Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/gldnzJI9iaQYgaUHqL8-81HFf0Y.roa
File:                     gldnzJI9iaQYgaUHqL8-81HFf0Y.roa (raw, json)
Hash identifier:          Vqueg3tW07WlDrZZNnovJMDSDMPWUND99qU5hjnxOy0=
Subject key identifier:   82:57:67:CC:92:3D:89:A4:18:81:A5:07:A8:BF:3E:F3:51:C5:7F:46
Certificate issuer:       /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial:       2C90F430
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/gldnzJI9iaQYgaUHqL8-81HFf0Y.roa
Signing time:             Wed 06 Apr 2022 10:51:49 +0000
ROA not before:           Wed 06 Apr 2022 10:51:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12975
IP address blocks:        213.244.121.0/24 maxlen: 24
                          139.190.176.0/20 maxlen: 20
                          213.244.71.0/24 maxlen: 24
                          213.244.70.0/23 maxlen: 24
                          213.244.70.0/24 maxlen: 24
                          213.244.72.0/21 maxlen: 24
                          213.244.72.0/24 maxlen: 24
                          83.244.78.0/24 maxlen: 24
                          213.244.76.0/24 maxlen: 24
                          83.244.75.0/24 maxlen: 24
                          83.244.74.0/24 maxlen: 24
                          83.244.73.0/24 maxlen: 24
                          213.244.73.0/24 maxlen: 24
                          83.244.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 747697200 (0x2c90f430)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
        Validity
            Not Before: Apr  6 10:51:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=825767cc923d89a41881a507a8bf3ef351c57f46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c0:85:d2:93:dd:f8:49:b1:3b:74:16:55:c5:
                    85:0c:25:db:56:d0:5c:30:6c:4c:bb:e4:a4:06:27:
                    39:3d:22:4b:e3:1c:c5:95:34:d7:4a:38:42:bc:21:
                    86:2b:d1:38:0b:1f:c2:4e:88:84:38:61:67:61:ea:
                    e6:ba:f2:db:03:63:df:66:1b:2e:06:76:e8:25:f3:
                    0d:20:43:20:b7:a3:16:d6:2a:73:fa:38:3c:f5:2e:
                    2a:67:df:38:e9:78:e3:47:61:db:f7:09:fe:43:f0:
                    3e:0f:1b:df:15:76:bc:86:a9:1d:99:f2:56:32:e9:
                    c3:ed:12:67:ce:49:22:93:ef:f0:4b:b6:a2:71:94:
                    c0:1e:b4:48:2f:99:bb:01:13:10:ef:84:f8:4c:06:
                    e8:81:6b:a8:e6:6b:83:d1:54:96:7c:9a:b9:68:77:
                    b0:b8:03:47:2a:e3:18:4c:92:d7:1d:1f:8e:ba:fe:
                    ef:d9:27:cf:2d:17:37:70:3d:f8:cf:9f:5e:2a:45:
                    d7:d3:6a:f3:54:41:e7:1c:ff:14:98:5a:89:de:f0:
                    01:58:b7:1d:63:9c:56:b8:1c:80:49:43:59:e4:2f:
                    24:c2:7a:a9:80:02:9f:40:48:84:d1:a3:d9:d1:fb:
                    03:37:1d:a2:f1:d1:ed:47:10:91:28:75:c5:68:5f:
                    2c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:57:67:CC:92:3D:89:A4:18:81:A5:07:A8:BF:3E:F3:51:C5:7F:46
