Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk0Qx9-6IsT-n4tnOJSHVhKPwJE.roa
File:                     rk0Qx9-6IsT-n4tnOJSHVhKPwJE.roa (raw, json)
Hash identifier:          B3aGzBm5PdgBv/JM7V9utu5XP5CM9yfBIYId9dEQTFs=
Subject key identifier:   AE:4D:10:C7:DF:BA:22:C4:FE:9F:8B:67:38:94:87:56:12:8F:C0:91
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       094CA516
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk0Qx9-6IsT-n4tnOJSHVhKPwJE.roa
Signing time:             Tue 10 May 2022 12:10:24 +0000
ROA not before:           Tue 10 May 2022 12:10:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        178.253.32.0/24 maxlen: 24
                          178.253.33.0/24 maxlen: 24
                          83.147.240.0/22 maxlen: 24
                          178.253.55.0/24 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156017942 (0x94ca516)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: May 10 12:10:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae4d10c7dfba22c4fe9f8b6738948756128fc091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:43:74:94:70:a8:80:51:d4:08:0e:9d:d2:81:
                    72:a7:1a:dd:8f:e7:f7:ef:f8:e6:c3:8d:58:6b:5d:
                    73:06:be:3b:5c:49:82:a9:22:09:f6:b6:2d:ae:64:
                    65:bb:68:c4:2c:a5:c3:a5:92:c8:35:b1:fd:a0:e1:
                    68:e5:13:a1:7b:72:be:74:70:27:5a:d2:02:f2:4b:
                    5e:6b:a9:e8:b4:7f:5e:96:d2:c8:fc:f2:91:e9:c0:
                    99:ac:1c:ee:c1:9f:59:93:60:ae:a4:e3:34:a0:fe:
                    8b:ef:3f:a1:8c:d5:62:12:a5:5f:65:58:c8:a4:8b:
                    a0:e4:82:5c:9b:63:a4:8b:ce:77:e1:5d:84:b0:5f:
                    4a:68:5b:53:c7:82:29:f9:eb:f6:71:4c:3a:38:32:
                    cb:01:a0:6b:1b:9e:34:f0:58:e4:d1:08:06:9b:6f:
                    19:0c:85:66:8d:23:87:0b:5e:ec:3f:b7:36:5c:5f:
                    2d:ca:57:64:e6:c8:cb:f9:d3:ff:31:40:ed:3b:98:
                    c5:2a:e7:88:73:4a:00:e4:f3:30:ca:c5:62:d9:75:
                    62:e6:11:27:b6:c1:b1:f8:90:46:31:7e:22:bc:cf:
                    01:e5:0f:fd:ae:c1:fc:ef:6d:3c:3a:45:25:0d:72:
                    f5:9f:b7:01:28:34:45:df:da:33:79:b4:9c:1b:ea:
                    34:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4D:10:C7:DF:BA:22:C4:FE:9F:8B:67:38:94:87:56:12:8F:C0:91
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk0Qx9-6IsT-n4tnOJSHVhKPwJE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.240.0/22
                  83.147.252.0/22
                  178.253.32.0/23
                  178.253.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:24:fd:ee:54:52:f2:c5:80:78:24:21:cb:f2:79:3a:e1:0d:
         df:a0:4b:f7:d8:f5:3a:25:6e:c1:11:65:7a:ed:4a:c9:00:22:
         39:70:9a:f3:62:a4:1a:08:ad:05:da:12:98:7d:b0:60:90:e0:
         c4:5f:f8:2d:cb:bd:17:bc:ab:25:d8:03:12:fb:d0:54:66:1b:
         40:78:33:78:2d:51:a7:43:cb:12:df:59:99:ad:a8:71:25:bd:
         c3:26:f9:41:9f:fc:d0:7b:4a:46:a5:ea:68:42:c7:dc:6a:6d:
         b0:63:3e:c0:5d:8b:2f:e9:2c:3b:99:5d:ec:01:76:e1:21:9d:
         af:ca:b4:44:be:2b:34:3c:f6:c8:f2:8e:1b:d8:3e:43:ff:c0:
         df:c4:37:65:24:9e:24:de:2c:41:a0:42:49:c1:7f:44:59:b2:
         8d:71:35:e8:0f:22:3f:7d:cb:bd:f0:ae:8f:21:80:85:a2:f8:
         01:c9:05:53:93:a0:19:90:c8:00:0a:03:71:b8:d9:2c:10:e1:
         e5:bc:13:78:6b:5d:23:c3:40:b7:58:cc:35:00:ce:28:63:c4:
         f7:31:14:e3:b6:d0:b3:5f:0e:d0:82:0d:17:57:86:1a:89:18:
         44:07:45:9a:4e:d1:3f:5d:cd:7f:b3:f3:5f:78:c5:7c:f0:ae:
         9b:41:ee:5d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECUylFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDUx
MDEyMTAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU0ZDEwYzdkZmJh
MjJjNGZlOWY4YjY3Mzg5NDg3NTYxMjhmYzA5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVDdJRwqIBR1AgOndKBcqca3Y/n9+/45sONWGtdcwa+O1xJ
gqkiCfa2La5kZbtoxCylw6WSyDWx/aDhaOUToXtyvnRwJ1rSAvJLXmup6LR/XpbS
yPzykenAmawc7sGfWZNgrqTjNKD+i+8/oYzVYhKlX2VYyKSLoOSCXJtjpIvOd+Fd
hLBfSmhbU8eCKfnr9nFMOjgyywGgaxueNPBY5NEIBptvGQyFZo0jhwte7D+3Nlxf
LcpXZObIy/nT/zFA7TuYxSrniHNKAOTzMMrFYtl1YuYRJ7bBsfiQRjF+IrzPAeUP
/a7B/O9tPDpFJQ1y9Z+3ASg0Rd/aM3m0nBvqNN8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSuTRDH37oixP6fi2c4lIdWEo/AkTAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L3JrMFF4OS02SXNULW40dG5PSlNIVmhLUHdKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlOT8AMEAlOT/AMEAbL9IAMEALL9
NzANBgkqhkiG9w0BAQsFAAOCAQEARCT97lRS8sWAeCQhy/J5OuEN36BL99j1OiVu
wRFleu1KyQAiOXCa82KkGgitBdoSmH2wYJDgxF/4Lcu9F7yrJdgDEvvQVGYbQHgz
eC1Rp0PLEt9Zma2ocSW9wyb5QZ/80HtKRqXqaELH3GptsGM+wF2LL+ksO5ld7AF2
4SGdr8q0RL4rNDz2yPKOG9g+Q//A38Q3ZSSeJN4sQaBCScF/RFmyjXE16A8iP33L
vfCujyGAhaL4AckFU5OgGZDIAAoDcbjZLBDh5bwTeGtdI8NAt1jMNQDOKGPE9zEU
47bQs18O0IINF1eGGokYRAdFmk7RP13Nf7PzX3jFfPCum0HuXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org