Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ddwmC_r5lInTUvXVycRSB4zwmOI.roa
File:                     ddwmC_r5lInTUvXVycRSB4zwmOI.roa (raw, json)
Hash identifier:          8CNdLzyyITLTj0qzWrKjUJFz8MtxvO/3Vp7hE69Pny8=
Subject key identifier:   75:DC:26:0B:FA:F9:94:89:D3:52:F5:D5:C9:C4:52:07:8C:F0:98:E2
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       75CE09
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ddwmC_r5lInTUvXVycRSB4zwmOI.roa
Signing time:             Sat 01 Jan 2022 03:01:07 +0000
ROA not before:           Sat 01 Jan 2022 03:01:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397233
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7720457 (0x75ce09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75dc260bfaf99489d352f5d5c9c452078cf098e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b6:69:e5:03:27:e9:eb:60:59:4c:75:35:a8:
                    f5:05:41:e7:a0:fa:9f:57:c4:32:26:86:05:8d:5c:
                    67:92:a5:2a:11:aa:22:2c:22:6b:80:6b:4e:26:bd:
                    db:5a:70:1f:be:ed:f5:5a:68:5b:f9:f4:d5:11:38:
                    aa:67:3d:da:de:cf:04:7e:c1:55:5f:39:ed:96:d3:
                    23:fa:d6:f6:2f:be:63:17:11:de:42:e6:50:d7:b4:
                    6f:c1:72:df:1c:bc:2b:73:a8:dd:55:eb:9a:9b:7c:
                    08:e0:8f:62:7a:c5:ad:02:22:29:fb:3a:70:e2:52:
                    86:5a:e5:e7:c4:f8:51:da:c6:b6:87:92:98:12:de:
                    71:4c:98:6f:cc:3a:f0:e0:a5:70:87:ad:43:48:8a:
                    fe:b7:62:4f:24:56:61:64:f8:b5:a3:07:a1:10:b5:
                    88:cb:47:55:63:56:00:aa:0a:cb:82:d8:b3:35:63:
                    37:53:7f:09:cb:89:1a:61:64:ec:5f:05:e9:86:c0:
                    43:3a:62:af:a3:3f:03:ee:c9:2a:e4:f7:7e:d4:c8:
                    2c:4f:cf:4e:23:d5:19:e5:88:fc:e2:af:55:20:71:
                    ad:1a:6b:00:0e:25:91:d6:a4:53:0b:d4:95:f7:97:
                    3c:04:96:ee:8d:cd:2e:82:0e:66:b8:da:bf:90:c8:
                    30:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:DC:26:0B:FA:F9:94:89:D3:52:F5:D5:C9:C4:52:07:8C:F0:98:E2
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ddwmC_r5lInTUvXVycRSB4zwmOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:b7:ba:e2:08:1b:eb:47:a8:69:e9:6f:51:b3:43:38:bf:5d:
         8d:86:7e:32:d8:51:52:ec:15:44:62:af:b6:5b:cc:cd:dd:30:
         d4:6f:28:09:24:7c:d7:6c:bd:11:6b:c3:4e:cd:82:0a:74:ad:
         9c:48:cb:4d:7c:0f:75:9b:73:e8:66:7b:34:8b:3c:7e:33:30:
         61:c8:77:fb:5a:1f:21:2a:69:b8:29:96:ba:79:ca:f9:26:ca:
         6d:cc:63:90:e3:c0:e6:35:5e:5b:b9:8e:d1:39:00:8e:3c:da:
         68:d5:ab:95:d7:eb:b6:35:be:a7:08:90:51:0a:e9:00:97:55:
         cc:66:3a:d2:4f:ed:c2:5c:60:8e:0a:3b:8d:e2:60:6b:3c:fe:
         b6:cb:50:19:8e:f5:f0:c5:b3:bc:4d:17:84:6a:e9:f9:dc:da:
         27:5a:4a:09:70:6c:99:2a:f5:4b:5e:8a:50:1c:3b:be:e6:29:
         3c:72:fb:6e:fc:88:74:fb:f8:17:40:f7:e9:75:8e:e0:10:96:
         17:c3:28:3d:bd:1c:5a:1b:a0:c3:1e:a9:9f:4b:8a:95:f0:44:
         4a:df:fd:ba:e0:0c:4e:bb:ba:fa:0d:77:f7:1c:51:95:1f:c8:
         8a:ec:4a:df:59:8f:3a:ac:3b:6c:e1:2e:8e:16:63:a9:66:36:
         8f:5f:2c:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDdc4JMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NWRjMjYwYmZhZjk5
NDg5ZDM1MmY1ZDVjOWM0NTIwNzhjZjA5OGUyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn7Zp5QMn6etgWUx1Naj1BUHnoPqfV8QyJoYFjVxnkqUqEaoi
LCJrgGtOJr3bWnAfvu31Wmhb+fTVETiqZz3a3s8EfsFVXzntltMj+tb2L75jFxHe
QuZQ17RvwXLfHLwrc6jdVeuam3wI4I9iesWtAiIp+zpw4lKGWuXnxPhR2sa2h5KY
Et5xTJhvzDrw4KVwh61DSIr+t2JPJFZhZPi1owehELWIy0dVY1YAqgrLgtizNWM3
U38Jy4kaYWTsXwXphsBDOmKvoz8D7skq5Pd+1MgsT89OI9UZ5Yj84q9VIHGtGmsA
DiWR1qRTC9SV95c8BJbujc0ugg5muNq/kMgwWQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFHXcJgv6+ZSJ01L11cnEUgeM8JjiMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
ZGR3bUNfcjVsSW5UVXZYVnljUlNCNHp3bU9JLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQASt7riCBvrR6hp6W9Rs0M4v12Nhn4y2FFS7BVE
Yq+2W8zN3TDUbygJJHzXbL0Ra8NOzYIKdK2cSMtNfA91m3PoZns0izx+MzBhyHf7
Wh8hKmm4KZa6ecr5JsptzGOQ48DmNV5buY7ROQCOPNpo1auV1+u2Nb6nCJBRCukA
l1XMZjrST+3CXGCOCjuN4mBrPP62y1AZjvXwxbO8TReEaun53NonWkoJcGyZKvVL
XopQHDu+5ik8cvtu/Ih0+/gXQPfpdY7gEJYXwyg9vRxaG6DDHqmfS4qV8ERK3/26
4AxOu7r6DXf3HFGVH8iK7ErfWY86rDts4S6OFmOpZjaPXyzk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org