Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/VqhyLK91YcLoRipgOBmZjyeFxvg.roa
File:                     VqhyLK91YcLoRipgOBmZjyeFxvg.roa (raw, json)
Hash identifier:          Pik/dGZO/fE/Y28+EQ9epju5kHQgPTjxZ0nZFSogUys=
Subject key identifier:   56:A8:72:2C:AF:75:61:C2:E8:46:2A:60:38:19:99:8F:27:85:C6:F8
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       08345EC6
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/VqhyLK91YcLoRipgOBmZjyeFxvg.roa
Signing time:             Sat 01 Jan 2022 07:56:11 +0000
ROA not before:           Sat 01 Jan 2022 07:56:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51028
IP address blocks:        212.22.90.0/24 maxlen: 24
                          212.22.94.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137649862 (0x8345ec6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Jan  1 07:56:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=56a8722caf7561c2e8462a603819998f2785c6f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:d5:a8:7f:a3:b7:15:0d:48:1b:9f:a7:80:96:
                    57:50:62:f8:c4:0a:9f:54:6c:f0:e6:88:30:d2:75:
                    7b:5c:c1:f9:69:52:05:f3:41:d0:2d:48:cc:93:15:
                    8c:e2:a5:24:f7:67:8d:6c:8e:3c:d6:0c:9e:55:82:
                    65:d0:e9:30:88:d8:28:cc:e6:c4:7d:71:8d:9d:b8:
                    78:1c:47:6b:44:a2:b3:a7:8d:db:9f:cd:d6:95:78:
                    ed:cb:4a:21:50:7a:cf:32:05:1c:6b:06:69:4a:77:
                    0c:5e:73:a1:28:8d:78:2b:07:2c:3c:a3:32:f8:74:
                    d0:f0:8d:e1:04:b2:af:c6:0c:c2:88:0e:4c:52:f8:
                    02:1b:98:a4:94:37:70:6f:5a:b9:e2:24:d2:1f:ff:
                    f1:fd:a0:61:01:c9:97:f6:3c:a0:73:26:8a:89:64:
                    46:d9:25:1b:3f:92:80:08:d4:dc:41:09:a0:87:9d:
                    e1:be:4e:08:ca:c2:28:e8:c2:0d:34:21:49:11:f0:
                    f6:0a:f7:ea:d5:80:37:80:0c:18:5a:8d:b2:c1:d0:
                    ba:6f:5a:e4:10:f2:f2:6f:4b:c9:4b:52:4f:43:61:
                    38:4b:23:91:a8:1e:12:de:b6:70:5b:82:ed:a0:79:
                    f1:63:0c:76:b2:6e:6f:a1:ae:3f:79:53:b8:3f:4a:
                    ac:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:A8:72:2C:AF:75:61:C2:E8:46:2A:60:38:19:99:8F:27:85:C6:F8
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/VqhyLK91YcLoRipgOBmZjyeFxvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.22.90.0/24
                  212.22.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:76:77:cd:3c:d9:c7:b7:7d:b0:20:b5:3a:45:61:58:57:c2:
         1b:a8:75:15:1c:02:c2:a0:df:6c:a7:a7:61:85:25:2a:aa:cf:
         ec:17:d5:14:94:e7:72:cf:77:ee:e1:d5:38:65:9c:be:39:94:
         d1:1d:f6:22:fb:90:08:b3:6f:fa:8d:c5:f4:20:fc:51:f2:21:
         61:b1:9a:20:68:e9:f0:69:70:5d:fb:5a:ae:c3:ff:c7:a5:ff:
         31:96:58:60:78:23:e4:d5:b1:ef:16:ff:7e:90:f4:83:7b:ee:
         50:a7:61:68:4a:e7:28:ac:37:13:f5:34:4f:84:bb:1d:7f:93:
         ff:1f:e4:46:73:39:df:3d:7b:8a:5d:10:c8:c8:35:3d:16:0e:
         10:ad:be:a7:f5:f1:45:cd:09:5d:58:f6:89:0b:fd:10:86:50:
         2d:64:c3:f1:e0:bb:46:27:f0:a2:a5:9d:d1:48:06:6d:68:60:
         19:0f:e1:49:37:8a:01:92:70:c9:b3:3b:1a:bf:f5:61:29:fa:
         b1:f8:14:aa:a2:4f:65:ac:1a:b2:e9:f7:5c:f6:b3:3a:64:2f:
         8d:5e:f2:45:1d:cc:29:af:c9:8d:27:06:78:6e:8c:c6:82:e7:
         c5:2a:ac:00:aa:bf:e6:b6:2c:c1:78:69:a4:b7:4d:6c:cd:98:
         12:6d:c0:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECDRexjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDYzNjUzNTViNjY1NTY0YTIxMGMzNThjNjhhMDExN2I3ZmJlYjlhMB4XDTIyMDEw
MTA3NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZhODcyMmNhZjc1
NjFjMmU4NDYyYTYwMzgxOTk5OGYyNzg1YzZmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/VqH+jtxUNSBufp4CWV1Bi+MQKn1Rs8OaIMNJ1e1zB+WlS
BfNB0C1IzJMVjOKlJPdnjWyOPNYMnlWCZdDpMIjYKMzmxH1xjZ24eBxHa0Sis6eN
25/N1pV47ctKIVB6zzIFHGsGaUp3DF5zoSiNeCsHLDyjMvh00PCN4QSyr8YMwogO
TFL4AhuYpJQ3cG9aueIk0h//8f2gYQHJl/Y8oHMmiolkRtklGz+SgAjU3EEJoIed
4b5OCMrCKOjCDTQhSRHw9gr36tWAN4AMGFqNssHQum9a5BDy8m9LyUtST0NhOEsj
kageEt62cFuC7aB58WMMdrJub6GuP3lTuD9KrEUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRWqHIsr3VhwuhGKmA4GZmPJ4XG+DAfBgNVHSMEGDAWgBR0Y2U1W2ZVZKIQ
w1jGigEXt/vrmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RHTmxOVnRtVldTaUVNTll4b29CRjdmNzY1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvYWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8x
L1ZxaHlMSzkxWWNMb1JpcGdPQm1aanllRnh2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
YWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8xL2RHTmxOVnRtVldT
aUVNTll4b29CRjdmNzY1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANQWWgMEANQWXjANBgkqhkiG9w0B
AQsFAAOCAQEAjXZ3zTzZx7d9sCC1OkVhWFfCG6h1FRwCwqDfbKenYYUlKqrP7BfV
FJTncs937uHVOGWcvjmU0R32IvuQCLNv+o3F9CD8UfIhYbGaIGjp8GlwXftarsP/
x6X/MZZYYHgj5NWx7xb/fpD0g3vuUKdhaErnKKw3E/U0T4S7HX+T/x/kRnM53z17
il0QyMg1PRYOEK2+p/XxRc0JXVj2iQv9EIZQLWTD8eC7RifwoqWd0UgGbWhgGQ/h
STeKAZJwybM7Gr/1YSn6sfgUqqJPZawasun3XPazOmQvjV7yRR3MKa/JjScGeG6M
xoLnxSqsAKq/5rYswXhppLdNbM2YEm3AbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org