Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/hxhhwvhOMYuCoUbByyfQbm8NMdw.roa
File:                     hxhhwvhOMYuCoUbByyfQbm8NMdw.roa (raw, json)
Hash identifier:          kUMzqeknkB+tXUMf9dtozQtJyw46wER78ZrLPnzqeo8=
Subject key identifier:   87:18:61:C2:F8:4E:31:8B:82:A1:46:C1:CB:27:D0:6E:6F:0D:31:DC
Certificate issuer:       /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial:       07DF08B9
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/hxhhwvhOMYuCoUbByyfQbm8NMdw.roa
Signing time:             Sat 01 Jan 2022 15:02:34 +0000
ROA not before:           Sat 01 Jan 2022 15:02:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62075
IP address blocks:        82.115.216.0/24 maxlen: 24
                          45.140.210.0/23 maxlen: 24
                          45.140.209.0/24 maxlen: 24
                          2a0e:c6c0::/32 maxlen: 32
                          2a0d:2d42::/32 maxlen: 32
                          2001:67c:18d4::/48 maxlen: 48
                          2a0d:2d45::/32 maxlen: 32
                          2a0d:2d44::/32 maxlen: 32
                          2a0d:2d43::/32 maxlen: 32
                          2a0d:2d40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132057273 (0x7df08b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
        Validity
            Not Before: Jan  1 15:02:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=871861c2f84e318b82a146c1cb27d06e6f0d31dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:15:cf:04:da:0b:2c:00:82:01:79:c6:c2:f5:
                    04:25:c6:58:03:fb:fe:c8:fc:48:75:43:d3:25:6f:
                    96:0e:7b:45:4d:19:32:0e:95:a5:fa:26:33:29:8f:
                    bd:27:8f:37:cb:c4:b0:e4:80:d1:e4:78:18:c8:8b:
                    66:24:ae:de:eb:22:c7:ed:49:83:29:7b:76:db:9f:
                    0b:cb:77:cf:29:3a:09:94:c0:69:38:12:32:e6:b3:
                    14:d8:99:98:2d:47:dd:c0:87:e6:43:54:9e:88:cf:
                    f2:68:e3:ce:5e:86:ce:00:d0:09:bf:46:12:84:ec:
                    6a:92:40:38:2a:72:a0:c4:de:ae:b2:7b:88:d8:d2:
                    60:36:0f:3b:c6:93:e9:b7:3b:1a:7a:66:f9:a8:b5:
                    40:da:86:6d:73:41:b2:4f:6a:b4:c7:3d:79:28:0a:
                    67:d8:3c:2b:a1:82:83:c7:fd:f8:17:93:32:b5:03:
                    48:37:dd:a6:82:f8:57:18:01:06:24:c6:2a:e5:51:
                    dd:ba:4d:5f:18:9a:0c:a2:6d:87:9e:b8:21:46:32:
                    c8:76:15:de:91:5e:02:bf:13:1c:47:f4:ee:c7:2b:
                    a5:48:f2:df:df:60:59:4d:a6:ab:7d:4d:70:61:4f:
                    72:d7:b6:09:e2:a9:47:66:93:97:1f:08:41:f7:8e:
                    43:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:18:61:C2:F8:4E:31:8B:82:A1:46:C1:CB:27:D0:6E:6F:0D:31:DC
            X509v3 Authority Key Identifier:
                keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/hxhhwvhOMYuCoUbByyfQbm8NMdw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.209.0-45.140.211.255
                  82.115.216.0/24
