Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/Xc5KR4_IuaTf96mOTVeS1Xx5M_U.roa
File:                     Xc5KR4_IuaTf96mOTVeS1Xx5M_U.roa (raw, json)
Hash identifier:          3Yz9cAXY4u8UvCeqJPSJbCvvtbDJ9bZjPgpgKup6xaU=
Subject key identifier:   5D:CE:4A:47:8F:C8:B9:A4:DF:F7:A9:8E:4D:57:92:D5:7C:79:33:F5
Certificate issuer:       /CN=52226f671c2643a5c04846264fee01f943ac2bfc
Certificate serial:       348B4303
Authority key identifier: 52:22:6F:67:1C:26:43:A5:C0:48:46:26:4F:EE:01:F9:43:AC:2B:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UiJvZxwmQ6XASEYmT-4B-UOsK_w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/Xc5KR4_IuaTf96mOTVeS1Xx5M_U.roa
Signing time:             Sat 01 Jan 2022 06:53:01 +0000
ROA not before:           Sat 01 Jan 2022 06:53:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8896
IP address blocks:        80.86.208.0/20 maxlen: 20
                          81.29.32.0/20 maxlen: 20
                          2a03:9a00::/32 maxlen: 32
                          2a03:9a00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 881541891 (0x348b4303)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52226f671c2643a5c04846264fee01f943ac2bfc
        Validity
            Not Before: Jan  1 06:53:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5dce4a478fc8b9a4dff7a98e4d5792d57c7933f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:14:77:74:d8:e4:94:63:c7:f0:4f:97:bf:50:
                    c8:59:63:1b:c3:1d:fb:18:cf:35:ec:b7:50:9c:2b:
                    b8:7a:fb:95:8f:99:b9:ec:df:e3:8f:8a:f1:7b:91:
                    34:1b:d5:e8:66:2f:45:ef:68:44:de:67:2d:18:b3:
                    f2:e7:4f:d6:14:c6:fe:03:d0:6a:f6:99:d6:3c:21:
                    90:06:47:57:32:9b:2d:fc:84:91:b0:65:77:e0:a0:
                    cd:af:50:4d:0e:ae:04:56:3e:ff:4d:dc:17:fd:54:
                    90:bf:1e:c8:d1:0e:46:da:28:75:e1:2c:c7:28:c0:
                    8e:dd:a3:a5:d8:7d:f2:f4:ac:40:85:c9:d6:b1:97:
                    6f:9e:03:13:69:39:8e:3b:ea:a7:c3:fd:2e:de:8f:
                    a3:03:2e:8e:47:8b:95:9f:8a:61:a0:85:98:f1:85:
                    fd:10:cc:eb:e0:57:75:0a:05:90:ac:1c:55:09:0d:
                    ca:7b:bd:84:61:86:00:dd:71:78:73:3f:39:44:29:
                    a2:9a:d7:60:05:10:2c:b1:a0:53:09:c2:ea:3b:65:
                    6c:44:46:fd:6f:b7:25:fe:ae:eb:1d:76:cd:94:85:
                    e1:65:99:f2:70:34:1e:17:d1:9f:3e:f0:bb:73:d9:
                    11:e8:48:4f:b1:fc:83:af:0e:9b:9a:c8:b8:ff:12:
                    12:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CE:4A:47:8F:C8:B9:A4:DF:F7:A9:8E:4D:57:92:D5:7C:79:33:F5
            X509v3 Authority Key Identifier:
                keyid:52:22:6F:67:1C:26:43:A5:C0:48:46:26:4F:EE:01:F9:43:AC:2B:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiJvZxwmQ6XASEYmT-4B-UOsK_w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/Xc5KR4_IuaTf96mOTVeS1Xx5M_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/UiJvZxwmQ6XASEYmT-4B-UOsK_w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.86.208.0/20
