Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CLXUN9dXsJGcPZqxFlvgEUHw0V8.roa
File:                     CLXUN9dXsJGcPZqxFlvgEUHw0V8.roa (raw, json)
Hash identifier:          Hex2tAVW+7t8/VocNbb9Im7L1q5sPinrLRhs2P/sWBg=
Subject key identifier:   08:B5:D4:37:D7:57:B0:91:9C:3D:9A:B1:16:5B:E0:11:41:F0:D1:5F
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01836600703D08F798B5B2BE593AC7A89789
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CLXUN9dXsJGcPZqxFlvgEUHw0V8.roa
Signing time:             Thu 22 Sep 2022 16:20:48 +0000
ROA not before:           Thu 22 Sep 2022 16:20:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44834
IP address blocks:        188.130.236.0/23 maxlen: 24
                          109.248.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:66:00:70:3d:08:f7:98:b5:b2:be:59:3a:c7:a8:97:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Sep 22 16:20:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08b5d437d757b0919c3d9ab1165be01141f0d15f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:29:92:00:b1:8c:30:1a:55:e4:46:e2:8e:c7:
                    fe:76:27:41:b2:d1:7b:6b:26:7d:18:a9:58:d1:29:
                    fb:56:73:72:32:a5:04:89:c8:a5:d5:39:fd:4b:a8:
                    0e:57:a0:c3:ed:e9:1f:60:d2:f7:df:5d:5e:de:85:
                    d0:4e:04:41:f7:10:9c:71:83:47:36:9f:09:0f:d5:
                    14:ff:46:92:13:2b:f8:85:57:6a:d7:f9:18:84:b7:
                    3e:e0:df:14:57:6c:99:c1:d2:0e:b4:1c:02:ee:96:
                    8d:3e:dc:ae:6e:6c:c2:55:48:16:0a:2c:6b:b8:4a:
                    bd:9f:57:9a:16:bf:f2:84:ce:a0:77:87:fb:48:13:
                    2e:2f:d0:bd:e4:bd:c3:b2:03:7b:91:ce:48:01:50:
                    02:1e:b7:a2:7f:ac:40:e3:98:35:19:e0:3f:40:3f:
                    61:ed:09:66:79:97:c6:7f:82:97:0e:3e:01:0f:71:
                    bc:df:59:e0:19:7e:d9:e1:4e:14:12:55:97:7a:72:
                    7a:42:0e:cb:0d:bb:f0:e6:d3:fb:64:73:d7:3a:25:
                    92:81:17:12:73:63:8e:b2:e7:50:34:db:27:53:ce:
                    69:83:02:f3:0f:3f:33:a1:05:c8:18:4e:7e:c1:c5:
                    67:67:85:7c:47:72:db:c5:2f:fb:ed:8a:fa:10:09:
                    6b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B5:D4:37:D7:57:B0:91:9C:3D:9A:B1:16:5B:E0:11:41:F0:D1:5F
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CLXUN9dXsJGcPZqxFlvgEUHw0V8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.255.0/24
                  188.130.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         42:db:9c:29:c1:d4:54:a8:99:25:33:f8:92:72:45:c4:12:da:
         3a:0b:37:e7:f2:6f:bc:4f:d5:e1:21:99:c2:28:49:2d:ea:00:
         01:a0:e0:6b:b5:f5:50:42:35:59:68:76:1d:e7:db:58:14:8f:
         8c:f6:15:fb:79:90:dd:12:8a:a9:7d:0c:d4:bd:8f:3e:16:8e:
         58:e0:cb:96:0c:3e:a4:93:54:2e:61:7e:1a:da:15:1f:15:64:
         84:94:bb:90:af:2f:0e:1b:00:fd:66:30:b3:25:27:0d:fe:20:
         93:c6:f9:a0:48:0f:95:75:b2:83:34:d0:10:dc:e4:f5:4e:c7:
         8a:e4:27:81:fb:44:4a:b0:16:a0:b7:fd:7a:dc:eb:cc:fb:6a:
         ba:94:f8:21:35:04:33:d9:98:9f:c2:7e:1f:86:1c:3a:26:14:
         59:1d:52:0d:71:e0:5c:8a:0f:47:9d:fb:af:93:0c:ef:45:f2:
         9c:f5:7a:ae:1b:86:08:fd:44:ae:8d:6c:7b:b5:86:94:c5:fb:
         97:3e:7f:b4:cd:69:3d:d5:ae:40:31:f2:95:5b:83:94:32:14:
         2e:1b:cc:e0:70:a2:af:6f:b4:33:2a:bf:43:d5:bd:9f:61:43:
         22:44:d1:5c:aa:61:a0:98:40:1f:13:4d:bf:91:98:0d:0e:8c:
         f6:af:f2:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNmAHA9CPeYtbK+WTrHqJeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIwOTIyMTYyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI1ZDQzN2Q3NTdiMDkxOWMzZDlhYjExNjViZTAxMTQxZjBkMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCmSALGMMBpV5Ebijsf+didBstF7
ayZ9GKlY0Sn7VnNyMqUEicil1Tn9S6gOV6DD7ekfYNL3311e3oXQTgRB9xCccYNH
Np8JD9UU/0aSEyv4hVdq1/kYhLc+4N8UV2yZwdIOtBwC7paNPtyubmzCVUgWCixr
uEq9n1eaFr/yhM6gd4f7SBMuL9C95L3DsgN7kc5IAVACHreif6xA45g1GeA/QD9h
7QlmeZfGf4KXDj4BD3G831ngGX7Z4U4UElWXenJ6Qg7LDbvw5tP7ZHPXOiWSgRcS
c2OOsudQNNsnU85pgwLzDz8zoQXIGE5+wcVnZ4V8R3LbxS/77Yr6EAlrbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAi11DfXV7CRnD2asRZb4BFB8NFfMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvQ0xYVU45ZFhzSkdjUFpxeEZsdmdFVUh3MFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbfj/AwQB
vILsMA0GCSqGSIb3DQEBCwUAA4IBAQBC25wpwdRUqJklM/iSckXEEto6Czfn8m+8
T9XhIZnCKEkt6gABoOBrtfVQQjVZaHYd59tYFI+M9hX7eZDdEoqpfQzUvY8+Fo5Y
4MuWDD6kk1QuYX4a2hUfFWSElLuQry8OGwD9ZjCzJScN/iCTxvmgSA+VdbKDNNAQ
3OT1TseK5CeB+0RKsBagt/163OvM+2q6lPghNQQz2Zifwn4fhhw6JhRZHVINceBc
ig9HnfuvkwzvRfKc9XquG4YI/USujWx7tYaUxfuXPn+0zWk91a5AMfKVW4OUMhQu
G8zgcKKvb7QzKr9D1b2fYUMiRNFcqmGgmEAfE02/kZgNDoz2r/IF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org