            X509v3 Authority Key Identifier:
                keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/gldnzJI9iaQYgaUHqL8-81HFf0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.244.73.0-83.244.75.255
                  83.244.78.0/23
                  139.190.176.0/20
                  213.244.70.0-213.244.79.255
                  213.244.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:7a:ed:61:2f:86:66:51:10:16:da:73:0e:63:c8:2d:17:a8:
         1c:1b:4d:6b:f6:0e:66:66:0e:1b:9c:79:e7:44:1a:52:e9:f1:
         d5:46:78:78:f7:14:ae:a7:b1:33:7d:e2:d9:45:0f:be:0c:92:
         91:1a:db:f6:b0:b8:df:90:cb:f3:6d:d0:74:c0:46:79:7e:37:
         5d:68:73:23:46:6f:1c:62:83:0c:ca:48:58:c5:51:d0:e8:46:
         4e:28:70:c4:e0:80:fc:76:12:35:99:04:ca:1a:53:24:dd:20:
         55:f1:97:c8:7e:c8:aa:ec:a4:7f:d2:a7:09:ef:41:f1:15:c1:
         ca:61:08:5c:d7:35:bc:74:5b:bf:ce:2b:23:8f:01:40:f3:9c:
         14:3d:d0:bd:df:b0:13:d3:d6:6b:24:65:4e:51:f0:03:52:0c:
         ad:59:39:d3:1b:c0:67:f5:cc:b3:d8:89:19:59:fa:87:53:6a:
         a8:a2:a8:33:04:f3:07:06:72:a5:10:09:d8:32:f6:e3:5f:bb:
         f5:ab:e5:4f:21:d4:62:51:11:be:81:5c:9a:d5:33:da:83:9e:
         60:3e:19:e6:56:5c:51:29:35:1b:37:65:24:cb:e9:1e:2f:f1:
         f9:a7:21:50:31:f5:49:f7:8d:f7:e9:7c:06:9d:e9:bb:ea:1d:
         39:22:66:3d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIELJD0MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzM3ZjI3ZWI0OTk3YjNiZWY5ZjI4MjY2YTM5Njk0MDUwZmU3NGY5MB4XDTIyMDQw
NjEwNTE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI1NzY3Y2M5MjNk
ODlhNDE4ODFhNTA3YThiZjNlZjM1MWM1N2Y0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnAhdKT3fhJsTt0FlXFhQwl21bQXDBsTLvkpAYnOT0iS+Mc
xZU010o4QrwhhivROAsfwk6IhDhhZ2Hq5rry2wNj32YbLgZ26CXzDSBDILejFtYq
c/o4PPUuKmffOOl440dh2/cJ/kPwPg8b3xV2vIapHZnyVjLpw+0SZ85JIpPv8Eu2
onGUwB60SC+ZuwETEO+E+EwG6IFrqOZrg9FUlnyauWh3sLgDRyrjGEyS1x0fjrr+
79knzy0XN3A9+M+fXipF19Nq81RB5xz/FJhaid7wAVi3HWOcVrgcgElDWeQvJMJ6
qYACn0BIhNGj2dH7AzcdovHR7UcQkSh1xWhfLHMCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBSCV2fMkj2JpBiBpQeovz7zUcV/RjAfBgNVHSMEGDAWgBRMN/J+tJl7O++f
KCZqOWlAUP50+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1REZnlmclNaZXp2dm55Z21hamxwUUZELWRQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8x
L2dsZG56Skk5aWFRWWdhVUhxTDgtODFIRmYwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8xL1REZnlmclNaZXp2
dm55Z21hamxwUUZELWRQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLjAMAwQAU/RJAwQCU/RIAwQBU/ROAwQE
i76wMAwDBAHV9EYDBATV9EADBADV9HkwDQYJKoZIhvcNAQELBQADggEBAKF67WEv
hmZREBbacw5jyC0XqBwbTWv2DmZmDhuceedEGlLp8dVGeHj3FK6nsTN94tlFD74M
kpEa2/awuN+Qy/Nt0HTARnl+N11ocyNGbxxigwzKSFjFUdDoRk4ocMTggPx2EjWZ
BMoaUyTdIFXxl8h+yKrspH/SpwnvQfEVwcphCFzXNbx0W7/OKyOPAUDznBQ90L3f
sBPT1mskZU5R8ANSDK1ZOdMbwGf1zLPYiRlZ+odTaqiiqDME8wcGcqUQCdgy9uNf
u/Wr5U8h1GJREb6BXJrVM9qDnmA+GeZWXFEpNRs3ZSTL6R4v8fmnIVAx9Un3jffp
fAad6bvqHTkiZj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org