                  81.29.32.0/20
                IPv6:
                  2a03:9a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         92:04:49:0e:1f:97:a4:c0:c1:6b:13:ea:3b:a9:5e:43:81:9f:
         66:0f:fa:7b:8d:4c:0c:29:a5:4d:16:19:f0:4f:ac:3c:fe:0d:
         51:34:01:08:9b:d0:a4:15:c9:29:d1:3b:8c:2c:ce:62:42:ab:
         59:1f:0f:3e:d4:a5:6f:c1:a0:e7:f6:28:fc:02:cf:02:75:92:
         c6:6f:85:c1:d1:ff:a1:c1:5d:99:c3:74:fc:ee:b1:03:06:db:
         6d:b5:1b:cf:5c:58:cb:d3:80:63:25:80:00:e3:8a:0b:b0:ed:
         47:86:78:33:4c:8e:58:48:79:e0:0a:0e:9f:90:28:73:67:1c:
         a3:37:79:85:e0:57:c3:90:be:8b:52:61:50:ce:aa:3c:66:6c:
         d8:0f:9d:79:a2:5c:61:8b:b0:2a:c9:91:52:46:50:c5:b1:84:
         09:0d:64:a1:dd:25:b9:4f:48:dc:9a:e9:f5:15:3c:68:ac:44:
         e4:0b:8b:37:9a:f1:de:c5:69:2d:1d:fd:0b:1f:4b:b2:dc:aa:
         b7:d8:ab:4d:17:97:6f:7a:7c:b8:bd:77:ca:a9:09:c9:cb:51:
         de:21:26:6a:48:63:1b:6b:3f:e3:0d:95:f6:83:25:2f:6e:42:
         1d:7f:94:d4:d4:e3:0d:ef:1b:78:6a:31:85:59:97:34:a0:13:
         1f:f9:5f:3c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENItDAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjIyNmY2NzFjMjY0M2E1YzA0ODQ2MjY0ZmVlMDFmOTQzYWMyYmZjMB4XDTIyMDEw
MTA2NTMwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRjZTRhNDc4ZmM4
YjlhNGRmZjdhOThlNGQ1NzkyZDU3Yzc5MzNmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0Ud3TY5JRjx/BPl79QyFljG8Md+xjPNey3UJwruHr7lY+Z
uezf44+K8XuRNBvV6GYvRe9oRN5nLRiz8udP1hTG/gPQavaZ1jwhkAZHVzKbLfyE
kbBld+Cgza9QTQ6uBFY+/03cF/1UkL8eyNEORtoodeEsxyjAjt2jpdh98vSsQIXJ
1rGXb54DE2k5jjvqp8P9Lt6PowMujkeLlZ+KYaCFmPGF/RDM6+BXdQoFkKwcVQkN
ynu9hGGGAN1xeHM/OUQpoprXYAUQLLGgUwnC6jtlbERG/W+3Jf6u6x12zZSF4WWZ
8nA0HhfRnz7wu3PZEehIT7H8g68Om5rIuP8SEpUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRdzkpHj8i5pN/3qY5NV5LVfHkz9TAfBgNVHSMEGDAWgBRSIm9nHCZDpcBI
RiZP7gH5Q6wr/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VpSnZaeHdtUTZYQVNFWW1ULTRCLVVPc0tfdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvMmI0ZDBmLTIxOWYtNGMwMC04NjQ4LWExMmRlM2EzMzU1My8x
L1hjNUtSNF9JdWFUZjk2bU9UVmVTMVh4NU1fVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
MmI0ZDBmLTIxOWYtNGMwMC04NjQ4LWExMmRlM2EzMzU1My8xL1VpSnZaeHdtUTZY
QVNFWW1ULTRCLVVPc0tfdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBW0AMEBFEdIDANBAIAAjAHAwUD
KgOaADANBgkqhkiG9w0BAQsFAAOCAQEAkgRJDh+XpMDBaxPqO6leQ4GfZg/6e41M
DCmlTRYZ8E+sPP4NUTQBCJvQpBXJKdE7jCzOYkKrWR8PPtSlb8Gg5/Yo/ALPAnWS
xm+FwdH/ocFdmcN0/O6xAwbbbbUbz1xYy9OAYyWAAOOKC7DtR4Z4M0yOWEh54AoO
n5Aoc2ccozd5heBXw5C+i1JhUM6qPGZs2A+deaJcYYuwKsmRUkZQxbGECQ1kod0l
uU9I3Jrp9RU8aKxE5AuLN5rx3sVpLR39Cx9Lstyqt9irTReXb3p8uL13yqkJyctR
3iEmakhjG2s/4w2V9oMlL25CHX+U1NTjDe8beGoxhVmXNKATH/lfPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:15 2024 by rpki-client on console-fra.rpki-client.org