Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa
File:                     me3d1gTzT_S6wPm2w_zw9XN365o.roa (raw, json)
Hash identifier:          ElqsN4M/seXz2HnuSfyFrBdFo3QEJdg+EJ1SV3PxdVo=
Subject key identifier:   99:ED:DD:D6:04:F3:4F:F4:BA:C0:F9:B6:C3:FC:F0:F5:73:77:EB:9A
Certificate issuer:       /CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Certificate serial:       072BA88D
Authority key identifier: BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa
Signing time:             Sat 01 Jan 2022 02:54:12 +0000
ROA not before:           Sat 01 Jan 2022 02:54:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200031
IP address blocks:        91.195.57.0/24 maxlen: 24
                          91.195.56.0/23 maxlen: 23
                          91.195.56.0/24 maxlen: 24
                          45.159.165.0/24 maxlen: 24
                          45.159.164.0/23 maxlen: 23
                          45.159.164.0/22 maxlen: 22
                          45.159.164.0/24 maxlen: 24
                          45.159.166.0/24 maxlen: 24
                          45.159.167.0/24 maxlen: 24
                          45.159.166.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120301709 (0x72ba88d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
        Validity
            Not Before: Jan  1 02:54:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=99edddd604f34ff4bac0f9b6c3fcf0f57377eb9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f1:87:fd:aa:01:76:2a:88:66:9f:eb:04:12:
                    ae:06:de:f2:42:17:ba:e3:ee:4c:3f:ff:ab:bc:e4:
                    38:72:82:ca:0d:86:c7:1e:7b:b5:8e:c2:92:f0:4f:
                    ef:c0:a8:66:76:36:97:c2:6c:d4:29:7c:8a:ae:28:
                    0d:52:a9:a4:2f:83:98:32:7e:c6:d3:63:55:ae:01:
                    61:e0:63:45:ac:0f:07:f2:a4:09:3c:1b:13:75:1d:
                    f2:9e:a6:35:f6:a6:eb:03:04:84:05:12:c6:5d:e6:
                    49:dd:26:bf:ab:0e:01:08:9c:ec:3e:76:66:ee:8d:
                    9b:ae:65:a5:0f:f6:e6:95:73:df:34:26:31:eb:d0:
                    ad:b6:8e:40:9b:b3:17:6b:42:43:aa:ee:4f:19:2c:
                    b2:b6:9a:47:c4:78:08:56:f3:15:30:3e:c0:47:63:
                    df:3f:4d:a2:c7:71:a0:dd:64:36:bb:d8:b6:52:a7:
                    57:78:26:f0:d2:f9:d3:b7:e3:d2:10:22:cc:ad:29:
                    f6:cb:23:0d:15:2b:da:7f:06:84:33:06:c7:e2:f7:
                    ff:49:3f:9e:1a:00:18:e6:fc:4b:cc:69:b1:af:c2:
                    73:d4:4d:3e:15:65:87:1a:de:5c:91:99:59:07:28:
                    da:1b:60:d7:42:ae:d2:fe:75:a4:01:d1:cb:2f:14:
                    c6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:ED:DD:D6:04:F3:4F:F4:BA:C0:F9:B6:C3:FC:F0:F5:73:77:EB:9A
            X509v3 Authority Key Identifier:
