Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/CBg_3tL54wkFjb67BnOjyNBbEWE.roa
File:                     CBg_3tL54wkFjb67BnOjyNBbEWE.roa (raw, json)
Hash identifier:          gZCqdYFDhoLENqDK5cpJguH0q+I6aB30k2p3kkA9JAY=
Subject key identifier:   08:18:3F:DE:D2:F9:E3:09:05:8D:BE:BB:06:73:A3:C8:D0:5B:11:61
Certificate issuer:       /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial:       09457566
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/CBg_3tL54wkFjb67BnOjyNBbEWE.roa
Signing time:             Sat 28 May 2022 21:55:15 +0000
ROA not before:           Sat 28 May 2022 21:55:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62075
IP address blocks:        82.115.216.0/24 maxlen: 24
                          2a0e:c6c0::/32 maxlen: 32
                          2a0d:2d42::/32 maxlen: 32
                          2001:67c:18d4::/48 maxlen: 48
                          2a0d:2d44::/32 maxlen: 32
                          2a0d:2d43::/32 maxlen: 32
                          2a0d:2d40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155546982 (0x9457566)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
        Validity
            Not Before: May 28 21:55:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08183fded2f9e309058dbebb0673a3c8d05b1161
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b1:4f:de:86:cf:5a:44:bc:8b:ab:82:3e:e3:
                    4e:66:35:dd:b5:1a:a8:32:9a:65:8d:5a:c2:96:1a:
                    ec:28:90:b6:4d:16:b7:83:8b:f2:ce:50:b7:a3:da:
                    f9:47:ac:88:fe:63:7c:a8:d4:f9:83:85:73:e8:e3:
                    5f:9c:cd:06:90:4e:fd:33:f9:a9:71:a3:98:c6:d8:
                    bf:79:cc:bd:2f:fe:07:3d:5a:29:33:8a:cd:43:22:
                    bf:6a:7f:b4:6c:45:26:0c:1b:fd:2a:5d:23:f1:49:
                    ff:18:31:af:5c:47:32:94:97:ba:09:24:8e:11:d0:
                    04:de:42:01:c1:23:e8:db:40:98:d0:2d:46:43:c3:
                    1b:5a:df:8f:75:70:43:37:6e:6d:4a:10:b8:6b:fa:
                    f2:11:4d:32:d2:6c:e0:15:96:88:24:97:17:e5:7f:
                    2b:e4:31:8f:a0:41:2b:65:e9:7e:17:55:02:3e:cd:
                    62:15:1f:7b:7c:af:12:d1:7d:d3:f6:e5:5a:f3:b5:
                    a9:64:6a:76:2a:83:c0:0a:3c:76:e0:75:9b:b5:2c:
                    b7:de:fa:00:f4:e9:44:15:9c:5c:e6:4c:b7:cb:07:
                    8a:5a:fd:f8:bb:ef:46:c8:3a:52:56:91:b5:5b:6c:
                    93:d2:5c:17:04:9c:94:c0:29:47:fb:bf:7c:44:fd:
                    21:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:18:3F:DE:D2:F9:E3:09:05:8D:BE:BB:06:73:A3:C8:D0:5B:11:61
            X509v3 Authority Key Identifier:
                keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/CBg_3tL54wkFjb67BnOjyNBbEWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.216.0/24
                IPv6:
                  2001:67c:18d4::/48
                  2a0d:2d40::/32
