Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa
File:                     dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa (raw, json)
Hash identifier:          FJHLKUgLhw1LeTdR/nyKhRERzqBOrZfMABcQLiaWImQ=
Subject key identifier:   74:B3:6C:01:FC:6E:EC:E8:3A:7D:3C:F3:EC:1A:32:AF:95:7C:4E:92
Certificate issuer:       /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial:       0CA6A782
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa
Signing time:             Sat 01 Jan 2022 05:53:10 +0000
ROA not before:           Sat 01 Jan 2022 05:53:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34683
IP address blocks:        195.137.228.0/23 maxlen: 23
                          212.24.192.0/19 maxlen: 19
                          212.24.193.0/24 maxlen: 24
                          185.69.216.0/22 maxlen: 22
                          87.254.96.0/19 maxlen: 19
                          2001:1698::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 212248450 (0xca6a782)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
        Validity
            Not Before: Jan  1 05:53:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74b36c01fc6eece83a7d3cf3ec1a32af957c4e92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e3:a5:d2:17:5f:f2:8b:ca:d6:a8:7d:36:e5:
                    3c:1c:2b:10:f0:e4:69:de:1a:de:5c:cf:7f:a4:82:
                    ad:20:e1:30:37:9c:94:87:e4:89:45:a9:89:55:44:
                    0a:7a:7b:cd:70:67:8e:47:8f:ac:f2:d6:7e:8f:fe:
                    7c:6c:eb:fa:ed:f0:79:6c:e5:6f:54:28:33:64:e0:
                    02:3a:a0:39:46:dd:35:35:ad:30:53:23:57:82:7e:
                    e6:a9:a1:26:0c:07:66:be:28:46:c1:3a:9a:13:57:
                    6a:b2:ba:cb:45:e5:8f:85:0c:cb:9f:af:c8:39:b9:
                    0d:e8:68:5c:47:f8:53:9c:d3:27:b3:68:b5:c8:7d:
                    b8:be:e4:36:d4:e1:f0:bd:b7:e5:1a:12:28:c6:2e:
                    e0:67:db:2a:63:a8:b9:7c:2e:f5:6b:83:24:93:ed:
                    9c:10:57:20:71:ae:3c:0f:f7:a8:5d:11:92:fe:fa:
                    0d:1b:3e:54:c5:b9:7c:05:b0:45:54:c2:43:d0:68:
                    e8:70:12:4a:d5:7d:ca:aa:86:83:0f:37:b1:36:2e:
                    da:40:e0:e7:32:ab:65:bc:ba:42:97:00:9b:eb:82:
                    9a:6d:5c:29:10:68:ef:4d:bf:03:63:a2:3f:e4:29:
                    ad:16:40:9a:00:c7:0c:26:8b:0a:b1:e6:7c:3f:fc:
                    f8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:B3:6C:01:FC:6E:EC:E8:3A:7D:3C:F3:EC:1A:32:AF:95:7C:4E:92
            X509v3 Authority Key Identifier:
                keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/dLNsAfxu7Og6fTzz7Boyr5V8TpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.96.0/19
                  185.69.216.0/22
                  195.137.228.0/23
