Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa
File:                     rpYlxNFdCC58f6WggdEpI4ib204.roa (raw, json)
Hash identifier:          zrqFYmCLuA/Odm/B4hR78tI0hhmDsKlod7a6EG2Q1dk=
Subject key identifier:   AE:96:25:C4:D1:5D:08:2E:7C:7F:A5:A0:81:D1:29:23:88:9B:DB:4E
Certificate issuer:       /CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Certificate serial:       08D87E6A
Authority key identifier: 21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa
Signing time:             Tue 19 Apr 2022 21:15:48 +0000
ROA not before:           Tue 19 Apr 2022 21:15:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51569
IP address blocks:        83.139.202.0/23 maxlen: 24
                          83.139.212.0/24 maxlen: 24
                          83.139.213.0/24 maxlen: 24
                          83.139.217.0/24 maxlen: 24
                          83.139.218.0/24 maxlen: 24
                          83.139.219.0/24 maxlen: 24
                          83.139.214.0/24 maxlen: 24
                          83.139.215.0/24 maxlen: 24
                          83.139.216.0/24 maxlen: 24
                          83.139.224.0/20 maxlen: 24
                          83.139.220.0/24 maxlen: 24
                          83.139.221.0/24 maxlen: 24
                          83.139.244.0/24 maxlen: 24
                          83.139.245.0/24 maxlen: 24
                          83.139.242.0/24 maxlen: 24
                          83.139.243.0/24 maxlen: 24
                          85.31.160.0/21 maxlen: 24
                          45.132.208.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 148405866 (0x8d87e6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
        Validity
            Not Before: Apr 19 21:15:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae9625c4d15d082e7c7fa5a081d12923889bdb4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a0:e4:f1:1e:96:82:d8:64:df:35:68:c5:a1:
                    7e:00:f8:3c:75:9e:aa:e5:6c:10:95:b5:97:aa:8e:
                    92:3c:2e:ec:79:40:38:f4:aa:4c:3f:9a:16:77:7a:
                    a1:b6:c0:12:aa:41:8c:fb:49:c9:da:b5:cd:99:f9:
                    bb:58:d5:5a:96:e4:b5:1d:c4:a7:54:41:12:de:0b:
                    3a:21:0a:b8:05:88:b9:9e:39:73:94:13:d0:db:d7:
                    80:69:c3:ed:ca:a9:0d:4a:9b:b7:a4:1a:a1:c1:1b:
                    64:e1:dc:74:13:05:36:87:af:4e:e3:f0:d6:30:80:
                    0d:39:3c:14:24:49:42:fb:eb:12:d3:44:fc:44:8e:
                    52:90:1b:ad:5b:ad:49:4b:0f:f5:78:33:95:d4:a7:
                    c6:51:4f:c7:78:d7:51:79:47:0e:52:ec:12:94:cb:
                    ac:f4:7a:c3:f3:f1:c3:82:7a:b4:ce:12:3a:f9:f1:
                    3b:eb:07:0e:2b:92:52:18:bd:a7:cd:bc:be:96:f9:
                    30:ac:f4:30:29:b5:89:95:d7:34:15:d1:46:7a:fe:
                    45:fa:d4:32:1a:85:ea:07:70:1e:93:36:e3:a6:6b:
                    2d:58:34:09:ff:ea:86:d8:77:1a:82:c2:ba:ae:51:
                    26:df:fa:ce:2f:14:38:5d:e9:77:13:61:4b:4c:c7:
                    33:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:96:25:C4:D1:5D:08:2E:7C:7F:A5:A0:81:D1:29:23:88:9B:DB:4E
