Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wCykmzA3-2mgVBrx-AVb2pyxtYU.roa
File:                     wCykmzA3-2mgVBrx-AVb2pyxtYU.roa (raw, json)
Hash identifier:          cxEvTbet270NuJncozoK/AEGPv35UTrT7ZlOJAXd2PE=
Subject key identifier:   C0:2C:A4:9B:30:37:FB:69:A0:54:1A:F1:F8:05:5B:DA:9C:B1:B5:85
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       6E2BAD
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wCykmzA3-2mgVBrx-AVb2pyxtYU.roa
Signing time:             Sat 01 Jan 2022 03:01:00 +0000
ROA not before:           Sat 01 Jan 2022 03:01:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397216
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7220141 (0x6e2bad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c02ca49b3037fb69a0541af1f8055bda9cb1b585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:cc:ab:2d:92:87:6b:62:ef:c0:7e:69:23:75:
                    6c:31:ab:e7:7b:2b:a4:a9:c3:30:36:36:e1:6e:1b:
                    14:52:70:e4:56:96:2d:97:72:01:45:6a:6b:1f:ce:
                    ff:b7:92:a0:ad:7e:71:98:63:75:bf:b9:e5:ac:10:
                    63:6d:7e:0f:5b:5e:b1:43:4b:58:27:10:8e:eb:0d:
                    cd:29:1e:b9:32:5d:4f:04:2c:0c:ed:a9:69:87:bb:
                    0f:2e:41:11:e3:17:4b:5b:6d:16:ce:0c:91:7c:07:
                    b6:41:c8:6b:4e:c9:b0:65:07:80:1c:bc:3e:34:f4:
                    5c:68:07:08:fe:6c:cf:87:3a:94:68:fc:8c:b7:60:
                    74:8d:b0:8b:59:2c:f4:b9:e8:37:1e:86:8e:6e:57:
                    fa:9f:1a:2b:d3:be:4c:0e:74:d0:e5:8e:bb:98:f8:
                    31:47:f6:fa:9f:01:ee:ba:e9:6a:32:a8:72:58:c9:
                    e3:fa:00:4b:4d:a0:44:cc:16:1b:8c:ee:27:b7:d3:
                    58:a5:b2:95:be:4e:07:a7:2d:cd:77:4d:16:be:06:
                    ee:64:90:df:b7:f2:5f:cd:13:d2:e7:4d:e8:6a:d7:
                    a1:da:d5:9b:7d:4f:c8:ea:f8:40:98:26:41:7a:6e:
                    86:18:5e:22:6b:3a:40:f3:f8:58:09:f0:d9:2c:74:
                    3b:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:2C:A4:9B:30:37:FB:69:A0:54:1A:F1:F8:05:5B:DA:9C:B1:B5:85
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wCykmzA3-2mgVBrx-AVb2pyxtYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:40:f5:56:fe:f9:c1:4a:7c:3e:6a:e1:dc:27:77:cf:85:80:
         29:9d:7a:bf:a4:24:be:2b:7a:ed:48:1c:fa:dd:f6:95:5e:de:
         57:fd:a3:28:18:9e:1d:43:a1:83:af:5f:81:39:d8:b4:a0:1b:
         9d:ee:29:4b:08:de:b8:cf:41:56:c2:40:e5:f3:3c:7d:a1:e3:
         2e:57:a7:ca:e4:84:28:c5:8c:0a:dd:f9:d3:16:b7:16:45:73:
         4e:4d:94:e7:59:5b:e7:ea:44:af:fc:14:93:11:9d:02:7e:ff:
         2d:5f:6d:65:ae:50:56:6f:0d:08:ca:00:88:13:e3:58:65:44:
         af:7f:b7:36:4e:30:dd:5b:7c:e4:c6:5f:26:b6:a2:b2:90:92:
         e2:ff:92:43:ec:d0:54:c8:36:a1:4b:92:6c:7a:7b:17:67:64:
         a5:ce:31:61:cf:b2:5f:0e:67:71:a2:f9:44:15:82:be:16:a7:
         82:c3:26:30:33:bd:ef:f6:5b:72:6a:9c:c0:d0:06:57:94:08:
         15:64:c0:fb:dc:2a:e5:88:45:01:6f:67:dd:14:97:a5:c4:15:
         7e:91:9d:8d:8c:00:7f:98:fc:7b:c6:5e:ef:34:e9:c8:89:e0:
         cd:c7:92:2c:fe:d8:8d:46:42:3b:93:1c:22:29:6a:3e:43:45:
         6a:6f:96:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDbiutMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMDJjYTQ5YjMwMzdm
YjY5YTA1NDFhZjFmODA1NWJkYTljYjFiNTg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA68yrLZKHa2LvwH5pI3VsMavneyukqcMwNjbhbhsUUnDkVpYt
l3IBRWprH87/t5KgrX5xmGN1v7nlrBBjbX4PW16xQ0tYJxCO6w3NKR65Ml1PBCwM
7alph7sPLkER4xdLW20WzgyRfAe2QchrTsmwZQeAHLw+NPRcaAcI/mzPhzqUaPyM
t2B0jbCLWSz0ueg3HoaOblf6nxor075MDnTQ5Y67mPgxR/b6nwHuuulqMqhyWMnj
+gBLTaBEzBYbjO4nt9NYpbKVvk4Hpy3Nd00WvgbuZJDft/JfzRPS503oateh2tWb
fU/I6vhAmCZBem6GGF4iazpA8/hYCfDZLHQ7sQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFMAspJswN/tpoFQa8fgFW9qcsbWFMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
d0N5a216QTMtMm1nVkJyeC1BVmIycHl4dFlVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQAdQPVW/vnBSnw+auHcJ3fPhYApnXq/pCS+K3rt
SBz63faVXt5X/aMoGJ4dQ6GDr1+BOdi0oBud7ilLCN64z0FWwkDl8zx9oeMuV6fK
5IQoxYwK3fnTFrcWRXNOTZTnWVvn6kSv/BSTEZ0Cfv8tX21lrlBWbw0IygCIE+NY
ZUSvf7c2TjDdW3zkxl8mtqKykJLi/5JD7NBUyDahS5JsensXZ2SlzjFhz7JfDmdx
ovlEFYK+FqeCwyYwM73v9ltyapzA0AZXlAgVZMD73CrliEUBb2fdFJelxBV+kZ2N
jAB/mPx7xl7vNOnIieDNx5Is/tiNRkI7kxwiKWo+Q0Vqb5YM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org