Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NVvLRnEmJkCGp3KLl2SpdzBWApE.roa
File:                     NVvLRnEmJkCGp3KLl2SpdzBWApE.roa (raw, json)
Hash identifier:          CKbNcfDqeknHtMtnmf4x+OUrsJFg44apMzaL84A8FoY=
Subject key identifier:   35:5B:CB:46:71:26:26:40:86:A7:72:8B:97:64:A9:77:30:56:02:91
Certificate issuer:       /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial:       C4FC37
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NVvLRnEmJkCGp3KLl2SpdzBWApE.roa
Signing time:             Sat 01 Jan 2022 02:54:04 +0000
ROA not before:           Sat 01 Jan 2022 02:54:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3176
IP address blocks:        78.108.173.0/24 maxlen: 24
                          5.57.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12909623 (0xc4fc37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
        Validity
            Not Before: Jan  1 02:54:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=355bcb467126264086a7728b9764a97730560291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:78:a8:19:f1:e9:5c:55:9c:25:87:fb:19:7c:
                    1c:20:7f:f4:71:8f:d6:f2:92:02:4e:3c:86:6a:10:
                    d6:43:61:65:d1:a8:06:90:6d:29:d2:6e:30:82:6f:
                    85:e3:4b:f5:e5:d6:e4:be:4b:9f:eb:37:23:bb:87:
                    b5:98:42:7e:74:48:1f:50:7c:e5:c4:21:a9:3f:92:
                    85:db:84:2d:7e:a2:b0:ba:cc:80:1b:06:84:30:3e:
                    e0:78:2f:95:b9:a8:77:1d:dd:4a:9d:ee:0e:b4:42:
                    ce:b1:a2:b3:7c:0b:ae:38:d9:7d:29:3e:b0:a6:0f:
                    1b:a1:05:ad:48:bf:4e:1f:72:3a:45:7d:0d:7a:22:
                    e2:cc:a9:52:aa:eb:be:88:ef:6a:f0:71:7d:ae:3d:
                    27:55:c7:3b:3b:af:07:27:66:74:ae:e4:fa:43:f4:
                    75:18:01:c3:f2:df:d3:8e:39:ce:e4:9d:af:0e:14:
                    75:ba:ad:1c:3f:5d:fe:3e:30:af:33:c7:92:fc:66:
                    04:88:3d:86:c4:7a:e2:5d:53:48:17:3e:64:d0:e5:
                    ce:7e:b8:83:e0:db:84:16:24:55:d0:cf:cb:53:d5:
                    14:06:14:2d:ba:6c:e3:90:c3:fb:ad:7b:2b:bd:31:
                    6b:0b:50:b4:40:93:4f:9f:37:9a:53:f6:59:6a:ec:
                    f3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:5B:CB:46:71:26:26:40:86:A7:72:8B:97:64:A9:77:30:56:02:91
            X509v3 Authority Key Identifier:
                keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NVvLRnEmJkCGp3KLl2SpdzBWApE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.1.0/24
                  78.108.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:c0:b3:b6:5f:9f:66:68:8d:e7:c6:42:ec:29:a4:5e:fa:be:
         04:66:f2:a6:1c:51:74:74:43:48:c0:df:28:24:2d:56:bc:23:
         cd:17:66:ef:6d:3e:53:de:6f:f8:d6:16:d9:dc:62:6c:4e:aa:
         36:25:d9:85:69:8d:94:1f:db:8e:c7:d4:81:de:6d:83:46:54:
         cd:e4:2b:46:9d:4f:55:6c:76:bc:c1:ff:a5:34:d4:2b:b1:2d:
         2f:c3:1c:03:6b:bb:6e:02:5a:9d:1f:d8:fc:b5:d8:a8:bb:03:
         46:eb:44:a8:ec:8d:05:29:90:52:00:47:7c:c4:da:c2:d4:ca:
         df:c3:17:72:db:b0:b0:ab:95:dd:63:cf:3d:34:8d:ae:1d:0b:
         d9:45:89:b8:c5:e7:f5:0d:65:05:51:ad:81:69:6b:59:18:fb:
         85:a7:43:a6:82:9a:b1:b9:b4:d9:c2:5a:ef:08:ad:6d:bd:cf:
         76:09:bf:90:a6:cc:95:83:a3:d4:89:d1:b9:d5:99:e8:0b:b6:
         58:88:f3:0b:37:ab:e4:88:3e:37:7d:1b:ba:2f:14:ac:fa:a1:
         f2:5e:4c:d2:fa:9d:98:47:49:52:bd:9d:8f:3e:95:d1:01:6b:
         43:1d:7d:8a:4d:71:2c:1f:1e:38:2c:5a:0d:4d:08:df:30:31:
         56:2d:ca:c5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAMT8NzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWNkNjRjOTc4MzdkN2JmYWMwNjYzN2RkOTUyYmRlZGUwYzI1ZDg1MB4XDTIyMDEw
MTAyNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU1YmNiNDY3MTI2
MjY0MDg2YTc3MjhiOTc2NGE5NzczMDU2MDI5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALB4qBnx6VxVnCWH+xl8HCB/9HGP1vKSAk48hmoQ1kNhZdGo
BpBtKdJuMIJvheNL9eXW5L5Ln+s3I7uHtZhCfnRIH1B85cQhqT+ShduELX6isLrM
gBsGhDA+4Hgvlbmodx3dSp3uDrRCzrGis3wLrjjZfSk+sKYPG6EFrUi/Th9yOkV9
DXoi4sypUqrrvojvavBxfa49J1XHOzuvBydmdK7k+kP0dRgBw/Lf0445zuSdrw4U
dbqtHD9d/j4wrzPHkvxmBIg9hsR64l1TSBc+ZNDlzn64g+DbhBYkVdDPy1PVFAYU
Lbps45DD+617K70xawtQtECTT583mlP2WWrs86sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ1W8tGcSYmQIancouXZKl3MFYCkTAfBgNVHSMEGDAWgBSuzWTJeDfXv6wG
Y33ZUr3t4MJdhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JzMWt5WGczMTctc0JtTjkyVks5N2VEQ1hZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8x
L05WdkxSbkVtSmtDR3AzS0xsMlNwZHpCV0FwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8xL3JzMWt5WGczMTct
c0JtTjkyVks5N2VEQ1hZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAU5AQMEAE5srTANBgkqhkiG9w0B
AQsFAAOCAQEAa8Cztl+fZmiN58ZC7CmkXvq+BGbyphxRdHRDSMDfKCQtVrwjzRdm
720+U95v+NYW2dxibE6qNiXZhWmNlB/bjsfUgd5tg0ZUzeQrRp1PVWx2vMH/pTTU
K7EtL8McA2u7bgJanR/Y/LXYqLsDRutEqOyNBSmQUgBHfMTawtTK38MXctuwsKuV
3WPPPTSNrh0L2UWJuMXn9Q1lBVGtgWlrWRj7hadDpoKasbm02cJa7witbb3Pdgm/
kKbMlYOj1InRudWZ6Au2WIjzCzer5Ig+N30bui8UrPqh8l5M0vqdmEdJUr2djz6V
0QFrQx19ik1xLB8eOCxaDU0I3zAxVi3KxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org