            X509v3 Authority Key Identifier:
                keyid:21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/rpYlxNFdCC58f6WggdEpI4ib204.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.208.0/22
                  83.139.202.0/23
                  83.139.212.0-83.139.221.255
                  83.139.224.0/20
                  83.139.242.0-83.139.245.255
                  85.31.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         14:3e:4e:df:f6:c0:1a:0a:7f:22:34:a8:ca:72:9f:24:47:ee:
         d2:47:74:81:9d:83:d8:10:c3:20:7c:23:e2:4c:3c:8d:7a:45:
         5b:bf:2c:bc:63:5d:75:70:db:4e:88:67:b4:8c:1d:29:6e:cd:
         37:68:8f:03:6c:f2:1e:9a:2c:68:39:5e:bc:3c:e0:d4:a4:11:
         75:42:ac:46:ff:50:d2:2f:d5:32:dd:07:15:35:07:f8:37:7c:
         01:4c:c9:04:f9:a2:43:30:ea:0e:ac:e0:95:2a:09:d4:66:e2:
         a8:05:1c:53:01:d8:c3:28:ec:fd:e0:78:69:99:f1:4c:1f:55:
         e4:28:dd:b0:be:ee:e1:32:21:32:89:93:05:ff:0f:85:52:99:
         eb:5e:ce:b4:d3:a7:2f:90:54:fa:f1:5f:cb:04:46:e2:dd:b6:
         d1:d8:fc:40:29:22:81:35:10:a8:55:2d:38:91:cc:09:59:ee:
         5c:02:4f:7e:f1:4c:df:59:3d:c8:aa:29:b6:e4:63:d8:24:e5:
         3b:3c:97:2b:c3:6f:21:d8:4a:8d:07:10:cd:3f:be:ff:a8:72:
         9b:1b:a2:f1:2a:e9:75:20:2f:f7:6c:cd:2c:32:86:2c:f2:50:
         ff:da:3c:57:38:91:ad:69:88:9e:33:54:fb:7d:40:d8:68:50:
         1b:fb:41:c5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIECNh+ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWMzOTRjOWIzYTM2YjY5ZjllZTVmODkzNmEyZjUxYjk1ZWFjZWI0MB4XDTIyMDQx
OTIxMTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU5NjI1YzRkMTVk
MDgyZTdjN2ZhNWEwODFkMTI5MjM4ODliZGI0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOg5PEeloLYZN81aMWhfgD4PHWequVsEJW1l6qOkjwu7HlA
OPSqTD+aFnd6obbAEqpBjPtJydq1zZn5u1jVWpbktR3Ep1RBEt4LOiEKuAWIuZ45
c5QT0NvXgGnD7cqpDUqbt6QaocEbZOHcdBMFNoevTuPw1jCADTk8FCRJQvvrEtNE
/ESOUpAbrVutSUsP9XgzldSnxlFPx3jXUXlHDlLsEpTLrPR6w/Pxw4J6tM4SOvnx
O+sHDiuSUhi9p828vpb5MKz0MCm1iZXXNBXRRnr+RfrUMhqF6gdwHpM246ZrLVg0
Cf/qhth3GoLCuq5RJt/6zi8UOF3pdxNhS0zHMx0CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSuliXE0V0ILnx/paCB0SkjiJvbTjAfBgNVHSMEGDAWgBQhw5TJs6Nrafnu
X4k2ovUblerOtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ljT1V5Yk9qYTJuNTdsLUpOcUwxRzVYcXpyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvNjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8x
L3JwWWx4TkZkQ0M1OGY2V2dnZEVwSTRpYjIwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
NjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8xL0ljT1V5Yk9qYTJu
NTdsLUpOcUwxRzVYcXpyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAi2E0AMEAVOLyjAMAwQCU4vUAwQB
U4vcAwQEU4vgMAwDBAFTi/IDBAFTi/QDBANVH6AwDQYJKoZIhvcNAQELBQADggEB
ABQ+Tt/2wBoKfyI0qMpynyRH7tJHdIGdg9gQwyB8I+JMPI16RVu/LLxjXXVw206I
Z7SMHSluzTdojwNs8h6aLGg5Xrw84NSkEXVCrEb/UNIv1TLdBxU1B/g3fAFMyQT5
okMw6g6s4JUqCdRm4qgFHFMB2MMo7P3geGmZ8UwfVeQo3bC+7uEyITKJkwX/D4VS
metezrTTpy+QVPrxX8sERuLdttHY/EApIoE1EKhVLTiRzAlZ7lwCT37xTN9ZPciq
KbbkY9gk5Ts8lyvDbyHYSo0HEM0/vv+ocpsbovEq6XUgL/dszSwyhizyUP/aPFc4
ka1piJ4zVPt9QNhoUBv7QcU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:29 2024 by rpki-client on console-fra.rpki-client.org