Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/NoLiAn4xgGAowliVuyi55YMFkUE.roa
File:                     NoLiAn4xgGAowliVuyi55YMFkUE.roa (raw, json)
Hash identifier:          pprA+sXfc5M7neQJVMTsVSNAwcN/rhqGSuOAa3dmfIc=
Subject key identifier:   36:82:E2:02:7E:31:80:60:28:C2:58:95:BB:28:B9:E5:83:05:91:41
Certificate issuer:       /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial:       17576D3F
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/NoLiAn4xgGAowliVuyi55YMFkUE.roa
Signing time:             Mon 04 Jul 2022 15:01:25 +0000
ROA not before:           Mon 04 Jul 2022 15:01:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        193.105.232.0/24 maxlen: 24
                          37.49.232.0/23 maxlen: 24
                          37.49.236.0/22 maxlen: 24
                          185.1.144.0/24 maxlen: 24
                          77.95.71.0/24 maxlen: 24
                          2001:7f8:54::/48 maxlen: 64
                          2001:7f8:47:47::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 391605567 (0x17576d3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
        Validity
            Not Before: Jul  4 15:01:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3682e2027e31806028c25895bb28b9e583059141
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:9c:07:45:b6:b8:61:8c:46:1e:54:52:f9:07:
                    e9:f1:0a:c8:d9:e9:82:59:60:65:47:fd:8d:7d:26:
                    d7:ce:d2:8d:ad:89:58:fe:23:85:e1:86:5b:82:fc:
                    72:6a:08:86:c8:8e:d3:79:92:73:37:53:cd:4b:2c:
                    f4:ad:8a:43:9d:69:34:d5:fa:22:0b:dd:a9:9f:d2:
                    ed:dd:16:cc:5f:d8:de:78:dd:a1:a0:72:83:e7:dc:
                    58:28:9f:99:12:cb:4e:dd:f6:1a:b9:e8:b5:ae:69:
                    2f:ce:c7:4b:a9:8f:f2:18:3d:8c:de:cc:18:ec:f0:
                    5a:4c:69:eb:51:e2:3d:b7:31:4e:5f:14:72:b7:f4:
                    e1:a8:01:e5:68:d4:4e:0c:85:dd:61:46:95:14:21:
                    5a:c5:64:e1:38:49:e0:3c:d1:de:24:42:f7:18:db:
                    2f:f4:dd:26:cf:52:01:1b:45:77:b9:bb:84:08:5a:
                    37:be:dd:b9:60:23:2c:3f:8a:e5:99:6f:11:45:aa:
                    c9:c3:72:48:1c:53:0e:66:91:fd:47:62:32:78:ee:
                    f6:fb:31:47:5c:e5:60:53:bb:34:29:07:1c:97:31:
                    f4:b2:14:a5:90:94:79:e2:cc:c1:6f:c0:dd:0c:de:
                    f0:7c:1f:91:38:e6:04:33:c4:0d:65:49:f6:5e:f3:
                    35:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:82:E2:02:7E:31:80:60:28:C2:58:95:BB:28:B9:E5:83:05:91:41
            X509v3 Authority Key Identifier:
                keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/NoLiAn4xgGAowliVuyi55YMFkUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.49.232.0/23
                  37.49.236.0/22
                  77.95.71.0/24
                  185.1.144.0/24