                  212.24.192.0/19
                IPv6:
                  2001:1698::/32

    Signature Algorithm: sha256WithRSAEncryption
         2a:a9:9c:a4:42:ed:83:a7:ba:e6:0f:7e:61:ee:46:7f:27:0b:
         77:86:ef:b0:1a:76:21:cf:e6:cb:94:27:ed:22:67:ac:68:9e:
         40:0a:87:18:63:56:83:0a:66:12:bf:62:6c:88:4f:59:9b:79:
         2c:73:fe:ea:99:8c:91:c5:b3:1f:3a:79:45:fb:89:75:26:c0:
         21:f7:b3:ab:60:43:08:44:7f:42:b9:12:b1:be:1b:ed:5e:cd:
         f1:11:c6:ac:42:c9:d7:61:1a:93:54:d5:cc:ce:ff:a7:08:be:
         e1:f5:4b:b3:71:cb:20:c0:2d:8d:75:3a:02:b4:3b:db:95:55:
         a7:50:dc:40:01:35:2c:54:da:19:4d:f5:38:b4:13:2b:d8:45:
         25:d0:b7:bc:7b:d9:a0:34:21:3f:d7:b5:99:e2:5f:e1:33:e9:
         3d:e0:80:62:a7:9b:72:c8:8d:55:5d:82:8d:81:9f:9a:6e:f3:
         c8:39:78:6c:1a:d6:14:73:47:9d:cc:7e:a7:42:30:9b:d0:6b:
         99:d0:c0:65:8c:ed:a4:95:bd:90:73:63:51:5c:90:50:86:82:
         01:ca:50:4e:c0:96:a1:4a:d9:15:5c:86:59:32:30:f0:6a:23:
         2c:2b:b5:8b:e9:da:b1:f7:c1:e9:5f:4f:60:69:d8:b6:5c:4f:
         79:af:29:48
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDKangjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTM3ODQzZjA3NTIyMjQ0NTllNjAzNDU2OWEyMTdjOGI2MTE1NjRiMB4XDTIyMDEw
MTA1NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRiMzZjMDFmYzZl
ZWNlODNhN2QzY2YzZWMxYTMyYWY5NTdjNGU5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7jpdIXX/KLytaofTblPBwrEPDkad4a3lzPf6SCrSDhMDec
lIfkiUWpiVVECnp7zXBnjkePrPLWfo/+fGzr+u3weWzlb1QoM2TgAjqgOUbdNTWt
MFMjV4J+5qmhJgwHZr4oRsE6mhNXarK6y0Xlj4UMy5+vyDm5DehoXEf4U5zTJ7No
tch9uL7kNtTh8L235RoSKMYu4GfbKmOouXwu9WuDJJPtnBBXIHGuPA/3qF0Rkv76
DRs+VMW5fAWwRVTCQ9Bo6HASStV9yqqGgw83sTYu2kDg5zKrZby6QpcAm+uCmm1c
KRBo702/A2OiP+QprRZAmgDHDCaLCrHmfD/8+L8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBR0s2wB/G7s6Dp9PPPsGjKvlXxOkjAfBgNVHSMEGDAWgBTKN4Q/B1IiRFnm
A0VpohfIthFWSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lqZUVQd2RTSWtSWjVnTkZhYUlYeUxZUlZrcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8x
L2RMTnNBZnh1N09nNmZUeno3Qm95cjVWOFRwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ZDcxNmNkLWQ3OWYtNDQ4NC05Njg1LThmZTc4NGUzMWU1ZC8xL3lqZUVQd2RTSWtS
WjVnTkZhYUlYeUxZUlZrcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVf+YAMEArlF2AMEAcOJ5AMEBdQY
wDANBAIAAjAHAwUAIAEWmDANBgkqhkiG9w0BAQsFAAOCAQEAKqmcpELtg6e65g9+
Ye5GfycLd4bvsBp2Ic/my5Qn7SJnrGieQAqHGGNWgwpmEr9ibIhPWZt5LHP+6pmM
kcWzHzp5RfuJdSbAIfezq2BDCER/QrkSsb4b7V7N8RHGrELJ12Eak1TVzM7/pwi+
4fVLs3HLIMAtjXU6ArQ725VVp1DcQAE1LFTaGU31OLQTK9hFJdC3vHvZoDQhP9e1
meJf4TPpPeCAYqebcsiNVV2CjYGfmm7zyDl4bBrWFHNHncx+p0Iwm9BrmdDAZYzt
pJW9kHNjUVyQUIaCAcpQTsCWoUrZFVyGWTIw8GojLCu1i+nasffB6V9PYGnYtlxP
ea8pSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:20 2024 by rpki-client on console-ams.rpki-client.org