Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/36QAod1ya1Nj1En7ru5bsgqqH58.roa
File:                     36QAod1ya1Nj1En7ru5bsgqqH58.roa (raw, json)
Hash identifier:          d7aH4Nv0EeiWposetquZAmUPXbncLyhqzl4tPgcoVcU=
Subject key identifier:   DF:A4:00:A1:DD:72:6B:53:63:D4:49:FB:AE:EE:5B:B2:0A:AA:1F:9F
Certificate issuer:       /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial:       024CDB6E
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/36QAod1ya1Nj1En7ru5bsgqqH58.roa
Signing time:             Sat 01 Jan 2022 15:58:08 +0000
ROA not before:           Sat 01 Jan 2022 15:58:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49121
IP address blocks:        37.221.71.0/24 maxlen: 24
                          37.221.68.0/24 maxlen: 24
                          37.221.69.0/24 maxlen: 24
                          37.221.70.0/24 maxlen: 24
                          45.87.118.0/24 maxlen: 24
                          45.87.117.0/24 maxlen: 24
                          45.87.119.0/24 maxlen: 24
                          2a09:e200::/48 maxlen: 48
                          2a09:e200:e200::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38591342 (0x24cdb6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
        Validity
            Not Before: Jan  1 15:58:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfa400a1dd726b5363d449fbaeee5bb20aaa1f9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d8:fb:10:70:c4:04:95:d5:84:ab:96:f6:33:
                    d7:b6:d8:ce:cc:e3:5b:75:bd:04:f2:26:07:2e:b5:
                    b0:38:c5:55:80:01:a9:61:48:7a:1c:12:46:11:f5:
                    7f:70:da:3f:5b:6b:ff:99:16:cc:3c:9e:ca:f4:46:
                    80:a9:d8:08:50:92:3a:8f:69:e1:d5:32:e0:8b:64:
                    99:ef:00:ff:95:df:8b:a0:f2:b9:74:6f:d9:13:67:
                    4c:37:8a:ad:23:24:dc:a0:9b:96:0b:78:04:95:f2:
                    9c:46:0e:f9:44:7f:69:ce:fb:07:e8:4c:31:85:d6:
                    92:18:f0:2c:17:42:db:93:96:3e:b0:2d:da:be:5a:
                    bb:2f:c4:7c:1f:38:af:75:b3:5e:e4:37:20:a4:d1:
                    14:3d:04:a4:0e:3d:ea:55:e7:1b:a5:8a:7d:0f:7b:
                    59:ab:4b:d2:9d:6c:f1:66:4f:2d:0c:90:68:26:be:
                    fa:21:96:66:0b:61:a3:36:03:6f:1e:a2:84:0e:0f:
                    e7:ab:66:9f:8d:00:ef:61:4a:40:d5:e9:a4:bf:f0:
                    ce:2d:ad:b6:da:e9:78:f6:1e:3d:f7:f0:5b:e0:59:
                    8a:ef:c4:e0:23:e2:33:46:d7:5c:41:39:dd:4e:eb:
                    38:c0:fe:64:01:c1:2c:74:c4:1e:8b:5c:d4:d6:45:
                    0f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A4:00:A1:DD:72:6B:53:63:D4:49:FB:AE:EE:5B:B2:0A:AA:1F:9F
            X509v3 Authority Key Identifier:
                keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/36QAod1ya1Nj1En7ru5bsgqqH58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.68.0/22
