Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/keSdLAlbPLh62LBkkgV35Vrd5R0.roa
File:                     keSdLAlbPLh62LBkkgV35Vrd5R0.roa (raw, json)
Hash identifier:          lH8vyA9KNmkgw1w7sy7Zroeagapmv/1YwCQuefQ9sI0=
Subject key identifier:   91:E4:9D:2C:09:5B:3C:B8:7A:D8:B0:64:92:05:77:E5:5A:DD:E5:1D
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0868BF20
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/keSdLAlbPLh62LBkkgV35Vrd5R0.roa
Signing time:             Tue 03 May 2022 13:32:00 +0000
ROA not before:           Tue 03 May 2022 13:32:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        193.30.241.0/24 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          195.177.94.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141082400 (0x868bf20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: May  3 13:32:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=91e49d2c095b3cb87ad8b064920577e55adde51d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:1f:03:65:28:25:42:9c:af:7d:25:90:64:
                    14:34:ff:e7:1f:99:56:fb:ce:74:7b:8a:d7:a6:3c:
                    88:31:2e:a5:d9:61:dc:4a:27:04:54:3d:92:a1:fd:
                    8f:48:f6:d1:a7:8c:0e:35:d4:c5:e1:aa:ab:77:68:
                    5c:f3:db:32:0b:27:75:35:d0:63:1e:85:41:ed:fb:
                    62:2d:d1:a3:9b:6f:03:82:16:6d:46:a6:4f:be:d2:
                    28:4a:14:42:63:f5:48:73:12:88:28:36:18:90:3b:
                    c5:e7:9f:ed:18:c3:84:ab:e6:b6:41:c7:ea:4d:11:
                    84:ea:d5:0d:7c:11:0f:62:23:01:1e:97:ca:93:28:
                    82:4c:d1:e0:a0:f2:9c:50:75:4d:03:15:f0:34:70:
                    61:67:27:f3:89:d7:87:a6:3c:db:53:e6:fb:38:64:
                    87:47:67:d8:9d:05:b6:de:b4:57:af:f7:af:29:22:
                    ae:47:82:ec:2f:26:e2:db:cb:91:34:1d:79:8b:91:
                    dc:13:a7:bd:0a:6b:af:c7:ab:10:32:cf:18:69:d3:
                    b9:2a:d6:38:3a:80:24:81:3b:88:28:96:64:98:a6:
                    46:a4:bc:d6:3b:b0:34:a0:97:3f:4f:e7:47:df:38:
                    9f:30:2e:2d:cb:86:a9:1f:3e:e6:62:3d:10:84:f3:
                    3f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:E4:9D:2C:09:5B:3C:B8:7A:D8:B0:64:92:05:77:E5:5A:DD:E5:1D
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/keSdLAlbPLh62LBkkgV35Vrd5R0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.181.0/24
                  77.83.37.0/24
                  193.30.241.0/24
                  195.177.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:0e:98:aa:d6:c8:4f:1a:3d:69:43:3b:75:55:4b:2d:46:9a:
         62:53:f3:88:9a:39:b3:84:f2:f8:55:28:52:1e:f4:69:02:11:
         28:2e:b9:5c:19:e4:ef:0c:aa:8b:98:ec:04:ab:44:ad:d2:1f:
         3a:64:53:8a:d1:1b:f7:d5:2d:d5:09:a4:ec:ff:2d:03:ba:72:
         34:37:6f:58:13:2d:01:98:f4:89:a7:46:ce:0e:f7:55:6b:00:
         5d:84:04:64:cc:0c:5a:e4:93:25:ad:39:b0:36:a8:bd:be:c8:
         36:09:01:5b:3b:71:bc:2f:82:c9:33:78:95:13:ef:1b:30:62:
         d4:b0:1c:a4:76:ef:ed:10:dc:f3:8d:04:62:15:87:c8:80:90:
         45:66:f9:ed:86:c7:54:f9:89:de:2c:f4:f6:44:72:de:0b:8d:
         5d:94:f1:ee:75:ae:5e:f6:2c:09:d6:c0:c1:e2:b7:74:1c:e9:
         1c:d4:f7:f0:8c:63:d5:03:dc:0d:03:1e:e0:15:fb:5e:ab:7c:
         61:cd:a0:5c:8b:b0:8d:af:d4:fe:3a:4b:d4:fb:fe:b4:7b:14:
         2b:a4:05:e3:9d:72:8e:cf:54:f8:14:6e:cb:8b:d6:3f:26:8a:
         9b:f1:ff:77:57:b4:ff:dc:c1:90:9a:4a:e5:fb:ce:c6:4a:bf:
         05:0a:ff:90
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECGi/IDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDUw
MzEzMzIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFlNDlkMmMwOTVi
M2NiODdhZDhiMDY0OTIwNTc3ZTU1YWRkZTUxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqHHwNlKCVCnK99JZBkFDT/5x+ZVvvOdHuK16Y8iDEupdlh
3EonBFQ9kqH9j0j20aeMDjXUxeGqq3doXPPbMgsndTXQYx6FQe37Yi3Ro5tvA4IW
bUamT77SKEoUQmP1SHMSiCg2GJA7xeef7RjDhKvmtkHH6k0RhOrVDXwRD2IjAR6X
ypMogkzR4KDynFB1TQMV8DRwYWcn84nXh6Y821Pm+zhkh0dn2J0Ftt60V6/3ryki
rkeC7C8m4tvLkTQdeYuR3BOnvQprr8erEDLPGGnTuSrWODqAJIE7iCiWZJimRqS8
1juwNKCXP0/nR984nzAuLcuGqR8+5mI9EITzP2kCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSR5J0sCVs8uHrYsGSSBXflWt3lHTAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L2tlU2RMQWxiUExoNjJMQmtrZ1YzNVZyZDVSMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2EtQMEAE1TJQMEAMEe8QMEAMOx
XjANBgkqhkiG9w0BAQsFAAOCAQEAoQ6YqtbITxo9aUM7dVVLLUaaYlPziJo5s4Ty
+FUoUh70aQIRKC65XBnk7wyqi5jsBKtErdIfOmRTitEb99Ut1Qmk7P8tA7pyNDdv
WBMtAZj0iadGzg73VWsAXYQEZMwMWuSTJa05sDaovb7INgkBWztxvC+CyTN4lRPv
GzBi1LAcpHbv7RDc840EYhWHyICQRWb57YbHVPmJ3iz09kRy3guNXZTx7nWuXvYs
CdbAweK3dBzpHNT38Ixj1QPcDQMe4BX7Xqt8Yc2gXIuwja/U/jpL1Pv+tHsUK6QF
451yjs9U+BRuy4vWPyaKm/H/d1e0/9zBkJpK5fvOxkq/BQr/kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org