Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/Aqj1dESQUjP2-rPwGhDVtD8-5CY.roa
File:                     Aqj1dESQUjP2-rPwGhDVtD8-5CY.roa (raw, json)
Hash identifier:          0Be7N20nT7gWWBGQYa3G+iOnWRI8TcTxRB8Hl0kLOmc=
Subject key identifier:   02:A8:F5:74:44:90:52:33:F6:FA:B3:F0:1A:10:D5:B4:3F:3E:E4:26
Certificate issuer:       /CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Certificate serial:       07292F52
Authority key identifier: 30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/Aqj1dESQUjP2-rPwGhDVtD8-5CY.roa
Signing time:             Sat 01 Jan 2022 05:01:01 +0000
ROA not before:           Sat 01 Jan 2022 05:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204989
IP address blocks:        185.104.160.0/22 maxlen: 24
                          45.89.168.0/22 maxlen: 24
                          2a06:3200::/29 maxlen: 32
                          2a0f:a7c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120139602 (0x7292f52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
        Validity
            Not Before: Jan  1 05:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=02a8f57444905233f6fab3f01a10d5b43f3ee426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9f:26:84:e7:1a:d2:c6:f3:bf:a1:fa:13:b3:
                    74:a6:fc:89:80:37:c6:20:ea:b7:1c:fe:98:f0:6f:
                    d4:b8:b9:03:13:51:e3:f2:fe:86:b1:30:ef:a2:ee:
                    1f:34:c7:b0:16:86:d8:f9:5d:2f:3d:1c:ed:57:5f:
                    ca:b3:5c:c9:88:99:72:d4:51:8f:ca:e6:af:93:ff:
                    b9:c4:a4:a3:ed:80:df:d4:a8:74:dd:77:58:c3:b8:
                    1f:bd:a8:de:4c:68:c2:97:fc:fd:cb:85:b8:fa:1b:
                    bb:44:47:80:5c:a1:8e:53:59:2d:71:a5:ee:02:44:
                    74:c9:66:0e:b8:d9:f7:b5:06:0e:8a:5b:62:fc:66:
                    f8:7b:2b:89:eb:e7:e6:d3:3e:35:f4:eb:01:e4:c7:
                    db:b0:63:c1:94:c6:0d:38:95:df:7a:ef:a3:85:54:
                    dd:c0:10:84:19:35:01:39:4a:ac:b4:e9:a3:7f:74:
                    00:35:c6:72:bf:a0:aa:84:05:74:cc:ea:47:89:40:
                    37:9d:d3:87:b9:fc:64:ff:1f:52:c6:21:07:99:28:
                    d6:2c:b9:36:0d:54:8c:cb:2f:8a:58:cd:5e:c0:60:
                    4b:8d:41:72:9c:46:43:e7:d5:3b:47:0f:58:8a:29:
                    ad:57:7a:6f:b0:3a:08:9f:34:23:f8:23:81:8f:bb:
                    5f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A8:F5:74:44:90:52:33:F6:FA:B3:F0:1A:10:D5:B4:3F:3E:E4:26
            X509v3 Authority Key Identifier:
                keyid:30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/Aqj1dESQUjP2-rPwGhDVtD8-5CY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.168.0/22
                  185.104.160.0/22
                IPv6:
                  2a06:3200::/29
                  2a0f:a7c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         58:11:f8:25:b3:ca:a0:78:ec:a2:77:e9:f8:c2:59:fb:85:e5:
         94:2a:a2:77:72:bd:1e:b0:ac:2d:a5:08:e7:80:69:2b:aa:e2:
         0b:c3:9e:fb:78:21:f2:38:d4:ca:8d:9d:8c:af:50:34:85:2f:
         bc:f8:d1:0f:70:35:bf:64:1b:bc:52:9b:a6:9c:7f:cd:cf:e5:
         4b:0a:d0:fb:52:75:b2:a5:03:6a:c5:b4:e1:71:d0:59:db:cf:
         69:ee:39:34:4f:0e:c4:e0:cb:46:1c:af:ba:fb:d4:69:b6:99:
         18:ae:97:f7:30:95:f6:74:81:56:76:25:f0:3c:d8:10:07:fc:
         6a:1b:f3:f1:9f:c2:07:75:fc:91:0d:51:0a:1e:bf:6b:5c:e7:
         62:6f:d5:ba:46:4c:e0:17:3c:a7:7b:81:bc:2c:ee:df:f9:92:
         e3:6f:da:08:39:c3:e8:f8:ef:a6:a1:15:cc:68:19:e9:b3:10:
         18:90:cc:16:79:5c:7a:74:82:c2:96:3c:d2:b2:6c:44:60:3e:
         94:f8:dc:74:4d:aa:f1:37:47:c1:b3:04:95:a6:86:92:ca:a4:
         a3:3b:95:a1:e0:b3:2d:a5:8f:84:20:5c:aa:b6:9b:ed:3f:e5:
         0f:f2:fd:bb:4d:71:0d:67:fa:ae:b1:ca:30:28:98:b1:1d:f1:
         ff:10:61:0d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBykvUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDc0ZDY1MWRmZWM0YjBkMzcxZTAyNTA1YjFmODY5M2VkMWQ4ZTAyMB4XDTIyMDEw
MTA1MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJhOGY1NzQ0NDkw
NTIzM2Y2ZmFiM2YwMWExMGQ1YjQzZjNlZTQyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKfJoTnGtLG87+h+hOzdKb8iYA3xiDqtxz+mPBv1Li5AxNR
4/L+hrEw76LuHzTHsBaG2PldLz0c7VdfyrNcyYiZctRRj8rmr5P/ucSko+2A39So
dN13WMO4H72o3kxowpf8/cuFuPobu0RHgFyhjlNZLXGl7gJEdMlmDrjZ97UGDopb
Yvxm+Hsrievn5tM+NfTrAeTH27BjwZTGDTiV33rvo4VU3cAQhBk1ATlKrLTpo390
ADXGcr+gqoQFdMzqR4lAN53Th7n8ZP8fUsYhB5ko1iy5Ng1UjMsviljNXsBgS41B
cpxGQ+fVO0cPWIoprVd6b7A6CJ80I/gjgY+7X/kCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQCqPV0RJBSM/b6s/AaENW0Pz7kJjAfBgNVHSMEGDAWgBQwdNZR3+xLDTce
AlBbH4aT7R2OAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IVFdVZF9zU3cwM0hnSlFXeC1Hay0wZGpnSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvMjEyODNmLWY3YWEtNGE2Ny05NTcwLTkyYmEyZDUwNzdjMy8x
L0FxajFkRVNRVWpQMi1yUHdHaERWdEQ4LTVDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
MjEyODNmLWY3YWEtNGE2Ny05NTcwLTkyYmEyZDUwNzdjMy8xL01IVFdVZF9zU3cw
M0hnSlFXeC1Hay0wZGpnSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAi1ZqAMEArlooDAUBAIAAjAOAwUD
KgYyAAMFAyoPp8AwDQYJKoZIhvcNAQELBQADggEBAFgR+CWzyqB47KJ36fjCWfuF
5ZQqondyvR6wrC2lCOeAaSuq4gvDnvt4IfI41MqNnYyvUDSFL7z40Q9wNb9kG7xS
m6acf83P5UsK0PtSdbKlA2rFtOFx0Fnbz2nuOTRPDsTgy0Ycr7r71Gm2mRiul/cw
lfZ0gVZ2JfA82BAH/Gob8/Gfwgd1/JENUQoev2tc52Jv1bpGTOAXPKd7gbws7t/5
kuNv2gg5w+j476ahFcxoGemzEBiQzBZ5XHp0gsKWPNKybERgPpT43HRNqvE3R8Gz
BJWmhpLKpKM7laHgsy2lj4QgXKq2m+0/5Q/y/btNcQ1n+q6xyjAomLEd8f8QYQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org