Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/qNw20aZUWPdBGOGiUBDdgttIqNU.roa
File:                     qNw20aZUWPdBGOGiUBDdgttIqNU.roa (raw, json)
Hash identifier:          jQCdDxOdJ8xIbiKypQyks/m2FyEZEDfJ6iRLh18HWYQ=
Subject key identifier:   A8:DC:36:D1:A6:54:58:F7:41:18:E1:A2:50:10:DD:82:DB:48:A8:D5
Certificate issuer:       /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial:       0DF85241
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/qNw20aZUWPdBGOGiUBDdgttIqNU.roa
Signing time:             Tue 04 Jan 2022 18:28:50 +0000
ROA not before:           Tue 04 Jan 2022 18:28:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20766
IP address blocks:        185.57.124.0/22 maxlen: 22
                          80.67.160.0/19 maxlen: 19
                          80.67.182.0/24 maxlen: 24
                          45.94.16.0/22 maxlen: 22
                          2a0f:6780::/29 maxlen: 29
                          2001:910::/32 maxlen: 32
                          2001:913:4000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 234377793 (0xdf85241)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
        Validity
            Not Before: Jan  4 18:28:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8dc36d1a65458f74118e1a25010dd82db48a8d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:30:ed:54:95:92:4e:15:66:61:fe:6e:19:02:
                    85:24:2f:cd:e9:d8:c8:4f:15:c7:79:d7:36:93:68:
                    d0:b6:e2:f8:e6:0a:10:97:89:56:96:eb:fc:5b:a4:
                    dd:4f:43:36:64:df:c5:4b:85:68:b3:2f:46:b9:46:
                    8b:fc:24:ba:e8:c4:83:d5:cf:ec:dd:de:5d:11:2e:
                    fd:8a:68:2c:02:67:39:f0:58:d5:50:7a:ba:a7:a1:
                    50:ed:55:1d:5f:24:a3:f6:5d:bd:fc:62:42:0d:d4:
                    29:60:db:7e:ce:de:ef:9d:00:03:e3:37:36:08:b5:
                    31:60:11:90:f9:32:3e:f6:cf:a2:f1:ec:e7:34:9c:
                    ca:8e:b5:77:d8:70:8c:cc:8e:ab:b4:6f:7a:97:00:
                    46:45:79:90:b9:e9:9b:a9:55:56:8a:01:1e:85:12:
                    5b:f1:65:2c:c4:a8:11:a7:96:a1:1c:16:9d:7d:dc:
                    e5:65:c2:cf:7d:4d:37:1d:05:36:62:81:ca:66:44:
                    eb:c2:71:85:19:de:6d:d0:44:76:72:6d:62:4d:5f:
                    92:d2:c1:ef:59:0a:d7:28:66:08:91:53:b6:dd:d2:
                    73:79:ab:05:0f:63:dd:e1:7e:05:29:92:6a:d2:17:
                    7f:ab:2b:08:c8:fd:94:83:c9:8b:0d:a4:61:d4:4d:
                    e5:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:DC:36:D1:A6:54:58:F7:41:18:E1:A2:50:10:DD:82:DB:48:A8:D5
            X509v3 Authority Key Identifier:
                keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/qNw20aZUWPdBGOGiUBDdgttIqNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.16.0/22
                  80.67.160.0/19
                  185.57.124.0/22
