Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa
File:                     qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa (raw, json)
Hash identifier:          XPPYx65tX6rrqKOuQKaO8r7U6BP+EeGtF0f5ELQ/Zsc=
Subject key identifier:   A8:E9:86:CC:8A:5A:0C:7D:AC:2B:FC:C6:3E:93:86:16:C8:2D:72:80
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       034CBCF4
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa
Signing time:             Tue 21 Jun 2022 12:52:47 +0000
ROA not before:           Tue 21 Jun 2022 12:52:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     11426
IP address blocks:        45.157.72.0/23 maxlen: 23
                          141.98.240.0/24 maxlen: 24
                          141.98.241.0/24 maxlen: 24
                          193.31.72.0/24 maxlen: 24
                          193.31.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55360756 (0x34cbcf4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 21 12:52:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8e986cc8a5a0c7dac2bfcc63e938616c82d7280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a8:f3:8a:c5:92:20:db:cd:a7:ac:9e:de:ff:
                    f5:6b:10:b7:c3:75:20:fe:0a:f8:f0:35:62:e3:b7:
                    6c:8a:de:10:e6:a1:56:49:8a:06:e5:59:e7:81:ed:
                    6a:3a:6a:ed:f0:d5:a4:0c:ec:16:1a:93:ba:fa:b5:
                    5e:aa:7f:99:3f:e9:63:d5:f8:c9:03:6e:15:9a:98:
                    f9:dd:85:5f:4b:c0:20:63:85:94:7a:ef:34:4b:c8:
                    43:44:5a:f8:29:57:7c:ba:18:66:ca:cd:e8:43:7c:
                    34:cc:5b:85:e2:f3:9b:8e:22:95:3c:8b:e0:13:31:
                    e3:be:ff:33:5d:14:d9:c9:88:83:e5:f5:b7:d0:5d:
                    05:55:7a:33:ab:93:ac:b6:08:a2:74:4b:f0:13:5f:
                    bf:a9:4a:92:6a:27:03:4f:1c:14:60:84:d9:d2:db:
                    51:f9:5d:ea:ee:98:6f:00:73:e2:1f:5f:51:0a:a4:
                    ad:41:5c:46:38:76:2d:96:0d:3e:85:16:66:37:a7:
                    8e:e6:55:32:db:c0:9d:3e:4b:67:6f:08:68:26:b6:
                    0a:43:9d:e7:5f:ad:12:48:b6:55:94:2f:a9:6d:f4:
                    c5:af:15:d0:fc:eb:43:a0:46:b9:c5:65:34:13:03:
                    48:82:41:fe:b9:3b:0c:8b:42:72:bf:5b:22:d7:cd:
                    36:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:E9:86:CC:8A:5A:0C:7D:AC:2B:FC:C6:3E:93:86:16:C8:2D:72:80
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.72.0/23
                  141.98.240.0/23
                  193.31.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:bd:39:ce:a1:b1:b8:ab:fc:32:7f:db:29:03:19:0a:3e:e3:
         bd:5c:65:d8:e3:b3:1c:cc:af:31:8f:2a:13:52:5d:8c:14:94:
         0e:8d:28:5b:3d:7b:3b:22:23:a8:8f:7a:0c:79:4b:d9:83:d0:
         f7:ad:0b:32:ad:35:cd:f1:c1:a5:e4:6b:fc:a1:2b:c6:78:d4:
         a5:92:62:0a:93:97:45:97:ec:3d:d8:7f:46:d3:bc:da:2b:11:
         78:7b:e9:a8:75:5b:21:a3:71:20:8c:5e:21:cd:05:29:05:4c:
         dc:71:c1:1d:35:43:7d:cf:31:04:ef:90:fb:44:50:48:b4:2d:
         ab:e4:bb:9e:9e:39:fe:28:c6:a8:02:00:77:4b:09:5a:f6:be:
         7e:b6:69:66:f2:1d:24:af:76:f0:07:34:c7:e5:52:f9:2b:23:
         1b:d1:64:10:e4:63:81:72:15:75:a9:c4:5f:ae:a2:5f:d7:aa:
         50:1f:18:70:f6:1a:a6:ff:cf:d3:f1:be:4a:17:d6:08:5d:da:
         a2:61:a4:86:ed:7f:04:53:a9:f4:7a:f1:85:94:3d:3b:35:ad:
         9e:64:11:31:e7:ff:86:3a:6c:d5:f5:05:e9:09:c7:89:4c:46:
         ce:71:da:9d:e8:51:67:2b:dc:3b:56:cb:f7:17:f4:54:db:6e:
         d8:da:8f:e9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA0y89DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDYy
MTEyNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThlOTg2Y2M4YTVh
MGM3ZGFjMmJmY2M2M2U5Mzg2MTZjODJkNzI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeo84rFkiDbzaesnt7/9WsQt8N1IP4K+PA1YuO3bIreEOah
VkmKBuVZ54Htajpq7fDVpAzsFhqTuvq1Xqp/mT/pY9X4yQNuFZqY+d2FX0vAIGOF
lHrvNEvIQ0Ra+ClXfLoYZsrN6EN8NMxbheLzm44ilTyL4BMx477/M10U2cmIg+X1
t9BdBVV6M6uTrLYIonRL8BNfv6lKkmonA08cFGCE2dLbUfld6u6YbwBz4h9fUQqk
rUFcRjh2LZYNPoUWZjenjuZVMtvAnT5LZ28IaCa2CkOd51+tEki2VZQvqW30xa8V
0PzrQ6BGucVlNBMDSIJB/rk7DItCcr9bItfNNn0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSo6YbMiloMfawr/MY+k4YWyC1ygDAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L3FPbUd6SXBhREgyc0tfekdQcE9HRnNndGNvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS2dSAMEAY1i8AMEAcEfSDANBgkq
hkiG9w0BAQsFAAOCAQEAM705zqGxuKv8Mn/bKQMZCj7jvVxl2OOzHMyvMY8qE1Jd
jBSUDo0oWz17OyIjqI96DHlL2YPQ960LMq01zfHBpeRr/KErxnjUpZJiCpOXRZfs
Pdh/RtO82isReHvpqHVbIaNxIIxeIc0FKQVM3HHBHTVDfc8xBO+Q+0RQSLQtq+S7
np45/ijGqAIAd0sJWva+frZpZvIdJK928Ac0x+VS+SsjG9FkEORjgXIVdanEX66i
X9eqUB8YcPYapv/P0/G+ShfWCF3aomGkhu1/BFOp9HrxhZQ9OzWtnmQRMef/hjps
1fUF6QnHiUxGznHanehRZyvcO1bL9xf0VNtu2NqP6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:54 2024 by rpki-client on console-fra.rpki-client.org