Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/hREhOWHMJfV-D88o93eORAuy5Sw.roa
File:                     hREhOWHMJfV-D88o93eORAuy5Sw.roa (raw, json)
Hash identifier:          iE9tLmUjd/P6SpaKfXUfCREZwBQuPGyVxso4WnPgI60=
Subject key identifier:   85:11:21:39:61:CC:25:F5:7E:0F:CF:28:F7:77:8E:44:0B:B2:E5:2C
Certificate issuer:       /CN=cdee78ad857607523b50b60acd9e22ca5a107854
Certificate serial:       094871C6
Authority key identifier: CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/hREhOWHMJfV-D88o93eORAuy5Sw.roa
Signing time:             Sat 01 Jan 2022 11:58:15 +0000
ROA not before:           Sat 01 Jan 2022 11:58:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34350
IP address blocks:        80.70.50.0/24 maxlen: 24
                          80.70.55.0/24 maxlen: 24
                          80.70.52.0/24 maxlen: 24
                          80.70.52.0/22 maxlen: 22
                          80.70.54.0/24 maxlen: 24
                          80.70.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155742662 (0x94871c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdee78ad857607523b50b60acd9e22ca5a107854
        Validity
            Not Before: Jan  1 11:58:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8511213961cc25f57e0fcf28f7778e440bb2e52c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:3e:78:fa:d6:da:84:cb:a9:e7:b7:fe:1a:81:
                    7f:0c:c9:50:01:28:2f:a4:26:39:19:f1:5a:6a:46:
                    07:5c:51:8b:ab:5e:27:4b:b3:2b:57:b9:38:ee:77:
                    ac:0c:6f:86:2a:bd:9c:de:c5:33:d2:75:8d:0c:9f:
                    56:13:1c:42:bb:12:6d:7a:f0:d7:84:69:89:15:d1:
                    26:09:3f:f8:e7:48:53:ad:1f:2c:ba:d8:8a:7b:ce:
                    56:6c:f8:bc:b6:1d:5c:ff:4a:10:36:50:53:2f:ea:
                    90:04:06:0f:3e:d0:6c:c0:86:88:fd:cf:7a:fb:08:
                    a8:2c:19:4b:4f:a3:35:7e:87:1f:e5:b1:69:43:bc:
                    c6:c4:b3:1a:9e:80:65:3b:c3:b2:a5:a5:6b:0c:43:
                    ca:18:aa:5b:0f:36:2b:4e:93:41:85:a8:e2:f6:20:
                    c5:a3:a8:82:d5:3e:70:09:49:70:a6:33:3f:52:1b:
                    c7:b9:7e:65:d2:90:87:2b:c0:57:6b:45:10:54:f8:
                    99:b0:ba:e7:78:38:03:72:0e:f3:40:6c:6a:bf:db:
                    6d:ec:64:e9:81:15:71:b2:36:a4:b1:eb:4c:3b:99:
                    00:a9:a3:55:4b:85:06:ea:19:a8:ad:ef:c0:3e:cd:
                    3c:9c:9b:d9:08:0a:ee:1c:72:e8:98:61:8d:c4:54:
                    ce:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:11:21:39:61:CC:25:F5:7E:0F:CF:28:F7:77:8E:44:0B:B2:E5:2C
            X509v3 Authority Key Identifier:
                keyid:CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/hREhOWHMJfV-D88o93eORAuy5Sw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/ze54rYV2B1I7ULYKzZ4iyloQeFQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.70.50.0/24
