Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Kn3ViMzw0kxj-HnCHQ_AzsUPy94.roa
File:                     Kn3ViMzw0kxj-HnCHQ_AzsUPy94.roa (raw, json)
Hash identifier:          pzlYL/brNmNUP2y/paOiTfByXZhYabzluCKId1l8xcg=
Subject key identifier:   2A:7D:D5:88:CC:F0:D2:4C:63:F8:79:C2:1D:0F:C0:CE:C5:0F:CB:DE
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       0BAFB09F
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Kn3ViMzw0kxj-HnCHQ_AzsUPy94.roa
Signing time:             Fri 15 Apr 2022 12:49:39 +0000
ROA not before:           Fri 15 Apr 2022 12:49:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        185.148.241.0/24 maxlen: 24
                          185.148.243.0/24 maxlen: 24
                          45.133.39.0/24 maxlen: 24
                          185.174.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196063391 (0xbafb09f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Apr 15 12:49:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2a7dd588ccf0d24c63f879c21d0fc0cec50fcbde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c0:b4:83:15:c9:ba:0d:01:4e:54:a3:87:9f:
                    e6:e5:8d:e9:a6:c2:73:b3:0d:1e:50:36:32:13:50:
                    b5:00:50:0e:71:6a:6d:eb:f6:74:2d:92:75:3f:75:
                    b4:ae:a0:15:cd:93:e5:ed:d7:47:5a:3a:09:7b:50:
                    67:1e:4a:af:1f:63:63:ee:fc:b5:2e:a2:df:6a:41:
                    db:3d:f4:1b:7a:83:5f:21:2d:72:20:30:fb:73:cf:
                    25:c0:0b:73:9d:d5:a1:69:5f:2b:a0:3f:3d:6a:85:
                    bd:fa:ab:6d:29:36:3e:55:d2:0c:2d:ae:74:4b:87:
                    1c:00:05:1e:ef:75:cb:bd:74:45:7e:e0:ee:8c:47:
                    c2:1f:f7:3f:47:97:e5:1f:a7:c7:09:d6:e4:ba:b2:
                    96:85:60:87:81:31:38:e6:fc:46:45:34:54:ef:c8:
                    ea:69:90:43:00:00:1f:36:f1:c1:74:03:29:2f:b9:
                    65:c4:63:57:1c:47:86:f2:bc:a1:8a:e8:96:04:47:
                    bd:0a:f3:58:a0:2f:20:f3:bf:6b:a0:33:2b:80:dd:
                    92:29:0a:d5:3c:da:76:59:dc:6f:9b:df:e8:ef:42:
                    bf:41:7f:95:da:52:9f:c6:6c:bd:e5:23:48:43:10:
                    7f:f9:e1:d4:4c:f2:2c:bc:86:25:d6:81:02:d5:bb:
                    bd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:7D:D5:88:CC:F0:D2:4C:63:F8:79:C2:1D:0F:C0:CE:C5:0F:CB:DE
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Kn3ViMzw0kxj-HnCHQ_AzsUPy94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.39.0/24
                  185.148.241.0/24
                  185.148.243.0/24
                  185.174.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:e5:b5:1a:b6:cb:16:0a:b7:40:7f:23:3c:87:40:19:b1:10:
