Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Cic-KICjQwfLDjR_DMXaJVD8NwY.roa
File:                     Cic-KICjQwfLDjR_DMXaJVD8NwY.roa (raw, json)
Hash identifier:          FX9AxYTRuDjt2yRaP/zXT1Yz8YMFKvfVoXY6R66LJ/8=
Subject key identifier:   0A:27:3E:28:80:A3:43:07:CB:0E:34:7F:0C:C5:DA:25:50:FC:37:06
Certificate issuer:       /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial:       04685BDF
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Cic-KICjQwfLDjR_DMXaJVD8NwY.roa
Signing time:             Thu 16 Jun 2022 09:45:55 +0000
ROA not before:           Thu 16 Jun 2022 09:45:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44446
IP address blocks:        45.143.203.0/24 maxlen: 24
                          185.156.73.0/24 maxlen: 24
                          185.193.88.0/24 maxlen: 24
                          92.63.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73948127 (0x4685bdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
        Validity
            Not Before: Jun 16 09:45:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a273e2880a34307cb0e347f0cc5da2550fc3706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:26:ab:5b:b7:e2:69:fa:ff:9f:34:97:79:5c:
                    ba:a9:2c:12:89:02:94:ab:df:cd:9b:c7:1f:97:b7:
                    ac:5d:54:3a:2d:67:1e:28:2b:21:98:57:93:f1:25:
                    71:dd:2f:ba:85:8f:63:27:4b:35:85:d9:2f:f0:9e:
                    1b:82:4b:3e:b1:5e:1e:0f:e0:a3:3f:d8:8d:00:c3:
                    c7:e6:24:d8:1c:4a:e9:f1:1f:9d:f8:b8:17:50:7a:
                    25:38:18:c5:34:97:d2:2b:ae:6a:51:83:48:b6:59:
                    c3:6a:4a:dc:7e:5c:7c:1b:1b:6a:59:42:6c:d5:70:
                    fe:0e:da:b1:21:00:e5:fd:05:d2:ac:0b:de:25:19:
                    dd:90:37:44:1d:c5:01:76:59:bd:be:a0:fa:db:24:
                    36:f4:57:55:55:cd:86:4c:de:4e:37:9f:70:fb:56:
                    3d:2e:04:b0:f3:24:05:28:39:3a:4a:3f:76:cd:23:
                    ce:fa:fd:cc:ba:7c:02:6e:36:c3:0e:50:ad:b6:63:
                    c5:f4:48:f3:73:7a:f4:c7:e2:c0:c7:0d:2b:12:60:
                    b7:96:54:8f:0c:5f:46:12:08:50:8e:34:4b:0f:12:
                    eb:b7:fe:ff:88:43:e6:eb:b3:40:86:c3:44:58:85:
                    c3:64:ca:cf:d2:c5:bc:d4:54:57:2e:8e:04:12:8e:
                    db:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:27:3E:28:80:A3:43:07:CB:0E:34:7F:0C:C5:DA:25:50:FC:37:06
            X509v3 Authority Key Identifier:
                keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Cic-KICjQwfLDjR_DMXaJVD8NwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.203.0/24
                  92.63.197.0/24
                  185.156.73.0/24
                  185.193.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:25:c2:06:3c:08:ae:0e:bb:f0:6a:b6:4d:aa:26:37:d3:3e:
         43:72:78:3f:17:5d:41:ff:da:79:c0:39:a3:de:8f:f2:d2:f4:
         4d:fb:de:6d:0b:0c:d9:dc:b1:84:a1:54:0c:1d:a9:24:f0:c8:
         0a:8e:7f:8a:2f:05:2a:1f:a5:cc:57:e0:53:15:09:f5:d8:72:
         dd:f4:ff:27:38:27:a2:b0:09:bc:e0:e8:0f:f6:fe:53:52:9e:
         50:ca:dd:c3:ee:9f:a7:8c:65:7b:ad:c3:3d:9b:09:f8:57:98:
         36:72:81:33:7c:7b:df:92:e0:ba:96:89:71:15:cc:51:12:58:
         47:10:db:77:99:71:0b:f2:16:4f:53:11:58:c8:81:d6:1e:bb:
         bc:73:97:e9:37:49:63:f9:85:aa:11:b1:11:e5:f2:53:aa:ce:
         dd:2a:5c:32:5f:8f:9a:48:90:a8:ac:49:af:d8:4f:9b:37:1c:
         1c:96:7e:76:9b:99:93:27:39:de:87:bf:61:a8:cb:b1:a5:15:
         a2:ee:27:d3:8e:ef:e5:d3:45:46:5c:5e:fb:41:da:12:f2:ce:
         9c:53:c3:8f:f3:0d:e2:b7:b4:fd:2f:2d:a5:3c:90:e0:2c:a2:
         78:38:0c:04:7f:b7:29:c7:e7:02:d9:45:c4:bb:68:09:41:03:
         0a:d5:85:91
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBGhb3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWFmMTJmNWNhNzVjOTIyYTRhYTVkYWNiNDljMDRhOTMyMzdmNGVkMB4XDTIyMDYx
NjA5NDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEyNzNlMjg4MGEz
NDMwN2NiMGUzNDdmMGNjNWRhMjU1MGZjMzcwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQmq1u34mn6/580l3lcuqksEokClKvfzZvHH5e3rF1UOi1n
HigrIZhXk/Elcd0vuoWPYydLNYXZL/CeG4JLPrFeHg/goz/YjQDDx+Yk2BxK6fEf
nfi4F1B6JTgYxTSX0iuualGDSLZZw2pK3H5cfBsballCbNVw/g7asSEA5f0F0qwL
3iUZ3ZA3RB3FAXZZvb6g+tskNvRXVVXNhkzeTjefcPtWPS4EsPMkBSg5Oko/ds0j
zvr9zLp8Am42ww5QrbZjxfRI83N69MfiwMcNKxJgt5ZUjwxfRhIIUI40Sw8S67f+
/4hD5uuzQIbDRFiFw2TKz9LFvNRUVy6OBBKO2y8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQKJz4ogKNDB8sONH8MxdolUPw3BjAfBgNVHSMEGDAWgBSxrxL1ynXJIqSq
Xay0nASpMjf07TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhOFM5Y3AxeVNLa3FsMnN0SndFcVRJMzlPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvY2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8x
L0NpYy1LSUNqUXdmTERqUl9ETVhhSlZEOE53WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
Y2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8xL3NhOFM5Y3AxeVNL
a3FsMnN0SndFcVRJMzlPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2PywMEAFw/xQMEALmcSQMEALnB
WDANBgkqhkiG9w0BAQsFAAOCAQEAfCXCBjwIrg678Gq2TaomN9M+Q3J4PxddQf/a
ecA5o96P8tL0TfvebQsM2dyxhKFUDB2pJPDICo5/ii8FKh+lzFfgUxUJ9dhy3fT/
JzgnorAJvODoD/b+U1KeUMrdw+6fp4xle63DPZsJ+FeYNnKBM3x735LgupaJcRXM
URJYRxDbd5lxC/IWT1MRWMiB1h67vHOX6TdJY/mFqhGxEeXyU6rO3SpcMl+PmkiQ
qKxJr9hPmzccHJZ+dpuZkyc53oe/YajLsaUVou4n047v5dNFRlxe+0HaEvLOnFPD
j/MN4re0/S8tpTyQ4CyieDgMBH+3KcfnAtlFxLtoCUEDCtWFkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org