Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/eaxzPSsUPWtTJg-RXVTc56X5fIs.roa
File:                     eaxzPSsUPWtTJg-RXVTc56X5fIs.roa (raw, json)
Hash identifier:          heMn7ZOmDDIDG9iJRYR7XMVij1nBuSIbMj/QI12vKjk=
Subject key identifier:   79:AC:73:3D:2B:14:3D:6B:53:26:0F:91:5D:54:DC:E7:A5:F9:7C:8B
Certificate issuer:       /CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Certificate serial:       0818657A
Authority key identifier: 6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/eaxzPSsUPWtTJg-RXVTc56X5fIs.roa
Signing time:             Sat 01 Jan 2022 14:58:00 +0000
ROA not before:           Sat 01 Jan 2022 14:58:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210247
IP address blocks:        192.166.38.0/24 maxlen: 24
                          192.166.37.0/24 maxlen: 24
                          192.166.36.0/22 maxlen: 22
                          192.166.36.0/24 maxlen: 24
                          192.166.39.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135816570 (0x818657a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
        Validity
            Not Before: Jan  1 14:58:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79ac733d2b143d6b53260f915d54dce7a5f97c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d2:9a:01:82:cb:63:28:cc:57:28:19:80:c5:
                    28:5c:1d:b3:cb:51:34:0a:40:44:13:ea:be:27:b0:
                    89:9b:31:a2:4b:a0:03:f7:c3:39:5a:c9:d3:2f:87:
                    f6:9b:1b:c7:fd:13:b9:15:fd:a9:a2:92:05:9e:db:
                    fe:4e:81:0e:f7:cc:ec:a3:7b:e9:b3:cd:23:65:f8:
                    58:37:44:cc:51:db:3b:83:84:50:b3:7b:78:35:a3:
                    78:0f:3f:6e:3c:6b:7f:2f:22:6a:5a:91:7a:0a:5f:
                    4e:67:97:3a:69:16:e4:cd:37:e4:ba:d0:ed:b5:61:
                    26:0b:d8:25:96:4d:6f:a0:92:91:e3:04:94:c0:19:
                    97:86:2f:b4:43:f9:56:3a:3a:f8:04:05:4a:0b:fa:
                    c2:60:37:fc:5c:c9:92:c8:2e:86:d2:e5:11:cc:79:
                    d3:83:aa:fa:8b:73:6d:59:86:7d:f0:9e:bf:1a:c5:
                    32:01:39:15:b7:4d:d7:7f:f9:6b:51:63:2f:20:ff:
                    4a:2c:f0:ab:92:08:e1:f0:5a:0c:6f:a0:f0:01:92:
                    0f:ff:d8:16:f7:c0:df:3e:83:e5:62:d1:a6:3b:fc:
                    87:83:30:12:0b:5b:90:95:74:40:bb:41:73:16:d6:
                    dc:aa:53:5c:3d:08:27:a4:e5:05:bd:0c:57:cf:cb:
                    a5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:AC:73:3D:2B:14:3D:6B:53:26:0F:91:5D:54:DC:E7:A5:F9:7C:8B
            X509v3 Authority Key Identifier:
                keyid:6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/eaxzPSsUPWtTJg-RXVTc56X5fIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/bkCd70qKicqI9XGCxS7W1w-5GXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.166.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:ad:4f:a5:2f:96:60:8d:04:f3:09:d2:c7:15:c9:7a:a4:4c:
         16:e9:ad:70:ee:55:07:fc:89:d9:a6:90:7d:12:33:1a:68:81:
         a3:48:88:eb:98:5c:7a:55:c0:d8:ec:2a:a1:a6:96:95:b8:87:
         9f:b2:44:84:63:8b:8e:5e:a1:ff:d5:b1:a2:a9:4e:1f:dd:1c:
         23:b8:8e:8f:b7:14:77:c6:5c:a1:f0:39:cb:d6:e6:23:47:52:
         a9:4d:fd:dd:74:cb:32:5c:cc:c1:2f:72:47:f4:2e:65:8f:c8:
         f7:79:1f:0c:99:0f:6f:2c:1d:72:03:24:f5:02:ac:e8:74:e8:
         ba:15:59:4d:a0:1f:cf:05:62:97:09:a7:cf:bf:95:c6:77:36:
         f9:eb:7c:5c:ec:20:81:45:84:6d:c4:d1:23:b3:47:0d:a4:d6:
         36:50:60:68:fb:ee:79:38:2e:97:37:34:e3:6e:e4:79:3d:09:
         6b:36:7e:e8:82:23:58:d9:89:2f:9e:2c:3b:52:49:31:46:04:
         48:f0:c6:10:8b:61:b3:44:40:2b:01:b4:fc:ea:33:13:18:94:
         f1:c2:dc:2a:99:36:9c:3d:d1:40:ce:c1:91:bd:8c:c0:46:a8:
         d0:95:45:f6:69:79:ef:7f:54:a4:96:21:fb:80:49:b7:78:d4:
         6b:23:20:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBhlejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTQwOWRlZjRhOGE4OWNhODhmNTcxODJjNTJlZDZkNzBmYjkxOTc2MB4XDTIyMDEw
MTE0NTgwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzlhYzczM2QyYjE0
M2Q2YjUzMjYwZjkxNWQ1NGRjZTdhNWY5N2M4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTSmgGCy2MozFcoGYDFKFwds8tRNApARBPqviewiZsxokug
A/fDOVrJ0y+H9psbx/0TuRX9qaKSBZ7b/k6BDvfM7KN76bPNI2X4WDdEzFHbO4OE
ULN7eDWjeA8/bjxrfy8ialqRegpfTmeXOmkW5M035LrQ7bVhJgvYJZZNb6CSkeME
lMAZl4YvtEP5Vjo6+AQFSgv6wmA3/FzJksguhtLlEcx504Oq+otzbVmGffCevxrF
MgE5FbdN13/5a1FjLyD/Sizwq5II4fBaDG+g8AGSD//YFvfA3z6D5WLRpjv8h4Mw
EgtbkJV0QLtBcxbW3KpTXD0IJ6TlBb0MV8/LpQUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5rHM9KxQ9a1MmD5FdVNznpfl8izAfBgNVHSMEGDAWgBRuQJ3vSoqJyoj1
cYLFLtbXD7kZdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JrQ2Q3MHFLaWNxSTlYR0N4UzdXMXctNUdYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvMDU4ODFjLTJhYTUtNDJlNC04NGI4LTdhYzNjYTFmMzU3ZC8x
L2VheHpQU3NVUFd0VEpnLVJYVlRjNTZYNWZJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
MDU4ODFjLTJhYTUtNDJlNC04NGI4LTdhYzNjYTFmMzU3ZC8xL2JrQ2Q3MHFLaWNx
STlYR0N4UzdXMXctNUdYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsCmJDANBgkqhkiG9w0BAQsFAAOC
AQEAJa1PpS+WYI0E8wnSxxXJeqRMFumtcO5VB/yJ2aaQfRIzGmiBo0iI65hcelXA
2OwqoaaWlbiHn7JEhGOLjl6h/9WxoqlOH90cI7iOj7cUd8ZcofA5y9bmI0dSqU39
3XTLMlzMwS9yR/QuZY/I93kfDJkPbywdcgMk9QKs6HTouhVZTaAfzwVilwmnz7+V
xnc2+et8XOwggUWEbcTRI7NHDaTWNlBgaPvueTgulzc0427keT0JazZ+6IIjWNmJ
L54sO1JJMUYESPDGEIths0RAKwG0/OozExiU8cLcKpk2nD3RQM7Bkb2MwEao0JVF
9ml5739UpJYh+4BJt3jUayMg5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:04 2024 by rpki-client on console-fra.rpki-client.org