                keyid:BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/me3d1gTzT_S6wPm2w_zw9XN365o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/v85V0V6xGeUtb6_NOXPi9tTyI_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.164.0/22
                  91.195.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:34:21:8a:b0:90:aa:f9:05:ba:62:a6:b1:ea:6d:95:24:17:
         5f:34:07:5b:68:be:4a:ad:f5:9f:a8:0d:77:97:6d:d3:46:ad:
         ce:ed:df:2d:92:1f:20:b4:f5:22:b4:47:ac:2f:bb:8a:7f:25:
         ff:92:e6:bd:b8:dc:a5:d8:89:db:e9:55:7a:64:46:01:74:f0:
         98:8b:4f:d3:c7:2e:aa:f4:56:b2:cc:15:d6:a4:0b:bf:ed:56:
         50:f3:15:23:75:80:f7:27:9f:90:2c:09:34:6d:db:5b:2e:61:
         7f:2a:51:fb:9f:de:29:50:74:12:ab:3d:e6:19:94:ff:eb:7a:
         80:30:22:5d:6c:a6:b9:0a:b5:f5:6b:c5:d8:97:16:e1:13:5e:
         a3:07:56:fc:cf:34:6a:f0:90:dd:6b:9a:b7:39:30:66:d8:3a:
         e1:c4:8d:4a:9b:56:4b:30:ad:61:4e:22:54:31:e8:65:ab:6c:
         a7:41:c3:be:7d:f8:f8:dd:62:45:4b:fe:f3:67:9f:cc:20:6b:
         8e:46:a3:ba:2e:08:9a:82:5a:1d:11:72:9b:44:b7:d4:94:6f:
         b7:f1:71:24:6e:ea:c2:53:0d:42:93:c2:28:37:43:be:34:fd:
         8a:83:d2:83:42:cf:50:f3:09:62:a2:eb:c2:b7:77:9a:ee:c3:
         8a:3e:aa:71
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEByuojTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmNlNTVkMTVlYjExOWU1MmQ2ZmFmY2QzOTczZTJmNmQ0ZjIyM2YyMB4XDTIyMDEw
MTAyNTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTllZGRkZDYwNGYz
NGZmNGJhYzBmOWI2YzNmY2YwZjU3Mzc3ZWI5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzxh/2qAXYqiGaf6wQSrgbe8kIXuuPuTD//q7zkOHKCyg2G
xx57tY7CkvBP78CoZnY2l8Js1Cl8iq4oDVKppC+DmDJ+xtNjVa4BYeBjRawPB/Kk
CTwbE3Ud8p6mNfam6wMEhAUSxl3mSd0mv6sOAQic7D52Zu6Nm65lpQ/25pVz3zQm
MevQrbaOQJuzF2tCQ6ruTxkssraaR8R4CFbzFTA+wEdj3z9NosdxoN1kNrvYtlKn
V3gm8NL507fj0hAizK0p9ssjDRUr2n8GhDMGx+L3/0k/nhoAGOb8S8xpsa/Cc9RN
PhVlhxreXJGZWQco2htg10Ku0v51pAHRyy8UxpsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSZ7d3WBPNP9LrA+bbD/PD1c3frmjAfBgNVHSMEGDAWgBS/zlXRXrEZ5S1v
r805c+L21PIj8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y4NVYwVjZ4R2VVdGI2X05PWFBpOXRUeUlfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZWNlNWM3LTIxNDMtNGRiNC05ODU3LTA1MmNmMDFkMjA0OC8x
L21lM2QxZ1R6VF9TNndQbTJ3X3p3OVhOMzY1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZWNlNWM3LTIxNDMtNGRiNC05ODU3LTA1MmNmMDFkMjA0OC8xL3Y4NVYwVjZ4R2VV
dGI2X05PWFBpOXRUeUlfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2fpAMEAVvDODANBgkqhkiG9w0B
AQsFAAOCAQEAeTQhirCQqvkFumKmseptlSQXXzQHW2i+Sq31n6gNd5dt00atzu3f
LZIfILT1IrRHrC+7in8l/5LmvbjcpdiJ2+lVemRGAXTwmItP08cuqvRWsswV1qQL
v+1WUPMVI3WA9yefkCwJNG3bWy5hfypR+5/eKVB0Eqs95hmU/+t6gDAiXWymuQq1
9WvF2JcW4RNeowdW/M80avCQ3WuatzkwZtg64cSNSptWSzCtYU4iVDHoZatsp0HD
vn34+N1iRUv+82efzCBrjkajui4ImoJaHRFym0S31JRvt/FxJG7qwlMNQpPCKDdD
vjT9ioPSg0LPUPMJYqLrwrd3mu7Dij6qcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:38 2024 by rpki-client on console-ams.rpki-client.org