Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa
File:                     cI41HsCLCjBbR6xm9WRd03d33TM.roa (raw, json)
Hash identifier:          QRPZr83KTEIBXmB/u48gj3Zivw2D2jwv+Nnh67oafx8=
Subject key identifier:   70:8E:35:1E:C0:8B:0A:30:5B:47:AC:66:F5:64:5D:D3:77:77:DD:33
Certificate issuer:       /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial:       32C17B80
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa
Signing time:             Sat 01 Jan 2022 16:07:33 +0000
ROA not before:           Sat 01 Jan 2022 16:07:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397192
IP address blocks:        78.143.245.0/24 maxlen: 24
                          78.143.247.0/24 maxlen: 24
                          5.226.176.0/21 maxlen: 24
                          2a03:a860:a00::/40 maxlen: 48
                          2a03:a860:51::/48 maxlen: 48
                          2a03:a860:61::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 851540864 (0x32c17b80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
        Validity
            Not Before: Jan  1 16:07:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=708e351ec08b0a305b47ac66f5645dd37777dd33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:07:f5:2c:a0:ff:6b:89:78:a7:0f:10:fc:d9:
                    56:e2:92:07:dc:2f:62:66:26:11:d8:b6:fd:21:df:
                    9d:60:9c:23:54:45:80:b1:a6:47:d6:b8:4b:a9:23:
                    e5:3b:8f:46:b6:08:35:93:68:d1:91:15:cc:68:a0:
                    f1:82:57:6d:fd:d0:f6:79:8a:1f:eb:e4:32:57:37:
                    88:a5:c7:68:5f:c7:c9:8e:3c:a3:d1:c5:37:11:09:
                    8c:c4:72:22:67:51:46:fc:86:66:b2:9e:42:64:c8:
                    49:11:b9:6d:c6:77:fe:50:a0:b8:5b:ac:d7:f1:24:
                    8c:a6:00:5e:41:67:0b:51:79:7a:98:37:66:df:e9:
                    b8:57:66:0e:39:dd:91:ac:eb:2d:da:12:14:cb:a0:
                    f5:35:68:fd:8b:01:5c:51:38:12:fa:66:45:96:d4:
                    2d:21:fc:bf:58:b8:aa:60:aa:0a:1c:bd:fe:12:68:
                    89:d4:57:47:ed:16:e3:09:20:9f:4e:e4:ca:5c:4f:
                    21:f7:26:02:e9:9b:85:8a:e4:0f:02:44:23:30:50:
                    3b:ce:45:1c:ed:cd:96:ba:86:03:3f:65:ef:cc:48:
                    d8:a3:cd:00:fa:50:5f:e3:94:a2:62:46:ec:a8:12:
                    7a:35:9f:bc:5c:f0:93:4b:66:82:78:95:63:7e:3d:
                    f1:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:8E:35:1E:C0:8B:0A:30:5B:47:AC:66:F5:64:5D:D3:77:77:DD:33
            X509v3 Authority Key Identifier:
                keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.176.0/21
                  78.143.245.0/24
                  78.143.247.0/24
                IPv6:
                  2a03:a860:51::/48
                  2a03:a860:61::/48
                  2a03:a860:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:fe:6b:f5:7b:06:cf:4f:69:4f:c5:bf:14:0d:1e:4b:de:9c:
         ae:50:8b:87:76:44:fc:22:99:dc:52:8e:b1:2c:2c:43:43:51:
         ad:2f:9c:70:79:70:7b:8f:e5:60:6c:14:9e:7e:2f:3e:18:43:
         87:a1:2c:12:8c:85:db:75:1d:24:4e:88:31:5f:f3:6a:ad:c0:
         2b:76:83:26:38:bb:a7:8b:75:72:cd:ce:de:0d:b8:70:f2:96:
         eb:7b:0b:8d:7a:c7:30:38:8c:78:2c:4f:e4:ab:b7:0a:e2:c8:
         67:b8:be:f7:82:52:48:bf:0a:d5:af:58:5c:45:7e:02:b0:95:
         f0:f3:9f:72:0e:75:56:7b:2b:50:cd:51:41:62:57:70:1e:81:
         43:81:44:86:9c:57:42:ae:c3:77:63:3a:8f:12:49:80:b7:db:
         cc:de:45:f8:af:18:dc:a9:ec:79:6c:93:20:cc:96:6d:c8:36:
         dd:e7:6e:90:39:d6:82:fe:66:33:dd:0f:13:d9:48:5d:d3:f2:
         6c:fd:9b:c5:f2:a1:47:40:6a:86:bf:c9:aa:c6:cc:04:34:00:
         a0:b1:52:1f:aa:a3:84:c6:29:40:d2:92:f6:89:68:6a:1b:e6:
         9e:99:e7:ea:46:dc:95:2c:34:e1:06:e4:22:48:0b:2a:5d:86:
         85:dd:3f:5b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEMsF7gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWI2NmVjNWU4ZjI0MDVmNmY4ZDQ4NmU3M2ZiODJiOGRlMGRlZTBmMB4XDTIyMDEw
MTE2MDczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA4ZTM1MWVjMDhi
MGEzMDViNDdhYzY2ZjU2NDVkZDM3Nzc3ZGQzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwH9Syg/2uJeKcPEPzZVuKSB9wvYmYmEdi2/SHfnWCcI1RF
gLGmR9a4S6kj5TuPRrYINZNo0ZEVzGig8YJXbf3Q9nmKH+vkMlc3iKXHaF/HyY48
o9HFNxEJjMRyImdRRvyGZrKeQmTISRG5bcZ3/lCguFus1/EkjKYAXkFnC1F5epg3
Zt/puFdmDjndkazrLdoSFMug9TVo/YsBXFE4EvpmRZbULSH8v1i4qmCqChy9/hJo
idRXR+0W4wkgn07kylxPIfcmAumbhYrkDwJEIzBQO85FHO3NlrqGAz9l78xI2KPN
APpQX+OUomJG7KgSejWfvFzwk0tmgniVY3498XECAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRwjjUewIsKMFtHrGb1ZF3Td3fdMzAfBgNVHSMEGDAWgBSutm7F6PJAX2+N
SG5z+4K43g3uDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyWnV4ZWp5UUY5dmpVaHVjX3VDdU40TjdnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8x
L2NJNDFIc0NMQ2pCYlI2eG05V1JkMDNkMzNUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8xL3JyWnV4ZWp5UUY5
dmpVaHVjX3VDdU40TjdnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwGAQCAAEwEgMEAwXisAMEAE6P9QMEAE6P9zAgBAIA
AjAaAwcAKgOoYABRAwcAKgOoYABhAwYAKgOoYAowDQYJKoZIhvcNAQELBQADggEB
ADD+a/V7Bs9PaU/FvxQNHkvenK5Qi4d2RPwimdxSjrEsLENDUa0vnHB5cHuP5WBs
FJ5+Lz4YQ4ehLBKMhdt1HSROiDFf82qtwCt2gyY4u6eLdXLNzt4NuHDylut7C416
xzA4jHgsT+SrtwriyGe4vveCUki/CtWvWFxFfgKwlfDzn3IOdVZ7K1DNUUFiV3Ae
gUOBRIacV0Kuw3djOo8SSYC328zeRfivGNyp7HlskyDMlm3INt3nbpA51oL+ZjPd
DxPZSF3T8mz9m8XyoUdAaoa/yarGzAQ0AKCxUh+qo4TGKUDSkvaJaGob5p6Z5+pG
3JUsNOEG5CJICypdhoXdP1s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:58 2023 by rpki-client on console-ams.rpki-client.org