Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CX-qQOdsuvrTSodAHu2_HTqBxAs.roa
File:                     CX-qQOdsuvrTSodAHu2_HTqBxAs.roa (raw, json)
Hash identifier:          Y3uVyBYxENgQoOmUWV4l/oU6FV4omi6gU2NxD92r1H0=
Subject key identifier:   09:7F:AA:40:E7:6C:BA:FA:D3:4A:87:40:1E:ED:BF:1D:3A:81:C4:0B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0CEF161E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CX-qQOdsuvrTSodAHu2_HTqBxAs.roa
Signing time:             Thu 13 Jan 2022 09:14:38 +0000
ROA not before:           Thu 13 Jan 2022 09:14:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137409
IP address blocks:        194.5.83.0/24 maxlen: 24
                          194.5.82.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 216995358 (0xcef161e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 13 09:14:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=097faa40e76cbafad34a87401eedbf1d3a81c40b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:25:a3:03:37:15:1c:8f:74:aa:47:18:c6:62:
                    38:a2:90:7d:a8:f9:5c:92:5f:13:0e:72:ee:8f:f6:
                    b0:b6:75:05:5e:e0:5f:b0:d2:8f:97:1b:29:56:a4:
                    ac:42:07:e3:1d:ac:5b:88:0a:8b:4b:0a:d9:05:60:
                    ba:82:61:59:ca:6f:ba:9b:16:b5:61:55:7a:18:89:
                    b1:76:fa:d4:d6:6f:09:bf:c5:fc:bd:8d:af:05:83:
                    63:59:04:29:32:a8:2c:a5:a8:d8:1c:fb:39:68:ac:
                    d3:83:47:13:f6:26:62:9e:a8:2e:86:69:90:71:b2:
                    0b:8a:55:72:53:f6:cc:d2:ab:90:77:33:18:fd:c9:
                    34:bd:9b:da:d2:60:94:e1:e2:dd:f9:d7:2c:91:12:
                    b1:3f:4f:5d:92:a1:2c:3d:fa:17:0c:7c:39:e0:47:
                    28:72:8d:d2:ae:ca:4e:12:84:35:01:64:67:ad:e1:
                    cf:c9:63:ea:09:cd:d1:47:69:a8:05:bd:24:24:a3:
                    33:15:5d:ff:98:d8:86:78:67:1c:14:26:e8:cc:ce:
                    22:5c:1c:0a:f6:7d:67:4f:a6:a7:43:07:4b:12:94:
                    db:2a:79:ce:4c:e3:9c:dc:2d:a2:79:32:4e:4c:4c:
                    84:53:72:7b:76:4e:2d:5d:21:42:e4:d1:4f:2d:09:
                    29:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:7F:AA:40:E7:6C:BA:FA:D3:4A:87:40:1E:ED:BF:1D:3A:81:C4:0B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CX-qQOdsuvrTSodAHu2_HTqBxAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.5.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:7a:29:18:2a:84:22:0f:63:24:21:de:c0:d1:0e:d1:db:77:
         42:c9:a1:96:8e:58:64:01:10:96:2a:fa:9d:5b:36:03:3e:9b:
         20:4d:5e:f2:42:c8:9e:f5:b9:a2:6f:fa:f8:7f:93:2e:1c:d0:
         1e:0d:85:00:15:7c:e2:73:d7:b4:21:b7:d3:cb:d5:57:1b:e6:
         6e:32:4d:0d:c8:f3:98:84:f6:00:91:93:bb:f0:d9:ab:64:9d:
         01:6c:51:4d:0e:0f:65:77:87:d7:02:64:67:80:25:30:3d:a6:
         7e:df:12:3a:d2:23:af:a7:74:09:df:4a:5a:6d:aa:d0:1a:12:
         d3:b0:9a:7d:6b:10:df:ab:7b:b7:b5:48:03:14:02:6b:f9:da:
         6e:9f:0c:94:3a:47:67:38:ba:06:17:22:a0:ca:4f:03:fb:e6:
         b7:b8:4b:9a:90:03:71:49:5d:09:96:b8:c7:85:ce:44:9f:70:
         8c:fa:3b:59:51:69:09:5a:69:2c:5d:d0:89:73:e2:05:cb:f0:
         fb:22:51:19:88:2a:96:be:0e:6e:cb:e3:11:fb:ee:18:a5:ec:
         cd:61:08:c6:f1:a0:8b:30:76:d6:9e:c4:c9:7b:41:38:c2:c3:
         47:4e:0a:8c:f9:35:e2:5f:50:38:62:b3:41:9e:de:d3:fd:06:
         e0:39:41:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDO8WHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEx
MzA5MTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk3ZmFhNDBlNzZj
YmFmYWQzNGE4NzQwMWVlZGJmMWQzYTgxYzQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIlowM3FRyPdKpHGMZiOKKQfaj5XJJfEw5y7o/2sLZ1BV7g
X7DSj5cbKVakrEIH4x2sW4gKi0sK2QVguoJhWcpvupsWtWFVehiJsXb61NZvCb/F
/L2NrwWDY1kEKTKoLKWo2Bz7OWis04NHE/YmYp6oLoZpkHGyC4pVclP2zNKrkHcz
GP3JNL2b2tJglOHi3fnXLJESsT9PXZKhLD36Fwx8OeBHKHKN0q7KThKENQFkZ63h
z8lj6gnN0UdpqAW9JCSjMxVd/5jYhnhnHBQm6MzOIlwcCvZ9Z0+mp0MHSxKU2yp5
zkzjnNwtonkyTkxMhFNye3ZOLV0hQuTRTy0JKU8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJf6pA52y6+tNKh0Ae7b8dOoHECzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0NYLXFRT2RzdXZyVFNvZEFIdTJfSFRxQnhBcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIFUjANBgkqhkiG9w0BAQsFAAOC
AQEASXopGCqEIg9jJCHewNEO0dt3Qsmhlo5YZAEQlir6nVs2Az6bIE1e8kLInvW5
om/6+H+TLhzQHg2FABV84nPXtCG308vVVxvmbjJNDcjzmIT2AJGTu/DZq2SdAWxR
TQ4PZXeH1wJkZ4AlMD2mft8SOtIjr6d0Cd9KWm2q0BoS07CafWsQ36t7t7VIAxQC
a/nabp8MlDpHZzi6BhcioMpPA/vmt7hLmpADcUldCZa4x4XORJ9wjPo7WVFpCVpp
LF3QiXPiBcvw+yJRGYgqlr4ObsvjEfvuGKXszWEIxvGgizB21p7EyXtBOMLDR04K
jPk14l9QOGKzQZ7e0/0G4DlBCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org