Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/29ufY6dM0xP5J2_ksMeaLp3C-ew.roa
File:                     29ufY6dM0xP5J2_ksMeaLp3C-ew.roa (raw, json)
Hash identifier:          wYlxK4BkdHRpDzQkkeLy+bq2mzWmeWYb62QLBZd1mLM=
Subject key identifier:   DB:DB:9F:63:A7:4C:D3:13:F9:27:6F:E4:B0:C7:9A:2E:9D:C2:F9:EC
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       72F956
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/29ufY6dM0xP5J2_ksMeaLp3C-ew.roa
Signing time:             Sat 01 Jan 2022 03:01:06 +0000
ROA not before:           Sat 01 Jan 2022 03:01:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397228
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7534934 (0x72f956)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dbdb9f63a74cd313f9276fe4b0c79a2e9dc2f9ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a5:20:ee:de:79:cd:89:da:df:24:8e:01:4a:
                    70:3a:ba:1c:ac:6e:f6:31:fd:cc:3d:ed:ef:63:fd:
                    a6:03:f2:23:85:c7:90:57:3c:11:82:0f:c5:12:68:
                    ff:89:e9:fc:01:33:6a:89:92:66:d1:4a:52:03:04:
                    73:04:df:52:1f:e4:6d:cd:c0:4d:25:64:1c:b5:35:
                    11:5f:98:ad:cc:94:c2:3a:29:de:74:f8:65:e3:43:
                    15:86:30:d2:8a:f5:5f:6e:69:ec:7b:b8:46:81:b3:
                    49:ce:83:18:75:db:00:fa:7f:6b:8f:eb:cb:3c:f5:
                    90:fa:45:42:4d:33:ab:0a:38:1a:84:d4:c0:a2:57:
                    93:32:9f:79:7f:be:e1:41:b9:95:1a:50:2b:0f:73:
                    e3:8f:d3:f7:50:93:9d:04:18:09:d1:44:13:31:f4:
                    84:5a:b5:16:f5:69:ee:a1:74:85:83:59:79:db:49:
                    77:c7:d4:5b:d3:b6:c2:dd:e9:09:6a:87:f1:8a:38:
                    cc:c2:53:ff:9d:90:a3:0b:df:8a:dc:bc:1a:0c:cf:
                    d8:64:97:f0:46:27:88:e6:46:0f:d1:1f:91:3a:16:
                    41:a9:d4:b4:52:f1:af:bf:bb:85:aa:24:1a:2d:3a:
                    f3:62:59:8b:a0:91:67:3e:ac:0f:f3:2e:e0:56:77:
                    bb:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:DB:9F:63:A7:4C:D3:13:F9:27:6F:E4:B0:C7:9A:2E:9D:C2:F9:EC
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/29ufY6dM0xP5J2_ksMeaLp3C-ew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:71:b6:fa:f0:fa:76:52:80:3d:b1:36:60:ef:eb:e4:f7:f4:
         4b:12:44:a6:7b:ee:a0:61:f9:a5:59:69:3e:42:6b:b7:e5:74:
         b5:44:f0:e4:5d:60:10:a8:03:67:7e:fc:20:a9:1f:ca:e2:8b:
         64:33:32:c4:23:48:b9:67:c6:08:07:be:1b:eb:de:86:a6:a9:
         f7:5a:0d:56:99:df:0c:48:45:2e:a3:0d:b3:72:1c:af:b5:85:
         9f:50:d8:ee:c8:fd:58:65:77:6c:9d:e2:cf:d3:e9:5a:aa:95:
         5b:cc:a2:0f:4a:07:c1:9b:4b:2a:fb:b2:8e:ec:59:21:31:0f:
         58:34:69:30:1c:5a:99:f0:fa:08:be:93:c7:a2:a2:d2:e1:1e:
         7d:b2:b9:9b:eb:47:2a:dd:f3:74:5d:08:3e:95:d2:4a:dc:26:
         fe:c7:79:16:e5:cb:77:43:63:63:85:fc:09:0c:cf:aa:1f:d4:
         32:cd:c9:7f:f1:60:b3:49:e7:2f:a6:f1:f6:92:29:cd:f4:75:
         90:65:51:d3:2a:b8:a5:74:8e:69:4a:bc:cf:92:17:03:43:68:
         17:34:31:a8:68:1b:87:d5:4b:b4:7e:0e:9f:0d:7e:b6:96:90:
         82:be:df:4b:60:30:c9:99:84:d0:6e:c1:37:15:f0:41:b7:19:
         00:96:94:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDcvlWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYmRiOWY2M2E3NGNk
MzEzZjkyNzZmZTRiMGM3OWEyZTlkYzJmOWVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzqUg7t55zYna3ySOAUpwOrocrG72Mf3MPe3vY/2mA/IjhceQ
VzwRgg/FEmj/ien8ATNqiZJm0UpSAwRzBN9SH+RtzcBNJWQctTURX5itzJTCOine
dPhl40MVhjDSivVfbmnse7hGgbNJzoMYddsA+n9rj+vLPPWQ+kVCTTOrCjgahNTA
oleTMp95f77hQbmVGlArD3Pjj9P3UJOdBBgJ0UQTMfSEWrUW9WnuoXSFg1l520l3
x9Rb07bC3ekJaofxijjMwlP/nZCjC9+K3LwaDM/YZJfwRieI5kYP0R+ROhZBqdS0
UvGvv7uFqiQaLTrzYlmLoJFnPqwP8y7gVne7CQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFNvbn2OnTNMT+Sdv5LDHmi6dwvnsMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
Mjl1Zlk2ZE0weFA1SjJfa3NNZWFMcDNDLWV3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQAgcbb68Pp2UoA9sTZg7+vk9/RLEkSme+6gYfml
WWk+Qmu35XS1RPDkXWAQqANnfvwgqR/K4otkMzLEI0i5Z8YIB74b696Gpqn3Wg1W
md8MSEUuow2zchyvtYWfUNjuyP1YZXdsneLP0+laqpVbzKIPSgfBm0sq+7KO7Fkh
MQ9YNGkwHFqZ8PoIvpPHoqLS4R59srmb60cq3fN0XQg+ldJK3Cb+x3kW5ct3Q2Nj
hfwJDM+qH9Qyzcl/8WCzSecvpvH2kinN9HWQZVHTKrildI5pSrzPkhcDQ2gXNDGo
aBuH1Uu0fg6fDX62lpCCvt9LYDDJmYTQbsE3FfBBtxkAlpSq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org