Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa
File:                     CGgH-WT71PIxNCOP-mHL1gCYjtE.roa (raw, json)
Hash identifier:          SLxzfz86/NExgPoRMe1XOpatUY+ppPLKjCQuqNR+80c=
Subject key identifier:   08:68:07:F9:64:FB:D4:F2:31:34:23:8F:FA:61:CB:D6:00:98:8E:D1
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       085BF0F2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa
Signing time:             Fri 29 Apr 2022 13:18:47 +0000
ROA not before:           Fri 29 Apr 2022 13:18:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        45.13.190.0/24 maxlen: 24
                          5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          45.151.3.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          195.177.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140243186 (0x85bf0f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Apr 29 13:18:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=086807f964fbd4f23134238ffa61cbd600988ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:4a:9e:1e:84:ec:cf:72:5c:81:76:39:e8:2c:
                    16:ab:3e:a2:2a:87:91:10:bc:d7:05:49:0e:6e:11:
                    ca:40:9c:2a:76:1d:f3:67:4c:6d:9b:bf:1f:c9:3e:
                    53:fa:d6:ef:7a:35:b9:ab:ed:a7:a7:12:bf:3a:2a:
                    7f:cc:64:68:b2:f9:3b:36:39:80:6f:72:d3:07:8d:
                    ef:49:9d:3d:c2:2b:de:77:c0:3a:5c:7b:eb:ea:90:
                    cb:2b:70:54:af:91:e3:3a:80:05:b0:56:4d:21:a3:
                    45:d4:71:46:91:19:f7:1b:c3:25:1e:3d:52:f4:30:
                    a4:56:ab:cd:d0:9e:8a:f4:8c:b2:ef:4d:3a:ce:e3:
                    b0:9c:8a:44:cb:db:7b:27:87:be:c7:0d:d5:cc:ed:
                    54:de:ed:7e:79:f2:d0:19:15:25:dd:21:fa:f5:cf:
                    0f:5d:aa:17:de:3e:f0:ff:d5:bd:00:85:1b:c8:1d:
                    57:79:0a:d5:90:d1:22:b9:ac:93:ce:d9:59:09:09:
                    0d:bd:83:61:f0:40:a7:03:a8:4a:73:aa:5f:65:3b:
                    f3:f1:67:dd:c7:21:be:60:7c:08:cd:7b:73:d2:f1:
                    9a:ec:6e:84:5a:c8:70:83:23:1b:23:95:12:ad:99:
                    06:72:70:4d:2d:bb:05:a5:1f:1b:4b:a0:1b:c4:ec:
                    35:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:68:07:F9:64:FB:D4:F2:31:34:23:8F:FA:61:CB:D6:00:98:8E:D1
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  45.13.190.0/24
                  45.144.212.0/24
                  45.151.3.0/24
                  195.177.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:b1:23:f7:55:aa:bb:d0:e6:0a:c7:41:be:3e:b3:74:0d:21:
         7b:e2:bb:93:0b:2c:35:6e:e5:f8:de:7b:94:53:9d:77:a2:36:
         b6:49:28:2a:ef:7b:b0:ff:b8:c3:bc:d0:85:38:cf:55:29:eb:
         23:b2:0d:56:03:2f:b8:35:ca:1c:14:36:b1:55:6a:b2:93:c3:
         b8:f4:14:f8:7c:42:0a:a4:41:c0:f5:c4:b5:57:c0:fb:8f:95:
         2e:4b:9a:c0:95:78:89:68:ce:56:f0:c9:bd:db:45:54:09:2e:
         fa:a1:22:48:7a:2f:d5:11:28:7c:c6:b8:b6:7c:a4:d3:40:55:
         cf:64:aa:1f:f9:11:23:2b:e5:d5:ad:24:dc:f3:f1:e5:a5:94:
         10:4a:e7:86:38:d3:97:00:be:2d:39:75:c2:91:2d:a9:08:52:
         de:55:3a:c9:0f:8e:97:c2:c5:05:e0:3c:c6:c5:0e:e9:ae:78:
         c8:d0:4d:da:d7:db:7f:af:fd:53:83:0b:28:cd:8d:d6:a0:4b:
         20:b9:0e:28:43:a3:bc:a8:e5:4a:cb:7f:e4:09:b6:0a:74:06:
         d5:5a:48:77:2c:11:85:ae:eb:df:20:b2:6f:cd:44:70:3a:ba:
         2b:62:c6:5c:d8:f2:d1:30:fd:69:99:ac:ba:f8:ee:89:06:61:
         f4:96:be:04
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECFvw8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDQy
OTEzMTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg2ODA3Zjk2NGZi
ZDRmMjMxMzQyMzhmZmE2MWNiZDYwMDk4OGVkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPdKnh6E7M9yXIF2OegsFqs+oiqHkRC81wVJDm4RykCcKnYd
82dMbZu/H8k+U/rW73o1uavtp6cSvzoqf8xkaLL5OzY5gG9y0weN70mdPcIr3nfA
Olx76+qQyytwVK+R4zqABbBWTSGjRdRxRpEZ9xvDJR49UvQwpFarzdCeivSMsu9N
Os7jsJyKRMvbeyeHvscN1cztVN7tfnny0BkVJd0h+vXPD12qF94+8P/VvQCFG8gd
V3kK1ZDRIrmsk87ZWQkJDb2DYfBApwOoSnOqX2U78/Fn3cchvmB8CM17c9Lxmuxu
hFrIcIMjGyOVEq2ZBnJwTS27BaUfG0ugG8TsNWsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQIaAf5ZPvU8jE0I4/6YcvWAJiO0TAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L0NHZ0gtV1Q3MVBJeE5DT1AtbUhMMWdDWWp0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAQW1VAMEAC0NvgMEAC2Q1AMEAC2X
AwMEAMOxXDANBgkqhkiG9w0BAQsFAAOCAQEAN7Ej91Wqu9DmCsdBvj6zdA0he+K7
kwssNW7l+N57lFOdd6I2tkkoKu97sP+4w7zQhTjPVSnrI7INVgMvuDXKHBQ2sVVq
spPDuPQU+HxCCqRBwPXEtVfA+4+VLkuawJV4iWjOVvDJvdtFVAku+qEiSHov1REo
fMa4tnyk00BVz2SqH/kRIyvl1a0k3PPx5aWUEErnhjjTlwC+LTl1wpEtqQhS3lU6
yQ+Ol8LFBeA8xsUO6a54yNBN2tfbf6/9U4MLKM2N1qBLILkOKEOjvKjlSst/5Am2
CnQG1VpIdywRha7r3yCyb81EcDq6K2LGXNjy0TD9aZmsuvjuiQZh9Ja+BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org