Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa
File:                     uoYIjIj4X-OFFHmNJK58KLIRN_U.roa (raw, json)
Hash identifier:          fS/sT6s/jP/pMKbnr33RggY5k5CKMZb4hCy91WZYtMw=
Subject key identifier:   BA:86:08:8C:88:F8:5F:E3:85:14:79:8D:24:AE:7C:28:B2:11:37:F5
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185027D8CFC6076C06BB55B11ACFE6A0AED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa
Signing time:             Sun 11 Dec 2022 18:41:00 +0000
ROA not before:           Sun 11 Dec 2022 18:41:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210636
IP address blocks:        91.190.106.0/24 maxlen: 24
                          185.241.211.0/24 maxlen: 24
                          45.83.30.0/23 maxlen: 23
                          45.80.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:02:7d:8c:fc:60:76:c0:6b:b5:5b:11:ac:fe:6a:0a:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 11 18:41:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba86088c88f85fe38514798d24ae7c28b21137f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:08:4b:a3:76:66:c2:34:28:b7:76:a9:ff:10:
                    95:39:87:69:92:c4:e6:fa:d4:a0:07:3d:86:47:5f:
                    b2:7d:35:c1:02:80:aa:d3:03:8d:01:d0:f3:07:f3:
                    ae:74:a4:64:7c:fa:7a:21:d2:71:54:39:09:10:64:
                    0f:af:ef:2c:d3:b1:32:8c:0b:0e:17:ff:76:0a:1f:
                    ee:04:11:4c:4c:c4:32:ab:ad:f7:11:68:c0:f3:73:
                    f2:54:05:47:7a:14:a9:9b:82:90:66:20:d0:8e:e6:
                    f0:d0:58:37:fa:ca:7f:ca:2d:c8:65:ae:3c:61:6a:
                    6f:63:34:1a:ec:f0:0f:41:71:62:a4:d8:be:2e:cf:
                    80:79:23:7e:68:16:11:ae:4b:29:bf:ed:b1:57:4e:
                    a7:1c:f8:03:63:7e:7c:22:fd:56:b5:bb:47:49:21:
                    08:68:7e:a5:d5:0d:f0:77:a3:fe:b0:3c:ae:02:10:
                    39:4d:ff:36:7f:bc:5c:2c:5b:f8:9d:91:38:66:7b:
                    9b:b0:ad:70:a9:84:da:f9:bc:06:8b:98:fe:bf:87:
                    14:5c:c3:b4:b1:da:56:a3:78:60:02:e2:f6:38:b3:
                    31:19:a9:b3:63:1b:44:f6:e4:c4:45:39:96:a3:56:
                    5a:ef:06:55:3e:55:ee:59:90:3f:a6:95:c8:ab:1c:
                    7d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:86:08:8C:88:F8:5F:E3:85:14:79:8D:24:AE:7C:28:B2:11:37:F5
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.156.0/24
                  45.83.30.0/23
                  91.190.106.0/24
                  185.241.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:3b:f2:d6:7a:75:d2:9e:43:61:09:50:3f:fb:e0:65:5d:d3:
         18:c4:6c:06:78:03:86:be:57:cd:37:1f:14:8a:74:88:21:a2:
         5a:e7:16:2f:4c:73:dd:65:05:2a:b4:8b:00:5e:65:3a:82:06:
         25:ad:7e:0c:f5:91:8f:a0:3a:18:23:01:35:93:a6:c2:61:64:
         b6:c8:83:ba:79:4e:00:b3:14:eb:f6:a6:5e:64:9e:8c:a7:50:
         17:d8:be:37:5c:31:9a:6a:5b:e0:4a:93:bd:7b:22:94:15:f8:
         0f:c3:8c:f8:7f:22:37:29:5e:27:0e:ab:53:76:4d:b1:d0:76:
         04:34:df:f2:cb:0d:d8:4c:ad:9d:07:d2:07:b6:b3:c6:dd:52:
         94:53:64:25:4a:59:59:83:64:9d:d9:d6:57:40:ac:56:80:53:
         8a:76:92:d4:4a:bf:38:17:65:46:44:24:59:94:0c:b4:dc:77:
         02:5f:c4:10:8a:64:30:6b:53:ed:d5:76:b5:4f:6e:52:b3:55:
         0b:2e:82:d8:0c:84:c1:d2:29:ce:9f:00:1e:f6:0c:f8:16:69:
         d4:2e:b3:8e:57:44:51:2e:aa:46:4e:90:67:1e:d4:4f:9a:ca:
         cc:c7:91:f9:b7:74:b6:65:ab:4f:00:9a:4a:ce:84:3c:2f:12:
         0a:4d:6a:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUCfYz8YHbAa7VbEaz+agrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjExMTg0MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg2MDg4Yzg4Zjg1ZmUzODUxNDc5OGQyNGFlN2MyOGIyMTEzN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAhLo3ZmwjQot3ap/xCVOYdpksTm
+tSgBz2GR1+yfTXBAoCq0wONAdDzB/OudKRkfPp6IdJxVDkJEGQPr+8s07EyjAsO
F/92Ch/uBBFMTMQyq633EWjA83PyVAVHehSpm4KQZiDQjubw0Fg3+sp/yi3IZa48
YWpvYzQa7PAPQXFipNi+Ls+AeSN+aBYRrkspv+2xV06nHPgDY358Iv1WtbtHSSEI
aH6l1Q3wd6P+sDyuAhA5Tf82f7xcLFv4nZE4ZnubsK1wqYTa+bwGi5j+v4cUXMO0
sdpWo3hgAuL2OLMxGamzYxtE9uTERTmWo1Za7wZVPlXuWZA/ppXIqxx9kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLqGCIyI+F/jhRR5jSSufCiyETf1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdW9ZSWpJajRYLU9GRkhtTkpLNThLTElSTl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVCcAwQB
LVMeAwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQCJO/LWenXSnkNhCVA/
++BlXdMYxGwGeAOGvlfNNx8UinSIIaJa5xYvTHPdZQUqtIsAXmU6ggYlrX4M9ZGP
oDoYIwE1k6bCYWS2yIO6eU4AsxTr9qZeZJ6Mp1AX2L43XDGaalvgSpO9eyKUFfgP
w4z4fyI3KV4nDqtTdk2x0HYENN/yyw3YTK2dB9IHtrPG3VKUU2QlSllZg2Sd2dZX
QKxWgFOKdpLUSr84F2VGRCRZlAy03HcCX8QQimQwa1Pt1Xa1T25Ss1ULLoLYDITB
0inOnwAe9gz4FmnULrOOV0RRLqpGTpBnHtRPmsrMx5H5t3S2ZatPAJpKzoQ8LxIK
TWoz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org