Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DGTRBGNs2_WoogvU9-i3kU5bg-s.roa
File:                     DGTRBGNs2_WoogvU9-i3kU5bg-s.roa (raw, json)
Hash identifier:          nA5cxB4R3nyls+lmjaFnZjFRypwR17C+QdWF/X7BLMU=
Subject key identifier:   0C:64:D1:04:63:6C:DB:F5:A8:A2:0B:D4:F7:E8:B7:91:4E:5B:83:EB
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       03F3282A
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DGTRBGNs2_WoogvU9-i3kU5bg-s.roa
Signing time:             Wed 19 Jan 2022 15:32:53 +0000
ROA not before:           Wed 19 Jan 2022 15:32:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        91.225.15.0/24 maxlen: 24
                          146.66.209.0/24 maxlen: 24
                          146.66.208.0/24 maxlen: 24
                          178.157.124.0/24 maxlen: 24
                          178.157.126.0/24 maxlen: 24
                          188.119.166.0/24 maxlen: 24
                          188.119.165.0/24 maxlen: 24
                          188.74.190.0/24 maxlen: 24
                          37.35.39.0/24 maxlen: 24
                          188.74.209.0/24 maxlen: 24
                          188.74.208.0/24 maxlen: 24
                          188.74.152.0/24 maxlen: 24
                          188.74.181.0/24 maxlen: 24
                          37.35.37.0/24 maxlen: 24
                          37.35.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66267178 (0x3f3282a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Jan 19 15:32:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c64d104636cdbf5a8a20bd4f7e8b7914e5b83eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e3:83:dc:99:d0:bd:81:f1:d2:64:e2:a4:cf:
                    8b:9d:0a:18:75:aa:f3:05:bd:57:3b:c1:6e:ab:17:
                    4a:7c:c4:d9:37:9f:9a:46:47:8d:1b:4f:cc:92:98:
                    42:a9:1f:1d:bf:ff:dc:50:cf:c1:94:f8:44:7d:fc:
                    c9:43:c0:dc:18:ad:61:bb:0e:58:3b:79:de:15:e0:
                    41:36:10:7a:e6:45:8e:a7:8b:6f:bf:2c:75:5a:74:
                    b7:8f:a6:2b:ab:b8:79:ae:82:2f:be:76:82:84:4f:
                    c5:b1:72:a3:2d:fc:8f:c7:dd:5f:79:b8:2a:b7:28:
                    21:39:5c:ea:60:f0:0e:d2:82:0b:31:c8:ce:af:9d:
                    d0:b3:6b:01:fa:99:fc:aa:68:d9:e3:cc:02:dc:98:
                    e4:5e:89:f9:b1:7e:fe:76:50:6f:40:31:e9:8d:b1:
                    db:5e:f9:09:4f:ee:c2:43:f6:bd:30:bd:c5:b6:ca:
                    fb:45:11:87:15:0e:0d:c4:93:78:3b:e2:c9:9a:30:
                    4d:9c:09:26:32:23:84:0d:3b:7b:b0:c2:5c:58:8b:
                    7e:e5:d8:0b:57:79:ab:26:a3:19:83:b7:12:f6:73:
                    1d:13:18:b0:8f:0d:0a:60:b9:08:ca:13:36:0d:c1:
                    d1:e8:2e:e3:42:8c:fe:5e:c8:eb:4a:db:89:dd:b6:
                    3d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:64:D1:04:63:6C:DB:F5:A8:A2:0B:D4:F7:E8:B7:91:4E:5B:83:EB
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/DGTRBGNs2_WoogvU9-i3kU5bg-s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.35.36.0/23
                  37.35.39.0/24
