Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa
File:                     ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa (raw, json)
Hash identifier:          QsuAxk3I4qXO6K/+Iw+siI06P/LCqbT0BAxceX/XT8Y=
Subject key identifier:   66:D6:75:E1:0A:5B:A9:D5:C1:67:EE:BB:DC:34:8E:7B:CA:0D:D1:91
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       48776147
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa
Signing time:             Sat 01 Jan 2022 03:00:36 +0000
ROA not before:           Sat 01 Jan 2022 03:00:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200557
IP address blocks:        5.188.219.0/24 maxlen: 24
                          5.188.216.0/24 maxlen: 24
                          37.9.42.0/24 maxlen: 24
                          37.9.41.0/24 maxlen: 24
                          37.9.40.0/24 maxlen: 24
                          146.185.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1215783239 (0x48776147)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  1 03:00:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66d675e10a5ba9d5c167eebbdc348e7bca0dd191
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fb:3a:b6:3b:a0:bc:3d:9c:3a:cb:81:05:a6:
                    f2:44:f2:9f:99:0e:d9:d8:c9:61:f6:7b:90:40:c8:
                    5d:79:fd:e9:eb:c2:ce:e0:7a:f6:fd:8d:42:44:d6:
                    b2:1d:a7:69:39:ef:3a:0e:a6:36:5b:c1:71:e0:82:
                    f4:32:9a:26:04:a1:6b:a4:51:b4:f6:ce:c9:29:75:
                    27:0c:f1:28:7e:3b:0e:8d:e1:ba:ba:a9:79:22:f8:
                    17:e5:37:31:40:38:19:91:00:a8:29:d9:7b:d5:df:
                    46:d6:c1:69:9a:a7:45:52:f6:67:96:af:39:f9:50:
                    ec:9f:1c:da:ff:be:cb:43:f6:d8:55:7f:a5:02:82:
                    66:e9:d4:c7:4f:45:5b:11:3d:b5:72:59:7f:a1:17:
                    bb:dd:28:8e:73:1a:56:ad:8a:9d:fd:1e:d1:b8:cd:
                    5d:e8:a0:26:66:84:5c:f4:e7:69:ec:7a:e1:57:ac:
                    2c:c4:71:3c:41:8a:b7:c2:fd:ce:f3:27:f3:e2:1d:
                    ab:9a:92:1a:8b:49:5c:c7:d6:ed:3f:84:7d:2f:f5:
                    ff:2e:69:e2:07:8c:ef:f8:fa:34:fa:0e:b4:20:ee:
                    6b:06:2a:3a:0d:2d:8e:d8:f7:4d:7f:03:db:26:ff:
                    d9:c7:1c:ad:1b:df:e3:09:d4:c0:f3:cd:4d:d3:a3:
                    19:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D6:75:E1:0A:5B:A9:D5:C1:67:EE:BB:DC:34:8E:7B:CA:0D:D1:91
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZtZ14QpbqdXBZ-673DSOe8oN0ZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.216.0/24
                  5.188.219.0/24
                  37.9.40.0-37.9.42.255
                  146.185.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:cf:9c:fe:59:96:55:2f:9e:61:b9:db:d0:78:cf:0c:66:2c:
         85:fa:b5:63:9f:cf:f6:fb:c9:be:8c:c2:62:b6:b8:0c:84:49:
         41:5e:ff:b0:18:82:36:0f:42:d7:c5:c3:da:30:8b:dc:4b:32:
         68:81:43:bf:75:2d:0b:24:99:68:c6:95:ae:21:35:15:ca:c8:
         28:e2:32:05:a4:a8:4f:0a:92:8c:8c:70:84:e6:b9:6b:04:76:
         e2:11:ab:44:04:eb:3f:b5:e6:21:53:3b:f6:1e:ab:c2:80:1a:
         6d:41:5a:43:9c:bf:0f:08:3f:ee:a2:1d:ae:63:2f:fe:86:34:
         da:38:94:8d:3e:d7:ea:20:1f:ca:96:ba:49:20:67:3c:98:d7:
         03:5b:01:3e:93:c1:36:3a:77:5e:35:da:ad:c9:07:e1:85:4b:
         ed:48:58:2b:76:1a:65:61:7a:56:83:3b:27:e8:e7:4c:45:16:
         8b:a1:16:3a:75:a8:bd:b1:0c:eb:1f:3b:4d:4d:ad:67:7d:d4:
         33:c4:36:1b:1b:7b:4c:f6:96:ce:39:f1:8d:0b:da:66:93:8d:
         f6:2c:74:58:c9:c8:4f:e9:bd:d4:39:2f:16:ee:9c:fd:1f:7a:
         c3:5b:9f:b1:ac:58:82:d8:4a:a5:ff:cb:55:0f:90:6c:3b:1a:
         8f:4e:db:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIESHdhRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZkNjc1ZTEwYTVi
YTlkNWMxNjdlZWJiZGMzNDhlN2JjYTBkZDE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH7OrY7oLw9nDrLgQWm8kTyn5kO2djJYfZ7kEDIXXn96evC
zuB69v2NQkTWsh2naTnvOg6mNlvBceCC9DKaJgSha6RRtPbOySl1JwzxKH47Do3h
urqpeSL4F+U3MUA4GZEAqCnZe9XfRtbBaZqnRVL2Z5avOflQ7J8c2v++y0P22FV/
pQKCZunUx09FWxE9tXJZf6EXu90ojnMaVq2Knf0e0bjNXeigJmaEXPTnaex64Ves
LMRxPEGKt8L9zvMn8+Idq5qSGotJXMfW7T+EfS/1/y5p4geM7/j6NPoOtCDuawYq
Og0tjtj3TX8D2yb/2cccrRvf4wnUwPPNTdOjGc0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRm1nXhClup1cFn7rvcNI57yg3RkTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1p0WjE0UXBicWRYQlotNjczRFNPZThvTjBaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAAW82AMEAAW82zAMAwQDJQkoAwQA
JQkqAwQAkrnPMA0GCSqGSIb3DQEBCwUAA4IBAQAPz5z+WZZVL55hudvQeM8MZiyF
+rVjn8/2+8m+jMJitrgMhElBXv+wGII2D0LXxcPaMIvcSzJogUO/dS0LJJloxpWu
ITUVysgo4jIFpKhPCpKMjHCE5rlrBHbiEatEBOs/teYhUzv2HqvCgBptQVpDnL8P
CD/uoh2uYy/+hjTaOJSNPtfqIB/KlrpJIGc8mNcDWwE+k8E2OndeNdqtyQfhhUvt
SFgrdhplYXpWgzsn6OdMRRaLoRY6dai9sQzrHztNTa1nfdQzxDYbG3tM9pbOOfGN
C9pmk432LHRYychP6b3UOS8W7pz9H3rDW5+xrFiC2Eql/8tVD5BsOxqPTtu6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org