Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/0NnnK62zpJIl0FOAJLPDE8UcgHo.roa
File:                     0NnnK62zpJIl0FOAJLPDE8UcgHo.roa (raw, json)
Hash identifier:          K2T5l+FyJuFHsLtIy+q3bQjp4Hdrotc8rypsVebt/+Y=
Subject key identifier:   D0:D9:E7:2B:AD:B3:A4:92:25:D0:53:80:24:B3:C3:13:C5:1C:80:7A
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       04F83E47
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/0NnnK62zpJIl0FOAJLPDE8UcgHo.roa
Signing time:             Wed 11 May 2022 08:31:02 +0000
ROA not before:           Wed 11 May 2022 08:31:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        212.30.44.0/24 maxlen: 24
                          212.30.47.0/24 maxlen: 24
                          212.30.45.0/24 maxlen: 24
                          212.30.46.0/24 maxlen: 24
                          45.94.53.0/24 maxlen: 24
                          45.94.52.0/24 maxlen: 24
                          212.30.58.0/24 maxlen: 24
                          45.94.55.0/24 maxlen: 24
                          45.94.54.0/24 maxlen: 24
                          212.30.57.0/24 maxlen: 24
                          212.30.56.0/24 maxlen: 24
                          212.30.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83377735 (0x4f83e47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: May 11 08:31:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0d9e72badb3a49225d0538024b3c313c51c807a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:6d:79:ba:48:ef:dc:6a:8a:ec:18:ad:64:29:
                    ae:2b:5e:5e:0b:38:88:d6:e0:67:f0:60:ef:af:a0:
                    0b:9f:2e:66:f3:89:ba:e0:28:4d:0f:17:29:ab:a8:
                    c8:9c:bc:0f:06:26:b7:66:b5:13:6e:88:0b:66:3e:
                    71:78:43:22:af:8a:b5:38:39:2e:37:65:f0:b8:78:
                    00:17:b9:aa:5b:3e:7d:b4:e0:5e:64:97:7a:77:18:
                    7b:ac:7a:e9:af:68:9c:52:f5:e9:cf:2c:25:f0:2c:
                    53:38:44:8c:ce:ba:7e:57:e6:83:0d:db:bd:5b:3d:
                    26:69:86:de:09:ae:38:b8:3b:14:a0:ff:88:b7:7f:
                    98:60:c7:be:fb:8c:a9:c0:c1:a4:40:99:9e:3e:f8:
                    d9:19:2c:95:c5:ed:89:39:ed:c9:66:51:b7:ed:ad:
                    37:69:a4:c2:82:a3:9f:eb:4c:6f:09:f2:d6:b9:37:
                    13:cf:ae:a2:8e:9a:ce:ec:44:b8:dd:cf:8c:dd:78:
                    6c:98:3f:a2:46:12:35:06:03:68:63:0f:bf:5c:92:
                    24:9c:87:72:57:10:c2:8e:34:92:3f:ec:cf:15:2c:
                    cb:4d:7e:74:65:a3:cf:ab:b5:94:e4:56:2b:47:ee:
                    2e:ff:f9:fb:a8:bc:ae:4a:fc:99:b1:a2:46:7e:8c:
                    4f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:D9:E7:2B:AD:B3:A4:92:25:D0:53:80:24:B3:C3:13:C5:1C:80:7A
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/0NnnK62zpJIl0FOAJLPDE8UcgHo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.52.0/22
                  212.30.44.0/22
                  212.30.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:ef:d1:f9:a2:8c:ab:b9:ff:89:82:b3:3e:ee:91:c6:d5:01:
         3e:53:b3:37:08:28:f9:9d:45:6c:22:72:eb:70:e0:cd:94:f7:
         87:e5:52:f4:e5:25:bf:1e:0d:b1:33:c7:20:49:ee:fb:50:80:
         e9:f4:29:29:64:d1:33:5c:c1:b7:f2:bd:ab:36:b4:7d:d0:51:
         d4:d1:2c:cf:f6:4c:77:e0:34:fe:a8:1a:75:7b:c6:f1:df:6f:
         7a:16:72:63:89:4b:fa:b8:30:89:fa:1d:d8:e1:b5:36:b8:7f:
         a4:8d:b5:a9:25:d5:7d:9b:f3:9b:f7:6f:1b:95:36:df:3e:7f:
         26:79:21:79:53:b5:e4:54:6e:60:09:a6:c5:d8:33:2e:5b:3f:
         d8:bd:69:7e:66:e0:ec:c2:89:e1:b2:77:50:33:96:fe:6c:1c:
         ab:89:4d:49:66:4f:3c:ae:b5:37:74:79:9a:8f:92:8d:32:a1:
         e5:16:af:2f:78:ea:65:0a:42:16:c5:fa:9a:d8:69:71:e2:35:
         97:81:f7:20:bb:1b:e3:e0:07:c2:d8:56:39:59:a5:78:aa:b1:
         ec:30:46:40:76:92:e4:64:1f:6c:73:6d:1e:0f:24:93:07:c1:
         34:cb:fe:4c:ad:5e:29:36:cb:f4:f2:36:bb:c4:01:97:a9:1c:
         fe:29:57:32
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBPg+RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDUx
MTA4MzEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBkOWU3MmJhZGIz
YTQ5MjI1ZDA1MzgwMjRiM2MzMTNjNTFjODA3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVtebpI79xqiuwYrWQpriteXgs4iNbgZ/Bg76+gC58uZvOJ
uuAoTQ8XKauoyJy8DwYmt2a1E26IC2Y+cXhDIq+KtTg5Ljdl8Lh4ABe5qls+fbTg
XmSXencYe6x66a9onFL16c8sJfAsUzhEjM66flfmgw3bvVs9JmmG3gmuOLg7FKD/
iLd/mGDHvvuMqcDBpECZnj742RkslcXtiTntyWZRt+2tN2mkwoKjn+tMbwny1rk3
E8+uoo6azuxEuN3PjN14bJg/okYSNQYDaGMPv1ySJJyHclcQwo40kj/szxUsy01+
dGWjz6u1lORWK0fuLv/5+6i8rkr8mbGiRn6MT48CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTQ2ecrrbOkkiXQU4Aks8MTxRyAejAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
LzBObm5LNjJ6cEpJbDBGT0FKTFBERThVY2dIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi1eNAMEAtQeLAMEAtQeODANBgkq
hkiG9w0BAQsFAAOCAQEAJe/R+aKMq7n/iYKzPu6RxtUBPlOzNwgo+Z1FbCJy63Dg
zZT3h+VS9OUlvx4NsTPHIEnu+1CA6fQpKWTRM1zBt/K9qza0fdBR1NEsz/ZMd+A0
/qgadXvG8d9vehZyY4lL+rgwifod2OG1Nrh/pI21qSXVfZvzm/dvG5U23z5/Jnkh
eVO15FRuYAmmxdgzLls/2L1pfmbg7MKJ4bJ3UDOW/mwcq4lNSWZPPK61N3R5mo+S
jTKh5RavL3jqZQpCFsX6mthpceI1l4H3ILsb4+AHwthWOVmleKqx7DBGQHaS5GQf
bHNtHg8kkwfBNMv+TK1eKTbL9PI2u8QBl6kc/ilXMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org