Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/1-qOxQ9Fctk7t1C73X95IhgW8zcg.roa
File:                     1-qOxQ9Fctk7t1C73X95IhgW8zcg.roa (raw, json)
Hash identifier:          EB4J0cMfMkXL0xjJnT+uRMV4jzjfIAio6zQfiFEtnPw=
Subject key identifier:   FA:A3:B1:43:D1:5C:B6:4E:ED:D4:2E:F7:5F:DE:48:86:05:BC:CD:C8
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       FE031D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/1-qOxQ9Fctk7t1C73X95IhgW8zcg.roa
Signing time:             Tue 05 Apr 2022 09:29:29 +0000
ROA not before:           Tue 05 Apr 2022 09:29:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        37.9.178.0/24 maxlen: 24
                          37.9.176.0/24 maxlen: 24
                          37.9.179.0/24 maxlen: 24
                          37.9.183.0/24 maxlen: 24
                          37.9.180.0/23 maxlen: 24
                          185.20.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16646941 (0xfe031d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Apr  5 09:29:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=faa3b143d15cb64eedd42ef75fde488605bccdc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b3:83:18:02:39:34:dc:ad:8e:99:61:f5:81:
                    dd:ec:ac:3c:bc:07:5b:bb:d8:30:ce:7f:a6:10:91:
                    d2:17:ed:ae:9c:69:14:ad:27:33:f8:6d:e5:c8:7c:
                    b5:9d:43:f0:2f:a5:ef:ad:41:cd:6c:01:66:ed:ad:
                    f6:70:aa:c4:13:96:cd:11:c7:f3:3e:da:09:56:c9:
                    ea:6c:d3:ae:00:2b:ca:92:5e:1a:42:c5:35:ab:ce:
                    75:c2:11:c3:94:fe:2b:c5:ec:cd:8e:98:1a:f3:19:
                    ac:7e:8c:1e:b2:70:a3:b7:73:86:eb:58:88:11:19:
                    4b:21:8d:c7:d4:9b:c3:ba:9d:eb:4e:28:28:c9:76:
                    22:9d:64:ae:29:d7:13:b9:13:fc:20:59:3b:69:05:
                    f5:b1:33:0e:94:be:ea:54:7d:16:dd:5d:0a:32:c7:
                    5a:30:12:8b:15:da:ef:3a:3a:b5:6e:4b:48:e7:64:
                    f2:5f:41:62:52:e3:54:ea:75:aa:fb:b7:48:82:25:
                    3b:05:a8:a1:1f:f9:9e:75:f0:f1:b6:3b:55:9c:f0:
                    b6:50:da:96:91:1d:49:76:a6:f0:de:f8:7a:8d:f2:
                    a5:cb:30:74:b9:18:38:c1:56:66:ef:31:c1:d0:73:
                    92:2b:91:3a:44:05:59:51:57:44:bd:5c:9d:a3:db:
                    d7:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A3:B1:43:D1:5C:B6:4E:ED:D4:2E:F7:5F:DE:48:86:05:BC:CD:C8
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/1-qOxQ9Fctk7t1C73X95IhgW8zcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/24
                  37.9.178.0-37.9.181.255
                  37.9.183.0/24
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:ce:c9:a4:31:0f:8b:05:43:78:38:d1:b8:0b:78:be:a4:b3:
         48:0b:ee:28:b3:8f:48:4f:4f:29:da:3b:25:bb:a6:75:65:86:
         40:9b:f5:5f:73:96:00:e0:76:ba:19:b3:01:40:dd:7f:8f:c9:
         fd:db:0d:14:02:85:04:29:83:c9:94:50:a6:af:6c:57:95:f1:
         dd:5a:0b:b6:5d:7d:a5:d5:d5:8f:d9:d6:f6:68:20:07:9d:32:
         39:86:de:66:8c:48:30:01:f4:c3:35:ac:c4:cd:97:ac:ef:6f:
         2e:a1:ce:64:19:db:b8:19:10:3d:d8:46:b2:85:62:2d:0d:f5:
         cc:f5:5d:9b:91:6e:33:79:2e:b5:b7:90:62:1b:96:c4:91:ee:
         ba:d0:48:61:27:b9:27:9d:02:19:af:33:d9:a7:4f:a0:a5:a4:
         b4:3e:4f:c4:dc:38:32:02:af:62:bf:b4:0a:7b:c4:f7:33:89:
         58:86:0b:0d:ae:c2:f9:cb:0c:da:ee:a9:66:bc:38:0d:89:8c:
         b6:9c:79:79:b9:16:9d:ed:b9:df:f0:84:43:ec:b2:23:46:45:
         bb:df:f6:d9:3d:a6:10:c8:a2:e8:60:0d:08:a2:fd:c1:4d:a4:
         32:bc:bb:c5:43:05:c5:cf:62:5f:8b:52:61:c0:ad:d5:9c:74:
         79:7c:59:d2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAP4DHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDQw
NTA5MjkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFhM2IxNDNkMTVj
YjY0ZWVkZDQyZWY3NWZkZTQ4ODYwNWJjY2RjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+zgxgCOTTcrY6ZYfWB3eysPLwHW7vYMM5/phCR0hftrpxp
FK0nM/ht5ch8tZ1D8C+l761BzWwBZu2t9nCqxBOWzRHH8z7aCVbJ6mzTrgArypJe
GkLFNavOdcIRw5T+K8XszY6YGvMZrH6MHrJwo7dzhutYiBEZSyGNx9Sbw7qd604o
KMl2Ip1krinXE7kT/CBZO2kF9bEzDpS+6lR9Ft1dCjLHWjASixXa7zo6tW5LSOdk
8l9BYlLjVOp1qvu3SIIlOwWooR/5nnXw8bY7VZzwtlDalpEdSXam8N74eo3ypcsw
dLkYOMFWZu8xwdBzkiuROkQFWVFXRL1cnaPb148CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBT6o7FD0Vy2Tu3ULvdf3kiGBbzNyDAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
LzEtcU94UTlGY3RrN3QxQzczWDk1SWhnVzh6Y2cucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5
LzQ5YmI2OS1kZmY5LTQ0OGUtYThhMi05NzczMDVjNzAwNTEvMS9EMmNmN0Rqd0RF
QXZNR2J4UEhrdUdnN1JiYk0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAAlCbAwDAMEASUJsgMEASUJtAME
ACUJtwMEArkU1DANBgkqhkiG9w0BAQsFAAOCAQEAS87JpDEPiwVDeDjRuAt4vqSz
SAvuKLOPSE9PKdo7JbumdWWGQJv1X3OWAOB2uhmzAUDdf4/J/dsNFAKFBCmDyZRQ
pq9sV5Xx3VoLtl19pdXVj9nW9mggB50yOYbeZoxIMAH0wzWsxM2XrO9vLqHOZBnb
uBkQPdhGsoViLQ31zPVdm5FuM3kutbeQYhuWxJHuutBIYSe5J50CGa8z2adPoKWk
tD5PxNw4MgKvYr+0CnvE9zOJWIYLDa7C+csM2u6pZrw4DYmMtpx5ebkWne253/CE
Q+yyI0ZFu9/22T2mEMii6GANCKL9wU2kMry7xUMFxc9iX4tSYcCt1Zx0eXxZ0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:56 2024 by rpki-client on console-ams.rpki-client.org