Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/aXWtT0wtTvMSlYEka5zn7m6MVX8.roa
File:                     aXWtT0wtTvMSlYEka5zn7m6MVX8.roa (raw, json)
Hash identifier:          xmKib33YPAz9zMHJEFn6tv8EJOcEwYWxRfmZVIJGwhk=
Subject key identifier:   69:75:AD:4F:4C:2D:4E:F3:12:95:81:24:6B:9C:E7:EE:6E:8C:55:7F
Certificate issuer:       /CN=80ebaf2cba8359438e434123dda7a5a396f5f519
Certificate serial:       3558FEFB
Authority key identifier: 80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/aXWtT0wtTvMSlYEka5zn7m6MVX8.roa
Signing time:             Thu 02 Jun 2022 09:23:21 +0000
ROA not before:           Thu 02 Jun 2022 09:23:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211225
IP address blocks:        37.205.4.0/24 maxlen: 24
                          37.205.2.0/24 maxlen: 24
                          37.205.3.0/24 maxlen: 24
                          37.205.1.0/24 maxlen: 24
                          37.205.0.0/24 maxlen: 24
                          37.205.5.0/24 maxlen: 24
                          37.205.6.0/24 maxlen: 24
                          37.205.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 895024891 (0x3558fefb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80ebaf2cba8359438e434123dda7a5a396f5f519
        Validity
            Not Before: Jun  2 09:23:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6975ad4f4c2d4ef3129581246b9ce7ee6e8c557f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cf:7f:18:d2:8f:e9:fe:83:ad:00:69:a5:91:
                    18:43:d2:89:48:18:53:51:76:a3:03:d1:55:5b:27:
                    86:99:a4:95:08:64:2b:f1:67:92:59:7d:3e:3c:3a:
                    bd:76:26:a0:04:65:cc:d3:b9:0a:b0:e6:1a:e8:e0:
                    1b:d9:e5:d9:3f:b9:93:0a:60:65:7f:50:e9:a6:a6:
                    25:13:09:67:75:f3:b5:1a:b7:cb:00:69:6a:d9:ea:
                    19:3c:55:da:38:30:b4:b5:18:a8:74:26:46:85:7a:
                    c8:31:1c:04:6e:d0:ba:59:41:d3:db:bc:82:12:c9:
                    19:cf:f1:33:a6:be:15:5d:43:c0:f6:4d:ec:e6:54:
                    c8:df:25:3f:5e:3f:fe:12:8d:75:3b:04:0b:74:42:
                    e9:00:bd:46:58:ae:bc:b1:1c:70:c8:0c:bf:de:56:
                    f8:b0:15:c6:b8:19:a1:77:4c:05:af:b7:7b:cb:59:
                    a6:7e:54:02:28:e3:ca:19:a7:ec:d3:5e:88:16:28:
                    82:cf:90:44:51:41:f5:7a:20:d9:e7:96:c8:73:d6:
                    dc:c8:96:f5:3d:68:30:9d:d8:37:59:99:35:a2:8b:
                    a8:5b:34:21:b9:b1:76:31:f2:c1:af:26:83:fe:e1:
                    86:8b:8c:74:e2:8f:d8:20:9a:01:4e:bd:db:5a:71:
                    6a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:75:AD:4F:4C:2D:4E:F3:12:95:81:24:6B:9C:E7:EE:6E:8C:55:7F
            X509v3 Authority Key Identifier:
