Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xowt5R3j46M5gbrsT6BgCN5vQiA.roa
File:                     Xowt5R3j46M5gbrsT6BgCN5vQiA.roa (raw, json)
Hash identifier:          7UQ/iNx+VSjeRLS/07ra0ej99p3PEr/IVs/8y6ri6Fg=
Subject key identifier:   5E:8C:2D:E5:1D:E3:E3:A3:39:81:BA:EC:4F:A0:60:08:DE:6F:42:20
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       01843237D3FC0A8D0B5AB3E9F7330202DCFA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xowt5R3j46M5gbrsT6BgCN5vQiA.roa
Signing time:             Tue 01 Nov 2022 08:03:50 +0000
ROA not before:           Tue 01 Nov 2022 08:03:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207177
IP address blocks:        91.242.81.0/24 maxlen: 24
                          185.212.11.0/24 maxlen: 24
                          171.22.52.0/22 maxlen: 22
                          45.67.117.0/24 maxlen: 24
                          45.86.17.0/24 maxlen: 24
                          45.86.16.0/24 maxlen: 24
                          45.86.16.0/22 maxlen: 22
                          45.86.18.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:32:37:d3:fc:0a:8d:0b:5a:b3:e9:f7:33:02:02:dc:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Nov  1 08:03:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e8c2de51de3e3a33981baec4fa06008de6f4220
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2f:a0:c2:ff:95:7c:83:3a:e1:89:91:90:57:
                    47:77:a6:07:f5:f3:63:df:92:eb:e6:6f:e0:9b:49:
                    e7:b9:fd:cd:1f:b0:f0:e8:9c:2a:60:55:c3:1b:6c:
                    8b:40:d4:9a:ee:fd:47:97:85:e5:d4:14:fc:9b:8c:
                    d0:07:77:61:0b:7b:37:d2:5e:14:bd:03:07:31:83:
                    4e:9d:f5:be:ec:39:b9:32:52:9a:1b:20:a6:ea:0e:
                    e5:45:eb:26:2e:0e:14:c2:af:8c:bd:72:ff:07:5d:
                    de:a4:0b:58:8f:c6:4f:f9:3f:76:c1:5e:59:b1:40:
                    8f:29:99:f8:0a:a2:94:0a:2d:27:61:68:02:e4:51:
                    f9:9b:76:87:90:2b:6f:56:cf:02:03:a1:81:15:05:
                    22:76:58:47:77:4a:76:63:7b:7b:88:d4:dd:d1:af:
                    c7:9a:6a:91:96:74:80:af:69:6e:d7:4e:e6:8c:65:
                    35:c5:9f:b6:66:00:94:1b:a0:fd:e3:fd:5e:db:eb:
                    1b:39:c3:91:2f:5c:39:3e:64:60:7f:bc:a8:07:a4:
                    fe:60:15:78:4c:ee:a7:da:38:f4:db:d7:e7:eb:84:
                    a4:2d:08:19:41:f5:b4:d0:4d:2d:cf:86:94:c4:2d:
                    c9:be:f5:c0:c1:fc:0d:95:5e:a1:76:8f:2a:df:5b:
                    bb:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:8C:2D:E5:1D:E3:E3:A3:39:81:BA:EC:4F:A0:60:08:DE:6F:42:20
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xowt5R3j46M5gbrsT6BgCN5vQiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.117.0/24
                  45.86.16.0/22
                  91.242.81.0/24
                  171.22.52.0/22
                  185.212.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:ea:bb:15:ea:c8:4c:ca:5a:1b:f5:0a:7b:c9:cb:77:6c:39:
         ef:aa:64:2b:e1:79:fd:ab:e7:47:c7:9c:9d:56:b9:e0:e6:cd:
         54:48:8e:05:54:89:29:ad:0f:eb:ef:5d:c5:e0:31:48:43:32:
         b5:18:b8:85:e6:2d:02:72:9f:2a:b2:b1:46:de:3f:be:89:bf:
         ec:2b:1c:3d:09:33:e6:e9:62:52:4a:41:65:33:db:2d:b8:36:
         31:6b:42:3d:c1:4c:06:c7:93:48:e6:57:65:42:cf:db:95:4c:
         0d:20:6c:28:65:95:2d:fd:d3:22:8b:f8:92:07:a7:8d:7b:09:
         68:a9:9d:3d:5e:f9:85:7b:35:44:5b:68:f8:b0:14:d4:62:f0:
         91:12:a2:db:05:68:80:de:37:79:4c:27:9c:5f:57:1a:28:46:
         57:5f:4f:6a:2c:64:7c:c4:02:19:ff:90:eb:51:25:6b:22:8f:
         ed:4f:17:3d:be:cf:86:c8:e8:45:43:06:cf:85:6c:ea:7a:f8:
         b2:8b:89:5a:1b:71:50:06:b9:a6:33:6f:5b:8f:41:a5:28:48:
         3b:7b:bf:1b:53:44:58:a8:db:99:b4:d2:68:6f:bb:b2:ef:f5:
         f0:3c:97:75:f3:4e:ab:40:9c:f2:ee:6b:04:6b:31:df:b7:ec:
         16:19:f9:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQyN9P8Co0LWrPp9zMCAtz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMTAxMDgwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThjMmRlNTFkZTNlM2EzMzk4MWJhZWM0ZmEwNjAwOGRlNmY0MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS+gwv+VfIM64YmRkFdHd6YH9fNj
35Lr5m/gm0nnuf3NH7Dw6JwqYFXDG2yLQNSa7v1Hl4Xl1BT8m4zQB3dhC3s30l4U
vQMHMYNOnfW+7Dm5MlKaGyCm6g7lResmLg4Uwq+MvXL/B13epAtYj8ZP+T92wV5Z
sUCPKZn4CqKUCi0nYWgC5FH5m3aHkCtvVs8CA6GBFQUidlhHd0p2Y3t7iNTd0a/H
mmqRlnSAr2lu107mjGU1xZ+2ZgCUG6D94/1e2+sbOcORL1w5PmRgf7yoB6T+YBV4
TO6n2jj029fn64SkLQgZQfW00E0tz4aUxC3JvvXAwfwNlV6hdo8q31u75wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF6MLeUd4+OjOYG67E+gYAjeb0IgMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWG93dDVSM2o0Nk01Z2Jyc1Q2QmdDTjV2UWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALUN1AwQC
LVYQAwQAW/JRAwQCqxY0AwQAudQLMA0GCSqGSIb3DQEBCwUAA4IBAQBt6rsV6shM
ylob9Qp7yct3bDnvqmQr4Xn9q+dHx5ydVrng5s1USI4FVIkprQ/r713F4DFIQzK1
GLiF5i0Ccp8qsrFG3j++ib/sKxw9CTPm6WJSSkFlM9stuDYxa0I9wUwGx5NI5ldl
Qs/blUwNIGwoZZUt/dMii/iSB6eNewloqZ09XvmFezVEW2j4sBTUYvCREqLbBWiA
3jd5TCecX1caKEZXX09qLGR8xAIZ/5DrUSVrIo/tTxc9vs+GyOhFQwbPhWzqeviy
i4laG3FQBrmmM29bj0GlKEg7e78bU0RYqNuZtNJob7uy7/XwPJd1806rQJzy7msE
azHft+wWGflu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org