Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa
File:                     Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa (raw, json)
Hash identifier:          S4NMEQ/Lm9VpwD9aagkMUGg+lN/pKYD7dmlMMZkBHmQ=
Subject key identifier:   42:5D:31:C6:81:FA:97:E8:21:68:3C:2E:3B:F3:96:B8:53:DC:C3:16
Certificate issuer:       /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial:       1BCA95D0
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa
Signing time:             Sat 01 Jan 2022 13:54:54 +0000
ROA not before:           Sat 01 Jan 2022 13:54:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62370
IP address blocks:        77.95.224.0/21 maxlen: 21
                          185.62.56.0/22 maxlen: 22
                          89.207.128.0/21 maxlen: 21
                          193.33.60.0/23 maxlen: 23
                          37.148.160.0/21 maxlen: 21
                          5.104.224.0/21 maxlen: 21
                          128.204.192.0/20 maxlen: 20
                          78.41.200.0/21 maxlen: 21
                          193.34.166.0/23 maxlen: 23
                          195.20.204.0/23 maxlen: 23
                          2a00:7b80::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 466261456 (0x1bca95d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
        Validity
            Not Before: Jan  1 13:54:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=425d31c681fa97e821683c2e3bf396b853dcc316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:06:0e:f6:50:0c:73:1c:57:dd:e8:be:a0:70:
                    25:c6:1b:4e:03:6d:07:09:6c:d9:a9:35:c6:4e:a7:
                    5d:1d:39:65:6a:8c:a2:15:27:19:99:82:21:de:d0:
                    7d:ad:86:e6:cc:ea:80:5b:5b:cb:b7:e0:d4:d8:b5:
                    23:d1:db:62:04:25:bc:aa:20:ca:a6:3a:7a:38:3f:
                    21:b5:ef:df:8e:85:22:e8:e0:24:db:ad:36:5b:4e:
                    ef:88:76:6a:11:c6:ac:8e:63:21:fb:9f:3c:71:60:
                    dc:df:be:c4:6a:4c:2d:eb:0d:b0:f3:c6:df:86:73:
                    a7:15:aa:d5:5d:69:6e:d5:a5:ec:04:b7:1f:00:fa:
                    64:2e:f8:28:27:12:a0:3c:fb:e4:25:9f:00:14:71:
                    02:58:bb:9b:fb:2c:4e:07:07:14:06:45:14:b2:99:
                    b8:8a:c6:67:61:21:86:ff:3e:07:1a:e9:5f:7a:fe:
                    3d:df:f7:43:d4:e4:17:03:85:d2:41:15:cf:db:2a:
                    21:74:83:18:d9:e6:ce:1c:93:06:af:80:c7:4d:2f:
                    80:87:fb:2d:6c:f0:da:7f:84:17:1f:e2:1e:c4:4f:
                    a0:1b:97:44:a8:b0:34:ea:9c:1f:2d:e1:a6:7c:c1:
                    97:85:dd:07:91:66:ad:e9:1f:af:89:2a:c3:0f:30:
                    bb:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:5D:31:C6:81:FA:97:E8:21:68:3C:2E:3B:F3:96:B8:53:DC:C3:16
            X509v3 Authority Key Identifier:
                keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ql0xxoH6l-ghaDwuO_OWuFPcwxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.224.0/21
                  37.148.160.0/21
                  77.95.224.0/21
                  78.41.200.0/21
