Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa
File:                     G9o_y19iJM7_uYgCouWAPpitotA.roa (raw, json)
Hash identifier:          cCYebMl9dmAc0UBLeCDJzCO3XlD7bowVoka1Lpb1wPs=
Subject key identifier:   1B:DA:3F:CB:5F:62:24:CE:FF:B9:88:02:A2:E5:80:3E:98:AD:A2:D0
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       D11C26
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa
Signing time:             Wed 16 Mar 2022 16:06:21 +0000
ROA not before:           Wed 16 Mar 2022 16:06:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        37.9.178.0/24 maxlen: 24
                          37.9.176.0/24 maxlen: 24
                          37.9.179.0/24 maxlen: 24
                          37.9.176.0/21 maxlen: 21
                          37.9.183.0/24 maxlen: 24
                          37.9.180.0/23 maxlen: 24
                          185.20.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13704230 (0xd11c26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Mar 16 16:06:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bda3fcb5f6224ceffb98802a2e5803e98ada2d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:50:47:61:d9:36:99:98:e3:22:87:7c:4d:3b:
                    63:68:3b:53:0b:59:47:4e:48:7a:55:ec:25:5e:38:
                    f3:eb:9b:a7:ee:0e:1b:bd:19:6e:5a:81:2f:34:44:
                    58:29:88:ab:b3:bf:dc:e7:41:87:dd:7d:5e:99:26:
                    56:29:e6:a6:3e:3d:59:b8:05:53:c3:5a:a5:97:51:
                    d5:5f:cf:29:67:d4:81:00:8f:ec:5f:df:58:da:3e:
                    4a:58:70:86:bc:c8:9e:19:11:60:5d:c0:f2:7c:de:
                    5e:c1:ad:91:21:bf:5e:1c:24:aa:cc:a0:29:94:ad:
                    1c:d1:f1:08:d1:1b:3a:c5:a8:7e:27:c4:f6:a4:90:
                    c9:46:e5:ca:9f:9e:ca:45:9a:49:99:92:c2:f4:cf:
                    33:fa:39:77:cc:f1:f6:d2:dc:0d:1c:5d:81:ca:89:
                    14:fd:58:b0:d2:41:24:ea:23:e1:70:79:fd:53:be:
                    8c:2a:87:3e:e2:81:00:45:2c:31:8a:2e:ba:eb:81:
                    23:26:e0:bd:ef:51:bd:28:43:5c:89:cc:ca:1e:8b:
                    87:53:59:07:15:9b:f3:3b:30:76:12:dd:e5:74:08:
                    d9:00:2b:01:f1:d3:cb:96:71:66:e3:42:59:0a:a2:
                    55:f6:b2:8a:c4:3d:07:f9:cf:e4:8d:c5:9d:3a:a1:
                    46:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:DA:3F:CB:5F:62:24:CE:FF:B9:88:02:A2:E5:80:3E:98:AD:A2:D0
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/G9o_y19iJM7_uYgCouWAPpitotA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/21
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:37:33:96:25:6f:08:f7:a6:cb:50:4f:5a:83:ec:51:2c:a3:
         39:05:ce:d4:c5:66:bb:33:86:c9:11:d8:17:1b:61:04:c5:a0:
         49:9b:8b:74:74:ef:bd:63:6e:39:85:e8:5d:f1:a7:7d:b6:3b:
         20:37:5b:04:b7:64:61:58:67:73:d2:a4:d1:67:59:02:cf:c6:
         f7:a2:45:cc:6d:63:ba:19:1f:7f:76:f3:b4:87:f0:0c:d1:9b:
         05:86:27:95:b3:59:27:2f:67:5f:5b:66:f4:47:bb:e2:70:ce:
         81:8d:a0:c8:f7:1d:d6:96:76:19:f3:7f:95:08:22:fd:79:70:
         d4:b5:eb:bf:d7:49:77:90:0e:1a:a9:68:32:b0:da:fa:5f:c6:
         6d:f1:5c:06:23:fa:b4:b4:56:ec:55:69:4f:93:1d:7b:4f:5f:
         34:01:82:8b:94:04:e9:6a:bc:1b:06:ca:d0:03:d7:87:09:92:
         ac:61:d3:68:e9:ac:e0:3f:8f:b1:e3:50:d4:1e:bf:bd:97:a9:
         ce:22:ff:e8:df:c6:3e:c3:05:62:c6:82:5d:fb:97:4c:b3:de:
         a8:54:dd:fc:a0:0d:35:89:1c:ce:aa:e3:e4:49:93:22:b6:28:
         cf:7d:4c:60:92:57:f1:a4:fd:82:e6:25:ce:3c:7d:8b:92:3c:
         9b:3c:a7:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEANEcJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDMx
NjE2MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJkYTNmY2I1ZjYy
MjRjZWZmYjk4ODAyYTJlNTgwM2U5OGFkYTJkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5QR2HZNpmY4yKHfE07Y2g7UwtZR05IelXsJV448+ubp+4O
G70ZblqBLzREWCmIq7O/3OdBh919XpkmVinmpj49WbgFU8NapZdR1V/PKWfUgQCP
7F/fWNo+SlhwhrzInhkRYF3A8nzeXsGtkSG/XhwkqsygKZStHNHxCNEbOsWofifE
9qSQyUblyp+eykWaSZmSwvTPM/o5d8zx9tLcDRxdgcqJFP1YsNJBJOoj4XB5/VO+
jCqHPuKBAEUsMYouuuuBIybgve9RvShDXInMyh6Lh1NZBxWb8zswdhLd5XQI2QAr
AfHTy5ZxZuNCWQqiVfayisQ9B/nP5I3FnTqhRgECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQb2j/LX2Ikzv+5iAKi5YA+mK2i0DAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L0c5b195MTlpSk03X3VZZ0NvdVdBUHBpdG90QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyUJsAMEArkU1DANBgkqhkiG9w0B
AQsFAAOCAQEAnTczliVvCPemy1BPWoPsUSyjOQXO1MVmuzOGyRHYFxthBMWgSZuL
dHTvvWNuOYXoXfGnfbY7IDdbBLdkYVhnc9Kk0WdZAs/G96JFzG1juhkff3bztIfw
DNGbBYYnlbNZJy9nX1tm9Ee74nDOgY2gyPcd1pZ2GfN/lQgi/Xlw1LXrv9dJd5AO
GqloMrDa+l/GbfFcBiP6tLRW7FVpT5Mde09fNAGCi5QE6Wq8GwbK0APXhwmSrGHT
aOms4D+PseNQ1B6/vZepziL/6N/GPsMFYsaCXfuXTLPeqFTd/KANNYkczqrj5EmT
IrYoz31MYJJX8aT9guYlzjx9i5I8mzynmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:45 2024 by rpki-client on console-fra.rpki-client.org