Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/uYOnj6eecGL4Ohg2Ki_D14CKb5E.roa
File:                     uYOnj6eecGL4Ohg2Ki_D14CKb5E.roa (raw, json)
Hash identifier:          eL2giohBYAgmhZuDbotWorRjhoxs95JH56jLyJOxhLg=
Subject key identifier:   B9:83:A7:8F:A7:9E:70:62:F8:3A:18:36:2A:2F:C3:D7:80:8A:6F:91
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0184EB93C51235F8E49D99A062B7A19730DF
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/uYOnj6eecGL4Ohg2Ki_D14CKb5E.roa
Signing time:             Wed 07 Dec 2022 07:54:00 +0000
ROA not before:           Wed 07 Dec 2022 07:54:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35277
IP address blocks:        5.181.202.0/23 maxlen: 24
                          185.36.142.0/23 maxlen: 24
                          185.36.141.0/24 maxlen: 24
                          45.85.117.0/24 maxlen: 24
                          45.155.122.0/24 maxlen: 24
                          45.155.120.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:eb:93:c5:12:35:f8:e4:9d:99:a0:62:b7:a1:97:30:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Dec  7 07:54:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b983a78fa79e7062f83a18362a2fc3d7808a6f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:c3:26:20:ea:7c:34:1b:13:64:8b:24:1e:
                    ce:d3:f6:b1:2a:15:23:3b:4f:90:54:d4:e2:cd:b6:
                    e3:74:f8:0c:8b:bb:ba:52:f7:d5:23:47:cb:1d:e8:
                    ac:a9:d9:0e:96:92:d4:65:00:39:9d:b6:0d:be:5f:
                    68:4c:c9:a1:23:f4:3e:84:fe:cc:c5:96:f7:13:57:
                    83:6e:7b:f4:2e:7c:da:80:13:28:ae:b9:e2:39:3e:
                    8e:fa:d7:c4:8c:4c:bd:b7:f4:70:1f:2e:ff:a2:b4:
                    4b:f4:b8:7e:de:23:b3:fa:56:fc:1d:e4:06:b6:ed:
                    85:9e:07:ed:db:ce:2b:3c:ee:5d:3d:3e:e3:71:c7:
                    d0:35:26:f7:3e:34:20:e6:c7:14:37:c0:b5:ce:1d:
                    e4:2a:80:be:f3:71:a9:d2:a5:92:46:f5:9b:a7:5c:
                    61:d1:6a:44:d4:d3:05:af:30:de:ad:21:0a:d0:04:
                    25:38:06:b1:50:e2:d8:22:cd:0d:c9:6b:a6:64:17:
                    26:f6:2b:dc:4f:19:95:d8:bc:a8:8e:d5:5a:1b:cc:
                    ac:df:b4:c3:50:c0:98:04:30:7a:d7:43:f2:4c:78:
                    32:cf:de:49:8f:43:40:63:c8:a4:c2:cc:09:91:0f:
                    19:36:29:e5:8f:08:dd:79:55:ad:cf:09:d7:be:d1:
                    42:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:83:A7:8F:A7:9E:70:62:F8:3A:18:36:2A:2F:C3:D7:80:8A:6F:91
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/uYOnj6eecGL4Ohg2Ki_D14CKb5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.202.0/23
                  45.85.117.0/24
                  45.155.120.0-45.155.122.255
                  185.36.141.0-185.36.143.255

    Signature Algorithm: sha256WithRSAEncryption
         9a:55:41:c9:a4:3e:e7:99:c2:07:be:eb:2b:01:ed:42:f1:cf:
         e9:d9:16:7b:17:e8:12:15:dd:bf:e0:ca:4a:79:66:6b:34:58:
         bd:83:61:20:36:00:87:9c:6d:cd:0e:d6:40:25:bd:ec:5e:c0:
         cb:cc:4e:74:0f:82:18:ab:fb:ca:dd:62:9d:28:9b:3b:f8:6c:
         ba:44:f6:4d:13:71:32:26:d2:7c:46:61:2f:cb:34:e5:40:b0:
         2b:5a:06:4d:b2:3b:51:98:94:8c:a8:b5:0d:ec:4b:aa:a0:82:
         27:86:55:a8:36:0a:65:57:fe:2b:fe:29:7d:df:2a:1d:0c:33:
         cf:95:53:43:11:fe:57:3c:fc:fb:1d:e4:f8:49:91:79:f2:cc:
         b9:15:5c:c3:5d:01:7a:70:8f:06:22:a9:4d:b9:92:ae:60:9a:
         7b:d3:ac:b6:17:d0:73:34:60:53:f6:77:7c:c2:54:df:74:3c:
         82:ca:5a:e5:66:3b:b0:12:1d:43:1d:3b:3e:fa:64:b0:60:d4:
         e6:a1:ec:31:aa:ba:42:7d:1e:db:eb:56:09:11:ec:50:e2:23:
         4f:4b:3f:da:1c:e7:2e:2b:ac:ce:bd:bd:d6:eb:53:be:8d:36:
         0c:3a:73:01:89:bc:49:27:bb:ec:20:6d:1b:59:01:bd:96:80:
         d3:70:c5:20
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYTrk8USNfjknZmgYrehlzDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjIxMjA3MDc1NDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTgzYTc4ZmE3OWU3MDYyZjgzYTE4MzYyYTJmYzNkNzgwOGE2ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxzDJiDqfDQbE2SLJB7O0/axKhUj
O0+QVNTizbbjdPgMi7u6UvfVI0fLHeisqdkOlpLUZQA5nbYNvl9oTMmhI/Q+hP7M
xZb3E1eDbnv0LnzagBMorrniOT6O+tfEjEy9t/RwHy7/orRL9Lh+3iOz+lb8HeQG
tu2Fngft284rPO5dPT7jccfQNSb3PjQg5scUN8C1zh3kKoC+83Gp0qWSRvWbp1xh
0WpE1NMFrzDerSEK0AQlOAaxUOLYIs0NyWumZBcm9ivcTxmV2LyojtVaG8ys37TD
UMCYBDB610PyTHgyz95Jj0NAY8ikwswJkQ8ZNinljwjdeVWtzwnXvtFCqwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLmDp4+nnnBi+DoYNiovw9eAim+RMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvdVlPbmo2ZWVjR0w0T2hnMktpX0QxNENLYjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBBbXKAwQA
LVV1MAwDBAMtm3gDBAAtm3owDAMEALkkjQMEBLkkgDANBgkqhkiG9w0BAQsFAAOC
AQEAmlVByaQ+55nCB77rKwHtQvHP6dkWexfoEhXdv+DKSnlmazRYvYNhIDYAh5xt
zQ7WQCW97F7Ay8xOdA+CGKv7yt1inSibO/hsukT2TRNxMibSfEZhL8s05UCwK1oG
TbI7UZiUjKi1DexLqqCCJ4ZVqDYKZVf+K/4pfd8qHQwzz5VTQxH+Vzz8+x3k+EmR
efLMuRVcw10BenCPBiKpTbmSrmCae9OsthfQczRgU/Z3fMJU33Q8gspa5WY7sBId
Qx07PvpksGDU5qHsMaq6Qn0e2+tWCRHsUOIjT0s/2hznLiuszr291utTvo02DDpz
AYm8SSe77CBtG1kBvZaA03DFIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org