Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zQd0XCU_W3xBDH34yjMXPiReLN8.roa
File:                     zQd0XCU_W3xBDH34yjMXPiReLN8.roa (raw, json)
Hash identifier:          ECdcX84p1agW16l2geZEUoYJMnYYhNLr0yS3vjeb2mM=
Subject key identifier:   CD:07:74:5C:25:3F:5B:7C:41:0C:7D:F8:CA:33:17:3E:24:5E:2C:DF
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       1839F17B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zQd0XCU_W3xBDH34yjMXPiReLN8.roa
Signing time:             Fri 04 Mar 2022 09:02:19 +0000
ROA not before:           Fri 04 Mar 2022 09:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56382
IP address blocks:        185.90.162.0/24 maxlen: 24
                          178.251.231.0/24 maxlen: 24
                          45.155.251.0/24 maxlen: 24
                          45.155.250.0/24 maxlen: 24
                          45.155.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 406450555 (0x1839f17b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Mar  4 09:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd07745c253f5b7c410c7df8ca33173e245e2cdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:aa:f9:46:ce:a0:fa:99:5c:1b:b9:12:96:b1:
                    c6:c0:a4:13:8b:13:59:a1:c5:c1:68:e2:e8:1e:b8:
                    59:54:5f:12:f5:e9:70:2b:42:2e:ec:58:ef:8b:c8:
                    98:e0:d7:d2:32:19:98:5c:93:21:79:06:45:34:69:
                    5d:b9:6a:ff:53:8d:95:88:21:99:41:f2:71:1a:0b:
                    4a:85:ac:a9:f6:d2:fa:90:4d:b0:9c:29:ea:dc:50:
                    61:39:09:4a:a3:a8:33:44:d9:85:36:1b:d7:dc:63:
                    5f:46:57:8d:e7:38:bd:c1:5a:1a:a2:10:ee:f3:d9:
                    90:98:8e:25:6a:dc:46:6f:94:22:b5:c3:d9:15:22:
                    b4:ab:01:18:6e:cf:19:6c:57:c9:e4:1f:13:27:19:
                    89:9d:48:04:21:24:ef:3f:94:8c:2b:98:39:e8:c6:
                    c2:17:33:07:ab:a9:ff:54:8a:10:27:c6:19:b6:33:
                    4b:27:94:d4:3b:ba:78:70:bb:e2:8f:69:c3:ec:d1:
                    0d:b6:20:17:01:5d:a3:e1:41:c0:ee:0b:f9:6b:a9:
                    96:86:7b:71:7d:a6:22:48:d3:c9:f2:6d:50:03:bb:
                    24:a9:a2:54:40:aa:4e:48:d8:d8:ab:41:57:13:e5:
                    0f:4c:17:05:2b:b8:fb:fa:ad:5e:91:c3:72:cd:5a:
                    45:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:07:74:5C:25:3F:5B:7C:41:0C:7D:F8:CA:33:17:3E:24:5E:2C:DF
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/zQd0XCU_W3xBDH34yjMXPiReLN8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.249.0-45.155.251.255
                  178.251.231.0/24
                  185.90.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:a0:97:e3:25:08:30:db:59:ca:8b:da:89:5b:cc:c7:e6:e1:
         a0:2f:9a:47:0a:4e:ec:2d:eb:9a:db:69:1b:84:b2:53:81:ed:
         34:04:13:d4:fb:c6:4f:8b:a5:cb:73:57:86:42:90:d2:5a:7f:
         b5:6a:d0:7b:31:db:7e:39:b6:23:1b:1d:13:ea:07:a8:d3:a4:
         01:72:f7:b9:b4:72:b9:3d:01:53:1e:1f:25:9b:17:64:7f:79:
         d7:f3:af:a4:f3:12:76:de:9f:ed:b0:fc:a3:07:8c:cc:69:8f:
         6b:36:52:86:d9:25:57:c0:16:c0:6d:27:46:dd:57:6b:11:3c:
         2e:5c:8f:3f:bd:34:1f:e8:b3:8e:96:6f:a1:ae:42:90:cc:e1:
         85:85:4a:db:60:41:35:4d:d5:88:2b:39:c6:84:84:94:b0:6a:
         7f:7e:30:0d:79:43:3a:ad:f2:ba:bd:52:79:f1:c7:1a:86:08:
         37:65:df:3a:14:ce:0d:9a:30:36:ae:7d:c5:bf:da:ec:47:a8:
         34:97:07:c8:c3:19:f8:d7:44:9f:fb:21:a4:c7:07:00:46:a6:
         75:2d:19:d6:7a:e6:25:b8:3d:01:66:dc:c3:f4:19:d4:a0:94:
         b7:36:e7:ed:71:e0:9f:ab:6e:0c:b8:ba:f2:e6:7c:40:b0:42:
         6e:ba:77:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEGDnxezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDMw
NDA5MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QwNzc0NWMyNTNm
NWI3YzQxMGM3ZGY4Y2EzMzE3M2UyNDVlMmNkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCq+UbOoPqZXBu5EpaxxsCkE4sTWaHFwWji6B64WVRfEvXp
cCtCLuxY74vImODX0jIZmFyTIXkGRTRpXblq/1ONlYghmUHycRoLSoWsqfbS+pBN
sJwp6txQYTkJSqOoM0TZhTYb19xjX0ZXjec4vcFaGqIQ7vPZkJiOJWrcRm+UIrXD
2RUitKsBGG7PGWxXyeQfEycZiZ1IBCEk7z+UjCuYOejGwhczB6up/1SKECfGGbYz
SyeU1Du6eHC74o9pw+zRDbYgFwFdo+FBwO4L+WuploZ7cX2mIkjTyfJtUAO7JKmi
VECqTkjY2KtBVxPlD0wXBSu4+/qtXpHDcs1aRUUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTNB3RcJT9bfEEMffjKMxc+JF4s3zAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L3pRZDBYQ1VfVzN4QkRIMzR5ak1YUGlSZUxOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQALZv5AwQCLZv4AwQAsvvnAwQA
uVqiMA0GCSqGSIb3DQEBCwUAA4IBAQBqoJfjJQgw21nKi9qJW8zH5uGgL5pHCk7s
Leua22kbhLJTge00BBPU+8ZPi6XLc1eGQpDSWn+1atB7Mdt+ObYjGx0T6geo06QB
cve5tHK5PQFTHh8lmxdkf3nX86+k8xJ23p/tsPyjB4zMaY9rNlKG2SVXwBbAbSdG
3VdrETwuXI8/vTQf6LOOlm+hrkKQzOGFhUrbYEE1TdWIKznGhISUsGp/fjANeUM6
rfK6vVJ58ccahgg3Zd86FM4NmjA2rn3Fv9rsR6g0lwfIwxn410Sf+yGkxwcARqZ1
LRnWeuYluD0BZtzD9BnUoJS3NuftceCfq24MuLry5nxAsEJuunfA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org