                  91.225.15.0/24
                  146.66.208.0/23
                  178.157.124.0/24
                  178.157.126.0/24
                  188.74.152.0/24
                  188.74.181.0/24
                  188.74.190.0/24
                  188.74.208.0/23
                  188.119.165.0-188.119.166.255

    Signature Algorithm: sha256WithRSAEncryption
         41:1e:8f:f3:76:82:96:36:9d:71:e0:1d:ba:33:4e:f3:5d:f8:
         c3:9f:eb:a0:3e:04:50:11:76:9e:d2:3b:e1:3a:e5:91:6c:f3:
         c2:de:8f:cb:e2:60:11:17:c6:38:6e:49:71:a3:55:32:96:fc:
         f3:c7:91:b1:c3:87:3d:dd:46:f3:ed:71:33:9b:f4:03:97:51:
         d4:cb:3b:ef:b3:e2:19:c2:1b:86:15:7e:42:cc:52:be:cb:33:
         38:98:67:3e:2b:f3:0c:d3:52:36:8f:bf:1f:e0:0f:24:6a:50:
         a9:ac:5f:c3:78:cc:53:4c:9c:29:ac:e9:b2:73:74:2a:22:84:
         d3:ab:cf:b8:72:ca:c6:e8:2a:92:ee:70:d8:0c:44:47:81:42:
         b2:4d:8a:1a:d2:4f:94:ec:6e:6e:5a:6d:2a:69:04:3f:66:5d:
         7c:c7:2c:98:8b:ac:e6:91:b1:ca:ab:e7:c5:ba:02:57:9a:2f:
         97:d3:e4:e1:3c:db:3c:4b:ab:67:83:63:32:b0:65:ac:a2:7b:
         de:27:d7:45:b9:b1:e4:78:61:fb:8e:b7:4e:18:ab:8d:8f:48:
         1b:9f:1a:68:5e:60:45:58:e7:1d:85:5e:5d:b3:d9:2f:d1:ad:
         36:77:d4:a8:29:19:47:62:8f:49:e8:d1:db:cb:f7:9c:1a:c9:
         aa:b4:da:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEA/MoKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjIzM2Q3NTUwOGI0ZTg1Y2NjZjQ0MzQ5YTdjYjcwMzE5OGQxZDI2MB4XDTIyMDEx
OTE1MzI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM2NGQxMDQ2MzZj
ZGJmNWE4YTIwYmQ0ZjdlOGI3OTE0ZTViODNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPjg9yZ0L2B8dJk4qTPi50KGHWq8wW9VzvBbqsXSnzE2Tef
mkZHjRtPzJKYQqkfHb//3FDPwZT4RH38yUPA3BitYbsOWDt53hXgQTYQeuZFjqeL
b78sdVp0t4+mK6u4ea6CL752goRPxbFyoy38j8fdX3m4KrcoITlc6mDwDtKCCzHI
zq+d0LNrAfqZ/Kpo2ePMAtyY5F6J+bF+/nZQb0Ax6Y2x2175CU/uwkP2vTC9xbbK
+0URhxUODcSTeDviyZowTZwJJjIjhA07e7DCXFiLfuXYC1d5qyajGYO3EvZzHRMY
sI8NCmC5CMoTNg3B0egu40KM/l7I60rbid22PSkCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBQMZNEEY2zb9aiiC9T36LeRTluD6zAfBgNVHSMEGDAWgBRrIz11UItOhczP
RDSafLcDGY0dJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2F5TTlkVkNMVG9YTXowUTBtbnkzQXhtTkhTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvOWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8x
L0RHVFJCR05zMl9Xb29ndlU5LWkza1U1Ymctcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
OWQ5MTkyLTI3M2MtNGNhOS1iMmJhLWZhOWNiNTFjZDBmMS8xL2F5TTlkVkNMVG9Y
TXowUTBtbnkzQXhtTkhTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEASUjJAMEACUjJwMEAFvhDwMEAZJC
0AMEALKdfAMEALKdfgMEALxKmAMEALxKtQMEALxKvgMEAbxK0DAMAwQAvHelAwQA
vHemMA0GCSqGSIb3DQEBCwUAA4IBAQBBHo/zdoKWNp1x4B26M07zXfjDn+ugPgRQ
EXae0jvhOuWRbPPC3o/L4mARF8Y4bklxo1Uylvzzx5Gxw4c93Ubz7XEzm/QDl1HU
yzvvs+IZwhuGFX5CzFK+yzM4mGc+K/MM01I2j78f4A8kalCprF/DeMxTTJwprOmy
c3QqIoTTq8+4csrG6CqS7nDYDERHgUKyTYoa0k+U7G5uWm0qaQQ/Zl18xyyYi6zm
kbHKq+fFugJXmi+X0+ThPNs8S6tng2MysGWsonveJ9dFubHkeGH7jrdOGKuNj0gb
nxpoXmBFWOcdhV5ds9kv0a02d9SoKRlHYo9J6NHby/ecGsmqtNqB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org