Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/paaYJ65Ih3_M7O74piYCrwGjj1Q.roa
File:                     paaYJ65Ih3_M7O74piYCrwGjj1Q.roa (raw, json)
Hash identifier:          nlEI1kFYvovgHt1Rr5r3vkEXzSRERioeY2L7jJAqXQI=
Subject key identifier:   A5:A6:98:27:AE:48:87:7F:CC:EC:EE:F8:A6:26:02:AF:01:A3:8F:54
Certificate issuer:       /CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
Certificate serial:       018392E18822402EAD886EFDCE4B34A546EA
Authority key identifier: 44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/paaYJ65Ih3_M7O74piYCrwGjj1Q.roa
Signing time:             Sat 01 Oct 2022 09:29:57 +0000
ROA not before:           Sat 01 Oct 2022 09:29:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29238
IP address blocks:        79.98.112.0/24 maxlen: 24
                          79.98.113.0/24 maxlen: 24
                          79.98.112.0/21 maxlen: 21
                          79.98.115.0/24 maxlen: 24
                          79.98.114.0/24 maxlen: 24
                          185.66.128.0/22 maxlen: 22
                          217.21.144.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:92:e1:88:22:40:2e:ad:88:6e:fd:ce:4b:34:a5:46:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447b65f9f87aa8f740d5a17a72e6f8bc1e5d888f
        Validity
            Not Before: Oct  1 09:29:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5a69827ae48877fcceceef8a62602af01a38f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:7a:fd:93:f2:9f:14:d4:26:42:37:5f:d0:14:
                    94:d9:f0:18:97:06:be:b3:89:10:c1:74:51:92:55:
                    15:1a:a0:23:52:95:ae:29:38:e8:99:59:ab:59:22:
                    5c:1b:43:aa:90:26:48:2c:8d:c9:98:15:21:65:07:
                    38:0d:b9:77:f3:cd:a4:3b:8d:7b:e2:f9:31:17:70:
                    d0:83:aa:a9:76:d6:44:11:da:72:46:68:02:34:43:
                    4b:02:35:9f:f5:45:90:6f:21:ba:29:30:93:5c:e1:
                    b0:2f:c7:9f:e6:67:ee:b6:1e:8b:31:46:c4:b0:c3:
                    36:15:19:b1:b9:67:7c:38:9d:4f:0e:99:2b:c9:33:
                    81:e3:d2:f7:cc:57:42:d1:6d:2b:97:fe:50:8e:94:
                    d1:4a:2c:21:7a:c3:73:45:5b:44:c1:42:23:66:1b:
                    7a:91:df:a1:20:37:2c:48:c5:2f:b8:43:cd:ef:98:
                    98:0f:de:87:c8:c8:6e:c9:e7:81:25:ac:99:58:95:
                    fa:8b:eb:0f:f4:90:c2:b5:67:82:fc:b2:c0:a9:53:
                    99:12:8c:01:ff:58:f2:bd:31:d2:cc:f3:82:74:d9:
                    02:cd:fe:81:ed:8d:07:7a:98:1f:5f:2b:e3:6a:14:
                    04:5e:11:08:45:0f:83:c7:23:8b:58:44:e6:23:13:
                    26:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A6:98:27:AE:48:87:7F:CC:EC:EE:F8:A6:26:02:AF:01:A3:8F:54
            X509v3 Authority Key Identifier:
