Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/RINJT70sSJ3kXirf_qU5nzqP4X4.roa
File:                     RINJT70sSJ3kXirf_qU5nzqP4X4.roa (raw, json)
Hash identifier:          pBODgiHdWQjZ5vEHCUgpZxqIhD6DrkzYFyLb+sUMVbg=
Subject key identifier:   44:83:49:4F:BD:2C:48:9D:E4:5E:2A:DF:FE:A5:39:9F:3A:8F:E1:7E
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       08ADB00D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/RINJT70sSJ3kXirf_qU5nzqP4X4.roa
Signing time:             Sat 16 Apr 2022 15:12:57 +0000
ROA not before:           Sat 16 Apr 2022 15:12:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9312
IP address blocks:        45.90.211.0/24 maxlen: 24
                          45.90.210.0/24 maxlen: 24
                          45.90.209.0/24 maxlen: 24
                          45.90.208.0/24 maxlen: 24
                          194.36.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145600525 (0x8adb00d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Apr 16 15:12:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4483494fbd2c489de45e2adffea5399f3a8fe17e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8f:41:3b:b7:4a:84:7c:5c:07:2e:90:db:d2:
                    0e:57:e9:55:c7:95:57:12:1f:b7:0c:1c:0e:28:c6:
                    6f:56:de:29:55:dd:a2:d6:85:87:4b:81:ec:fb:9b:
                    03:a3:87:9c:bc:a4:82:23:01:9e:92:72:d3:61:d7:
                    ae:41:7a:4e:09:13:77:9e:f3:50:52:ac:91:05:92:
                    6b:d7:0d:4a:8b:bf:50:c1:65:09:88:b6:99:2e:54:
                    ce:2c:dd:d5:e3:d1:fb:5d:dc:b7:b9:a7:cd:54:ce:
                    4b:bf:2b:04:88:e5:d0:91:d0:dc:87:79:62:b2:ab:
                    e6:42:17:c7:93:4f:1d:d9:3a:fc:68:7f:48:c9:a6:
                    4c:5d:3c:45:21:02:e9:53:81:33:ec:54:04:79:27:
                    59:70:42:62:cc:a5:f5:b0:8f:d2:e6:fd:97:e8:e3:
                    ef:ad:d6:1f:0a:c7:71:2d:ee:fb:80:18:39:ff:4f:
                    44:71:95:c8:0a:69:67:8e:65:70:2f:e7:dc:3e:a1:
                    9b:14:a4:af:42:bb:21:e9:db:28:05:c7:78:7a:8c:
                    ac:16:57:17:0b:3d:a3:3d:cc:ea:a8:3f:76:ea:f6:
                    8d:08:b5:3b:00:70:ea:ca:2d:f8:a5:b1:a5:d1:59:
                    92:f7:23:dd:09:8f:a6:7c:a9:d7:67:31:d0:95:92:
                    28:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:83:49:4F:BD:2C:48:9D:E4:5E:2A:DF:FE:A5:39:9F:3A:8F:E1:7E
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/RINJT70sSJ3kXirf_qU5nzqP4X4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.208.0/22
                  194.36.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:08:ae:c8:b2:df:70:da:48:89:ce:14:ca:c4:f3:e1:2e:63:
         4b:a1:92:b6:75:c4:0d:f1:49:6e:c9:db:e9:4e:49:7a:ce:64:
         f4:e1:11:6f:82:09:25:ac:77:7a:7f:dd:b9:92:e1:3f:00:74:
         92:fc:ad:d1:3c:1d:ab:82:2b:12:68:2c:10:c6:14:6a:8c:d0:
         a8:85:4a:84:47:1d:36:de:f0:e1:86:54:ac:b2:3c:e1:78:52:
         1c:fc:2e:8d:5a:39:4b:13:75:78:ac:fb:05:49:76:57:a3:04:
         4f:a9:11:ca:78:9e:da:03:c3:37:26:05:bc:91:86:06:22:21:
         dc:3a:d6:d8:cc:8f:93:18:5e:71:15:1d:36:0a:d1:27:e1:7a:
         2b:e9:14:50:b6:c8:62:80:5d:15:82:19:22:55:54:e2:a6:55:
         90:3b:22:98:88:1a:f7:00:8c:e3:e6:35:ba:12:db:1d:4f:4d:
         8d:0a:8b:7b:42:15:4d:35:30:25:b0:83:30:50:e5:05:ab:29:
         04:37:20:f1:17:41:c3:a1:d3:4e:74:64:64:21:88:c3:63:38:
         f0:97:7f:67:1a:48:67:49:ac:c9:7c:7e:df:1d:b1:ab:12:fa:
         25:92:2d:82:78:8c:6f:56:4b:55:89:41:a5:c5:ca:e0:4a:6e:
         0f:d1:e4:63
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECK2wDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDQx
NjE1MTI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ4MzQ5NGZiZDJj
NDg5ZGU0NWUyYWRmZmVhNTM5OWYzYThmZTE3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6PQTu3SoR8XAcukNvSDlfpVceVVxIftwwcDijGb1beKVXd
otaFh0uB7PubA6OHnLykgiMBnpJy02HXrkF6TgkTd57zUFKskQWSa9cNSou/UMFl
CYi2mS5Uzizd1ePR+13ct7mnzVTOS78rBIjl0JHQ3Id5YrKr5kIXx5NPHdk6/Gh/
SMmmTF08RSEC6VOBM+xUBHknWXBCYsyl9bCP0ub9l+jj763WHwrHcS3u+4AYOf9P
RHGVyAppZ45lcC/n3D6hmxSkr0K7IenbKAXHeHqMrBZXFws9oz3M6qg/dur2jQi1
OwBw6sot+KWxpdFZkvcj3QmPpnyp12cx0JWSKA8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBREg0lPvSxIneReKt/+pTmfOo/hfjAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L1JJTkpUNzBzU0oza1hpcmZfcVU1bnpxUDRYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1a0AMEAMIk8zANBgkqhkiG9w0B
AQsFAAOCAQEALgiuyLLfcNpIic4UysTz4S5jS6GStnXEDfFJbsnb6U5Jes5k9OER
b4IJJax3en/duZLhPwB0kvyt0Twdq4IrEmgsEMYUaozQqIVKhEcdNt7w4YZUrLI8
4XhSHPwujVo5SxN1eKz7BUl2V6MET6kRynie2gPDNyYFvJGGBiIh3DrW2MyPkxhe
cRUdNgrRJ+F6K+kUULbIYoBdFYIZIlVU4qZVkDsimIga9wCM4+Y1uhLbHU9NjQqL
e0IVTTUwJbCDMFDlBaspBDcg8RdBw6HTTnRkZCGIw2M48Jd/ZxpIZ0msyXx+3x2x
qxL6JZItgniMb1ZLVYlBpcXK4EpuD9HkYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org