Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/l6Rvk9n3T5AbWFfwx6i1CD7TyR0.roa
File:                     l6Rvk9n3T5AbWFfwx6i1CD7TyR0.roa (raw, json)
Hash identifier:          wTqVsYYkLrKNaoiGAu3IXZvsICmVG/slalm1wIbPBEY=
Subject key identifier:   97:A4:6F:93:D9:F7:4F:90:1B:58:57:F0:C7:A8:B5:08:3E:D3:C9:1D
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       0183132AEC35F370E18D980B8DA98C623EE7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/l6Rvk9n3T5AbWFfwx6i1CD7TyR0.roa
Signing time:             Tue 06 Sep 2022 14:18:43 +0000
ROA not before:           Tue 06 Sep 2022 14:18:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209854
IP address blocks:        91.206.168.0/24 maxlen: 24
                          45.149.3.0/24 maxlen: 24
                          45.95.242.0/24 maxlen: 24
                          45.130.139.0/24 maxlen: 24
                          45.130.137.0/24 maxlen: 24
                          45.139.253.0/24 maxlen: 24
                          45.139.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:13:2a:ec:35:f3:70:e1:8d:98:0b:8d:a9:8c:62:3e:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Sep  6 14:18:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97a46f93d9f74f901b5857f0c7a8b5083ed3c91d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:52:e9:54:30:cf:2e:9a:e8:c3:86:39:7d:6b:
                    aa:d7:bd:72:34:21:fa:6a:52:90:8c:2b:51:a0:32:
                    60:40:a7:e7:4b:d8:56:7c:90:38:07:02:cc:1c:3d:
                    55:e6:da:77:5e:e3:22:5e:3a:af:4a:b0:2a:1b:37:
                    58:86:06:a1:d9:3b:f8:33:60:69:b5:88:b3:61:5d:
                    23:f4:8a:82:42:04:c8:2a:8c:ca:99:d3:f1:68:6f:
                    63:47:b8:4e:d9:0f:62:5c:3c:be:ba:b6:db:15:e1:
                    6e:71:c4:8a:dc:c6:c5:b3:e4:99:93:31:3b:b9:d6:
                    ef:70:2c:f0:c1:37:e6:2e:2d:db:37:c9:19:af:f7:
                    89:d8:42:79:dd:04:ae:b5:ad:d6:f5:e1:5e:09:4d:
                    f2:55:23:c3:f4:4b:74:b6:b2:35:6b:e0:7e:49:5c:
                    26:be:f7:64:5b:38:ad:e2:64:0f:67:b6:36:86:83:
                    46:3a:b2:bc:f9:4b:3e:a4:24:7b:cd:15:56:af:41:
                    a6:35:34:37:69:95:9e:a1:f1:3f:98:92:4a:83:0c:
                    29:53:ec:bc:a7:12:61:08:6c:e6:b2:fd:8d:af:0b:
                    94:ee:5c:a3:01:da:e3:6d:b0:36:b7:14:43:93:03:
                    70:eb:d7:b9:9c:32:0b:82:48:58:5d:db:85:dd:55:
                    63:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:A4:6F:93:D9:F7:4F:90:1B:58:57:F0:C7:A8:B5:08:3E:D3:C9:1D
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/l6Rvk9n3T5AbWFfwx6i1CD7TyR0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.242.0/24
                  45.130.137.0/24
                  45.130.139.0/24
                  45.139.252.0/23
                  45.149.3.0/24
                  91.206.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:60:3f:ac:75:00:97:12:7b:30:d2:02:af:13:6b:90:69:d1:
         fa:ab:c1:b7:60:52:a3:23:bf:ca:c7:08:04:0b:33:fb:00:04:
         ce:9e:32:8a:32:39:32:a3:d7:ba:17:cd:e3:94:1f:d8:8f:9b:
         58:c4:15:13:ac:18:69:33:9c:87:3a:1a:07:f2:9d:d4:f2:e0:
         7c:e4:bc:97:d8:9a:0e:8b:ec:e9:5d:16:db:55:48:0d:98:9e:
         33:3b:02:ba:30:df:36:a6:8a:da:bc:8f:53:9c:f6:ab:82:ca:
         9f:54:41:32:0f:c3:9a:04:ca:2f:98:d6:a8:54:5e:5e:88:ae:
         de:2a:6f:a8:a7:1d:1f:ef:e4:94:b6:88:e4:dd:83:dc:28:bc:
         a7:e1:72:ae:70:89:9e:ff:ea:c0:70:b2:c7:ab:f0:a2:c5:5a:
         64:01:98:5a:20:a9:19:6b:c3:c7:86:46:9e:fe:9a:de:89:d5:
         72:54:a6:9a:b0:e7:fc:0f:a2:bb:5e:21:b2:b4:2d:3f:1f:3c:
         da:f8:0d:c4:3c:ca:c7:2c:9f:b6:60:22:25:19:ce:53:21:8b:
         91:15:51:f9:c2:10:1b:7f:06:c8:cd:e2:ee:91:19:16:bc:87:
         a1:02:47:1e:ab:8f:6f:a1:0e:ab:f0:4d:b3:ee:0a:33:a8:ee:
         e9:dd:70:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYMTKuw183DhjZgLjamMYj7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwOTA2MTQxODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E0NmY5M2Q5Zjc0ZjkwMWI1ODU3ZjBjN2E4YjUwODNlZDNjOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlLpVDDPLprow4Y5fWuq171yNCH6
alKQjCtRoDJgQKfnS9hWfJA4BwLMHD1V5tp3XuMiXjqvSrAqGzdYhgah2Tv4M2Bp
tYizYV0j9IqCQgTIKozKmdPxaG9jR7hO2Q9iXDy+urbbFeFuccSK3MbFs+SZkzE7
udbvcCzwwTfmLi3bN8kZr/eJ2EJ53QSuta3W9eFeCU3yVSPD9Et0trI1a+B+SVwm
vvdkWzit4mQPZ7Y2hoNGOrK8+Us+pCR7zRVWr0GmNTQ3aZWeofE/mJJKgwwpU+y8
pxJhCGzmsv2NrwuU7lyjAdrjbbA2txRDkwNw69e5nDILgkhYXduF3VVjkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJekb5PZ90+QG1hX8MeotQg+08kdMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbDZSdms5bjNUNUFiV0Zmd3g2aTFDRDdUeVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oMA0GCSqGSIb3DQEBCwUAA4IBAQCH
YD+sdQCXEnsw0gKvE2uQadH6q8G3YFKjI7/KxwgECzP7AATOnjKKMjkyo9e6F83j
lB/Yj5tYxBUTrBhpM5yHOhoH8p3U8uB85LyX2JoOi+zpXRbbVUgNmJ4zOwK6MN82
poravI9TnPargsqfVEEyD8OaBMovmNaoVF5eiK7eKm+opx0f7+SUtojk3YPcKLyn
4XKucIme/+rAcLLHq/CixVpkAZhaIKkZa8PHhkae/preidVyVKaasOf8D6K7XiGy
tC0/Hzza+A3EPMrHLJ+2YCIlGc5TIYuRFVH5whAbfwbIzeLukRkWvIehAkceq49v
oQ6r8E2z7gozqO7p3XDl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org