Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa
File:                     OJQa11UVh3rO-HtZLmVikmqZr6Q.roa (raw, json)
Hash identifier:          9OwNeWZvp9rocGZvCrGAthYmd6MvKCqllHw3HuDOKeI=
Subject key identifier:   38:94:1A:D7:55:15:87:7A:CE:F8:7B:59:2E:65:62:92:6A:99:AF:A4
Certificate issuer:       /CN=6b378df27bd9260c7eb15273e993e36b0985da10
Certificate serial:       0184ECBF248D88430157A2DA0306B465A5E9
Authority key identifier: 6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa
Signing time:             Wed 07 Dec 2022 13:21:00 +0000
ROA not before:           Wed 07 Dec 2022 13:21:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56786
IP address blocks:        84.21.178.0/24 maxlen: 24
                          84.21.179.0/24 maxlen: 24
                          84.21.176.0/22 maxlen: 24
                          84.21.176.0/24 maxlen: 24
                          84.21.177.0/24 maxlen: 24
                          2a0d:f540::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ec:bf:24:8d:88:43:01:57:a2:da:03:06:b4:65:a5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b378df27bd9260c7eb15273e993e36b0985da10
        Validity
            Not Before: Dec  7 13:21:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=38941ad75515877acef87b592e6562926a99afa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:74:2c:e6:9e:74:85:ad:ac:8a:01:4d:0b:ec:
                    69:4b:de:cd:c9:e1:be:8c:cc:82:3e:ab:d0:e5:14:
                    b6:aa:8d:fb:cd:78:e9:32:51:e9:30:da:69:2a:e2:
                    47:09:87:dd:c1:f9:c5:d3:59:c8:f5:8d:fd:31:f8:
                    c8:5b:e0:c8:3e:af:e9:d1:72:69:81:7f:06:60:46:
                    3f:d9:56:56:de:f9:32:5e:c7:cc:81:c4:09:56:f8:
                    cf:53:e5:1e:58:fe:ad:54:14:10:b9:09:b3:fa:31:
                    d3:c3:f2:ba:3f:ac:68:0e:7a:5c:0a:a4:5f:a7:5b:
                    5f:e0:ab:22:4c:f1:60:3a:d3:11:5e:d2:3e:08:aa:
                    8f:2b:ce:bd:65:f7:7e:e9:7a:f2:db:52:b7:1d:43:
                    ec:f8:4d:fd:d5:29:65:a6:7b:8e:d3:96:dc:2c:98:
                    4c:f1:17:9e:73:09:ab:a6:e7:1a:f8:49:20:92:87:
                    7d:d3:bd:93:1e:93:fa:02:35:a6:f4:5d:49:4f:84:
                    45:74:1a:8e:c0:49:c5:71:18:fc:2a:0e:75:10:f0:
                    e5:65:39:99:eb:47:cd:69:c1:5a:8c:44:49:53:5a:
                    32:11:61:62:0c:1d:29:ea:1d:19:d6:09:9f:8c:eb:
                    b6:16:9a:fe:14:97:e2:f6:62:db:84:38:de:b5:de:
                    1f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:94:1A:D7:55:15:87:7A:CE:F8:7B:59:2E:65:62:92:6A:99:AF:A4
            X509v3 Authority Key Identifier:
