Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sk7xOrMErqyfn6MjbCKD1ubmXL4.roa
File:                     sk7xOrMErqyfn6MjbCKD1ubmXL4.roa (raw, json)
Hash identifier:          pGJ9W9KGxRF+bzLaPm3y5L3yTkuxh3s2iftn8eU9PBE=
Subject key identifier:   B2:4E:F1:3A:B3:04:AE:AC:9F:9F:A3:23:6C:22:83:D6:E6:E6:5C:BE
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018248C9D68D134CC920D75AD2826F1AEEE9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sk7xOrMErqyfn6MjbCKD1ubmXL4.roa
Signing time:             Fri 29 Jul 2022 07:09:23 +0000
ROA not before:           Fri 29 Jul 2022 07:09:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137409
IP address blocks:        194.5.83.0/24 maxlen: 24
                          45.8.70.0/24 maxlen: 24
                          194.5.82.0/24 maxlen: 24
                          45.133.6.0/24 maxlen: 24
                          45.133.5.0/24 maxlen: 24
                          45.133.7.0/24 maxlen: 24
                          178.239.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:48:c9:d6:8d:13:4c:c9:20:d7:5a:d2:82:6f:1a:ee:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul 29 07:09:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b24ef13ab304aeac9f9fa3236c2283d6e6e65cbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6f:d7:5e:fe:4a:93:d8:7d:e1:f0:f8:52:be:
                    e5:a0:d4:01:5b:fd:2b:07:fe:dc:56:4f:50:75:30:
                    02:d7:a1:81:dc:5a:2b:e3:9c:ee:85:88:7e:a8:94:
                    d3:31:16:b4:56:9f:83:3a:80:d9:50:1d:21:40:38:
                    10:ed:28:86:b6:78:f1:f1:24:e6:34:53:52:5c:96:
                    72:8d:14:c2:8d:79:90:15:e4:94:ef:07:2e:fd:cd:
                    37:79:6e:15:e6:67:18:31:84:aa:6d:8b:e0:40:2e:
                    9d:30:28:8d:c6:32:72:05:85:be:7c:8b:87:a2:6f:
                    2b:c8:cd:45:07:e6:37:2c:8c:56:4d:56:b8:5c:2f:
                    8a:70:ba:1f:9c:d6:9b:20:74:87:c2:07:5d:43:d3:
                    ba:af:4b:a7:89:6f:5a:51:3a:82:ff:2b:c6:ad:76:
                    ce:b1:ed:43:0e:d0:b1:a2:06:7e:b1:15:ed:09:f6:
                    a6:f1:44:2a:f3:41:6e:9a:2d:d4:6e:0a:b0:d7:0f:
                    6e:33:d2:86:ca:69:83:ef:3a:68:94:77:29:04:9c:
                    7f:83:62:51:4d:2a:ef:cb:7e:8d:b9:03:65:dc:ca:
                    be:92:df:12:14:26:09:1a:30:7d:2d:ae:c7:3e:2c:
                    37:a1:ff:ee:c2:a3:70:95:7f:18:a5:13:f5:df:71:
                    1a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:4E:F1:3A:B3:04:AE:AC:9F:9F:A3:23:6C:22:83:D6:E6:E6:5C:BE
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sk7xOrMErqyfn6MjbCKD1ubmXL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.70.0/24
                  45.133.5.0-45.133.7.255
                  178.239.198.0/24
                  194.5.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:c9:d9:89:46:69:5a:81:48:cf:0e:6a:8f:c2:af:5d:fb:e2:
         a5:ec:e3:d1:d9:91:18:be:d4:57:53:cf:b8:dc:8f:6a:94:27:
         24:d9:71:de:23:3c:24:88:a7:63:cf:06:7b:8e:a6:01:8e:0c:
         be:ac:6a:3a:85:1f:82:75:ef:4f:68:59:03:19:33:45:6b:16:
         83:89:aa:4d:42:b0:11:5e:11:97:8b:b8:20:c2:8b:fe:3e:45:
         35:39:ad:55:2d:89:a1:98:39:92:0f:fb:f9:a5:4f:e5:f7:c2:
         37:dc:a6:8e:ab:dc:f4:ee:a3:c4:12:1a:4c:2c:53:21:7d:7f:
         ac:cd:4f:60:53:01:0f:60:4b:06:82:6d:33:72:49:40:49:e6:
         3b:7d:88:4c:44:b2:0a:d8:c9:d7:bf:ec:df:bd:6e:7a:19:e8:
         7e:52:7b:01:3d:df:f3:db:f1:5a:d4:fb:57:42:b7:d6:3f:d3:
         30:1f:a9:e0:22:17:8b:81:26:e2:d5:16:64:81:00:32:3e:44:
         0e:4a:00:31:de:2d:ec:7c:46:56:83:98:c6:ff:9c:6a:35:8b:
         5b:c7:6e:b3:cb:b5:fc:3d:1c:e3:03:97:76:b2:49:e8:bf:b0:
         c0:07:9b:e2:d5:3e:36:48:f6:28:ce:ce:55:54:85:d4:cc:6a:
         f0:38:cb:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYJIydaNE0zJINda0oJvGu7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzI5MDcwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRlZjEzYWIzMDRhZWFjOWY5ZmEzMjM2YzIyODNkNmU2ZTY1Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG/XXv5Kk9h94fD4Ur7loNQBW/0r
B/7cVk9QdTAC16GB3For45zuhYh+qJTTMRa0Vp+DOoDZUB0hQDgQ7SiGtnjx8STm
NFNSXJZyjRTCjXmQFeSU7wcu/c03eW4V5mcYMYSqbYvgQC6dMCiNxjJyBYW+fIuH
om8ryM1FB+Y3LIxWTVa4XC+KcLofnNabIHSHwgddQ9O6r0uniW9aUTqC/yvGrXbO
se1DDtCxogZ+sRXtCfam8UQq80Fumi3Ubgqw1w9uM9KGymmD7zpolHcpBJx/g2JR
TSrvy36NuQNl3Mq+kt8SFCYJGjB9La7HPiw3of/uwqNwlX8YpRP133EaTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLJO8TqzBK6sn5+jI2wig9bm5ly+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc2s3eE9yTUVycXlmbjZNamJDS0QxdWJtWEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQhGMAwD
BAAthQUDBAMthQADBACy78YDBAHCBVIwDQYJKoZIhvcNAQELBQADggEBABPJ2YlG
aVqBSM8Oao/Cr1374qXs49HZkRi+1FdTz7jcj2qUJyTZcd4jPCSIp2PPBnuOpgGO
DL6sajqFH4J1709oWQMZM0VrFoOJqk1CsBFeEZeLuCDCi/4+RTU5rVUtiaGYOZIP
+/mlT+X3wjfcpo6r3PTuo8QSGkwsUyF9f6zNT2BTAQ9gSwaCbTNySUBJ5jt9iExE
sgrYyde/7N+9bnoZ6H5SewE93/Pb8VrU+1dCt9Y/0zAfqeAiF4uBJuLVFmSBADI+
RA5KADHeLex8RlaDmMb/nGo1i1vHbrPLtfw9HOMDl3aySei/sMAHm+LVPjZI9ijO
zlVUhdTMavA4y8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org