Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/1l8l6Ow9VdEd9i1ZxV0BhnhDLwI.roa
File:                     1l8l6Ow9VdEd9i1ZxV0BhnhDLwI.roa (raw, json)
Hash identifier:          K20WL0lTg5SDZmpCDbEOUrEGA3rfrhC8MtdXkc81ILQ=
Subject key identifier:   D6:5F:25:E8:EC:3D:55:D1:1D:F6:2D:59:C5:5D:01:86:78:43:2F:02
Certificate issuer:       /CN=49fe8c72aa32de957b24cf9f73f8a7fb1acf0b71
Certificate serial:       6181FF
Authority key identifier: 49:FE:8C:72:AA:32:DE:95:7B:24:CF:9F:73:F8:A7:FB:1A:CF:0B:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/1l8l6Ow9VdEd9i1ZxV0BhnhDLwI.roa
Signing time:             Wed 16 Feb 2022 15:12:15 +0000
ROA not before:           Wed 16 Feb 2022 15:12:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31543
IP address blocks:        45.65.120.0/22 maxlen: 24
                          95.214.252.0/22 maxlen: 24
                          89.44.116.0/23 maxlen: 24
                          89.44.148.0/23 maxlen: 24
                          5.133.32.0/21 maxlen: 24
                          2a06:9d40::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6390271 (0x6181ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49fe8c72aa32de957b24cf9f73f8a7fb1acf0b71
        Validity
            Not Before: Feb 16 15:12:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d65f25e8ec3d55d11df62d59c55d018678432f02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:4f:a2:f3:0c:a2:fe:bc:9d:fe:74:f9:93:6c:
                    7d:3f:ca:4d:f4:b3:14:f2:43:5d:6d:6c:16:a1:f6:
                    7d:26:7c:78:f7:31:22:5f:23:5c:06:c6:9d:1b:ed:
                    90:92:34:5f:9a:20:78:18:bb:ee:ec:f4:9f:11:1e:
                    98:51:fd:88:07:8e:c7:2e:59:dc:fd:91:63:d4:3a:
                    94:f4:f7:4e:d4:b1:19:60:ef:1e:60:95:fd:4e:f9:
                    f5:8e:3c:61:54:27:e4:e4:13:94:a8:47:c3:ea:c2:
                    b6:4c:c9:95:29:e8:84:1a:ee:86:f3:67:9a:c9:61:
                    a6:fc:98:56:6e:b6:9f:1f:e2:0c:11:77:6c:df:c1:
                    9f:3a:32:75:4a:7c:6a:c2:c0:54:70:f7:e3:03:60:
                    04:78:88:14:0b:15:40:a1:63:7f:76:0c:c7:2b:bc:
                    01:9f:7d:21:ae:0b:39:eb:a4:c6:57:08:1b:10:bd:
                    ce:8c:21:8a:dc:86:19:67:bd:48:1f:9c:50:94:71:
                    2e:cd:f7:9d:9e:19:9d:67:8f:33:b5:dd:a3:b6:8a:
                    c6:cb:0e:7e:b2:f2:f9:8c:a2:47:71:35:cd:d8:b2:
                    92:04:2a:e1:21:72:20:a0:a2:46:bf:ba:9a:5c:56:
                    62:ec:1b:af:c5:07:a9:3b:82:3e:91:ed:61:59:22:
                    05:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5F:25:E8:EC:3D:55:D1:1D:F6:2D:59:C5:5D:01:86:78:43:2F:02
            X509v3 Authority Key Identifier:
                keyid:49:FE:8C:72:AA:32:DE:95:7B:24:CF:9F:73:F8:A7:FB:1A:CF:0B:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/1l8l6Ow9VdEd9i1ZxV0BhnhDLwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.32.0/21
