Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/uuUaYHjTxeNZDUAbQsp4RTeVnsI.roa
File:                     uuUaYHjTxeNZDUAbQsp4RTeVnsI.roa (raw, json)
Hash identifier:          jKy8b1mQwgXHqTkyqSivPkovM/pUBHzMGwtjcCcHqCw=
Subject key identifier:   BA:E5:1A:60:78:D3:C5:E3:59:0D:40:1B:42:CA:78:45:37:95:9E:C2
Certificate issuer:       /CN=bdb7aac7c493bc8aa7ec7059d3ec76bbfc2f23d8
Certificate serial:       131F868F
Authority key identifier: BD:B7:AA:C7:C4:93:BC:8A:A7:EC:70:59:D3:EC:76:BB:FC:2F:23:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vbeqx8STvIqn7HBZ0-x2u_wvI9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/uuUaYHjTxeNZDUAbQsp4RTeVnsI.roa
Signing time:             Sat 01 Jan 2022 13:56:59 +0000
ROA not before:           Sat 01 Jan 2022 13:56:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57907
IP address blocks:        212.162.156.0/22 maxlen: 22
                          37.152.48.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320833167 (0x131f868f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdb7aac7c493bc8aa7ec7059d3ec76bbfc2f23d8
        Validity
            Not Before: Jan  1 13:56:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bae51a6078d3c5e3590d401b42ca784537959ec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d3:c0:8b:87:c1:45:93:1c:8d:70:e5:bc:c1:
                    c9:24:06:1f:9b:05:b2:1b:7d:d9:60:9f:91:95:60:
                    64:89:63:64:ae:e3:ba:1f:85:41:71:8a:b7:b7:61:
                    33:fd:14:6e:3f:2a:fe:31:2e:3b:b2:bc:17:03:b7:
                    49:39:39:6e:71:a7:d2:77:04:52:0c:a6:7f:7f:7b:
                    50:6c:a9:26:60:e7:4e:e0:47:f3:80:e8:01:f4:4c:
                    c6:f4:34:ec:62:c6:3d:0a:bf:31:b3:6b:1a:3b:8e:
                    7b:ce:d5:4f:a2:dc:ab:cf:88:24:61:b6:92:2d:fb:
                    ed:03:2f:25:16:b9:0e:d6:36:51:8e:fc:f4:4c:d5:
                    5a:07:ec:eb:a6:4d:4e:69:ce:f9:3e:8b:80:4f:eb:
                    83:9e:0a:d2:93:d8:3a:53:db:34:a5:78:db:1f:30:
                    76:62:27:3e:89:e7:4c:7e:83:02:3d:7b:43:e9:dc:
                    64:e5:35:ed:a7:02:b9:e3:3e:a5:7b:0b:24:16:6e:
                    a8:e8:04:ef:99:ca:28:81:15:e1:2e:67:37:8d:4a:
                    82:c0:73:31:d5:d5:eb:54:5c:29:1e:2b:b1:28:df:
                    af:3e:19:78:1e:9d:f9:6c:69:fb:ca:ea:c4:8d:8f:
                    20:92:97:36:27:5b:97:b5:8d:c4:0d:7c:e9:d4:17:
                    9a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E5:1A:60:78:D3:C5:E3:59:0D:40:1B:42:CA:78:45:37:95:9E:C2
            X509v3 Authority Key Identifier:
                keyid:BD:B7:AA:C7:C4:93:BC:8A:A7:EC:70:59:D3:EC:76:BB:FC:2F:23:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbeqx8STvIqn7HBZ0-x2u_wvI9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/uuUaYHjTxeNZDUAbQsp4RTeVnsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/vbeqx8STvIqn7HBZ0-x2u_wvI9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.152.48.0/21