                keyid:44:7B:65:F9:F8:7A:A8:F7:40:D5:A1:7A:72:E6:F8:BC:1E:5D:88:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHtl-fh6qPdA1aF6cub4vB5diI8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/paaYJ65Ih3_M7O74piYCrwGjj1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/772d2f-d1ae-47df-b67e-15ca753fa510/1/RHtl-fh6qPdA1aF6cub4vB5diI8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.98.112.0/21
                  185.66.128.0/22
                  217.21.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         12:a2:c1:aa:9e:cb:6c:b3:7e:4c:4d:10:28:43:d4:c1:eb:56:
         3f:8d:40:5f:2f:f3:b6:6a:1f:1f:d7:d3:04:dd:08:c6:3f:e7:
         b7:61:eb:69:98:f1:fa:d2:79:28:2b:ca:0c:ce:b5:e2:53:8a:
         b9:9a:bb:7e:28:d8:ea:ad:12:a3:28:96:82:a0:eb:a2:b1:33:
         66:83:ac:90:5c:6d:e4:ab:58:47:f6:a0:4c:48:5e:ad:d4:e1:
         dd:4f:e0:3a:2a:0b:3c:e7:e3:c4:3b:11:70:32:7c:78:f8:fd:
         64:e7:6a:9d:47:e4:e1:ee:30:21:a0:15:dc:54:1a:a1:75:71:
         29:4f:57:a6:fb:54:17:e2:a5:4b:dd:fa:90:e2:20:15:f0:09:
         ca:c3:30:f9:90:bd:3a:74:38:d8:0c:48:ee:73:56:62:2e:67:
         c7:b3:ab:f4:1e:83:da:2a:b8:ee:0e:7d:28:9a:f5:3c:9c:ee:
         41:bb:33:b8:5d:96:ec:8d:53:a1:04:66:34:36:9f:54:1a:79:
         66:84:e3:1b:13:99:b9:40:15:d8:d4:55:99:01:1d:eb:81:d1:
         57:b4:1d:4c:10:e5:ed:2c:f6:d4:1d:24:dc:d5:2a:57:5e:76:
         4a:d8:ed:7f:fc:81:e6:42:69:0e:50:aa:e1:ee:67:93:ad:b3:
         75:0b:45:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOS4YgiQC6tiG79zks0pUbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2I2NWY5Zjg3YWE4Zjc0MGQ1YTE3YTcyZTZmOGJjMWU1
ZDg4OGYwHhcNMjIxMDAxMDkyOTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE2OTgyN2FlNDg4NzdmY2NlY2VlZjhhNjI2MDJhZjAxYTM4ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nr9k/KfFNQmQjdf0BSU2fAYlwa+
s4kQwXRRklUVGqAjUpWuKTjomVmrWSJcG0OqkCZILI3JmBUhZQc4Dbl3882kO417
4vkxF3DQg6qpdtZEEdpyRmgCNENLAjWf9UWQbyG6KTCTXOGwL8ef5mfuth6LMUbE
sMM2FRmxuWd8OJ1PDpkryTOB49L3zFdC0W0rl/5QjpTRSiwhesNzRVtEwUIjZht6
kd+hIDcsSMUvuEPN75iYD96HyMhuyeeBJayZWJX6i+sP9JDCtWeC/LLAqVOZEowB
/1jyvTHSzPOCdNkCzf6B7Y0HepgfXyvjahQEXhEIRQ+DxyOLWETmIxMmbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWmmCeuSId/zOzu+KYmAq8Bo49UMB8GA1UdIwQY
MBaAFER7Zfn4eqj3QNWhenLm+LweXYiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2Ut
MTVjYTc1M2ZhNTEwLzEvcGFhWUo2NUloM19NN083NHBpWUNyd0dqajFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzJkMmYtZDFhZS00N2RmLWI2N2UtMTVjYTc1M2ZhNTEw
LzEvUkh0bC1maDZxUGRBMWFGNmN1YjR2QjVkaUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT2JwAwQC
uUKAAwQE2RWQMA0GCSqGSIb3DQEBCwUAA4IBAQASosGqnstss35MTRAoQ9TB61Y/
jUBfL/O2ah8f19ME3QjGP+e3YetpmPH60nkoK8oMzrXiU4q5mrt+KNjqrRKjKJaC
oOuisTNmg6yQXG3kq1hH9qBMSF6t1OHdT+A6Kgs85+PEOxFwMnx4+P1k52qdR+Th
7jAhoBXcVBqhdXEpT1em+1QX4qVL3fqQ4iAV8AnKwzD5kL06dDjYDEjuc1ZiLmfH
s6v0HoPaKrjuDn0omvU8nO5BuzO4XZbsjVOhBGY0Np9UGnlmhOMbE5m5QBXY1FWZ
AR3rgdFXtB1MEOXtLPbUHSTc1SpXXnZK2O1//IHmQmkOUKrh7meTrbN1C0WD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:41 2024 by rpki-client on console-fra.rpki-client.org