Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bXgqW9Qn2_XiioPpZ4dcUbAKqcg.roa
File:                     bXgqW9Qn2_XiioPpZ4dcUbAKqcg.roa (raw, json)
Hash identifier:          /kpMXlIF+k+ou4bQo6EWnYo+mZUjoP1OY1b0ZpOO9jc=
Subject key identifier:   6D:78:2A:5B:D4:27:DB:F5:E2:8A:83:E9:67:87:5C:51:B0:0A:A9:C8
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       381A096D
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bXgqW9Qn2_XiioPpZ4dcUbAKqcg.roa
Signing time:             Tue 10 May 2022 05:30:18 +0000
ROA not before:           Tue 10 May 2022 05:30:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8717
IP address blocks:        89.215.214.0/24 maxlen: 24
                          130.204.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 941230445 (0x381a096d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 10 05:30:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d782a5bd427dbf5e28a83e967875c51b00aa9c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:17:0b:42:ad:32:d9:56:1d:78:c8:53:2f:90:
                    39:a0:93:16:86:c2:e3:cd:5e:3f:8f:dd:a4:79:8e:
                    ab:c2:42:82:a1:fc:70:85:3a:0f:ff:24:d9:3d:d4:
                    83:63:ad:e6:78:ee:ab:6b:6c:8c:24:2e:0a:ad:c0:
                    0b:73:0a:f6:fb:bf:77:7a:e0:3b:05:4d:0d:43:10:
                    f1:09:03:30:2b:1a:cf:06:82:f3:02:c3:72:1f:9f:
                    e7:42:1c:06:af:35:7c:f7:c3:61:d5:b2:5d:1d:50:
                    59:34:7c:99:4b:bd:14:e9:f0:ff:b5:42:91:6e:b9:
                    69:62:0e:66:08:bc:13:50:86:76:8e:5b:08:d8:40:
                    9c:35:0d:10:5a:93:87:03:de:48:65:2e:37:0c:f4:
                    29:17:db:86:49:5a:9f:c0:2f:ae:e2:88:17:f1:df:
                    76:71:f5:e8:5e:e6:0b:73:c0:13:47:fd:4f:a6:ef:
                    95:68:bc:2e:c3:31:61:76:0c:20:f5:7b:c6:01:42:
                    7e:cb:95:3f:01:12:19:6b:7d:25:76:20:41:74:30:
                    c8:dc:68:e5:72:e9:8f:0f:4a:c8:0a:fc:a2:19:b4:
                    69:5d:46:3a:6d:84:ed:3e:a7:ea:10:b2:b4:5f:95:
                    04:68:ea:11:8d:4d:9d:a8:87:dd:e6:57:a3:82:81:
                    ae:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:78:2A:5B:D4:27:DB:F5:E2:8A:83:E9:67:87:5C:51:B0:0A:A9:C8
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bXgqW9Qn2_XiioPpZ4dcUbAKqcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.215.214.0/24
                  130.204.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:d2:29:c7:8f:0e:6b:1e:f3:2b:87:8d:a5:22:53:24:99:c6:
         96:d3:5d:4e:fd:ed:cc:af:3d:1e:2e:ab:f8:c2:02:a0:4f:57:
         fd:90:84:68:76:58:72:42:74:96:ca:60:c9:c9:85:b4:6a:0a:
         98:2e:cf:ae:ba:2f:de:6a:5a:c8:61:42:ad:89:7c:5a:27:d4:
         2b:5a:37:b3:b2:f0:d2:6f:cc:db:af:2e:8f:a7:57:dc:c6:8a:
         12:87:44:37:1a:d1:b7:09:2e:65:04:3f:1e:38:56:c1:37:8c:
         2a:a3:69:04:1d:b1:c1:31:a4:d5:1e:05:4d:d1:d6:a4:ab:ee:
         9d:4d:fb:e4:55:03:36:4b:cb:b9:d7:ac:be:cf:9f:8b:ec:46:
         ec:80:0f:1d:1f:83:eb:e6:45:c9:20:94:b8:54:9e:c7:4c:e0:
         03:0b:3b:57:dc:5e:2e:17:92:58:21:d4:d1:a6:3d:c2:3b:f9:
         31:9e:2e:c6:a5:46:9d:00:e7:f0:8c:d5:19:71:5f:68:4f:ab:
         12:4f:30:cf:7c:07:d1:d4:d3:61:cd:4d:12:eb:db:0d:cf:24:
         82:8e:b1:93:b2:e2:74:3d:87:a8:bd:b7:b5:5e:6a:93:9e:68:
         6c:10:a0:3a:71:fb:bf:da:e7:ff:83:99:09:f8:1f:5f:d8:a2:
         03:5a:25:e9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOBoJbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
MDA1MzAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ3ODJhNWJkNDI3
ZGJmNWUyOGE4M2U5Njc4NzVjNTFiMDBhYTljODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOYXC0KtMtlWHXjIUy+QOaCTFobC481eP4/dpHmOq8JCgqH8
cIU6D/8k2T3Ug2Ot5njuq2tsjCQuCq3AC3MK9vu/d3rgOwVNDUMQ8QkDMCsazwaC
8wLDch+f50IcBq81fPfDYdWyXR1QWTR8mUu9FOnw/7VCkW65aWIOZgi8E1CGdo5b
CNhAnDUNEFqThwPeSGUuNwz0KRfbhklan8AvruKIF/HfdnH16F7mC3PAE0f9T6bv
lWi8LsMxYXYMIPV7xgFCfsuVPwESGWt9JXYgQXQwyNxo5XLpjw9KyAr8ohm0aV1G
Om2E7T6n6hCytF+VBGjqEY1NnaiH3eZXo4KBrt8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRteCpb1Cfb9eKKg+lnh1xRsAqpyDAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L2JYZ3FXOVFuMl9YaWlvUHBaNGRjVWJBS3FjZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFnX1gMEAILMRjANBgkqhkiG9w0B
AQsFAAOCAQEATNIpx48Oax7zK4eNpSJTJJnGltNdTv3tzK89Hi6r+MICoE9X/ZCE
aHZYckJ0lspgycmFtGoKmC7Prrov3mpayGFCrYl8WifUK1o3s7Lw0m/M268uj6dX
3MaKEodENxrRtwkuZQQ/HjhWwTeMKqNpBB2xwTGk1R4FTdHWpKvunU375FUDNkvL
udesvs+fi+xG7IAPHR+D6+ZFySCUuFSex0zgAws7V9xeLheSWCHU0aY9wjv5MZ4u
xqVGnQDn8IzVGXFfaE+rEk8wz3wH0dTTYc1NEuvbDc8kgo6xk7LidD2HqL23tV5q
k55obBCgOnH7v9rn/4OZCfgfX9iiA1ol6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org