                  80.70.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:8e:70:0a:05:4a:44:ab:48:b8:e7:d4:cc:9d:54:34:77:23:
         78:76:23:cf:88:4c:a4:5a:b8:ef:71:19:66:95:97:4d:47:29:
         84:29:5d:ed:52:41:94:c7:df:1a:27:2d:0f:74:d3:79:11:c1:
         0d:08:12:38:fb:93:31:75:44:77:31:7d:d2:74:ec:4b:23:e4:
         5f:89:ca:5f:da:a7:ca:25:7b:fd:30:80:d4:dc:28:44:e3:58:
         5f:a2:e3:17:4e:52:67:82:a8:c4:39:9a:2d:aa:84:96:0a:72:
         e1:1b:8e:5d:3d:e8:f5:21:30:4b:fa:9b:89:6e:16:39:24:28:
         d5:46:35:b3:c8:2f:3f:76:0b:13:72:d0:4a:4f:d3:0d:0f:94:
         30:3e:d1:9d:f9:09:c5:36:eb:e4:f0:5a:60:ca:86:17:b0:52:
         69:d7:c3:d8:a3:b0:f8:d9:66:01:3c:6b:c1:bc:d8:67:0b:a4:
         f5:bd:ac:ca:12:03:1f:44:17:fa:19:d7:ed:d4:b4:a2:5f:f5:
         2f:a9:d3:d0:f8:19:02:02:c4:8d:b6:f8:46:9c:95:1a:02:f8:
         be:d8:9f:5d:b5:b6:b5:09:89:00:fe:de:47:f0:30:1c:eb:17:
         e1:a8:b0:b3:be:5e:1e:46:98:cf:86:a8:40:0b:0c:1a:28:76:
         9d:15:81:03
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECUhxxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGVlNzhhZDg1NzYwNzUyM2I1MGI2MGFjZDllMjJjYTVhMTA3ODU0MB4XDTIyMDEw
MTExNTgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUxMTIxMzk2MWNj
MjVmNTdlMGZjZjI4Zjc3NzhlNDQwYmIyZTUyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOk+ePrW2oTLqee3/hqBfwzJUAEoL6QmORnxWmpGB1xRi6te
J0uzK1e5OO53rAxvhiq9nN7FM9J1jQyfVhMcQrsSbXrw14RpiRXRJgk/+OdIU60f
LLrYinvOVmz4vLYdXP9KEDZQUy/qkAQGDz7QbMCGiP3PevsIqCwZS0+jNX6HH+Wx
aUO8xsSzGp6AZTvDsqWlawxDyhiqWw82K06TQYWo4vYgxaOogtU+cAlJcKYzP1Ib
x7l+ZdKQhyvAV2tFEFT4mbC653g4A3IO80Bsar/bbexk6YEVcbI2pLHrTDuZAKmj
VUuFBuoZqK3vwD7NPJyb2QgK7hxy6JhhjcRUzn8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSFESE5Ycwl9X4Pzyj3d45EC7LlLDAfBgNVHSMEGDAWgBTN7nithXYHUjtQ
tgrNniLKWhB4VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3plNTRyWVYyQjFJN1VMWUt6WjRpeWxvUWVGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNWE0OWJmLWMwNTktNGJlYS04OGQzLWNmMDEyNGNlZDRkNi8x
L2hSRWhPV0hNSmZWLUQ4OG85M2VPUkF1eTVTdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NWE0OWJmLWMwNTktNGJlYS04OGQzLWNmMDEyNGNlZDRkNi8xL3plNTRyWVYyQjFJ
N1VMWUt6WjRpeWxvUWVGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFBGMgMEAlBGNDANBgkqhkiG9w0B
AQsFAAOCAQEAU45wCgVKRKtIuOfUzJ1UNHcjeHYjz4hMpFq473EZZpWXTUcphCld
7VJBlMffGictD3TTeRHBDQgSOPuTMXVEdzF90nTsSyPkX4nKX9qnyiV7/TCA1Nwo
RONYX6LjF05SZ4KoxDmaLaqElgpy4RuOXT3o9SEwS/qbiW4WOSQo1UY1s8gvP3YL
E3LQSk/TDQ+UMD7RnfkJxTbr5PBaYMqGF7BSadfD2KOw+NlmATxrwbzYZwuk9b2s
yhIDH0QX+hnX7dS0ol/1L6nT0PgZAgLEjbb4RpyVGgL4vtifXbW2tQmJAP7eR/Aw
HOsX4aiws75eHkaYz4aoQAsMGih2nRWBAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:42 2024 by rpki-client on console-fra.rpki-client.org