Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/yoLTfRqJH0QE3cBbOEFUKapgmes.roa
File:                     yoLTfRqJH0QE3cBbOEFUKapgmes.roa (raw, json)
Hash identifier:          6jT7aZDFC8uJd5gIOgYT9KaYWLYJtx8J3zQXPeefmdg=
Subject key identifier:   CA:82:D3:7D:1A:89:1F:44:04:DD:C0:5B:38:41:54:29:AA:60:99:EB
Certificate issuer:       /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial:       02157505
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/yoLTfRqJH0QE3cBbOEFUKapgmes.roa
Signing time:             Sat 01 Jan 2022 16:10:46 +0000
ROA not before:           Sat 01 Jan 2022 16:10:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202909
IP address blocks:        81.94.55.0/24 maxlen: 24
                          37.186.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34960645 (0x2157505)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
        Validity
            Not Before: Jan  1 16:10:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ca82d37d1a891f4404ddc05b38415429aa6099eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:28:b6:19:2f:c8:d1:4e:14:94:1f:f2:9c:f3:
                    b3:95:5c:82:45:04:18:34:8a:90:08:89:07:87:17:
                    d7:8f:7b:dd:9c:f9:5b:fb:9d:f8:77:c9:b9:6c:ef:
                    bb:b5:35:c0:9c:d9:e9:f6:b6:9a:20:32:d9:03:59:
                    a0:a9:ea:c8:2f:e6:60:e2:fc:14:30:79:4f:80:13:
                    bc:46:09:aa:51:49:e7:d5:61:bb:be:c9:fa:b3:77:
                    8b:7a:8e:c1:2b:89:7b:ce:b6:2c:92:dc:46:c6:f8:
                    f0:82:e7:f5:b8:9c:ca:ea:bc:e7:c5:65:e7:e2:a8:
                    1b:f6:ae:9e:c0:4e:83:b0:7e:fb:99:32:d7:b2:cd:
                    6d:eb:6f:c0:ec:70:98:dc:c4:13:73:71:fc:36:1f:
                    8a:d8:db:43:2a:c0:24:14:55:12:8c:1a:12:54:c0:
                    f0:88:08:92:1f:2a:83:5c:65:71:ea:db:f0:eb:eb:
                    60:51:93:2f:d0:12:ac:6c:39:71:c7:0c:8f:b5:f6:
                    54:a3:e9:39:6f:66:e9:60:cf:20:9c:e6:57:b8:73:
                    e8:e6:7b:36:93:78:29:30:99:30:8e:87:36:2b:b0:
                    55:a1:73:21:f7:83:41:a9:0e:56:da:73:10:68:35:
                    dc:94:fb:80:19:9a:ab:aa:db:f9:27:5c:d6:4e:e6:
                    db:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:82:D3:7D:1A:89:1F:44:04:DD:C0:5B:38:41:54:29:AA:60:99:EB
            X509v3 Authority Key Identifier:
                keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/yoLTfRqJH0QE3cBbOEFUKapgmes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.186.5.0/24
                  81.94.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:ac:7f:5e:14:a1:25:8a:6e:84:0f:ae:5c:26:8b:f0:7b:c8:
         f5:2a:66:ea:e4:74:85:f4:68:5d:bc:96:fb:6b:7e:7a:57:ba:
         73:df:e3:5d:f1:8f:b6:f9:fc:be:24:57:55:6e:fc:e1:fe:0a:
         38:8f:e2:ee:27:8c:0c:b3:6f:3d:56:ae:b3:c6:17:a3:e1:3f:
         93:88:7a:33:be:02:39:be:c9:5a:d5:d7:c7:f1:6c:cd:c3:53:
         47:70:68:f1:37:a2:b5:44:d4:e3:2a:3e:05:28:18:ff:c7:c9:
         e3:9f:17:c6:22:af:03:13:62:e8:b5:24:82:cb:fb:37:26:84:
         1e:e5:db:e9:d7:78:5f:68:14:96:a8:b6:9c:35:7f:c0:bc:71:
         49:e0:c1:e4:6b:72:69:38:64:89:37:68:ae:70:2c:74:1a:42:
         dd:81:31:90:43:8a:17:8e:ba:23:ad:79:92:dc:fc:fa:87:f7:
         66:04:f8:27:90:0b:40:19:b1:cf:9c:ac:d9:3d:94:17:d4:86:
         b8:69:b6:e3:6d:01:40:e5:2a:fe:16:02:7f:19:d2:ca:1b:91:
         35:81:2f:03:c9:0c:d5:62:14:2f:aa:08:1d:10:f8:65:ec:65:
         0e:25:a0:e8:34:9b:8f:11:ee:45:33:9e:ff:3a:73:9a:5b:21:
         f4:02:bd:74
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAhV1BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWQ2NTIxNjgxMmVkMjRmZDFjNzE5ODcxYTU5YTk3MWRlYzMwYTI2MB4XDTIyMDEw
MTE2MTA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E4MmQzN2QxYTg5
MWY0NDA0ZGRjMDViMzg0MTU0MjlhYTYwOTllYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwothkvyNFOFJQf8pzzs5VcgkUEGDSKkAiJB4cX14973Zz5
W/ud+HfJuWzvu7U1wJzZ6fa2miAy2QNZoKnqyC/mYOL8FDB5T4ATvEYJqlFJ59Vh
u77J+rN3i3qOwSuJe862LJLcRsb48ILn9bicyuq858Vl5+KoG/aunsBOg7B++5ky
17LNbetvwOxwmNzEE3Nx/DYfitjbQyrAJBRVEowaElTA8IgIkh8qg1xlcerb8Ovr
YFGTL9ASrGw5cccMj7X2VKPpOW9m6WDPIJzmV7hz6OZ7NpN4KTCZMI6HNiuwVaFz
IfeDQakOVtpzEGg13JT7gBmaq6rb+Sdc1k7m20sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTKgtN9GokfRATdwFs4QVQpqmCZ6zAfBgNVHSMEGDAWgBQ61lIWgS7ST9HH
GYcaWalx3sMKJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L090WlNGb0V1MGtfUnh4bUhHbG1wY2Q3RENpWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvYjhjYWU0LWI1YWYtNDM4MC05ODE3LTQ2NTM4Y2E1MzgzYy8x
L3lvTFRmUnFKSDBRRTNjQmJPRUZVS2FwZ21lcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
YjhjYWU0LWI1YWYtNDM4MC05ODE3LTQ2NTM4Y2E1MzgzYy8xL090WlNGb0V1MGtf
Unh4bUhHbG1wY2Q3RENpWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACW6BQMEAFFeNzANBgkqhkiG9w0B
AQsFAAOCAQEAkKx/XhShJYpuhA+uXCaL8HvI9Spm6uR0hfRoXbyW+2t+ele6c9/j
XfGPtvn8viRXVW784f4KOI/i7ieMDLNvPVaus8YXo+E/k4h6M74COb7JWtXXx/Fs
zcNTR3Bo8TeitUTU4yo+BSgY/8fJ458XxiKvAxNi6LUkgsv7NyaEHuXb6dd4X2gU
lqi2nDV/wLxxSeDB5GtyaThkiTdornAsdBpC3YExkEOKF466I615ktz8+of3ZgT4
J5ALQBmxz5ys2T2UF9SGuGm2420BQOUq/hYCfxnSyhuRNYEvA8kM1WIUL6oIHRD4
ZexlDiWg6DSbjxHuRTOe/zpzmlsh9AK9dA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org