                keyid:80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/aXWtT0wtTvMSlYEka5zn7m6MVX8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.205.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         74:c2:f9:1d:33:6f:3e:2e:56:43:a7:4e:3b:60:fb:77:3d:b0:
         e6:35:03:86:ab:2e:c5:8f:15:49:4e:6d:52:9e:3d:89:8f:1f:
         3e:00:ef:84:62:52:e9:d4:7d:1e:45:8b:ce:8e:66:4b:9e:95:
         20:5b:3e:94:da:13:d7:21:47:50:a0:d9:cc:1e:0f:bd:89:7a:
         28:64:16:fb:cd:8c:12:a2:57:eb:ac:ba:0c:43:e9:5e:e3:7a:
         b1:a1:38:81:c3:9a:6a:9a:11:99:d0:0d:e6:8b:4b:b3:6c:00:
         41:df:71:35:71:cf:5b:15:f0:90:f9:07:2c:6c:43:52:f5:8e:
         61:52:d7:07:bd:b2:cf:20:14:67:c4:b1:e0:44:43:af:a4:be:
         79:f5:85:33:a5:79:70:d4:8e:70:7e:5c:5e:9c:9c:1d:8b:0f:
         7b:1f:38:bf:67:7e:a4:1a:fc:50:c5:53:b3:33:ee:2b:8a:4c:
         55:de:21:39:c4:57:e3:d8:7c:bb:a5:cb:62:51:c0:3e:5a:a3:
         cc:fb:d7:86:e4:04:29:fd:b3:f6:2b:2e:98:67:81:ed:a3:4e:
         47:f4:f4:dd:a3:7e:8b:ba:f4:78:97:20:c7:82:1a:79:1e:1a:
         64:d9:0b:31:52:ea:c7:4c:9b:19:6a:a2:c4:cb:1e:93:a1:ec:
         ea:34:71:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENVj++zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGViYWYyY2JhODM1OTQzOGU0MzQxMjNkZGE3YTVhMzk2ZjVmNTE5MB4XDTIyMDYw
MjA5MjMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk3NWFkNGY0YzJk
NGVmMzEyOTU4MTI0NmI5Y2U3ZWU2ZThjNTU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrPfxjSj+n+g60AaaWRGEPSiUgYU1F2owPRVVsnhpmklQhk
K/Fnkll9Pjw6vXYmoARlzNO5CrDmGujgG9nl2T+5kwpgZX9Q6aamJRMJZ3XztRq3
ywBpatnqGTxV2jgwtLUYqHQmRoV6yDEcBG7QullB09u8ghLJGc/xM6a+FV1DwPZN
7OZUyN8lP14//hKNdTsEC3RC6QC9RliuvLEccMgMv95W+LAVxrgZoXdMBa+3e8tZ
pn5UAijjyhmn7NNeiBYogs+QRFFB9Xog2eeWyHPW3MiW9T1oMJ3YN1mZNaKLqFs0
IbmxdjHywa8mg/7hhouMdOKP2CCaAU6921pxasECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpda1PTC1O8xKVgSRrnOfuboxVfzAfBgNVHSMEGDAWgBSA668suoNZQ45D
QSPdp6WjlvX1GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dPdXZMTHFEV1VPT1EwRWozYWVsbzViMTlSay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMzFmOGEwLTdlOTUtNGZlMi04ODA5LWY3OGJkYjZmNjBjMi8x
L2FYV3RUMHd0VHZNU2xZRWthNXpuN202TVZYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MzFmOGEwLTdlOTUtNGZlMi04ODA5LWY3OGJkYjZmNjBjMi8xL2dPdXZMTHFEV1VP
T1EwRWozYWVsbzViMTlSay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyXNADANBgkqhkiG9w0BAQsFAAOC
AQEAdML5HTNvPi5WQ6dOO2D7dz2w5jUDhqsuxY8VSU5tUp49iY8fPgDvhGJS6dR9
HkWLzo5mS56VIFs+lNoT1yFHUKDZzB4PvYl6KGQW+82MEqJX66y6DEPpXuN6saE4
gcOaapoRmdAN5otLs2wAQd9xNXHPWxXwkPkHLGxDUvWOYVLXB72yzyAUZ8Sx4ERD
r6S+efWFM6V5cNSOcH5cXpycHYsPex84v2d+pBr8UMVTszPuK4pMVd4hOcRX49h8
u6XLYlHAPlqjzPvXhuQEKf2z9isumGeB7aNOR/T03aN+i7r0eJcgx4IaeR4aZNkL
MVLqx0ybGWqixMsek6Hs6jRx4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:39 2024 by rpki-client on console-fra.rpki-client.org