         de:a0:ec:01:ad:36:d8:c9:5d:2f:31:ff:3b:9c:fc:cd:4b:b0:
         52:8c:0b:26:08:30:12:c4:81:a5:5d:77:46:89:95:6f:c7:01:
         03:e5:a3:c7:92:0a:ec:cd:91:75:17:29:87:31:2b:ae:cd:a5:
         0b:4c:57:3f:65:90:17:0f:94:c9:f7:cb:07:f3:42:ec:35:59:
         86:6f:d8:bc:66:db:6a:1b:2c:96:c7:f0:1a:f9:3a:68:fb:b6:
         6f:00:ff:7a:9b:53:5d:10:ba:0d:aa:65:03:67:59:94:c7:28:
         3f:9a:9a:5d:7c:75:05:6f:8b:e1:ec:4e:95:cf:58:f0:f2:ce:
         bf:cd:f5:e3:65:e8:cb:b9:94:4b:50:78:16:ff:54:72:3a:3b:
         90:f7:b6:25:52:81:73:9d:25:31:1d:ef:5b:0b:54:b3:38:56:
         14:bf:6b:5e:9f:94:ac:a5:4a:ca:ac:cf:eb:da:5c:c6:06:08:
         58:99:b1:ef:25:4f:06:fe:25:f8:7f:32:87:7b:c1:a5:94:39:
         56:1d:9f:64:1e:dc:11:96:ea:20:5c:5c:a9:0b:ef:c8:53:9b:
         49:3d:84:4a:0f:47:fe:c2:7c:f5:1b:3e:57:4a:b5:ca:79:b4:
         25:1f:48:17
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC6+wnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDBkYTQzYjRhNWQzZGI3OGJhM2Y3NzRlNWIzMWI3NzAzNzIwMmQ1MB4XDTIyMDQx
NTEyNDkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE3ZGQ1ODhjY2Yw
ZDI0YzYzZjg3OWMyMWQwZmMwY2VjNTBmY2JkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTAtIMVyboNAU5Uo4ef5uWN6abCc7MNHlA2MhNQtQBQDnFq
bev2dC2SdT91tK6gFc2T5e3XR1o6CXtQZx5Krx9jY+78tS6i32pB2z30G3qDXyEt
ciAw+3PPJcALc53VoWlfK6A/PWqFvfqrbSk2PlXSDC2udEuHHAAFHu91y710RX7g
7oxHwh/3P0eX5R+nxwnW5LqyloVgh4ExOOb8RkU0VO/I6mmQQwAAHzbxwXQDKS+5
ZcRjVxxHhvK8oYrolgRHvQrzWKAvIPO/a6AzK4DdkikK1Tzadlncb5vf6O9Cv0F/
ldpSn8ZsveUjSEMQf/nh1EzyLLyGJdaBAtW7vcsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQqfdWIzPDSTGP4ecIdD8DOxQ/L3jAfBgNVHSMEGDAWgBStDaQ7Sl09t4uj
93Tlsxt3A3IC1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JRMmtPMHBkUGJlTG9fZDA1Yk1iZHdOeUF0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvZGQ4MDk2LTE0Y2MtNDg4ZC05MjU3LWM1MTVmMzU0Y2M1YS8x
L0tuM1ZpTXp3MGt4ai1IbkNIUV9BenNVUHk5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
ZGQ4MDk2LTE0Y2MtNDg4ZC05MjU3LWM1MTVmMzU0Y2M1YS8xL3JRMmtPMHBkUGJl
TG9fZDA1Yk1iZHdOeUF0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2FJwMEALmU8QMEALmU8wMEALmu
FDANBgkqhkiG9w0BAQsFAAOCAQEAS+W1GrbLFgq3QH8jPIdAGbEQ3qDsAa022Mld
LzH/O5z8zUuwUowLJggwEsSBpV13RomVb8cBA+Wjx5IK7M2RdRcphzErrs2lC0xX
P2WQFw+UyffLB/NC7DVZhm/YvGbbahsslsfwGvk6aPu2bwD/eptTXRC6DaplA2dZ
lMcoP5qaXXx1BW+L4exOlc9Y8PLOv83142Xoy7mUS1B4Fv9Ucjo7kPe2JVKBc50l
MR3vWwtUszhWFL9rXp+UrKVKyqzP69pcxgYIWJmx7yVPBv4l+H8yh3vBpZQ5Vh2f
ZB7cEZbqIFxcqQvvyFObST2ESg9H/sJ89Rs+V0q1ynm0JR9IFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org