Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa
File:                     4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa (raw, json)
Hash identifier:          t+gCISyQ9XRBLySR8fiYRXdmtgNa1NB5duiES1IqZ5Q=
Subject key identifier:   E0:BB:7E:4D:3E:E8:B8:4D:91:31:A8:00:77:B9:90:8E:AF:23:64:AA
Certificate issuer:       /CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Certificate serial:       052F1BAC
Authority key identifier: 5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa
Signing time:             Sat 01 Jan 2022 03:55:51 +0000
ROA not before:           Sat 01 Jan 2022 03:55:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50474
IP address blocks:        185.154.136.0/22 maxlen: 22
                          109.234.164.0/22 maxlen: 22
                          109.234.161.0/24 maxlen: 24
                          109.234.162.0/24 maxlen: 24
                          109.234.163.0/24 maxlen: 24
                          109.234.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86973356 (0x52f1bac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
        Validity
            Not Before: Jan  1 03:55:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0bb7e4d3ee8b84d9131a80077b9908eaf2364aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:0d:b7:58:9c:95:63:7f:f6:ba:32:06:f8:11:
                    55:f8:c6:98:4e:83:3c:41:80:22:4f:d4:85:8c:f5:
                    d4:ab:42:e7:04:33:4c:8d:83:d3:12:c8:46:3b:45:
                    c6:c8:42:01:18:a6:46:17:be:d6:dc:8b:38:2d:df:
                    60:70:d4:af:12:fa:b8:f9:a7:bc:0e:bc:ee:e9:21:
                    1a:a5:e3:2d:dd:0e:a3:0c:a6:2c:1d:17:b8:05:bf:
                    15:13:aa:bd:3e:11:a0:f0:d6:0c:4c:67:82:ed:f2:
                    6e:9e:2f:c1:7e:1f:87:c8:5a:55:a9:17:61:e4:82:
                    84:d4:6f:90:7b:95:36:d5:56:19:be:c9:0b:dc:95:
                    95:ef:a1:e4:fb:b5:32:4a:75:5b:40:60:cf:e8:8a:
                    93:1d:3c:71:68:a4:d4:9e:7c:85:13:9f:c8:80:b2:
                    e6:a1:7c:34:e1:cc:8d:9d:18:fb:9a:9c:c1:8c:5c:
                    7b:52:b4:25:a3:b1:b7:d0:c9:b1:f9:9f:b2:5d:a7:
                    4a:f9:65:63:fe:96:99:d5:0b:31:0c:3a:40:17:f6:
                    73:90:88:33:1f:3f:1e:0f:be:12:86:6e:62:2d:08:
                    8c:75:17:b9:a6:fe:33:f9:03:27:a2:fa:ad:3a:78:
                    df:5e:3e:30:37:a3:d1:e0:08:c2:89:80:48:af:40:
                    f6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BB:7E:4D:3E:E8:B8:4D:91:31:A8:00:77:B9:90:8E:AF:23:64:AA
            X509v3 Authority Key Identifier:
                keyid:5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.234.160.0/21
                  185.154.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:bc:0c:d5:3d:58:6a:e4:04:c6:5d:40:71:b7:85:12:0e:28:
         1f:4e:38:f6:7c:9e:bd:b2:23:cb:6f:40:96:87:e5:38:7f:b8:
         b5:8a:34:b6:12:66:e8:20:5e:57:f7:8c:6e:9e:28:9a:80:65:
         4e:1a:a8:d8:2e:dc:30:9b:f6:da:5e:b6:f0:e7:d6:fe:5b:52:
         39:b4:24:23:78:26:22:73:81:e2:d9:b9:2a:5e:07:fe:d7:0d:
         77:09:d5:28:a9:18:36:ba:c5:95:fb:8b:0e:10:ec:b8:fd:f8:
         49:9d:fa:f8:19:9f:25:5f:6a:69:27:7c:7e:cb:31:0d:cd:db:
         f4:e1:41:52:4e:96:7f:92:a2:b4:84:d9:53:b3:cb:09:f1:54:
         f5:11:e7:88:8b:08:49:3f:d6:47:b3:3b:30:81:08:32:ad:ae:
         b9:ae:c3:b9:35:af:c1:63:d2:9f:2d:1a:a9:ca:f3:27:2d:aa:
         36:bc:d9:a7:25:a8:42:db:2c:4e:d9:5f:c2:e0:d7:55:ad:41:
         ef:67:37:e8:d7:fd:de:ba:4c:ea:d4:39:5c:df:99:46:79:97:
         a4:d5:44:5e:9d:65:63:52:75:88:54:8c:7c:95:fd:37:4d:34:
         ed:6f:d3:1c:3e:1c:0a:67:3b:a1:1f:a0:49:fe:20:62:1b:ab:
         93:3f:bf:81
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBS8brDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2FlN2FhMTU5NGQ4OTkyOWIxMTFhMzcxZjBmZjI2ZjIwMmY1OGUyMB4XDTIyMDEw
MTAzNTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiYjdlNGQzZWU4
Yjg0ZDkxMzFhODAwNzdiOTkwOGVhZjIzNjRhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYNt1iclWN/9royBvgRVfjGmE6DPEGAIk/UhYz11KtC5wQz
TI2D0xLIRjtFxshCARimRhe+1tyLOC3fYHDUrxL6uPmnvA687ukhGqXjLd0Oowym
LB0XuAW/FROqvT4RoPDWDExngu3ybp4vwX4fh8haVakXYeSChNRvkHuVNtVWGb7J
C9yVle+h5Pu1Mkp1W0Bgz+iKkx08cWik1J58hROfyICy5qF8NOHMjZ0Y+5qcwYxc
e1K0JaOxt9DJsfmfsl2nSvllY/6WmdULMQw6QBf2c5CIMx8/Hg++EoZuYi0IjHUX
uab+M/kDJ6L6rTp4314+MDej0eAIwomASK9A9v0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTgu35NPui4TZExqAB3uZCOryNkqjAfBgNVHSMEGDAWgBRcrnqhWU2JkpsR
GjcfD/JvIC9Y4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hLNTZvVmxOaVpLYkVSbzNId195YnlBdldPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNWU2YmFlLTk2MmYtNDA1Ny04ZWM1LTI3OWY1OTRiM2EyZi8x
LzRMdC1UVDdvdUUyUk1hZ0FkN21RanE4alpLby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NWU2YmFlLTk2MmYtNDA1Ny04ZWM1LTI3OWY1OTRiM2EyZi8xL1hLNTZvVmxOaVpL
YkVSbzNId195YnlBdldPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA23qoAMEArmaiDANBgkqhkiG9w0B
AQsFAAOCAQEAQrwM1T1YauQExl1AcbeFEg4oH0449nyevbIjy29AloflOH+4tYo0
thJm6CBeV/eMbp4omoBlThqo2C7cMJv22l628OfW/ltSObQkI3gmInOB4tm5Kl4H
/tcNdwnVKKkYNrrFlfuLDhDsuP34SZ36+BmfJV9qaSd8fssxDc3b9OFBUk6Wf5Ki
tITZU7PLCfFU9RHniIsIST/WR7M7MIEIMq2uua7DuTWvwWPSny0aqcrzJy2qNrzZ
pyWoQtssTtlfwuDXVa1B72c36Nf93rpM6tQ5XN+ZRnmXpNVEXp1lY1J1iFSMfJX9
N0007W/THD4cCmc7oR+gSf4gYhurkz+/gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:38 2024 by rpki-client on console-fra.rpki-client.org