                  45.65.120.0/22
                  89.44.116.0/23
                  89.44.148.0/23
                  95.214.252.0/22
                IPv6:
                  2a06:9d40::/29

    Signature Algorithm: sha256WithRSAEncryption
         26:e4:5c:35:8d:7e:13:e8:01:f6:b2:62:20:0c:02:e8:fe:7f:
         80:24:86:69:55:96:16:3f:2f:2a:4c:28:ca:0e:05:51:92:8e:
         c4:81:be:c0:5a:3a:2f:77:44:3b:87:8e:95:60:d6:92:c0:25:
         13:24:97:36:00:11:56:8c:8a:50:2e:2d:64:66:19:65:31:bd:
         78:da:51:95:6d:c5:85:5d:2e:94:e0:ad:24:3d:18:55:d4:7f:
         4e:8a:4f:ad:23:5b:5c:4d:31:04:c3:e8:c5:51:f6:65:df:8a:
         58:ac:fa:95:1a:0a:0e:f9:94:2b:28:38:b0:b5:95:98:81:a9:
         a2:7e:ae:0c:2f:06:8b:0a:32:c3:17:e4:a4:95:25:53:f0:5e:
         72:27:68:b1:36:86:a7:0c:58:b7:82:70:de:25:d8:f9:47:8a:
         0f:80:4a:d9:d8:f6:c4:02:09:e5:7a:a5:90:7b:54:3b:db:3a:
         a8:c3:1e:63:5d:16:63:3d:36:39:98:d7:97:8c:c8:91:9e:e3:
         7e:74:68:66:44:13:a1:58:05:4c:b8:80:e3:1c:11:38:b6:6f:
         13:ae:98:11:fb:da:9c:bd:21:15:36:51:f7:c7:34:8c:30:d1:
         37:97:5d:37:83:5a:50:9f:4a:75:2e:f0:83:3b:74:ad:10:ba:
         04:3a:75:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIDYYH/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ5
ZmU4YzcyYWEzMmRlOTU3YjI0Y2Y5ZjczZjhhN2ZiMWFjZjBiNzEwHhcNMjIwMjE2
MTUxMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkNjVmMjVlOGVjM2Q1
NWQxMWRmNjJkNTljNTVkMDE4Njc4NDMyZjAyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqE+i8wyi/ryd/nT5k2x9P8pN9LMU8kNdbWwWofZ9Jnx49zEi
XyNcBsadG+2QkjRfmiB4GLvu7PSfER6YUf2IB47HLlnc/ZFj1DqU9PdO1LEZYO8e
YJX9Tvn1jjxhVCfk5BOUqEfD6sK2TMmVKeiEGu6G82eayWGm/JhWbrafH+IMEXds
38GfOjJ1SnxqwsBUcPfjA2AEeIgUCxVAoWN/dgzHK7wBn30hrgs566TGVwgbEL3O
jCGK3IYZZ71IH5xQlHEuzfednhmdZ48ztd2jtorGyw5+svL5jKJHcTXN2LKSBCrh
IXIgoKJGv7qaXFZi7BuvxQepO4I+ke1hWSIFPQIDAQABo4ICMDCCAiwwHQYDVR0O
BBYEFNZfJejsPVXRHfYtWcVdAYZ4Qy8CMB8GA1UdIwQYMBaAFEn+jHKqMt6VeyTP
n3P4p/sazwtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U2Y2TWNxb3kzcFY3Sk0tZmNfaW4teHJQQzNFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYy80MTE0YTctMzEyMi00ODY0LTg1YWUtNDI5N2U1NzI2MTdlLzEv
MWw4bDZPdzlWZEVkOWkxWnhWMEJobmhETHdJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80
MTE0YTctMzEyMi00ODY0LTg1YWUtNDI5N2U1NzI2MTdlLzEvU2Y2TWNxb3kzcFY3
Sk0tZmNfaW4teHJQQzNFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYG
CCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBYUgAwQCLUF4AwQBWSx0AwQBWSyU
AwQCX9b8MA0EAgACMAcDBQMqBp1AMA0GCSqGSIb3DQEBCwUAA4IBAQAm5Fw1jX4T
6AH2smIgDALo/n+AJIZpVZYWPy8qTCjKDgVRko7Egb7AWjovd0Q7h46VYNaSwCUT
JJc2ABFWjIpQLi1kZhllMb142lGVbcWFXS6U4K0kPRhV1H9Oik+tI1tcTTEEw+jF
UfZl34pYrPqVGgoO+ZQrKDiwtZWYgamifq4MLwaLCjLDF+SklSVT8F5yJ2ixNoan
DFi3gnDeJdj5R4oPgErZ2PbEAgnleqWQe1Q72zqowx5jXRZjPTY5mNeXjMiRnuN+
dGhmRBOhWAVMuIDjHBE4tm8TrpgR+9qcvSEVNlH3xzSMMNE3l103g1pQn0p1LvCD
O3StELoEOnXD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org