiRe5X0wOjAdll8=
Subject key identifier:   DF:86:F8:FA:5A:2F:1C:E7:60:B4:0F:3B:E0:EF:8C:F0:60:88:22:7C
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       38B755D4
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/34b4-lovHOdgtA874O-M8GCIInw.roa
Signing time:             Tue 17 May 2022 05:30:26 +0000
ROA not before:           Tue 17 May 2022 05:30:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198868
IP address blocks:        84.242.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 951539156 (0x38b755d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:30:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df86f8fa5a2f1ce760b40f3be0ef8cf06088227c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:39:ee:6a:b7:2e:d4:24:f7:c6:ca:89:f3:03:
                    e9:06:b6:b1:f3:b0:20:e9:0f:e8:dd:57:84:33:4c:
                    6c:dd:71:35:4a:d6:5d:da:85:f9:9b:be:5d:24:38:
                    22:0f:49:db:ef:50:87:48:a8:e9:eb:78:2a:a2:67:
                    03:47:c2:05:2f:81:c0:b8:0b:98:e1:ae:dd:2e:ec:
                    e2:9f:3f:0b:19:45:50:69:90:da:f3:62:8d:05:56:
                    db:5f:52:b8:4c:15:d8:20:e5:6c:42:2b:6e:ba:53:
                    ab:60:36:ca:0d:5c:e7:42:08:f0:0b:b6:33:5a:9a:
                    96:e4:c9:66:40:06:97:04:c1:84:74:56:1f:2d:23:
                    2e:e4:9b:4d:a0:e3:bb:92:f4:d2:7c:78:1c:0c:5b:
                    b0:03:4f:f5:7b:9c:51:cc:a4:cb:1a:04:9c:68:3a:
                    86:e3:f7:ae:82:b9:36:5a:d3:fb:b6:a9:ad:55:27:
                    b2:63:80:62:6c:7d:5a:58:64:26:ce:2c:f8:ea:4e:
                    e4:98:08:2d:e4:bb:35:ea:45:10:f3:96:e0:82:fd:
                    40:9b:7e:5e:9d:32:db:20:59:4e:ab:f8:49:1e:8f:
                    bf:58:5d:b0:4e:02:ee:b8:2c:41:27:62:d8:81:16:
                    2c:30:e2:63:c5:9c:02:97:94:7f:ec:4a:22:16:5d:
                    d3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:86:F8:FA:5A:2F:1C:E7:60:B4:0F:3B:E0:EF:8C:F0:60:88:22:7C
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/34b4-lovHOdgtA874O-M8GCIInw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.242.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:f4:f2:ba:36:4b:f7:26:81:ca:08:24:fc:68:72:b4:cc:e9:
         4f:2f:12:8c:99:4f:d9:2a:c7:4c:df:82:77:82:f2:4b:36:cf:
         6d:8e:40:b2:35:d5:39:15:38:d9:d3:eb:bd:d4:01:89:44:8d:
         95:47:22:0d:a7:8e:f3:27:fe:f1:cf:64:24:12:96:e7:01:74:
         bc:7c:31:bb:2a:61:d7:de:9d:01:d3:37:34:5a:f4:c0:04:0a:
         a9:0a:62:02:3f:70:a4:cf:ae:6d:e5:e4:98:c3:12:a3:3b:03:
         6b:4d:8c:20:ae:0a:b0:1e:a2:88:fb:bc:b7:ed:b7:71:74:02:
         64:78:b1:cf:81:a9:9a:ee:29:96:56:94:fa:5e:72:c0:ec:3f:
         ae:74:5b:80:69:ff:9b:c6:f9:95:3e:b2:a6:06:11:f9:a0:b4:
         11:84:6b:5e:e9:53:ad:4c:6c:10:20:69:e1:39:0b:5c:df:68:
         94:86:99:90:33:55:2f:6e:42:38:2a:cc:58:aa:e3:1a:59:78:
         fd:8d:58:b5:fa:4b:ab:3f:12:bd:70:13:77:b2:db:58:01:06:
         b2:15:0e:d9:43:31:73:5a:32:c6:cf:d8:12:19:55:69:02:0a:
         94:7b:af:6f:f7:03:78:72:12:b3:f0:d3:6b:c5:e2:2d:7a:41:
         3e:5d:33:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOLdV1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MzAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY4NmY4ZmE1YTJm
MWNlNzYwYjQwZjNiZTBlZjhjZjA2MDg4MjI3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL457mq3LtQk98bKifMD6Qa2sfOwIOkP6N1XhDNMbN1xNUrW
XdqF+Zu+XSQ4Ig9J2+9Qh0io6et4KqJnA0fCBS+BwLgLmOGu3S7s4p8/CxlFUGmQ
2vNijQVW219SuEwV2CDlbEIrbrpTq2A2yg1c50II8Au2M1qaluTJZkAGlwTBhHRW
Hy0jLuSbTaDju5L00nx4HAxbsANP9XucUcykyxoEnGg6huP3roK5NlrT+7aprVUn
smOAYmx9WlhkJs4s+OpO5JgILeS7NepFEPOW4IL9QJt+Xp0y2yBZTqv4SR6Pv1hd
sE4C7rgsQSdi2IEWLDDiY8WcApeUf+xKIhZd0w0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfhvj6Wi8c52C0Dzvg74zwYIgifDAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
LzM0YjQtbG92SE9kZ3RBODc0Ty1NOEdDSUludy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFTygjANBgkqhkiG9w0BAQsFAAOC
AQEATfTyujZL9yaByggk/GhytMzpTy8SjJlP2SrHTN+Cd4LySzbPbY5AsjXVORU4
2dPrvdQBiUSNlUciDaeO8yf+8c9kJBKW5wF0vHwxuyph196dAdM3NFr0wAQKqQpi
Aj9wpM+ubeXkmMMSozsDa02MIK4KsB6iiPu8t+23cXQCZHixz4Gpmu4pllaU+l5y
wOw/rnRbgGn/m8b5lT6ypgYR+aC0EYRrXulTrUxsECBp4TkLXN9olIaZkDNVL25C
OCrMWKrjGll4/Y1YtfpLqz8SvXATd7LbWAEGshUO2UMxc1oyxs/YEhlVaQIKlHuv
b/cDeHISs/DTa8XiLXpBPl0zQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:51 2024 by rpki-client on console-ams.rpki-client.org