                IPv6:
                  2001:67c:18d4::/48
                  2a0d:2d40::/32
                  2a0d:2d42::-2a0d:2d45:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0e:c6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:9a:20:fb:e5:2b:55:f3:07:4e:15:eb:ce:3f:0c:2f:b7:51:
         99:b8:23:e7:94:2b:fe:26:34:47:fa:2e:0a:2d:67:c2:7f:57:
         82:9c:99:34:7b:67:ba:50:d7:b3:52:ab:65:ed:d5:72:61:42:
         b6:ad:b5:2a:cb:7a:9e:30:1e:1e:a1:a1:3c:27:71:d4:5f:1e:
         97:07:ee:d8:fe:79:b6:c6:bb:c9:35:31:2a:c1:86:0f:97:6e:
         47:8e:2f:63:9c:49:93:6e:30:33:7a:47:a9:33:18:44:df:58:
         74:2e:a7:80:6a:6a:82:f3:4b:08:1b:bf:e5:68:fb:e2:2f:b7:
         43:c7:0d:a5:8b:8e:8f:4c:9a:c2:2a:4e:b0:61:8c:88:0b:e2:
         04:ef:52:7e:ae:10:52:ed:8f:98:32:b8:07:76:54:eb:30:ac:
         5e:44:de:2c:e5:c8:b8:07:08:2a:97:32:6d:83:83:d9:ff:14:
         ab:53:7a:10:2e:39:75:e6:53:67:49:43:1b:2e:e6:c1:7b:d0:
         2b:21:0b:c9:1f:ba:6f:9b:94:2d:61:e0:a8:68:31:a0:3e:4a:
         76:54:7b:97:bb:b7:5c:91:af:21:1d:a4:51:bd:e7:c6:0e:86:
         5e:a9:2b:ac:50:da:32:36:51:00:b2:86:dd:fd:57:72:18:65:
         ed:a4:70:c0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEB98IuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjhjNjVlNjk5YjU3NmFiMTEzYTc5YmU4ODI4OTQ4ZjFlNmNjMjYwMB4XDTIyMDEw
MTE1MDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcxODYxYzJmODRl
MzE4YjgyYTE0NmMxY2IyN2QwNmU2ZjBkMzFkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYVzwTaCywAggF5xsL1BCXGWAP7/sj8SHVD0yVvlg57RU0Z
Mg6VpfomMymPvSePN8vEsOSA0eR4GMiLZiSu3usix+1Jgyl7dtufC8t3zyk6CZTA
aTgSMuazFNiZmC1H3cCH5kNUnojP8mjjzl6GzgDQCb9GEoTsapJAOCpyoMTerrJ7
iNjSYDYPO8aT6bc7Gnpm+ai1QNqGbXNBsk9qtMc9eSgKZ9g8K6GCg8f9+BeTMrUD
SDfdpoL4VxgBBiTGKuVR3bpNXxiaDKJth564IUYyyHYV3pFeAr8THEf07scrpUjy
399gWU2mq31NcGFPcte2CeKpR2aTlx8IQfeOQw8CAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBSHGGHC+E4xi4KhRsHLJ9Bubw0x3DAfBgNVHSMEGDAWgBTGjGXmmbV2qxE6
eb6IKJSPHmzCYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hveGw1cG0xZHFzUk9ubS1pQ2lVang1c3dtQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvMzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8x
L2h4aGh3dmhPTVl1Q29VYkJ5eWZRYm04Tk1kdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
MzQwYzczLTc5ZWUtNDkyNi04ZTRmLTYwN2Q0ZjM3ZjU5Zi8xL3hveGw1cG0xZHFz
Uk9ubS1pQ2lVang1c3dtQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswGgQCAAEwFDAMAwQALYzRAwQCLYzQAwQAUnPYMC0E
AgACMCcDBwAgAQZ8GNQDBQAqDS1AMA4DBQEqDS1CAwUBKg0tRAMFACoOxsAwDQYJ
KoZIhvcNAQELBQADggEBAG+aIPvlK1XzB04V684/DC+3UZm4I+eUK/4mNEf6Lgot
Z8J/V4KcmTR7Z7pQ17NSq2Xt1XJhQrattSrLep4wHh6hoTwncdRfHpcH7tj+ebbG
u8k1MSrBhg+XbkeOL2OcSZNuMDN6R6kzGETfWHQup4BqaoLzSwgbv+Vo++Ivt0PH
DaWLjo9MmsIqTrBhjIgL4gTvUn6uEFLtj5gyuAd2VOswrF5E3izlyLgHCCqXMm2D
g9n/FKtTehAuOXXmU2dJQxsu5sF70CshC8kfum+blC1h4KhoMaA+SnZUe5e7t1yR
ryEdpFG958YOhl6pK6xQ2jI2UQCyht39V3IYZe2kcMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:00 2024 by rpki-client on console-fra.rpki-client.org