Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa
File:                     7NN3qvWk-dX6c23sJbRHkVBVjLg.roa (raw, json)
Hash identifier:          e9PYPWJoLX0942OYW6+6PFlXeBxaP3SawqeZD8+VXxI=
Subject key identifier:   EC:D3:77:AA:F5:A4:F9:D5:FA:73:6D:EC:25:B4:47:91:50:55:8C:B8
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       15486BA9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa
Signing time:             Sat 04 Jun 2022 10:42:20 +0000
ROA not before:           Sat 04 Jun 2022 10:42:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35346
IP address blocks:        91.242.108.0/22 maxlen: 22
                          193.37.200.0/22 maxlen: 22
                          91.242.112.0/20 maxlen: 24
                          91.242.112.0/21 maxlen: 24
                          194.114.144.0/24 maxlen: 25
                          194.114.144.128/27 maxlen: 27
                          45.67.116.0/24 maxlen: 24
                          91.242.64.0/18 maxlen: 24
                          2a07:5540::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 357067689 (0x15486ba9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jun  4 10:42:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecd377aaf5a4f9d5fa736dec25b4479150558cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ff:56:75:1a:3f:8e:b1:fc:8f:83:a0:7e:66:
                    b9:cb:55:95:6f:f7:4b:34:62:fc:b9:e1:cb:3b:03:
                    a5:2c:ae:d3:5c:b1:78:11:d3:3c:d0:2c:02:9f:2f:
                    0f:59:a5:59:41:49:69:68:e8:56:e8:26:11:9f:c3:
                    18:40:45:fc:b7:f7:cd:7c:72:fd:52:46:75:10:c7:
                    19:d6:71:83:8c:8e:2c:40:57:19:34:45:17:74:32:
                    d5:77:4b:8a:f3:78:fb:bb:df:a5:5c:9d:db:01:76:
                    59:87:13:36:82:f6:dd:aa:52:a2:eb:cc:a2:c5:b9:
                    74:e2:ac:b5:03:53:74:f6:87:0e:ec:b2:6d:d8:b7:
                    65:84:97:81:d0:4f:b3:05:d6:a5:70:1a:4f:99:f1:
                    f7:e0:58:81:7a:a0:e5:d3:eb:63:bb:55:fa:a1:9c:
                    46:3a:fb:1c:9b:ea:82:83:6f:75:e8:bf:03:07:d7:
                    72:7b:c1:9d:17:7a:a2:67:e3:62:c3:0f:59:d4:cb:
                    7b:dd:f3:48:5d:e2:3e:76:32:91:b1:9b:09:f3:2f:
                    92:c1:94:37:31:a0:0c:d4:93:7e:24:f2:5a:90:59:
                    ac:89:71:f1:cb:1c:93:fa:7f:8e:38:03:48:b7:0e:
                    9f:de:0b:91:36:da:7e:9e:4a:84:2d:b0:6f:95:f0:
                    9b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D3:77:AA:F5:A4:F9:D5:FA:73:6D:EC:25:B4:47:91:50:55:8C:B8
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7NN3qvWk-dX6c23sJbRHkVBVjLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.116.0/24
                  91.242.64.0/18
                  193.37.200.0/22
                  194.114.144.0/24
                IPv6:
                  2a07:5540::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:f5:41:ee:af:c9:e3:fd:43:81:2b:96:31:2a:16:e2:76:d6:
         0b:dd:df:b7:52:6d:2d:ca:4f:6d:20:03:b0:f3:5b:2a:2a:be:
         b9:f3:e0:52:19:cd:d3:09:4c:89:79:1b:c4:80:51:28:96:a6:
         a3:f5:be:fb:9e:ae:44:eb:bb:9c:2e:79:6e:99:59:6c:27:1d:
         57:50:72:ff:10:43:d3:d6:c9:e7:1d:67:dd:fd:e3:f1:ed:1b:
         ec:f8:84:e0:fa:91:6e:97:95:83:d0:61:17:de:df:89:fc:38:
         ed:57:cd:64:df:b7:8e:d2:e2:b4:79:a4:24:4f:76:89:bd:37:
         36:7e:5e:8a:69:75:3d:0e:a4:8f:9c:31:4c:25:4c:10:d5:d0:
         8e:8e:86:60:8c:8e:a0:37:38:d5:dc:6e:ad:62:6a:18:52:e1:
         01:2b:02:6e:e0:8d:82:9e:64:6d:0c:2a:c4:9a:68:55:7e:ca:
         8f:6b:78:ea:8e:a7:a6:4c:a9:2a:39:f2:fa:de:74:62:1e:18:
         94:3a:18:08:82:4c:00:e3:51:36:f0:82:c6:49:80:d4:11:9a:
         90:af:45:1c:a2:7e:81:46:37:f8:30:ef:33:4a:94:62:6d:a4:
         1f:32:a7:7b:08:32:25:24:a2:cf:b2:74:ce:b2:4c:68:a1:f6:
         9a:d8:cf:93
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEFUhrqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYw
NDEwNDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNkMzc3YWFmNWE0
ZjlkNWZhNzM2ZGVjMjViNDQ3OTE1MDU1OGNiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH/VnUaP46x/I+DoH5muctVlW/3SzRi/LnhyzsDpSyu01yx
eBHTPNAsAp8vD1mlWUFJaWjoVugmEZ/DGEBF/Lf3zXxy/VJGdRDHGdZxg4yOLEBX
GTRFF3Qy1XdLivN4+7vfpVyd2wF2WYcTNoL23apSouvMosW5dOKstQNTdPaHDuyy
bdi3ZYSXgdBPswXWpXAaT5nx9+BYgXqg5dPrY7tV+qGcRjr7HJvqgoNvdei/AwfX
cnvBnRd6omfjYsMPWdTLe93zSF3iPnYykbGbCfMvksGUNzGgDNSTfiTyWpBZrIlx
8csck/p/jjgDSLcOn94LkTbafp5KhC2wb5XwmykCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTs03eq9aT51fpzbewltEeRUFWMuDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
LzdOTjNxdldrLWRYNmMyM3NKYlJIa1ZCVmpMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAC1DdAMEBlvyQAMEAsElyAMEAMJy
kDANBAIAAjAHAwUDKgdVQDANBgkqhkiG9w0BAQsFAAOCAQEABfVB7q/J4/1DgSuW
MSoW4nbWC93ft1JtLcpPbSADsPNbKiq+ufPgUhnN0wlMiXkbxIBRKJamo/W++56u
ROu7nC55bplZbCcdV1By/xBD09bJ5x1n3f3j8e0b7PiE4PqRbpeVg9BhF97fifw4
7VfNZN+3jtLitHmkJE92ib03Nn5eiml1PQ6kj5wxTCVMENXQjo6GYIyOoDc41dxu
rWJqGFLhASsCbuCNgp5kbQwqxJpoVX7Kj2t46o6npkypKjny+t50Yh4YlDoYCIJM
AONRNvCCxkmA1BGakK9FHKJ+gUY3+DDvM0qUYm2kHzKnewgyJSSiz7J0zrJMaKH2
mtjPkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org