Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IWX2RqK3H1jnkkO8HLIWzPC6WwA.roa
File:                     IWX2RqK3H1jnkkO8HLIWzPC6WwA.roa (raw, json)
Hash identifier:          7DQE0kdEGcbDOTKtq9/+fPOMBkrmfn9DKihemfVY4aA=
Subject key identifier:   21:65:F6:46:A2:B7:1F:58:E7:92:43:BC:1C:B2:16:CC:F0:BA:5B:00
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0E63DCBA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IWX2RqK3H1jnkkO8HLIWzPC6WwA.roa
Signing time:             Thu 09 Jun 2022 12:02:12 +0000
ROA not before:           Thu 09 Jun 2022 12:02:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        185.198.243.0/24 maxlen: 24
                          185.192.69.0/24 maxlen: 24
                          185.165.45.0/24 maxlen: 24
                          185.217.117.0/24 maxlen: 24
                          45.80.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 241425594 (0xe63dcba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun  9 12:02:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2165f646a2b71f58e79243bc1cb216ccf0ba5b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:63:2f:dc:bd:c2:f3:d8:6e:08:ae:70:1d:
                    2d:09:3f:a7:7a:a5:b4:49:04:9b:a3:e3:9f:b1:ed:
                    2f:e7:4f:f2:57:40:fd:1f:e2:71:7b:de:f3:8b:fc:
                    3a:f5:9d:6c:a0:bf:97:68:07:47:d0:6a:86:8d:5a:
                    ee:57:b0:2d:55:c8:7f:34:04:08:2a:6d:f7:1e:d3:
                    6a:92:68:7a:3d:e1:4d:e7:ef:fd:b4:fe:e4:a4:48:
                    b4:ec:9c:6e:d9:b7:34:4d:79:4f:8e:4a:3b:26:6a:
                    74:6c:85:3a:b6:e4:45:dc:b9:ed:21:0d:2b:dc:b9:
                    15:63:34:61:52:53:b0:65:3a:0c:a5:ef:bd:db:bc:
                    60:97:e5:97:24:90:63:32:39:b1:7c:1e:f8:9e:19:
                    14:7a:ae:6b:aa:10:a6:c6:1e:70:3c:8b:c5:22:22:
                    4a:5a:50:53:c2:08:2e:84:20:e3:28:e4:af:58:35:
                    ec:96:b9:e5:8c:e6:96:fb:49:9d:73:4a:ae:76:16:
                    38:91:46:36:38:e2:9f:ee:d6:b0:f7:31:66:23:ee:
                    e7:dd:f5:27:1a:21:30:78:5c:53:02:2d:22:83:c1:
                    d2:6f:a9:64:c4:02:cc:82:a3:34:0c:bb:05:ef:f9:
                    37:28:12:e4:44:fa:9a:eb:8f:0e:bc:ee:36:91:3b:
                    6d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:65:F6:46:A2:B7:1F:58:E7:92:43:BC:1C:B2:16:CC:F0:BA:5B:00
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IWX2RqK3H1jnkkO8HLIWzPC6WwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.157.0/24
                  185.165.45.0/24
                  185.192.69.0/24
                  185.198.243.0/24
                  185.217.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:e5:6b:64:0b:be:f6:6e:64:7b:f2:32:32:6f:2a:67:3c:dc:
         0b:75:48:b0:3d:65:f0:bf:81:6b:76:5e:a1:0d:ef:f4:64:72:
         dd:17:8d:2b:0c:b3:e0:9e:8d:a9:8b:63:14:90:63:69:d7:7c:
         f5:a6:6e:5c:f4:b6:4f:5e:cc:38:91:5b:99:77:b9:b9:ff:c7:
         53:03:0b:e5:d8:ed:32:a7:4b:d2:9f:6d:fa:a2:c4:06:55:53:
         fe:5f:ce:82:a8:62:e3:4e:04:92:48:0d:88:ef:df:06:23:a6:
         d7:54:32:ff:7a:f3:0c:d3:8b:21:ed:d4:92:4f:9a:ce:4d:8e:
         5f:14:b5:1f:00:01:9e:87:bf:8d:8f:3b:7a:08:7c:b7:a1:7d:
         9a:87:6b:b4:95:fe:46:6b:5a:7a:79:f8:b8:dd:d3:bb:f0:55:
         4c:e6:70:38:85:49:06:f3:b8:ae:2c:24:d8:52:21:f9:18:4a:
         b7:75:ed:38:ee:85:3b:b7:fe:90:a6:22:53:d0:4a:3d:b2:0c:
         1f:c4:f7:d5:dd:c2:eb:b0:60:c4:7c:d5:b7:b8:64:54:7e:bc:
         22:7d:90:91:2d:d0:ec:35:f0:ec:f8:d1:c2:1e:d3:b2:1b:7a:
         08:da:66:ee:31:f3:8d:98:bd:25:eb:b6:98:67:79:e8:08:56:
         cf:92:c0:d7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDmPcujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDYw
OTEyMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE2NWY2NDZhMmI3
MWY1OGU3OTI0M2JjMWNiMjE2Y2NmMGJhNWIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsYYy/cvcLz2G4IrnAdLQk/p3qltEkEm6Pjn7HtL+dP8ldA
/R/icXve84v8OvWdbKC/l2gHR9Bqho1a7lewLVXIfzQECCpt9x7TapJoej3hTefv
/bT+5KRItOycbtm3NE15T45KOyZqdGyFOrbkRdy57SENK9y5FWM0YVJTsGU6DKXv
vdu8YJfllySQYzI5sXwe+J4ZFHqua6oQpsYecDyLxSIiSlpQU8IILoQg4yjkr1g1
7Ja55YzmlvtJnXNKrnYWOJFGNjjin+7WsPcxZiPu5931JxohMHhcUwItIoPB0m+p
ZMQCzIKjNAy7Be/5NygS5ET6muuPDrzuNpE7bQkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQhZfZGorcfWOeSQ7wcshbM8LpbADAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0lXWDJScUszSDFqbmtrTzhITElXelBDNld3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1QnQMEALmlLQMEALnARQMEALnG
8wMEALnZdTANBgkqhkiG9w0BAQsFAAOCAQEANuVrZAu+9m5ke/IyMm8qZzzcC3VI
sD1l8L+Ba3ZeoQ3v9GRy3ReNKwyz4J6NqYtjFJBjadd89aZuXPS2T17MOJFbmXe5
uf/HUwML5djtMqdL0p9t+qLEBlVT/l/Ogqhi404EkkgNiO/fBiOm11Qy/3rzDNOL
Ie3Ukk+azk2OXxS1HwABnoe/jY87egh8t6F9modrtJX+Rmtaenn4uN3Tu/BVTOZw
OIVJBvO4riwk2FIh+RhKt3XtOO6FO7f+kKYiU9BKPbIMH8T31d3C67BgxHzVt7hk
VH68In2QkS3Q7DXw7PjRwh7Tsht6CNpm7jHzjZi9Jeu2mGd56AhWz5LA1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org