                keyid:6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/OJQa11UVh3rO-HtZLmVikmqZr6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/azeN8nvZJgx-sVJz6ZPjawmF2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.21.176.0/22
                IPv6:
                  2a0d:f540::/29

    Signature Algorithm: sha256WithRSAEncryption
         af:fa:a7:fa:99:86:b0:49:78:ea:1e:45:cf:bf:f3:7e:7c:09:
         30:f8:4a:7b:a2:08:a5:9c:53:26:73:42:50:c4:dc:63:04:f1:
         98:cc:14:13:0c:89:e2:cb:0f:e9:9c:43:ba:6f:45:23:1d:32:
         41:17:93:5e:5f:7c:c6:39:03:f5:14:55:21:21:c0:cd:ba:c4:
         0c:ec:84:a3:52:ef:bd:94:ca:2b:88:0f:ca:80:06:b8:c9:e5:
         83:e5:97:2d:80:f2:f3:3a:8a:78:f0:cb:75:ef:b0:3e:76:c3:
         96:a9:ef:4a:c5:3c:ac:a6:59:b6:35:e7:b8:e3:64:0b:ec:f0:
         d4:bb:d6:90:84:4c:d7:25:e4:c6:de:ac:df:fc:31:af:a4:ec:
         50:f4:2b:72:77:9e:66:5c:49:31:df:4d:dd:23:94:f5:41:51:
         4a:c0:7c:64:5d:43:9b:bc:9b:c7:f9:89:68:b5:01:72:3f:76:
         e1:ea:42:bd:34:2e:09:f4:7c:de:80:c3:30:3b:79:f0:56:6d:
         b5:87:25:b2:18:8c:7e:07:96:b2:4f:c9:7c:e6:15:a0:9e:c7:
         af:e4:00:3e:58:27:47:3a:13:f6:d6:82:bc:6a:b3:d4:c4:41:
         31:a7:79:01:56:c6:84:04:51:78:30:13:b7:ad:3b:e4:3b:97:
         bd:76:f7:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTsvySNiEMBV6LaAwa0ZaXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMzc4ZGYyN2JkOTI2MGM3ZWIxNTI3M2U5OTNlMzZiMDk4
NWRhMTAwHhcNMjIxMjA3MTMyMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk0MWFkNzU1MTU4NzdhY2VmODdiNTkyZTY1NjI5MjZhOTlhZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXQs5p50ha2sigFNC+xpS97NyeG+
jMyCPqvQ5RS2qo37zXjpMlHpMNppKuJHCYfdwfnF01nI9Y39MfjIW+DIPq/p0XJp
gX8GYEY/2VZW3vkyXsfMgcQJVvjPU+UeWP6tVBQQuQmz+jHTw/K6P6xoDnpcCqRf
p1tf4KsiTPFgOtMRXtI+CKqPK869Zfd+6Xry21K3HUPs+E391SllpnuO05bcLJhM
8Reecwmrpuca+Ekgkod9072THpP6AjWm9F1JT4RFdBqOwEnFcRj8Kg51EPDlZTmZ
60fNacFajERJU1oyEWFiDB0p6h0Z1gmfjOu2Fpr+FJfi9mLbhDjetd4f5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDiUGtdVFYd6zvh7WS5lYpJqma+kMB8GA1UdIwQY
MBaAFGs3jfJ72SYMfrFSc+mT42sJhdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgt
OTdmYTgwYzBkZjQxLzEvT0pRYTExVVZoM3JPLUh0WkxtVmlrbXFacjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgtOTdmYTgwYzBkZjQx
LzEvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVBWwMA0E
AgACMAcDBQMqDfVAMA0GCSqGSIb3DQEBCwUAA4IBAQCv+qf6mYawSXjqHkXPv/N+
fAkw+Ep7ogilnFMmc0JQxNxjBPGYzBQTDIniyw/pnEO6b0UjHTJBF5NeX3zGOQP1
FFUhIcDNusQM7ISjUu+9lMoriA/KgAa4yeWD5ZctgPLzOop48Mt177A+dsOWqe9K
xTysplm2Nee442QL7PDUu9aQhEzXJeTG3qzf/DGvpOxQ9Ctyd55mXEkx303dI5T1
QVFKwHxkXUObvJvH+YlotQFyP3bh6kK9NC4J9HzegMMwO3nwVm21hyWyGIx+B5ay
T8l85hWgnsev5AA+WCdHOhP21oK8arPUxEExp3kBVsaEBFF4MBO3rTvkO5e9dvfn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org