                  2a0d:2d42::-2a0d:2d44:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0e:c6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:1f:f9:fc:58:9f:71:15:6d:59:ac:71:6c:30:fe:db:53:b4:
         0a:20:2d:15:82:19:31:06:22:ce:3a:a3:6b:7a:cc:75:05:af:
         b0:76:b9:8d:82:1f:0f:a1:a6:08:50:57:35:4d:86:ec:6a:67:
         b0:57:6c:73:76:13:f2:c5:58:dd:9b:15:7b:a6:1f:0a:28:de:
         e3:9c:c0:8b:30:11:74:0c:58:79:c0:6a:82:a1:02:f8:5b:b1:
         42:33:fd:2b:18:e5:aa:59:78:30:dd:4c:ad:96:78:0b:0f:27:
         5a:92:1e:60:18:1f:02:20:9e:21:30:0b:43:f4:ce:1f:5e:54:
         4d:83:f7:4c:b4:e3:ea:de:34:5a:9f:f2:c9:f9:48:5f:66:cd:
         c7:64:2b:28:fa:39:82:b7:61:e5:9d:96:fb:f2:e6:34:ec:a5:
         d5:33:dc:95:5b:1c:27:f0:6d:0d:f9:6f:43:ac:c0:94:a2:34:
         bc:41:97:65:f3:d1:6a:d9:3c:40:19:04:da:be:ef:dc:79:10:
         64:f5:6b:11:19:8d:30:cc:5f:30:b2:16:a5:46:95:70:1c:5a:
         28:a3:e6:4e:1e:e2:54:2f:34:d0:3b:1b:17:fc:41:25:76:46:
         e4:82:84:ff:b1:14:4d:27:49:ee:81:7e:02:aa:e0:40:7b:75:
         be:c8:1e:51
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECUV1ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjhjNjVlNjk5YjU3NmFiMTEzYTc5YmU4ODI4OTQ4ZjFlNmNjMjYwMB4XDTIyMDUy
ODIxNTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgxODNmZGVkMmY5
ZTMwOTA1OGRiZWJiMDY3M2EzYzhkMDViMTE2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+xT96Gz1pEvIurgj7jTmY13bUaqDKaZY1awpYa7CiQtk0W
t4OL8s5Qt6Pa+UesiP5jfKjU+YOFc+jjX5zNBpBO/TP5qXGjmMbYv3nMvS/+Bz1a
KTOKzUMiv2p/tGxFJgwb/SpdI/FJ/xgxr1xHMpSXugkkjhHQBN5CAcEj6NtAmNAt
RkPDG1rfj3VwQzdubUoQuGv68hFNMtJs4BWWiCSXF+V/K+Qxj6BBK2XpfhdVAj7N
YhUfe3yvEtF90/blWvO1qWRqdiqDwAo8duB1m7Ust976APTpRBWcXOZMt8sHilr9
+LvvRsg6UlaRtVtsk9JcFwSclMApR/u/fET9IUcCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQIGD/e0vnjCQWNvrsGc6PI0FsRYTAfBgNVHSMEGDAWgBTGjGXmmbV2qxE6
eb6IKJSPHmzCYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hveGw1cG0xZHFzUk9ubS1pQ2lVang1c3dtQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvMzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8x
L0NCZ18zdEw1NHdrRmpiNjdCbk9qeU5CYkVXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
MzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8xL3hveGw1cG0xZHFz
Uk9ubS1pQ2lVang1c3dtQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wDAQCAAEwBgMEAFJz2DAtBAIAAjAnAwcAIAEGfBjU
AwUAKg0tQDAOAwUBKg0tQgMFACoNLUQDBQAqDsbAMA0GCSqGSIb3DQEBCwUAA4IB
AQARH/n8WJ9xFW1ZrHFsMP7bU7QKIC0VghkxBiLOOqNresx1Ba+wdrmNgh8PoaYI
UFc1TYbsamewV2xzdhPyxVjdmxV7ph8KKN7jnMCLMBF0DFh5wGqCoQL4W7FCM/0r
GOWqWXgw3UytlngLDydakh5gGB8CIJ4hMAtD9M4fXlRNg/dMtOPq3jRan/LJ+Uhf
Zs3HZCso+jmCt2HlnZb78uY07KXVM9yVWxwn8G0N+W9DrMCUojS8QZdl89Fq2TxA
GQTavu/ceRBk9WsRGY0wzF8wshalRpVwHFooo+ZOHuJULzTQOxsX/EEldkbkgoT/
sRRNJ0nugX4CquBAe3W+yB5R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:00 2024 by rpki-client on console-fra.rpki-client.org