                  212.162.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:0d:2e:8e:70:a2:14:aa:be:81:45:20:4a:e9:9d:e6:25:48:
         71:58:49:89:79:e6:59:84:69:e9:82:4a:35:ab:0d:67:6c:90:
         a4:ec:fd:19:e5:f0:18:a6:c3:38:83:1c:6d:e3:05:be:68:0b:
         64:2c:2d:2c:a6:75:d3:cf:7b:d4:c8:8f:cc:95:63:e1:69:55:
         bf:21:91:2b:18:a5:b4:db:f6:37:ca:6e:17:4a:53:70:3a:c3:
         c8:f8:b2:15:f3:fd:ce:70:62:31:38:f8:84:92:40:04:3a:e8:
         1f:64:7c:f7:69:38:cd:91:d9:79:07:84:93:53:26:e5:f9:45:
         13:ce:14:66:6c:b0:95:9a:bc:2a:a2:b8:08:8c:92:0c:e6:af:
         e7:df:c5:3f:d4:06:29:ce:ba:14:7c:24:7d:22:2b:cb:10:2d:
         80:d8:ca:3c:ae:67:2c:a3:ad:19:2b:58:61:89:56:3b:22:cd:
         b2:d2:5b:23:5c:19:2c:e9:84:c5:70:7f:28:fc:e0:eb:16:54:
         1a:26:a7:f4:83:8b:cf:8e:a0:01:30:9b:43:59:0a:bc:51:19:
         08:f2:4b:2a:02:ca:89:c6:52:ab:f5:8c:c6:8b:e9:40:25:9a:
         3e:80:ef:3c:8c:f4:f6:ff:a6:76:93:bd:65:34:fe:0d:21:7f:
         b4:2b:18:02
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEx+GjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGI3YWFjN2M0OTNiYzhhYTdlYzcwNTlkM2VjNzZiYmZjMmYyM2Q4MB4XDTIyMDEw
MTEzNTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFlNTFhNjA3OGQz
YzVlMzU5MGQ0MDFiNDJjYTc4NDUzNzk1OWVjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbTwIuHwUWTHI1w5bzBySQGH5sFsht92WCfkZVgZIljZK7j
uh+FQXGKt7dhM/0Ubj8q/jEuO7K8FwO3STk5bnGn0ncEUgymf397UGypJmDnTuBH
84DoAfRMxvQ07GLGPQq/MbNrGjuOe87VT6Lcq8+IJGG2ki377QMvJRa5DtY2UY78
9EzVWgfs66ZNTmnO+T6LgE/rg54K0pPYOlPbNKV42x8wdmInPonnTH6DAj17Q+nc
ZOU17acCueM+pXsLJBZuqOgE75nKKIEV4S5nN41KgsBzMdXV61RcKR4rsSjfrz4Z
eB6d+Wxp+8rqxI2PIJKXNidbl7WNxA186dQXmpMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS65RpgeNPF41kNQBtCynhFN5WewjAfBgNVHSMEGDAWgBS9t6rHxJO8iqfs
cFnT7Ha7/C8j2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZiZXF4OFNUdklxbjdIQlowLXgydV93dkk5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvYzAwOTg5LWY2NTQtNDdjNC1iYjA5LTY5N2MwZTJjM2QzNS8x
L3V1VWFZSGpUeGVOWkRVQWJRc3A0UlRlVm5zSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
YzAwOTg5LWY2NTQtNDdjNC1iYjA5LTY5N2MwZTJjM2QzNS8xL3ZiZXF4OFNUdklx
bjdIQlowLXgydV93dkk5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyWYMAMEAtSinDANBgkqhkiG9w0B
AQsFAAOCAQEAYQ0ujnCiFKq+gUUgSumd5iVIcVhJiXnmWYRp6YJKNasNZ2yQpOz9
GeXwGKbDOIMcbeMFvmgLZCwtLKZ108971MiPzJVj4WlVvyGRKxiltNv2N8puF0pT
cDrDyPiyFfP9znBiMTj4hJJABDroH2R892k4zZHZeQeEk1Mm5flFE84UZmywlZq8
KqK4CIySDOav59/FP9QGKc66FHwkfSIryxAtgNjKPK5nLKOtGStYYYlWOyLNstJb
I1wZLOmExXB/KPzg6xZUGian9IOLz46gATCbQ1kKvFEZCPJLKgLKicZSq/WMxovp
QCWaPoDvPIz09v+mdpO9ZTT+DSF/tCsYAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:23 2024 by rpki-client on console-fra.rpki-client.org