                  89.207.128.0/21
                  128.204.192.0/20
                  185.62.56.0/22
                  193.33.60.0/23
                  193.34.166.0/23
                  195.20.204.0/23
                IPv6:
                  2a00:7b80::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:b4:86:d5:c7:11:82:5b:a6:b3:7f:82:3a:e1:25:ea:c6:c1:
         dd:c1:59:c4:e0:42:50:de:2e:5b:70:c8:6b:e4:dd:00:85:3b:
         6a:e2:39:e0:06:e1:6d:34:af:f2:b6:89:8d:4f:75:ea:a3:8e:
         1d:3b:95:b1:ef:0d:e5:42:07:15:b2:2c:5b:dd:ea:3f:6d:c1:
         c0:31:ab:52:ac:dc:f1:36:72:cf:70:d3:07:d2:8c:c2:1d:77:
         61:9b:92:5e:4d:26:35:eb:a0:9b:98:71:9c:1d:e1:26:0d:f5:
         bf:5f:f4:5a:c8:84:3e:ee:a4:fd:2f:b6:90:69:f3:15:d0:21:
         fb:17:02:31:fc:4d:e3:a3:c3:fd:9e:bd:7e:fe:fa:ba:fc:de:
         87:b5:a8:de:49:fa:a2:fb:41:60:1a:89:43:f2:e2:64:2d:b4:
         2a:bb:72:37:13:88:1e:f3:e1:e5:aa:09:52:63:a8:5c:d6:cf:
         09:6f:46:de:fe:c6:2c:05:ad:a0:e8:0e:18:75:22:5a:e4:85:
         d0:8c:e9:90:61:dd:97:2d:d7:5b:ef:53:cc:d2:45:0b:b4:33:
         8d:17:db:dd:61:78:f8:2a:16:bf:6d:a2:f7:39:1f:d7:ed:b2:
         be:d3:67:38:46:48:14:2f:10:dd:31:18:f2:f6:4f:f3:f0:2a:
         c8:48:57:e4
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEG8qV0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGFmNDZhNDBjMjQ2ZDY1NDBkOTkyYzMyMWIxY2MzNjIzZDY1OTk1MB4XDTIyMDEw
MTEzNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI1ZDMxYzY4MWZh
OTdlODIxNjgzYzJlM2JmMzk2Yjg1M2RjYzMxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPwGDvZQDHMcV93ovqBwJcYbTgNtBwls2ak1xk6nXR05ZWqM
ohUnGZmCId7Qfa2G5szqgFtby7fg1Ni1I9HbYgQlvKogyqY6ejg/IbXv346FIujg
JNutNltO74h2ahHGrI5jIfufPHFg3N++xGpMLesNsPPG34ZzpxWq1V1pbtWl7AS3
HwD6ZC74KCcSoDz75CWfABRxAli7m/ssTgcHFAZFFLKZuIrGZ2Ehhv8+BxrpX3r+
Pd/3Q9TkFwOF0kEVz9sqIXSDGNnmzhyTBq+Ax00vgIf7LWzw2n+EFx/iHsRPoBuX
RKiwNOqcHy3hpnzBl4XdB5Fmrekfr4kqww8wu9MCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRCXTHGgfqX6CFoPC4785a4U9zDFjAfBgNVHSMEGDAWgBQdr0akDCRtZUDZ
ksMhscw2I9ZZlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhOUdwQXdrYldWQTJaTERJYkhNTmlQV1daVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNDRjMGVmLTVkYTYtNGZmMi1iNWVmLTc5ZjA0OGJkMmE3YS8x
L1FsMHh4b0g2bC1naGFEd3VPX09XdUZQY3d4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NDRjMGVmLTVkYTYtNGZmMi1iNWVmLTc5ZjA0OGJkMmE3YS8xL0hhOUdwQXdrYldW
QTJaTERJYkhNTmlQV1daVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAwVo4AMEAyWUoAMEA01f4AMEA04p
yAMEA1nPgAMEBIDMwAMEArk+OAMEAcEhPAMEAcEipgMEAcMUzDANBAIAAjAHAwUA
KgB7gDANBgkqhkiG9w0BAQsFAAOCAQEAJrSG1ccRglums3+COuEl6sbB3cFZxOBC
UN4uW3DIa+TdAIU7auI54AbhbTSv8raJjU916qOOHTuVse8N5UIHFbIsW93qP23B
wDGrUqzc8TZyz3DTB9KMwh13YZuSXk0mNeugm5hxnB3hJg31v1/0WsiEPu6k/S+2
kGnzFdAh+xcCMfxN46PD/Z69fv76uvzeh7Wo3kn6ovtBYBqJQ/LiZC20KrtyNxOI
HvPh5aoJUmOoXNbPCW9G3v7GLAWtoOgOGHUiWuSF0IzpkGHdly3XW+9TzNJFC7Qz
jRfb3WF4+CoWv22i9zkf1+2yvtNnOEZIFC8Q3TEY8vZP8/AqyEhX5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:36 2024 by rpki-client on console-ams.rpki-client.org