                IPv6:
                  2001:910::/32
                  2001:913:4000::/36
                  2a0f:6780::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:37:20:57:54:be:2d:d7:37:b0:c1:d0:73:2f:5d:91:40:d4:
         23:f6:d9:2b:33:ba:4a:be:50:14:60:96:73:09:68:56:f3:43:
         f7:8b:e4:ba:97:d4:73:a5:24:0c:bd:fc:ac:89:3b:01:b5:96:
         5a:7c:17:97:05:0d:6d:9f:83:81:95:0a:f5:35:51:f3:25:95:
         d3:c1:05:d2:f1:90:c3:2d:12:eb:10:29:cf:8d:43:e9:d8:fa:
         52:8d:02:33:19:50:88:64:eb:bc:9d:89:56:1d:ce:d1:98:fb:
         f4:3f:2a:5f:9f:88:6a:ba:0b:37:1d:a4:5d:5f:0a:75:ef:2e:
         08:2a:2b:bb:9c:fb:23:9b:ef:cf:86:f6:23:e6:17:aa:f8:03:
         8e:36:99:22:6f:9f:e4:c9:0b:55:6b:2d:64:5e:c4:77:22:a5:
         cb:cb:d0:63:f6:02:bd:af:8a:74:30:38:46:ad:d1:21:a2:2f:
         a6:56:1a:a0:fa:ca:c1:93:80:02:95:cc:ed:4d:22:03:1d:c4:
         9d:2f:74:a7:cc:41:ba:8f:cf:cc:64:de:9a:21:8b:92:58:5e:
         fc:16:1d:be:8e:de:12:7f:28:b9:0a:b7:ff:d2:d1:60:1f:c1:
         87:e9:ce:35:df:44:00:4e:3f:a1:65:3a:0e:6b:80:37:3a:cc:
         eb:13:3b:3f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEDfhSQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmVkMmZiYjcyMTNmYmYzMmFkNGMwODdmOGIwYjIyY2VjZWY0ZmVhMB4XDTIyMDEw
NDE4Mjg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThkYzM2ZDFhNjU0
NThmNzQxMThlMWEyNTAxMGRkODJkYjQ4YThkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMow7VSVkk4VZmH+bhkChSQvzenYyE8Vx3nXNpNo0Lbi+OYK
EJeJVpbr/Fuk3U9DNmTfxUuFaLMvRrlGi/wkuujEg9XP7N3eXREu/YpoLAJnOfBY
1VB6uqehUO1VHV8ko/ZdvfxiQg3UKWDbfs7e750AA+M3Ngi1MWARkPkyPvbPovHs
5zScyo61d9hwjMyOq7RvepcARkV5kLnpm6lVVooBHoUSW/FlLMSoEaeWoRwWnX3c
5WXCz31NNx0FNmKBymZE68JxhRnebdBEdnJtYk1fktLB71kK1yhmCJFTtt3Sc3mr
BQ9j3eF+BSmSatIXf6srCMj9lIPJiw2kYdRN5bMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSo3DbRplRY90EY4aJQEN2C20io1TAfBgNVHSMEGDAWgBRy7S+7chP78yrU
wIf4sLIs7O9P6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N1MHZ1M0lULV9NcTFNQ0gtTEN5TE96dlQtby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZTVhODkyLTIzZjUtNDlmYS1iNmE5LWE2NTIzM2IzZTk3NS8x
L3FOdzIwYVpVV1BkQkdPR2lVQkRkZ3R0SXFOVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZTVhODkyLTIzZjUtNDlmYS1iNmE5LWE2NTIzM2IzZTk3NS8xL2N1MHZ1M0lULV9N
cTFNQ0gtTEN5TE96dlQtby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwGAQCAAEwEgMEAi1eEAMEBVBDoAMEArk5fDAcBAIA
AjAWAwUAIAEJEAMGBCABCRNAAwUDKg9ngDANBgkqhkiG9w0BAQsFAAOCAQEAmzcg
V1S+Ldc3sMHQcy9dkUDUI/bZKzO6Sr5QFGCWcwloVvND94vkupfUc6UkDL38rIk7
AbWWWnwXlwUNbZ+DgZUK9TVR8yWV08EF0vGQwy0S6xApz41D6dj6Uo0CMxlQiGTr
vJ2JVh3O0Zj79D8qX5+IaroLNx2kXV8Kde8uCCoru5z7I5vvz4b2I+YXqvgDjjaZ
Im+f5MkLVWstZF7EdyKly8vQY/YCva+KdDA4Rq3RIaIvplYaoPrKwZOAApXM7U0i
Ax3EnS90p8xBuo/PzGTemiGLklhe/BYdvo7eEn8ouQq3/9LRYB/Bh+nONd9EAE4/
oWU6DmuANzrM6xM7Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org