Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/W9P4GUiRHFCvwGMczc5x8qkLIkw.roa
File:                     W9P4GUiRHFCvwGMczc5x8qkLIkw.roa (raw, json)
Hash identifier:          kP8E/s+WCTVPN2f/roHShs8DAppa5acoD1XP/8qJhJ8=
Subject key identifier:   5B:D3:F8:19:48:91:1C:50:AF:C0:63:1C:CD:CE:71:F2:A9:0B:22:4C
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       77A10F
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/W9P4GUiRHFCvwGMczc5x8qkLIkw.roa
Signing time:             Sat 01 Jan 2022 03:01:09 +0000
ROA not before:           Sat 01 Jan 2022 03:01:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397237
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7840015 (0x77a10f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5bd3f81948911c50afc0631ccdce71f2a90b224c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:42:df:8e:5b:a8:7d:9b:5a:9a:9d:03:51:8b:
                    6b:ad:88:31:6a:40:14:b0:5c:fd:fb:bb:c6:e0:46:
                    90:e9:72:ba:ae:71:de:5b:bf:43:24:37:31:f6:46:
                    bb:fe:22:ea:98:82:5e:4c:fa:97:8e:56:61:24:4e:
                    15:ab:fa:3c:39:ca:3d:4b:4d:58:72:ef:73:cf:62:
                    54:b0:d1:9c:52:2e:67:16:21:b8:32:0d:25:64:d6:
                    bf:d3:b8:90:01:18:b1:3c:c7:a8:e8:b2:ba:3a:03:
                    2a:d8:c2:13:1e:e3:dd:6b:1f:53:21:dd:f3:9c:20:
                    54:83:ec:6b:18:bb:03:a2:3e:3e:b2:62:6d:41:1d:
                    2a:c9:90:0a:f2:51:5a:0f:37:fd:1a:fc:a7:97:9c:
                    dd:80:a3:4d:d2:1c:02:06:5e:2b:e0:4e:d6:91:af:
                    e6:7d:7c:c6:d9:7b:fc:74:b3:28:5d:3c:65:d6:16:
                    63:1a:33:74:6c:91:94:59:29:6b:8e:4a:25:8b:6b:
                    fa:cc:40:fd:c5:8a:82:bc:cd:b0:c4:fb:7e:e1:3b:
                    1e:8f:d5:a4:65:b0:79:58:6a:cf:63:86:9a:08:e7:
                    c5:13:8f:77:fc:b3:91:7d:43:34:d8:bd:8f:1b:60:
                    b9:47:c8:3f:4c:9f:ad:28:49:62:c9:7b:28:75:05:
                    99:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:D3:F8:19:48:91:1C:50:AF:C0:63:1C:CD:CE:71:F2:A9:0B:22:4C
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/W9P4GUiRHFCvwGMczc5x8qkLIkw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:6e:c9:65:b4:cc:0b:15:6b:c8:79:4f:3a:af:d0:29:30:2c:
         e4:04:8b:1f:b1:27:d7:e2:5c:57:57:37:62:59:f9:71:8c:ab:
         f2:1f:71:c3:4d:36:e1:9f:34:42:c7:e0:b4:bb:4e:fa:bc:ea:
         5e:98:40:ad:4a:03:e2:c7:c8:96:64:13:c1:0b:15:8d:f7:7d:
         87:f7:11:27:5c:80:43:c6:0c:ba:4e:5f:4f:ca:fc:10:4a:b2:
         43:50:bf:fe:6a:c8:51:07:77:01:c1:18:44:94:d5:ae:0f:2a:
         54:50:cc:d2:6b:de:67:1c:f3:85:7a:64:26:ff:e3:01:6a:e2:
         dd:b9:2f:62:b4:95:a6:e8:be:b6:0b:54:80:43:e9:1e:be:99:
         f2:e4:35:9f:e6:8a:63:fd:07:55:b4:83:84:f0:86:60:24:59:
         f5:f2:e6:84:da:7b:85:e7:e4:78:55:ac:a8:47:a7:62:69:70:
         bf:e3:a6:9a:ea:b6:30:03:b6:b0:9d:d3:02:98:bd:8f:b5:8b:
         9a:2a:c7:6b:4a:7d:bb:4e:0c:9b:da:f5:73:98:7a:d5:eb:29:
         7e:ba:0b:25:ff:8b:b0:18:89:c8:6f:2b:2e:4a:5e:a2:9d:f6:
         e7:4f:e2:f9:cc:81:3e:3f:e1:ba:a8:a9:6b:24:ee:ef:e5:12:
         a9:04:62:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDd6EPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1YmQzZjgxOTQ4OTEx
YzUwYWZjMDYzMWNjZGNlNzFmMmE5MGIyMjRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo0LfjluofZtamp0DUYtrrYgxakAUsFz9+7vG4EaQ6XK6rnHe
W79DJDcx9ka7/iLqmIJeTPqXjlZhJE4Vq/o8Oco9S01Ycu9zz2JUsNGcUi5nFiG4
Mg0lZNa/07iQARixPMeo6LK6OgMq2MITHuPdax9TId3znCBUg+xrGLsDoj4+smJt
QR0qyZAK8lFaDzf9Gvynl5zdgKNN0hwCBl4r4E7Wka/mfXzG2Xv8dLMoXTxl1hZj
GjN0bJGUWSlrjkoli2v6zED9xYqCvM2wxPt+4Tsej9WkZbB5WGrPY4aaCOfFE493
/LORfUM02L2PG2C5R8g/TJ+tKEliyXsodQWZaQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFFvT+BlIkRxQr8BjHM3OcfKpCyJMMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
VzlQNEdVaVJIRkN2d0dNY3pjNXg4cWtMSWt3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQApbslltMwLFWvIeU86r9ApMCzkBIsfsSfX4lxX
VzdiWflxjKvyH3HDTTbhnzRCx+C0u076vOpemECtSgPix8iWZBPBCxWN932H9xEn
XIBDxgy6Tl9PyvwQSrJDUL/+ashRB3cBwRhElNWuDypUUMzSa95nHPOFemQm/+MB
auLduS9itJWm6L62C1SAQ+kevpny5DWf5opj/QdVtIOE8IZgJFn18uaE2nuF5+R4
VayoR6diaXC/46aa6rYwA7awndMCmL2PtYuaKsdrSn27Tgyb2vVzmHrV6yl+ugsl
/4uwGInIbysuSl6infbnT+L5zIE+P+G6qKlrJO7v5RKpBGIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:37 2024 by rpki-client on console-ams.rpki-client.org