                  193.105.232.0/24
                IPv6:
                  2001:7f8:47:47::/64
                  2001:7f8:54::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:b3:f2:95:54:9e:e3:cf:b6:95:07:1b:29:bf:68:c2:d5:93:
         ed:ce:be:a6:f7:4a:79:e1:36:cd:a8:3e:c1:9c:4e:db:03:c4:
         96:e4:da:c2:ea:a4:d3:ac:93:0b:e7:af:fd:49:a0:d8:6a:86:
         95:ee:50:d2:83:9c:26:26:12:d5:1e:de:2b:c7:79:84:af:ac:
         64:6e:40:9e:35:2c:94:8f:36:b9:14:30:f1:f7:99:95:39:c8:
         dd:58:bd:ad:32:2c:0f:25:44:11:55:25:43:a1:e3:5a:49:57:
         56:fa:9b:11:58:8d:27:7b:0a:25:a1:44:c9:03:5d:c6:27:4f:
         d7:40:2e:6f:51:7e:40:b8:d7:00:c4:3f:e6:91:65:9b:77:ed:
         60:8e:27:55:a1:a8:7c:4e:ae:5d:5f:18:aa:18:5c:6b:f2:ef:
         52:d3:d6:6b:31:e5:69:a8:8a:67:8a:e4:c4:81:e7:2e:20:f3:
         ee:42:94:29:93:58:19:05:b0:42:de:58:96:6d:66:e3:fd:b9:
         4e:04:9a:30:e5:24:07:5b:38:29:0a:4d:f6:5a:fb:5d:34:db:
         98:2b:2a:11:4c:ce:ef:af:da:b9:e0:7a:dc:83:cb:fe:3c:9b:
         af:55:6f:4b:f6:ba:64:c4:83:59:a5:45:f7:62:af:07:88:cc:
         20:31:48:d7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEF1dtPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTFkNjJiN2ZkOWZjZmM4N2RmZWE5ODc1MTU3NjdjODM4ZTIxYmI5MB4XDTIyMDcw
NDE1MDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY4MmUyMDI3ZTMx
ODA2MDI4YzI1ODk1YmIyOGI5ZTU4MzA1OTE0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIacB0W2uGGMRh5UUvkH6fEKyNnpgllgZUf9jX0m187Sja2J
WP4jheGGW4L8cmoIhsiO03mSczdTzUss9K2KQ51pNNX6IgvdqZ/S7d0WzF/Y3njd
oaByg+fcWCifmRLLTt32Grnota5pL87HS6mP8hg9jN7MGOzwWkxp61HiPbcxTl8U
crf04agB5WjUTgyF3WFGlRQhWsVk4ThJ4DzR3iRC9xjbL/TdJs9SARtFd7m7hAha
N77duWAjLD+K5ZlvEUWqycNySBxTDmaR/UdiMnju9vsxR1zlYFO7NCkHHJcx9LIU
pZCUeeLMwW/A3Qze8HwfkTjmBDPEDWVJ9l7zNekCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQ2guICfjGAYCjCWJW7KLnlgwWRQTAfBgNVHSMEGDAWgBQxHWK3/Z/PyH3+
qYdRV2fIOOIbuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01SMWl0XzJmejhoOV9xbUhVVmRueURqaUc3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNTc2ODhlLWE5NjQtNDkzMy04NjMxLTg1MGYzNDkwNjIyOS8x
L05vTGlBbjR4Z0dBb3dsaVZ1eWk1NVlNRmtVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NTc2ODhlLWE5NjQtNDkzMy04NjMxLTg1MGYzNDkwNjIyOS8xL01SMWl0XzJmejho
OV9xbUhVVmRueURqaUc3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwJAQCAAEwHgMEASUx6AMEAiUx7AMEAE1fRwMEALkB
kAMEAMFp6DAaBAIAAjAUAwkAIAEH+ABHAEcDBwAgAQf4AFQwDQYJKoZIhvcNAQEL
BQADggEBAEuz8pVUnuPPtpUHGym/aMLVk+3Ovqb3SnnhNs2oPsGcTtsDxJbk2sLq
pNOskwvnr/1JoNhqhpXuUNKDnCYmEtUe3ivHeYSvrGRuQJ41LJSPNrkUMPH3mZU5
yN1Yva0yLA8lRBFVJUOh41pJV1b6mxFYjSd7CiWhRMkDXcYnT9dALm9RfkC41wDE
P+aRZZt37WCOJ1WhqHxOrl1fGKoYXGvy71LT1msx5WmoimeK5MSB5y4g8+5ClCmT
WBkFsELeWJZtZuP9uU4EmjDlJAdbOCkKTfZa+10025grKhFMzu+v2rngetyDy/48
m69Vb0v2umTEg1mlRfdirweIzCAxSNc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:35 2024 by rpki-client on console-ams.rpki-client.org