Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa
File:                     Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa (raw, json)
Hash identifier:          NPZK7uiw/1wf4XqFbD4SkHo12JLDDdCbe58/REcxDSs=
Subject key identifier:   2D:DB:22:FA:FA:D9:22:49:FD:BC:9C:9D:E6:B5:09:23:EF:48:AA:33
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1982A55C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa
Signing time:             Wed 06 Apr 2022 22:31:21 +0000
ROA not before:           Wed 06 Apr 2022 22:31:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21859
IP address blocks:        91.189.186.0/24 maxlen: 32
                          37.10.112.0/24 maxlen: 32
                          185.240.218.0/24 maxlen: 32
                          5.253.137.0/24 maxlen: 32
                          185.171.3.0/24 maxlen: 32
                          79.143.55.0/24 maxlen: 32
                          193.222.103.0/24 maxlen: 32
                          147.78.220.0/24 maxlen: 32
                          193.149.160.0/24 maxlen: 32
                          185.224.146.0/24 maxlen: 32
                          185.226.73.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 427992412 (0x1982a55c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Apr  6 22:31:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ddb22fafad92249fdbc9c9de6b50923ef48aa33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:45:dd:88:25:c6:dc:41:b2:91:8f:bf:8b:00:
                    2f:ec:52:a2:d6:db:65:9a:23:63:1a:6f:48:93:ae:
                    04:e4:5d:18:94:5b:de:5a:a8:81:f4:00:7a:b5:de:
                    70:ba:db:8e:a9:c7:77:11:4d:39:5f:c2:8b:44:ba:
                    c0:18:91:f2:dc:1c:44:11:6e:b2:39:78:0c:e2:24:
                    4f:f3:c0:19:53:94:7e:e4:4d:b4:f8:24:06:04:40:
                    cf:0c:60:1b:70:c5:11:38:5d:73:7b:46:10:0d:8f:
                    43:97:df:30:fc:ee:da:01:cc:c0:82:91:54:37:33:
                    9b:76:66:7c:10:a2:de:8d:f8:25:0b:f2:31:93:08:
                    58:67:a6:e1:44:06:59:e8:36:d1:0d:33:cf:f9:d3:
                    3b:1f:cb:cd:fc:cd:70:d5:dd:bc:b5:f6:a6:3c:0d:
                    70:74:d3:9d:c2:43:c9:0a:d3:35:d2:95:21:e4:8e:
                    e1:52:7c:4d:19:17:3b:3e:c6:a1:d5:9a:d4:89:6b:
                    f8:47:50:0d:ff:d8:47:4d:77:f2:08:05:99:84:8c:
                    54:da:e4:0a:ff:b9:66:2c:fe:83:79:b8:61:1f:c8:
                    73:5f:05:87:bd:e7:1f:b1:28:6a:42:a1:7f:28:dd:
                    9c:cf:f8:26:5e:17:66:ef:cd:2c:ba:f3:aa:27:a0:
                    89:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:DB:22:FA:FA:D9:22:49:FD:BC:9C:9D:E6:B5:09:23:EF:48:AA:33
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.137.0/24
                  37.10.112.0/24
                  79.143.55.0/24
                  91.189.186.0/24
                  147.78.220.0/24
                  185.171.3.0/24
                  185.224.146.0/24
                  185.226.73.0/24
                  185.240.218.0/24
                  193.149.160.0/24
                  193.222.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:1c:03:05:42:f9:68:93:54:66:c7:7c:7d:14:b5:61:96:ef:
         23:c7:46:c7:8b:50:41:8b:1b:87:fa:23:c2:0c:10:5d:cb:7a:
         d2:d5:ac:4a:ea:55:8d:eb:1d:22:ae:cf:2d:7d:aa:06:0d:e3:
         0b:f0:40:92:7d:35:fd:e0:8b:12:22:c2:86:81:bb:87:43:31:
         59:82:6e:a0:5d:06:2f:99:54:53:8b:fc:ac:2c:61:e7:51:5b:
         a0:b9:09:35:c9:d9:53:6f:69:51:7b:cf:0c:c9:a9:9a:a7:3b:
         9c:e4:74:0e:0d:d1:64:50:40:25:da:47:26:e4:9a:39:8d:c0:
         89:ac:4d:59:a2:de:1a:d0:4b:96:57:b7:b3:e5:09:71:ba:ff:
         13:23:12:39:59:43:65:5b:5c:40:72:35:d8:3d:46:28:9f:00:
         ea:02:aa:19:3a:55:b9:2f:b2:2b:a5:2c:2c:bd:bb:6c:b7:da:
         71:f6:c2:5e:73:0a:bc:64:a5:8c:b9:4a:80:5d:13:27:f6:ae:
         7e:0c:7e:2e:67:40:59:5a:38:8a:1e:03:4c:72:bc:b9:31:b6:
         46:e5:18:b4:4d:4e:89:d6:b1:1f:e8:6e:09:89:c4:ea:0f:68:
         54:dd:76:82:47:2e:8a:b1:e1:20:df:c4:f4:30:ef:92:b0:f4:
         40:1b:0c:c8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEGYKlXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NjIyMzEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRkYjIyZmFmYWQ5
MjI0OWZkYmM5YzlkZTZiNTA5MjNlZjQ4YWEzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdF3YglxtxBspGPv4sAL+xSotbbZZojYxpvSJOuBORdGJRb
3lqogfQAerXecLrbjqnHdxFNOV/Ci0S6wBiR8twcRBFusjl4DOIkT/PAGVOUfuRN
tPgkBgRAzwxgG3DFEThdc3tGEA2PQ5ffMPzu2gHMwIKRVDczm3ZmfBCi3o34JQvy
MZMIWGem4UQGWeg20Q0zz/nTOx/LzfzNcNXdvLX2pjwNcHTTncJDyQrTNdKVIeSO
4VJ8TRkXOz7GodWa1Ilr+EdQDf/YR0138ggFmYSMVNrkCv+5Ziz+g3m4YR/Ic18F
h73nH7EoakKhfyjdnM/4Jl4XZu/NLLrzqiegiXMCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQt2yL6+tkiSf28nJ3mtQkj70iqMzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0xkc2ktdnJaSWtuOXZKeWQ1clVKSS05SXFqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAAX9iQMEACUKcAMEAE+PNwMEAFu9
ugMEAJNO3AMEALmrAwMEALngkgMEALniSQMEALnw2gMEAMGVoAMEAMHeZzANBgkq
hkiG9w0BAQsFAAOCAQEAyRwDBUL5aJNUZsd8fRS1YZbvI8dGx4tQQYsbh/ojwgwQ
Xct60tWsSupVjesdIq7PLX2qBg3jC/BAkn01/eCLEiLChoG7h0MxWYJuoF0GL5lU
U4v8rCxh51FboLkJNcnZU29pUXvPDMmpmqc7nOR0Dg3RZFBAJdpHJuSaOY3AiaxN
WaLeGtBLlle3s+UJcbr/EyMSOVlDZVtcQHI12D1GKJ8A6gKqGTpVuS+yK6UsLL27
bLfacfbCXnMKvGSljLlKgF0TJ/aufgx+LmdAWVo4ih4DTHK8uTG2RuUYtE1Oidax
H+huCYnE6g9oVN12gkcuirHhIN/E9DDvkrD0QBsMyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org