                  45.87.117.0-45.87.119.255
                IPv6:
                  2a09:e200::/48
                  2a09:e200:e200::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:21:22:07:c6:39:38:55:37:76:20:43:30:15:84:cd:33:48:
         4f:a3:34:eb:94:77:1e:e9:20:78:d1:4e:b2:91:23:11:dc:34:
         53:25:73:cf:9b:4c:9f:3c:ab:cb:d5:df:23:0b:be:87:18:f2:
         2f:dd:04:99:28:ff:4e:4c:54:4c:4a:4f:f3:de:7b:f5:f9:78:
         25:ec:78:33:54:e0:e9:5e:4b:ae:3b:aa:70:09:00:93:9d:e3:
         c9:37:f8:72:ba:ea:3c:3a:ec:e7:4c:c5:e8:15:9d:fc:4b:06:
         3a:ca:76:51:33:6b:08:5b:9e:c2:c6:a2:20:68:f0:05:1d:2c:
         d1:03:6c:7d:ec:1e:ec:eb:f5:43:3b:8a:6f:55:7d:c6:be:77:
         05:3c:ac:7b:b4:cd:dc:e8:a5:91:07:c6:70:61:56:14:4e:8d:
         41:78:b5:81:5b:2c:1f:01:05:78:97:6f:78:62:ad:00:8c:c2:
         32:de:e5:87:a8:0a:53:75:f5:5d:fb:5b:06:61:cf:a6:ff:3c:
         50:20:94:0f:26:ac:d8:1d:77:23:4e:0f:26:03:ab:b4:20:0a:
         65:54:18:c6:01:ec:d9:99:31:31:49:c3:c8:fd:73:ff:70:0e:
         bb:65:02:d3:53:46:f0:08:a1:3c:b6:ec:62:8a:59:a6:9b:d6:
         61:ea:ca:bc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEAkzbbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzlhZGU5ZmVhZWRjNDA2ZGY1ZTExYmNlZjAzOTNjZDVlOWZkMGRkMB4XDTIyMDEw
MTE1NTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZhNDAwYTFkZDcy
NmI1MzYzZDQ0OWZiYWVlZTViYjIwYWFhMWY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3Y+xBwxASV1YSrlvYz17bYzszjW3W9BPImBy61sDjFVYAB
qWFIehwSRhH1f3DaP1tr/5kWzDyeyvRGgKnYCFCSOo9p4dUy4Itkme8A/5Xfi6Dy
uXRv2RNnTDeKrSMk3KCblgt4BJXynEYO+UR/ac77B+hMMYXWkhjwLBdC25OWPrAt
2r5auy/EfB84r3WzXuQ3IKTRFD0EpA496lXnG6WKfQ97WatL0p1s8WZPLQyQaCa+
+iGWZgthozYDbx6ihA4P56tmn40A72FKQNXppL/wzi2tttrpePYePffwW+BZiu/E
4CPiM0bXXEE53U7rOMD+ZAHBLHTEHotc1NZFDyECAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTfpACh3XJrU2PUSfuu7luyCqofnzAfBgNVHSMEGDAWgBRXmt6f6u3EBt9e
EbzvA5PNXp/Q3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y1cmVuLXJ0eEFiZlhoRzg3d09UelY2ZjBOMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMjIwZWQ3LThkYzItNGMwMS05MmJiLTIwOGVmMzJjMDIwMi8x
LzM2UUFvZDF5YTFOajFFbjdydTVic2dxcUg1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MjIwZWQ3LThkYzItNGMwMS05MmJiLTIwOGVmMzJjMDIwMi8xL1Y1cmVuLXJ0eEFi
ZlhoRzg3d09UelY2ZjBOMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwGgQCAAEwFAMEAiXdRDAMAwQALVd1AwQDLVdwMBgE
AgACMBIDBwAqCeIAAAADBwAqCeIA4gAwDQYJKoZIhvcNAQELBQADggEBAFYhIgfG
OThVN3YgQzAVhM0zSE+jNOuUdx7pIHjRTrKRIxHcNFMlc8+bTJ88q8vV3yMLvocY
8i/dBJko/05MVExKT/Pee/X5eCXseDNU4OleS647qnAJAJOd48k3+HK66jw67OdM
xegVnfxLBjrKdlEzawhbnsLGoiBo8AUdLNEDbH3sHuzr9UM7im9Vfca+dwU8rHu0
zdzopZEHxnBhVhROjUF4tYFbLB8BBXiXb3hirQCMwjLe5YeoClN19V37WwZhz6b/
PFAglA8mrNgddyNODyYDq7QgCmVUGMYB7NmZMTFJw8j9c/9wDrtlAtNTRvAIoTy2
7GKKWaab1mHqyrw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org