Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RPRB1hP1KBls_7k_BzD79LcYRAY.roa
File:                     RPRB1hP1KBls_7k_BzD79LcYRAY.roa (raw, json)
Hash identifier:          L0ddNfQoQo2hc2lC36pL+siqyRt5gcTmnpNuwre/vyw=
Subject key identifier:   44:F4:41:D6:13:F5:28:19:6C:FF:B9:3F:07:30:FB:F4:B7:18:44:06
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018283AD31A423CCAABFAAF4A54CBA48E73A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RPRB1hP1KBls_7k_BzD79LcYRAY.roa
Signing time:             Tue 09 Aug 2022 17:35:41 +0000
ROA not before:           Tue 09 Aug 2022 17:35:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137409
IP address blocks:        194.5.83.0/24 maxlen: 24
                          45.8.70.0/24 maxlen: 24
                          194.5.82.0/24 maxlen: 24
                          45.130.202.0/23 maxlen: 24
                          45.133.4.0/24 maxlen: 24
                          45.133.6.0/24 maxlen: 24
                          45.133.5.0/24 maxlen: 24
                          45.133.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:83:ad:31:a4:23:cc:aa:bf:aa:f4:a5:4c:ba:48:e7:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Aug  9 17:35:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44f441d613f528196cffb93f0730fbf4b7184406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:72:d1:07:78:59:c2:0d:39:e3:b8:1c:78:9c:
                    0b:4b:2b:d0:0c:2a:8d:24:36:13:10:92:62:52:64:
                    66:22:2d:56:60:88:8b:9e:e5:63:36:c8:19:32:16:
                    2c:41:1e:b3:88:8c:a8:c4:44:8e:26:f3:a7:31:ba:
                    36:2c:54:ba:b7:f0:8c:bb:23:3b:6d:38:d1:74:ff:
                    75:75:4c:3b:c5:14:5c:c3:ae:da:c3:6a:00:74:bd:
                    3f:19:0c:e5:29:83:02:af:26:cc:94:49:40:1f:d7:
                    87:cb:ce:35:6f:af:89:80:6d:59:75:a4:28:14:50:
                    c2:34:18:11:d6:a1:d6:e9:03:c1:c9:fc:9b:16:83:
                    40:7c:5d:aa:22:4b:d6:a6:6c:c4:52:12:47:7a:24:
                    dc:4e:d7:1c:74:7e:e9:f7:17:15:4b:9e:3f:c2:72:
                    a1:de:43:71:f8:90:ed:57:41:48:41:be:18:51:34:
                    56:ee:c3:de:ff:83:03:67:fe:82:74:f0:40:af:f0:
                    1a:d1:8b:50:69:be:9d:2d:44:f6:c5:68:3f:f9:35:
                    e3:ab:16:a4:51:95:3f:07:f6:14:7a:b4:5a:86:8d:
                    70:c3:f4:1f:87:13:46:42:94:58:ac:3b:7b:8d:6f:
                    a6:76:2b:67:e5:2a:fa:08:7e:ed:dd:65:a3:b5:8b:
                    94:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F4:41:D6:13:F5:28:19:6C:FF:B9:3F:07:30:FB:F4:B7:18:44:06
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RPRB1hP1KBls_7k_BzD79LcYRAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.70.0/24
                  45.130.202.0/23
                  45.133.4.0/22
                  194.5.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:6d:cc:9f:01:d1:6c:8a:b5:44:7f:07:1f:d9:37:29:39:86:
         21:a3:4d:60:64:95:fa:b6:c0:aa:cb:8b:e4:86:79:42:3b:a8:
         7f:73:94:17:8b:7b:88:74:5c:fb:f9:7b:29:61:f0:bd:d6:0a:
         4d:13:a5:9d:01:cf:01:43:3e:f7:fc:9c:aa:82:f3:a9:15:b8:
         4b:11:1e:91:a0:ff:3a:5b:69:37:4a:d3:04:7b:99:c5:da:fe:
         85:86:1c:ce:5a:6c:83:1c:c7:23:d7:ba:a2:59:2f:c8:a9:64:
         9b:a3:15:d7:57:40:fa:de:a2:e5:29:04:64:a0:2d:ed:45:84:
         c0:6e:77:b8:66:8e:44:cd:5e:ab:a7:c6:21:37:6d:18:23:b7:
         26:c7:2f:bd:c8:cc:9c:61:7d:f6:ea:de:04:cf:6e:cf:77:f3:
         8e:4c:55:04:2c:9b:20:7a:2e:f3:ef:1d:dc:c4:26:2c:74:98:
         08:75:7b:5d:c7:1e:99:35:04:35:db:7f:8c:d4:ad:18:b1:e7:
         65:c8:f4:9c:aa:81:84:a4:96:a1:70:98:65:36:a7:e5:14:e4:
         d5:4d:84:2b:3c:12:68:18:fb:df:46:6f:96:bc:d8:27:ee:36:
         16:d6:68:fb:8e:42:1c:ab:8d:6d:3c:bb:5b:38:52:38:98:1d:
         02:46:c4:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKDrTGkI8yqv6r0pUy6SOc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODA5MTczNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGY0NDFkNjEzZjUyODE5NmNmZmI5M2YwNzMwZmJmNGI3MTg0NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnLRB3hZwg0547gceJwLSyvQDCqN
JDYTEJJiUmRmIi1WYIiLnuVjNsgZMhYsQR6ziIyoxESOJvOnMbo2LFS6t/CMuyM7
bTjRdP91dUw7xRRcw67aw2oAdL0/GQzlKYMCrybMlElAH9eHy841b6+JgG1ZdaQo
FFDCNBgR1qHW6QPByfybFoNAfF2qIkvWpmzEUhJHeiTcTtccdH7p9xcVS54/wnKh
3kNx+JDtV0FIQb4YUTRW7sPe/4MDZ/6CdPBAr/Aa0YtQab6dLUT2xWg/+TXjqxak
UZU/B/YUerRaho1ww/QfhxNGQpRYrDt7jW+mditn5Sr6CH7t3WWjtYuUMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFET0QdYT9SgZbP+5Pwcw+/S3GEQGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUlBSQjFoUDFLQmxzXzdrX0J6RDc5TGNZUkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQhGAwQB
LYLKAwQCLYUEAwQBwgVSMA0GCSqGSIb3DQEBCwUAA4IBAQAMbcyfAdFsirVEfwcf
2TcpOYYho01gZJX6tsCqy4vkhnlCO6h/c5QXi3uIdFz7+XspYfC91gpNE6WdAc8B
Qz73/JyqgvOpFbhLER6RoP86W2k3StMEe5nF2v6FhhzOWmyDHMcj17qiWS/IqWSb
oxXXV0D63qLlKQRkoC3tRYTAbne4Zo5EzV6rp8YhN20YI7cmxy+9yMycYX326t4E
z27Pd/OOTFUELJsgei7z7x3cxCYsdJgIdXtdxx6ZNQQ123+M1K0YsedlyPScqoGE
pJahcJhlNqflFOTVTYQrPBJoGPvfRm+WvNgn7jYW1mj7jkIcq41tPLtbOFI4mB0C
RsQ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org