Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/pyzqoEsaei9BZ3lGv1I0Jabl94M.roa
File:                     pyzqoEsaei9BZ3lGv1I0Jabl94M.roa (raw, json)
Hash identifier:          XXv+4tjrHV7VjfJt89UJWacxJchDsnwgLTIpp9PAy2s=
Subject key identifier:   A7:2C:EA:A0:4B:1A:7A:2F:41:67:79:46:BF:52:34:25:A6:E5:F7:83
Certificate issuer:       /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial:       0182632BADF18951535DAFFD5606F748BBE1
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/pyzqoEsaei9BZ3lGv1I0Jabl94M.roa
Signing time:             Wed 03 Aug 2022 10:06:23 +0000
ROA not before:           Wed 03 Aug 2022 10:06:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41536
IP address blocks:        185.72.240.0/24 maxlen: 32
                          185.72.242.0/24 maxlen: 32
                          185.72.241.0/24 maxlen: 32
                          185.72.243.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:63:2b:ad:f1:89:51:53:5d:af:fd:56:06:f7:48:bb:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
        Validity
            Not Before: Aug  3 10:06:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a72ceaa04b1a7a2f41677946bf523425a6e5f783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:39:cd:b0:c3:65:e8:79:d2:99:fe:63:b8:d9:
                    9d:a3:95:cb:0e:cd:7e:fd:ff:40:fd:71:eb:84:db:
                    35:5d:66:12:07:da:10:11:68:32:16:91:b3:f7:ee:
                    bb:67:44:58:90:a9:c4:1b:d2:47:b0:e1:18:02:20:
                    4b:dc:e0:79:8d:50:0c:d3:ed:66:c1:9d:0b:92:cf:
                    aa:88:ca:cc:95:8c:32:f9:70:49:7a:33:b4:a8:b9:
                    d5:ea:3b:44:6b:a8:94:2f:c4:45:d6:cd:88:d7:c2:
                    a8:c7:58:6a:cf:7f:65:fc:5f:7e:8f:1d:74:86:cd:
                    58:f6:0f:26:8c:a6:4a:5e:cc:2b:e9:0a:c4:9a:0a:
                    15:2c:ee:86:8d:ff:c4:0e:20:27:c9:58:3d:b4:95:
                    79:9d:f1:d5:7d:dd:81:59:ea:e8:a2:ec:c7:51:d1:
                    87:d2:38:1a:5d:18:42:fb:c7:8c:44:34:b9:b8:4c:
                    71:0a:8f:6d:4a:d3:23:e2:2a:85:15:4f:9c:a6:b1:
                    0c:98:56:f6:c7:e3:95:87:76:05:35:e1:85:c8:a7:
                    c1:ef:e5:8e:28:50:60:6f:52:05:ea:7f:81:cf:f1:
                    7d:67:3f:cb:f3:41:1a:02:68:bb:93:d9:f1:09:34:
                    42:9d:50:2d:0b:65:83:72:bb:0b:2e:3c:0b:c0:f3:
                    c4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:2C:EA:A0:4B:1A:7A:2F:41:67:79:46:BF:52:34:25:A6:E5:F7:83
            X509v3 Authority Key Identifier:
                keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/pyzqoEsaei9BZ3lGv1I0Jabl94M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:15:7f:95:b8:3d:8c:c4:4e:84:1f:fe:a1:49:44:c8:14:e2:
         73:d6:13:79:09:87:ae:2c:75:dd:0a:1c:25:bb:d9:d1:09:0c:
         ef:f5:97:04:ac:3f:34:26:a6:a6:8b:6a:87:47:f7:de:6a:a3:
         c0:c2:b8:21:61:39:18:6f:f2:b9:64:3f:22:6a:59:17:6d:cb:
         e8:e8:9f:31:e1:a7:ec:7f:9b:3c:10:8d:e5:1f:f3:95:82:1c:
         f8:c6:d6:fd:61:ec:ab:7d:c0:0a:28:b3:8c:12:00:ce:3a:94:
         f9:a3:d2:73:ec:3f:00:0c:a1:35:da:c8:23:74:13:2f:b1:25:
         d7:89:03:0c:13:96:07:2d:34:e9:41:83:a0:0f:ed:35:f8:e4:
         b6:c1:fc:ec:f2:ac:50:61:a2:58:f6:ed:ac:fc:a8:00:f4:f0:
         56:e1:42:2e:27:af:ef:30:48:16:5a:4f:d3:bf:a0:27:f3:3b:
         15:69:4f:f6:65:c6:85:92:ae:86:f0:01:fe:ed:d4:e0:25:2c:
         0a:b7:5a:d0:fc:d4:45:0b:46:82:6a:c1:6b:e1:5a:0a:7a:a4:
         f3:01:a8:a0:68:08:fd:3b:13:05:91:87:25:d0:c8:3c:9e:4c:
         35:db:2f:bf:f9:25:ef:7e:13:ba:62:a0:88:cc:17:c3:17:fd:
         29:85:a8:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJjK63xiVFTXa/9Vgb3SLvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjIwODAzMTAwNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJjZWFhMDRiMWE3YTJmNDE2Nzc5NDZiZjUyMzQyNWE2ZTVmNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjnNsMNl6HnSmf5juNmdo5XLDs1+
/f9A/XHrhNs1XWYSB9oQEWgyFpGz9+67Z0RYkKnEG9JHsOEYAiBL3OB5jVAM0+1m
wZ0Lks+qiMrMlYwy+XBJejO0qLnV6jtEa6iUL8RF1s2I18Kox1hqz39l/F9+jx10
hs1Y9g8mjKZKXswr6QrEmgoVLO6Gjf/EDiAnyVg9tJV5nfHVfd2BWeroouzHUdGH
0jgaXRhC+8eMRDS5uExxCo9tStMj4iqFFU+cprEMmFb2x+OVh3YFNeGFyKfB7+WO
KFBgb1IF6n+Bz/F9Zz/L80EaAmi7k9nxCTRCnVAtC2WDcrsLLjwLwPPE2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcs6qBLGnovQWd5Rr9SNCWm5feDMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvcHl6cW9Fc2FlaTlCWjNsR3YxSTBKYWJsOTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUjwMA0G
CSqGSIb3DQEBCwUAA4IBAQAmFX+VuD2MxE6EH/6hSUTIFOJz1hN5CYeuLHXdChwl
u9nRCQzv9ZcErD80Jqami2qHR/feaqPAwrghYTkYb/K5ZD8ialkXbcvo6J8x4afs
f5s8EI3lH/OVghz4xtb9YeyrfcAKKLOMEgDOOpT5o9Jz7D8ADKE12sgjdBMvsSXX
iQMME5YHLTTpQYOgD+01+OS2wfzs8qxQYaJY9u2s/KgA9PBW4UIuJ6/vMEgWWk/T
v6An8zsVaU/2ZcaFkq6G8AH+7dTgJSwKt1rQ/NRFC0aCasFr4VoKeqTzAaigaAj9
OxMFkYcl0Mg8nkw12y+/+SXvfhO6YqCIzBfDF/0phai9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org