Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/2SJ3n93AfWJdndHkjr6MEaLOV10.roa
File:                     2SJ3n93AfWJdndHkjr6MEaLOV10.roa (raw, json)
Hash identifier:          ZkBPL8WQTW9HTp76jd6lNah6lgECvwZldS0DTBeoj0c=
Subject key identifier:   D9:22:77:9F:DD:C0:7D:62:5D:9D:D1:E4:8E:BE:8C:11:A2:CE:57:5D
Certificate issuer:       /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial:       0437311C
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/2SJ3n93AfWJdndHkjr6MEaLOV10.roa
Signing time:             Sat 01 Jan 2022 06:06:44 +0000
ROA not before:           Sat 01 Jan 2022 06:06:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209545
IP address blocks:        134.101.126.0/24 maxlen: 24
                          134.101.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70725916 (0x437311c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
        Validity
            Not Before: Jan  1 06:06:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d922779fddc07d625d9dd1e48ebe8c11a2ce575d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:28:12:34:9e:c1:e4:67:8a:a7:df:bc:b1:2a:
                    cd:6e:03:50:9f:e6:f8:bb:d1:ac:cd:df:ec:9b:4d:
                    02:d3:9a:ca:83:f2:40:f9:28:22:11:e1:80:bc:9a:
                    da:e2:60:fe:db:12:30:a4:32:30:06:6e:47:a8:aa:
                    78:c9:e1:04:31:9a:91:8f:e1:f7:b2:12:aa:5b:cd:
                    c8:9a:52:09:25:36:6f:ec:90:a9:b9:30:10:c7:6c:
                    83:4b:b0:d5:e6:39:27:91:ca:47:d7:4e:f2:10:5c:
                    81:1c:1f:76:66:e9:66:41:c0:69:c7:fb:5c:ca:6b:
                    10:34:11:f0:db:4b:26:40:45:cf:73:63:94:67:b8:
                    a9:75:64:6d:36:f5:f2:ae:29:5d:13:9d:4c:95:33:
                    13:c1:a5:a0:ce:a9:d7:1c:f6:66:75:d3:f0:aa:e9:
                    c5:8c:d0:6c:f2:f9:1e:24:b8:9d:70:bc:65:e9:86:
                    db:39:0e:77:e9:a3:78:98:e5:7a:39:50:34:0a:bf:
                    d6:8a:45:3a:69:8b:fc:14:8d:0b:d0:8c:1a:e0:9f:
                    4b:da:fd:e0:4f:81:07:6e:ad:4d:3d:8b:4c:f9:be:
                    62:e4:2e:a6:66:b3:2b:9c:78:37:59:50:6e:ea:ae:
                    fe:df:67:63:e6:b7:bc:35:f1:65:a9:b0:cf:d6:89:
                    f8:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:22:77:9F:DD:C0:7D:62:5D:9D:D1:E4:8E:BE:8C:11:A2:CE:57:5D
            X509v3 Authority Key Identifier:
                keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/2SJ3n93AfWJdndHkjr6MEaLOV10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.101.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:62:ad:a3:87:11:1e:2f:be:ce:b8:1d:c1:d3:e7:d1:b1:e9:
         8f:db:e2:52:6b:c5:b3:5c:19:63:1f:d5:e4:ce:d0:bc:53:6f:
         9e:14:af:64:0a:43:3d:67:26:40:f7:54:fd:cd:a5:a3:29:c1:
         f7:86:26:f0:27:64:25:54:ce:d4:77:f6:cc:3d:5d:8d:36:4e:
         6b:de:f4:89:ab:a5:b0:40:d5:96:66:da:9b:24:6b:9c:2a:88:
         12:47:4e:09:86:dc:2d:46:43:3e:a0:20:51:92:8e:f2:1a:2b:
         c3:47:ad:62:90:bc:31:31:e4:1c:6e:ad:6f:c0:ad:49:80:79:
         f6:30:0e:7c:70:48:01:0d:94:2e:34:2d:7e:30:64:0c:f9:b0:
         63:bd:5a:05:b2:25:2e:ce:2a:10:e3:f2:a1:59:b0:85:b5:b2:
         60:cc:fc:1a:5c:05:da:f9:88:51:55:42:8c:56:2d:cf:5d:11:
         b7:31:fe:a6:a1:93:52:5a:a5:3d:db:8c:21:07:a7:99:67:78:
         b6:b5:f5:cb:c1:7c:54:fd:6a:74:b7:af:bb:f0:80:f0:f0:4e:
         ad:2b:be:9c:f8:25:31:8e:5e:cd:c0:e0:56:c7:3c:a5:e7:cf:
         98:b8:1f:2e:7f:82:e5:c0:a6:7e:1f:12:d8:d8:2d:7d:d1:9b:
         63:ac:61:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDcxHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDU0NDJjNGZmZTljMWQ3NjFlN2M1NjkzNjBlYWQwNDI0MzhmOTAzMB4XDTIyMDEw
MTA2MDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkyMjc3OWZkZGMw
N2Q2MjVkOWRkMWU0OGViZThjMTFhMmNlNTc1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4oEjSeweRniqffvLEqzW4DUJ/m+LvRrM3f7JtNAtOayoPy
QPkoIhHhgLya2uJg/tsSMKQyMAZuR6iqeMnhBDGakY/h97ISqlvNyJpSCSU2b+yQ
qbkwEMdsg0uw1eY5J5HKR9dO8hBcgRwfdmbpZkHAacf7XMprEDQR8NtLJkBFz3Nj
lGe4qXVkbTb18q4pXROdTJUzE8GloM6p1xz2ZnXT8KrpxYzQbPL5HiS4nXC8ZemG
2zkOd+mjeJjlejlQNAq/1opFOmmL/BSNC9CMGuCfS9r94E+BB26tTT2LTPm+YuQu
pmazK5x4N1lQbuqu/t9nY+a3vDXxZamwz9aJ+PsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZInef3cB9Yl2d0eSOvowRos5XXTAfBgNVHSMEGDAWgBSwVELE/+nB12Hn
xWk2Dq0EJDj5AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGUkN4UF9wd2RkaDU4VnBOZzZ0QkNRNC1RTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNGI3N2U3LTM0N2MtNDlmYS04MDhiLTZlZDMzMWYzMWUwOS8x
LzJTSjNuOTNBZldKZG5kSGtqcjZNRWFMT1YxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NGI3N2U3LTM0N2MtNDlmYS04MDhiLTZlZDMzMWYzMWUwOS8xL3NGUkN4UF9wd2Rk
aDU4VnBOZzZ0QkNRNC1RTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYZlfjANBgkqhkiG9w0BAQsFAAOC
AQEAN2Kto4cRHi++zrgdwdPn0bHpj9viUmvFs1wZYx/V5M7QvFNvnhSvZApDPWcm
QPdU/c2loynB94Ym8CdkJVTO1Hf2zD1djTZOa970iaulsEDVlmbamyRrnCqIEkdO
CYbcLUZDPqAgUZKO8horw0etYpC8MTHkHG6tb8CtSYB59jAOfHBIAQ2ULjQtfjBk
DPmwY71aBbIlLs4qEOPyoVmwhbWyYMz8GlwF2vmIUVVCjFYtz10RtzH+pqGTUlql
PduMIQenmWd4trX1y8F8VP1qdLevu/CA8PBOrSu+nPglMY5ezcDgVsc8pefPmLgf
Ln+C5cCmfh8S2NgtfdGbY6xhRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:00 2024 by rpki-client on console-fra.rpki-client.org