Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/klECc_4nBS3dN17AYKt4Z5CxFPU.roa
File:                     klECc_4nBS3dN17AYKt4Z5CxFPU.roa (raw, json)
Hash identifier:          oahbygnn+3IOzvvz9/582PWMXawzR/x9z3E+ppLvYsw=
Subject key identifier:   92:51:02:73:FE:27:05:2D:DD:37:5E:C0:60:AB:78:67:90:B1:14:F5
Certificate issuer:       /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial:       018258F8945F529A6D45D50798EA6F091741
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/klECc_4nBS3dN17AYKt4Z5CxFPU.roa
Signing time:             Mon 01 Aug 2022 10:34:21 +0000
ROA not before:           Mon 01 Aug 2022 10:34:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        37.44.228.0/22 maxlen: 24
                          192.145.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:58:f8:94:5f:52:9a:6d:45:d5:07:98:ea:6f:09:17:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
        Validity
            Not Before: Aug  1 10:34:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92510273fe27052ddd375ec060ab786790b114f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:66:4a:b1:1f:28:d8:45:8e:64:4e:c4:e9:6b:
                    a4:39:eb:12:d2:3f:d7:75:40:d3:0c:cf:94:2f:f4:
                    ea:2b:1b:8a:24:22:39:24:80:a8:1b:d7:7f:d5:6c:
                    3e:4f:8d:5e:1f:3c:09:4f:62:0d:68:cf:b8:a1:2e:
                    d1:86:81:11:77:95:d4:ae:9d:c9:70:72:d3:38:35:
                    fc:5b:58:9e:e0:3a:80:6b:97:11:73:1b:f6:3f:fe:
                    15:94:31:ac:76:37:91:1e:5c:67:89:e6:55:f4:b3:
                    6b:d2:a8:b9:98:58:f9:28:c3:01:ef:bf:35:08:e9:
                    6d:7e:3c:22:bd:82:33:90:a6:ee:e1:ac:3e:02:96:
                    d7:d4:39:f1:93:a7:31:80:cd:16:8c:6c:c5:4b:a0:
                    01:b6:58:39:32:59:bd:53:be:e0:87:af:96:77:db:
                    70:cf:21:c1:10:a7:01:42:3a:38:ee:78:4a:98:35:
                    71:c3:b9:b8:3a:ed:9b:1c:d0:9a:ae:70:6f:aa:c4:
                    ad:0a:54:c0:e8:44:70:72:dd:19:65:0a:59:02:ac:
                    e3:9a:a1:be:af:3b:54:78:86:c0:58:ba:13:77:81:
                    58:83:21:7d:fd:3d:8a:96:cf:9d:33:89:22:d3:a7:
                    ef:bf:6b:ed:0b:31:ff:05:f5:84:2c:c8:14:2c:57:
                    0e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:51:02:73:FE:27:05:2D:DD:37:5E:C0:60:AB:78:67:90:B1:14:F5
            X509v3 Authority Key Identifier:
                keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/klECc_4nBS3dN17AYKt4Z5CxFPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.44.228.0/22
                  192.145.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:2d:79:bf:42:2a:99:9d:10:20:a4:49:f8:d9:cb:95:43:32:
         58:7c:8f:17:50:23:be:f3:1e:1a:42:dd:56:00:40:2c:98:d8:
         e6:77:4a:ce:11:de:2e:9e:c3:97:22:54:bd:d5:71:05:91:02:
         31:14:5f:58:45:8a:3a:75:cc:3a:2d:22:2a:2f:20:fb:13:3d:
         21:04:88:5c:90:ca:9c:e1:b8:b0:2d:69:11:31:81:a6:e7:e5:
         88:a8:9d:98:9e:76:53:9b:4e:10:e2:2b:f1:01:f5:9d:72:4a:
         03:60:ac:f0:a2:2b:9d:18:56:e0:1c:57:1c:f6:54:be:39:66:
         e1:7c:9f:59:02:9f:98:fc:3f:af:79:1b:52:4a:c5:48:48:3c:
         0b:ba:e7:28:fe:ab:02:70:f7:20:cd:e1:e4:45:c2:aa:5a:57:
         13:75:62:64:7d:2b:08:3a:3d:81:e0:50:5f:15:1a:05:c3:27:
         d3:30:54:a5:a5:84:56:ef:d1:d8:02:e2:35:c5:ab:af:f4:36:
         a9:c7:7c:1c:8b:fd:8e:e4:94:9c:8c:a1:d6:22:7e:b4:52:25:
         a7:00:8b:d5:b6:e4:a8:84:3d:7c:0f:a7:4f:9d:d5:56:36:e8:
         ad:47:aa:11:a4:45:da:7d:f5:0f:e4:19:48:a1:e1:3b:59:72:
         f3:0a:51:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJY+JRfUpptRdUHmOpvCRdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjIwODAxMTAzNDIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUxMDI3M2ZlMjcwNTJkZGQzNzVlYzA2MGFiNzg2NzkwYjExNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWZKsR8o2EWOZE7E6WukOesS0j/X
dUDTDM+UL/TqKxuKJCI5JICoG9d/1Ww+T41eHzwJT2INaM+4oS7RhoERd5XUrp3J
cHLTODX8W1ie4DqAa5cRcxv2P/4VlDGsdjeRHlxnieZV9LNr0qi5mFj5KMMB7781
COltfjwivYIzkKbu4aw+ApbX1Dnxk6cxgM0WjGzFS6ABtlg5Mlm9U77gh6+Wd9tw
zyHBEKcBQjo47nhKmDVxw7m4Ou2bHNCarnBvqsStClTA6ERwct0ZZQpZAqzjmqG+
rztUeIbAWLoTd4FYgyF9/T2Kls+dM4ki06fvv2vtCzH/BfWELMgULFcOcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJRAnP+JwUt3TdewGCreGeQsRT1MB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEva2xFQ2NfNG5CUzNkTjE3QVlLdDRaNUN4RlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJSzkAwQC
wJE0MA0GCSqGSIb3DQEBCwUAA4IBAQBfLXm/QiqZnRAgpEn42cuVQzJYfI8XUCO+
8x4aQt1WAEAsmNjmd0rOEd4unsOXIlS91XEFkQIxFF9YRYo6dcw6LSIqLyD7Ez0h
BIhckMqc4biwLWkRMYGm5+WIqJ2YnnZTm04Q4ivxAfWdckoDYKzwoiudGFbgHFcc
9lS+OWbhfJ9ZAp+Y/D+veRtSSsVISDwLuuco/qsCcPcgzeHkRcKqWlcTdWJkfSsI
Oj2B4FBfFRoFwyfTMFSlpYRW79HYAuI1xauv9Dapx3wci/2O5JScjKHWIn60UiWn
AIvVtuSohD18D6dPndVWNuitR6oRpEXaffUP5BlIoeE7WXLzClEB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org