Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/fEW7eq90di_DjBgRbH3xdTpTtUQ.roa
File:                     fEW7eq90di_DjBgRbH3xdTpTtUQ.roa (raw, json)
Hash identifier:          9geZgRAcz7lctTXMZ+JRX7QjrkSI9MOXORnpi4M9fEc=
Subject key identifier:   7C:45:BB:7A:AF:74:76:2F:C3:8C:18:11:6C:7D:F1:75:3A:53:B5:44
Certificate issuer:       /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial:       134ED096
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/fEW7eq90di_DjBgRbH3xdTpTtUQ.roa
Signing time:             Sat 01 Jan 2022 05:54:05 +0000
ROA not before:           Sat 01 Jan 2022 05:54:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211092
IP address blocks:        37.157.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 323932310 (0x134ed096)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
        Validity
            Not Before: Jan  1 05:54:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c45bb7aaf74762fc38c18116c7df1753a53b544
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3d:c6:ca:77:02:71:8e:ea:5d:a5:94:43:57:
                    b7:6b:6a:bd:5d:3a:88:d8:ae:96:91:fd:fe:25:37:
                    b8:7b:5d:c8:92:22:b8:96:77:88:8b:b0:c2:f7:c2:
                    50:b7:2f:03:0a:25:9e:bf:f8:24:1e:61:f3:37:50:
                    06:b0:be:22:3e:eb:fd:42:b8:fe:d1:cf:61:24:1d:
                    c7:b4:28:82:72:d5:d7:f8:c7:78:12:c4:28:c1:46:
                    54:6f:ba:ac:82:1f:e7:3e:9b:c1:cf:22:ae:b2:5a:
                    93:2c:9b:4e:6b:bf:8a:c1:88:3d:d1:04:c5:08:05:
                    9a:18:0f:b3:72:1b:1d:f4:15:dd:fa:d2:20:47:eb:
                    56:ac:03:14:7b:8c:5b:83:f7:8a:22:99:6f:f4:1f:
                    2d:c5:1c:cb:0f:6f:ae:b2:c6:36:7f:6c:13:46:91:
                    df:17:d8:89:2a:e3:4d:9c:db:99:b2:44:b7:d9:23:
                    7b:df:7b:4d:11:a1:36:3f:40:4f:4c:ca:c3:d7:83:
                    68:0d:e3:2a:8c:97:7f:34:24:a7:a1:23:78:70:5d:
                    76:a7:09:9e:0c:4b:cc:05:a1:59:6b:5d:4e:25:38:
                    46:d2:59:5d:ff:c1:dc:cf:18:00:1e:49:33:2e:25:
                    4d:c0:02:22:36:f4:66:9b:5c:76:33:0b:54:6e:b0:
                    bb:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:45:BB:7A:AF:74:76:2F:C3:8C:18:11:6C:7D:F1:75:3A:53:B5:44
            X509v3 Authority Key Identifier:
                keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/fEW7eq90di_DjBgRbH3xdTpTtUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.157.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:ce:72:8e:03:17:52:3b:83:69:93:54:b8:1a:81:90:5b:f3:
         ce:3a:bf:22:c9:78:d4:af:b7:bc:99:23:40:4f:84:8d:59:53:
         4b:d4:bc:54:47:b2:5e:6f:f9:46:8e:ab:ba:8b:ac:e2:39:75:
         c7:08:2d:cb:86:3d:f7:4b:b1:78:11:20:1e:39:7c:23:12:57:
         71:69:e4:b6:fe:f0:6d:18:09:86:33:85:e5:5b:7a:ed:99:72:
         ef:78:b0:de:51:b3:25:40:09:ba:af:b7:4b:f5:59:14:04:32:
         2b:e2:02:af:6c:dc:eb:cd:cc:ea:a1:25:12:0e:60:55:4b:cf:
         1c:7a:ac:86:6e:72:0e:92:41:b1:ad:a9:c2:34:7b:70:11:ff:
         df:8e:2a:70:6c:af:a1:df:15:19:8c:e9:81:ee:0b:a4:df:56:
         7a:1b:61:1d:1a:31:b3:d3:5c:69:3a:e3:ba:ff:56:0d:4d:56:
         ee:2a:da:66:26:4f:b2:b5:4d:5e:c4:02:77:6a:cb:fb:50:11:
         46:53:d3:18:35:b2:c5:6d:fe:21:62:65:13:76:c3:09:46:b8:
         72:0e:bf:2c:01:77:99:7a:10:71:df:02:31:80:ab:65:bd:34:
         47:52:d5:03:ec:d7:f1:77:17:68:9f:96:52:7b:1e:de:29:ba:
         9d:f6:76:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE07QljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzkwYzM1NmUyODY0ZjQzODk0ODU3NDQzNTU1ZDhiNWMwMzUyODE5MB4XDTIyMDEw
MTA1NTQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M0NWJiN2FhZjc0
NzYyZmMzOGMxODExNmM3ZGYxNzUzYTUzYjU0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJI9xsp3AnGO6l2llENXt2tqvV06iNiulpH9/iU3uHtdyJIi
uJZ3iIuwwvfCULcvAwolnr/4JB5h8zdQBrC+Ij7r/UK4/tHPYSQdx7QognLV1/jH
eBLEKMFGVG+6rIIf5z6bwc8irrJakyybTmu/isGIPdEExQgFmhgPs3IbHfQV3frS
IEfrVqwDFHuMW4P3iiKZb/QfLcUcyw9vrrLGNn9sE0aR3xfYiSrjTZzbmbJEt9kj
e997TRGhNj9AT0zKw9eDaA3jKoyXfzQkp6EjeHBddqcJngxLzAWhWWtdTiU4RtJZ
Xf/B3M8YAB5JMy4lTcACIjb0ZptcdjMLVG6wu+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8Rbt6r3R2L8OMGBFsffF1OlO1RDAfBgNVHSMEGDAWgBQMkMNW4oZPQ4lI
V0Q1Vdi1wDUoGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RKRERWdUtHVDBPSlNGZEVOVlhZdGNBMUtCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYWM1YTU2LTE2M2EtNDk3YS05NTQ3LWUzNzk5YWRlOWRmZS8x
L2ZFVzdlcTkwZGlfRGpCZ1JiSDN4ZFRwVHRVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YWM1YTU2LTE2M2EtNDk3YS05NTQ3LWUzNzk5YWRlOWRmZS8xL0RKRERWdUtHVDBP
SlNGZEVOVlhZdGNBMUtCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWd0zANBgkqhkiG9w0BAQsFAAOC
AQEAqs5yjgMXUjuDaZNUuBqBkFvzzjq/Isl41K+3vJkjQE+EjVlTS9S8VEeyXm/5
Ro6ruous4jl1xwgty4Y990uxeBEgHjl8IxJXcWnktv7wbRgJhjOF5Vt67Zly73iw
3lGzJUAJuq+3S/VZFAQyK+ICr2zc683M6qElEg5gVUvPHHqshm5yDpJBsa2pwjR7
cBH/344qcGyvod8VGYzpge4LpN9WehthHRoxs9NcaTrjuv9WDU1W7iraZiZPsrVN
XsQCd2rL+1ARRlPTGDWyxW3+IWJlE3bDCUa4cg6/LAF3mXoQcd8CMYCrZb00R1LV
A+zX8XcXaJ+WUnse3im6nfZ2Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:49 2024 by rpki-client on console-ams.rpki-client.org