Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa
File:                     X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa (raw, json)
Hash identifier:          WEiBijzunDhgABD5Rx1Feiot1Fe0WVk+nrLa6fQV9PY=
Subject key identifier:   5F:4A:5F:FF:A2:47:F7:29:52:4B:C2:F0:7F:2C:9F:80:F1:C5:06:8F
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       07BB83F2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa
Signing time:             Wed 05 Jan 2022 05:45:56 +0000
ROA not before:           Wed 05 Jan 2022 05:45:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23959
IP address blocks:        193.111.30.0/23 maxlen: 24
                          45.159.48.0/22 maxlen: 24
                          91.200.240.0/24 maxlen: 24
                          185.213.151.0/24 maxlen: 24
                          91.200.242.0/24 maxlen: 24
                          45.149.156.0/22 maxlen: 24
                          2a09:7::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129729522 (0x7bb83f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  5 05:45:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f4a5fffa247f729524bc2f07f2c9f80f1c5068f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:40:a9:aa:f1:68:57:c9:25:ab:f4:aa:be:10:
                    23:d0:82:7e:97:1a:5e:0a:a0:a4:67:63:88:01:36:
                    23:99:9a:52:64:46:07:45:2a:7f:02:36:40:74:46:
                    f0:1f:a5:20:13:98:cd:61:24:9a:61:43:1b:9b:b2:
                    b2:57:1c:ff:2b:d6:32:35:7a:c7:3d:2e:2d:5f:5b:
                    76:d1:3f:07:86:96:c7:59:d2:ff:ce:8a:52:8a:89:
                    49:ed:13:c6:6d:87:89:4d:57:18:d6:2a:5d:20:9d:
                    47:e1:ab:a4:58:63:b7:5b:a4:ac:4f:88:46:25:ad:
                    2b:92:33:22:6b:fd:d2:51:f1:38:e7:47:84:25:d8:
                    76:cb:35:14:0f:45:f5:f0:ba:ff:a0:83:1f:96:26:
                    c5:fe:0c:cd:ec:d6:03:5b:34:fc:40:a2:d5:85:4d:
                    57:f2:5e:3a:e0:bd:fa:73:8f:e3:c9:37:52:e6:0d:
                    ea:66:ab:4f:96:1c:b2:af:32:01:a3:c2:7a:2b:0d:
                    41:21:87:78:13:bc:80:e3:e7:d0:30:69:83:c6:3d:
                    4d:d5:e4:18:8c:28:e3:69:3b:6b:64:77:cb:27:bf:
                    c0:51:02:31:29:a5:8e:51:ce:d6:a9:b7:c8:1d:e1:
                    2b:40:c7:22:fb:a0:76:f9:ba:03:2c:bf:9d:cd:73:
                    f3:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:4A:5F:FF:A2:47:F7:29:52:4B:C2:F0:7F:2C:9F:80:F1:C5:06:8F
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.156.0/22
                  45.159.48.0/22
                  91.200.240.0/24
                  91.200.242.0/24
                  185.213.151.0/24
                  193.111.30.0/23
                IPv6:
                  2a09:7::/36

    Signature Algorithm: sha256WithRSAEncryption
         8b:0f:9b:60:8d:79:d6:81:b6:a5:36:83:0e:08:d1:70:a2:f1:
         33:c0:23:a1:09:06:a4:80:2c:f3:b6:99:89:63:62:fe:94:ac:
         ba:e4:1e:68:eb:7f:0e:25:97:23:21:a8:95:5b:0b:38:fc:26:
         38:f1:a2:a6:64:b8:b8:03:a9:a8:44:f7:1d:e4:2c:40:f9:ac:
         f3:a8:fd:3b:2f:14:f5:fa:c6:0b:6a:1c:e2:16:c2:b9:61:74:
         34:28:48:f7:ab:74:97:05:02:8e:71:79:49:c3:25:61:d2:14:
         21:40:2d:74:0c:78:6b:74:a8:b4:8f:c2:bf:e3:05:6e:c5:a1:
         3e:f4:85:7d:36:4b:a6:c1:6b:97:50:ad:d7:5b:14:ea:09:9b:
         99:0c:8b:d9:78:a4:8f:dc:07:dd:86:35:bc:91:24:37:42:59:
         32:cb:e7:d0:f4:d5:81:57:49:51:a4:17:e8:d8:4b:b3:14:15:
         48:cf:15:4b:6f:62:be:d9:c7:91:78:aa:7b:a7:fe:91:21:35:
         e9:9d:99:7d:d0:e2:b3:0d:03:46:7a:00:8d:69:5f:bc:13:9d:
         11:a0:94:50:4b:56:86:02:00:98:3a:55:99:c2:c1:88:36:b4:
         36:fc:f6:23:56:cb:4d:1c:cc:dc:4b:c0:82:0a:b4:d7:b4:aa:
         e0:19:53:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEB7uD8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
NTA1NDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY0YTVmZmZhMjQ3
ZjcyOTUyNGJjMmYwN2YyYzlmODBmMWM1MDY4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZAqarxaFfJJav0qr4QI9CCfpcaXgqgpGdjiAE2I5maUmRG
B0UqfwI2QHRG8B+lIBOYzWEkmmFDG5uyslcc/yvWMjV6xz0uLV9bdtE/B4aWx1nS
/86KUoqJSe0Txm2HiU1XGNYqXSCdR+GrpFhjt1ukrE+IRiWtK5IzImv90lHxOOdH
hCXYdss1FA9F9fC6/6CDH5Ymxf4MzezWA1s0/ECi1YVNV/JeOuC9+nOP48k3UuYN
6marT5Ycsq8yAaPCeisNQSGHeBO8gOPn0DBpg8Y9TdXkGIwo42k7a2R3yye/wFEC
MSmljlHO1qm3yB3hK0DHIvugdvm6Ayy/nc1z88sCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRfSl//okf3KVJLwvB/LJ+A8cUGjzAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L1gwcGZfNkpIOXlsU1M4THdmeXlmZ1BIRkJvOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwKgQCAAEwJAMEAi2VnAMEAi2fMAMEAFvI8AMEAFvI
8gMEALnVlwMEAcFvHjAOBAIAAjAIAwYEKgkABwAwDQYJKoZIhvcNAQELBQADggEB
AIsPm2CNedaBtqU2gw4I0XCi8TPAI6EJBqSALPO2mYljYv6UrLrkHmjrfw4llyMh
qJVbCzj8JjjxoqZkuLgDqahE9x3kLED5rPOo/TsvFPX6xgtqHOIWwrlhdDQoSPer
dJcFAo5xeUnDJWHSFCFALXQMeGt0qLSPwr/jBW7FoT70hX02S6bBa5dQrddbFOoJ
m5kMi9l4pI/cB92GNbyRJDdCWTLL59D01YFXSVGkF+jYS7MUFUjPFUtvYr7Zx5F4
qnun/pEhNemdmX3Q4rMNA0Z6AI1pX7wTnRGglFBLVoYCAJg6VZnCwYg2tDb89iNW
y00czNxLwIIKtNe0quAZUxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org