Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s6aTVqJ4MNXfCgsQg__7w9jOk_M.roa
File:                     s6aTVqJ4MNXfCgsQg__7w9jOk_M.roa (raw, json)
Hash identifier:          eGuSLSroV3zgRznWUAur9Mz+S3Fb3UXmpsxTsXqxRCE=
Subject key identifier:   B3:A6:93:56:A2:78:30:D5:DF:0A:0B:10:83:FF:FB:C3:D8:CE:93:F3
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       7A07EC
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s6aTVqJ4MNXfCgsQg__7w9jOk_M.roa
Signing time:             Sat 01 Jan 2022 03:01:10 +0000
ROA not before:           Sat 01 Jan 2022 03:01:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397241
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7997420 (0x7a07ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3a69356a27830d5df0a0b1083fffbc3d8ce93f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c0:90:ac:e5:36:de:69:e8:5a:14:8e:77:56:
                    91:f2:9d:26:c4:a5:6e:1e:52:17:9b:bc:0c:cd:f0:
                    f9:7f:b1:72:02:80:b0:91:c9:82:ab:12:86:8e:3a:
                    ed:50:1f:c9:32:4a:0f:f4:0c:52:65:90:6d:cc:8b:
                    34:75:7c:6c:85:3f:b2:5c:ee:79:a3:32:19:7f:a8:
                    af:4b:3a:f5:3c:05:7c:64:64:81:33:5d:77:5e:f2:
                    c0:c5:7d:e8:fc:42:9d:98:24:78:d7:79:a3:95:92:
                    3d:9e:cf:10:a7:45:3e:36:f6:e0:f2:79:e2:36:de:
                    a5:0a:57:c0:29:3e:ba:28:41:fb:33:9c:73:fe:93:
                    33:3a:e3:4b:f4:50:ba:63:6f:ab:50:45:82:15:86:
                    47:88:df:7f:ca:47:0e:d3:df:e8:f5:ed:65:74:e6:
                    53:05:7e:c6:b3:ea:8d:98:8e:2a:6b:9d:65:8b:b6:
                    cf:bf:9d:ac:bc:10:c4:20:39:c8:6d:92:bd:84:88:
                    f2:b4:70:55:3e:ca:33:93:af:92:ee:96:c9:0e:da:
                    3c:74:ef:8a:4e:93:5b:c2:f7:14:0d:7d:25:a1:23:
                    9c:f8:e4:58:34:8b:30:5b:07:48:78:b2:31:7d:07:
                    da:1f:5f:31:0d:d8:62:1d:98:bb:cf:d3:26:b8:87:
                    53:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A6:93:56:A2:78:30:D5:DF:0A:0B:10:83:FF:FB:C3:D8:CE:93:F3
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s6aTVqJ4MNXfCgsQg__7w9jOk_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:8a:85:fb:ae:68:08:1b:2e:bb:c0:d5:54:d0:09:52:bf:36:
         68:10:14:11:19:95:aa:0b:d9:21:15:68:6e:d6:c6:f2:f4:e5:
         65:07:0b:88:2d:de:4f:f8:29:61:88:25:a2:ae:1b:38:48:2d:
         e2:98:cb:21:49:c2:da:bb:90:2a:9f:2c:d9:8f:21:f9:8c:fd:
         4e:b4:ec:c6:42:ea:c7:42:81:4a:74:cf:ce:f9:ea:d4:90:7a:
         2a:a4:6d:d1:aa:3a:6d:7e:20:07:62:c8:8f:24:e5:f7:d0:e9:
         62:e9:ad:87:71:3d:e4:a1:43:6e:27:9f:d2:c6:d5:97:4b:02:
         b6:63:77:54:13:27:97:8b:e7:b2:ba:37:a6:69:0b:c1:3d:7b:
         f0:53:27:78:95:c3:a0:54:23:c9:0a:42:4a:5e:f8:f0:d8:71:
         17:b0:b0:d2:62:13:4a:94:3a:b0:6b:66:12:39:c6:7e:0a:77:
         96:67:69:ff:76:9a:4f:fa:88:67:da:13:70:30:5c:b4:d5:a1:
         ee:c1:0e:82:20:16:51:49:3d:73:4a:d0:ad:07:61:c7:84:24:
         52:d9:c6:0c:93:e3:6b:97:d0:df:90:5d:e8:97:7a:f5:06:cf:
         71:35:91:be:93:5c:c1:17:d2:7a:df:04:63:ee:be:7e:d2:db:
         c7:33:c6:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDegfsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiM2E2OTM1NmEyNzgz
MGQ1ZGYwYTBiMTA4M2ZmZmJjM2Q4Y2U5M2YzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzcCQrOU23mnoWhSOd1aR8p0mxKVuHlIXm7wMzfD5f7FyAoCw
kcmCqxKGjjrtUB/JMkoP9AxSZZBtzIs0dXxshT+yXO55ozIZf6ivSzr1PAV8ZGSB
M113XvLAxX3o/EKdmCR413mjlZI9ns8Qp0U+Nvbg8nniNt6lClfAKT66KEH7M5xz
/pMzOuNL9FC6Y2+rUEWCFYZHiN9/ykcO09/o9e1ldOZTBX7Gs+qNmI4qa51li7bP
v52svBDEIDnIbZK9hIjytHBVPsozk6+S7pbJDto8dO+KTpNbwvcUDX0loSOc+ORY
NIswWwdIeLIxfQfaH18xDdhiHZi7z9MmuIdT+QIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFLOmk1aieDDV3woLEIP/+8PYzpPzMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
czZhVFZxSjRNTlhmQ2dzUWdfXzd3OWpPa19NLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQAhioX7rmgIGy67wNVU0AlSvzZoEBQRGZWqC9kh
FWhu1sby9OVlBwuILd5P+ClhiCWirhs4SC3imMshScLau5AqnyzZjyH5jP1OtOzG
QurHQoFKdM/O+erUkHoqpG3RqjptfiAHYsiPJOX30Oli6a2HcT3koUNuJ5/SxtWX
SwK2Y3dUEyeXi+eyujemaQvBPXvwUyd4lcOgVCPJCkJKXvjw2HEXsLDSYhNKlDqw
a2YSOcZ+CneWZ2n/dppP+ohn2hNwMFy01aHuwQ6CIBZRST1zStCtB2HHhCRS2cYM
k+Nrl9DfkF3ol3r1Bs9xNZG+k1zBF9J63wRj7r5+0tvHM8Zq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org