Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hNII8eFi-ivrds7aC2mNrplJgKk.roa
File:                     hNII8eFi-ivrds7aC2mNrplJgKk.roa (raw, json)
Hash identifier:          qKU4V3zH8DvbRyOf82/JaVaHr0gA5qqxaZwhBGT5068=
Subject key identifier:   84:D2:08:F1:E1:62:FA:2B:EB:76:CE:DA:0B:69:8D:AE:99:49:80:A9
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       0613F313
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hNII8eFi-ivrds7aC2mNrplJgKk.roa
Signing time:             Fri 25 Feb 2022 15:23:27 +0000
ROA not before:           Fri 25 Feb 2022 15:23:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        94.26.89.0/24 maxlen: 24
                          78.159.131.0/24 maxlen: 24
                          91.92.33.0/24 maxlen: 24
                          91.92.34.0/24 maxlen: 24
                          93.152.205.0/24 maxlen: 24
                          91.92.49.0/24 maxlen: 24
                          45.141.233.0/24 maxlen: 24
                          45.141.232.0/24 maxlen: 24
                          45.141.234.0/24 maxlen: 24
                          45.141.235.0/24 maxlen: 24
                          78.159.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101970707 (0x613f313)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Feb 25 15:23:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84d208f1e162fa2beb76ceda0b698dae994980a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:09:04:b8:43:66:e9:f1:44:aa:d8:6f:67:46:
                    2e:0a:0c:17:38:58:06:6e:80:0b:93:5a:da:38:0b:
                    ce:f6:16:a8:02:22:d1:ec:cf:65:a2:dd:e0:28:3c:
                    26:c2:ad:32:41:ab:b7:ac:4e:ea:96:38:27:6e:f9:
                    7c:bf:a6:b8:88:e7:65:17:a3:17:0e:d4:1b:f7:2d:
                    84:e9:22:06:d4:12:93:9b:de:d7:ee:f9:ff:04:24:
                    3e:ff:47:79:95:e3:4c:bd:4b:5d:83:66:ed:70:56:
                    55:dd:b3:97:9d:b9:0a:71:bb:38:59:51:40:e0:03:
                    d6:41:d4:a9:e9:b4:17:c0:9e:63:c7:aa:3b:b4:c1:
                    2c:3a:6a:5e:4c:5c:9f:7a:2a:cb:27:75:bc:bc:b4:
                    69:70:0f:9c:f4:d4:fc:fc:03:53:84:26:b2:66:ad:
                    55:a6:ba:ec:ac:7d:06:08:b5:df:7a:b9:5d:5d:03:
                    71:08:03:92:b1:b2:18:0b:43:26:12:68:92:4b:8b:
                    5d:0b:46:7d:8a:5b:9d:39:9c:30:aa:18:05:2b:14:
                    55:9c:f2:b2:16:3a:ed:d0:fe:7d:2d:e8:0b:de:7a:
                    f7:d0:cf:91:8c:10:db:ec:fa:e1:74:45:aa:28:5b:
                    aa:6d:bc:a3:72:7b:15:b8:4a:5a:85:04:08:d5:9d:
                    66:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D2:08:F1:E1:62:FA:2B:EB:76:CE:DA:0B:69:8D:AE:99:49:80:A9
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hNII8eFi-ivrds7aC2mNrplJgKk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.232.0/22
                  78.159.131.0/24
                  78.159.156.0/24
                  91.92.33.0-91.92.34.255
                  91.92.49.0/24
                  93.152.205.0/24
                  94.26.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:73:6f:f2:67:98:3d:2d:fb:96:71:7e:e7:b7:89:1f:45:2c:
         55:09:f9:29:7a:8f:eb:3f:39:2b:d9:10:d5:15:97:0f:4f:79:
         73:ff:f0:0f:41:75:a9:0b:70:e6:b4:83:fc:3f:e7:b6:e2:55:
         7f:61:d7:0a:90:1f:df:f0:ee:87:d7:e2:58:1e:24:68:90:1b:
         48:9b:70:de:f2:c3:67:1c:93:a7:db:c2:59:1f:83:e4:ca:9f:
         da:80:7b:c0:a1:76:2d:a9:3b:19:3c:90:19:44:0e:42:08:47:
         b4:27:e2:12:ed:a6:05:ab:bf:f2:c1:2b:fe:ee:29:30:fe:8d:
         4e:c6:bd:26:8d:1c:95:98:f3:a8:8b:10:10:ff:e7:fe:3a:42:
         d9:bb:b4:c3:64:ca:a8:e2:a6:c7:a6:16:e2:1a:28:13:5a:28:
         77:73:6e:84:cc:06:37:43:47:28:a3:ed:bd:84:e8:20:31:d7:
         2e:2f:42:8c:59:c2:68:00:19:8b:75:26:93:0d:1c:3d:3a:e0:
         63:52:2a:25:00:8f:66:f8:ab:68:36:43:17:11:df:5d:f3:fb:
         da:f1:b1:62:5b:ca:1d:ed:58:44:47:df:15:0e:58:8b:b3:cd:
         92:4b:c7:be:bc:f5:be:9b:30:3d:ef:6f:e8:ae:bc:5d:48:ed:
         5a:e0:73:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBhPzEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIy
NTE1MjMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRkMjA4ZjFlMTYy
ZmEyYmViNzZjZWRhMGI2OThkYWU5OTQ5ODBhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8JBLhDZunxRKrYb2dGLgoMFzhYBm6AC5Na2jgLzvYWqAIi
0ezPZaLd4Cg8JsKtMkGrt6xO6pY4J275fL+muIjnZRejFw7UG/cthOkiBtQSk5ve
1+75/wQkPv9HeZXjTL1LXYNm7XBWVd2zl525CnG7OFlRQOAD1kHUqem0F8CeY8eq
O7TBLDpqXkxcn3oqyyd1vLy0aXAPnPTU/PwDU4QmsmatVaa67Kx9Bgi133q5XV0D
cQgDkrGyGAtDJhJokkuLXQtGfYpbnTmcMKoYBSsUVZzyshY67dD+fS3oC95699DP
kYwQ2+z64XRFqihbqm28o3J7FbhKWoUECNWdZu8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSE0gjx4WL6K+t2ztoLaY2umUmAqTAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L2hOSUk4ZUZpLWl2cmRzN2FDMm1OcnBsSmdLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAi2N6AMEAE6fgwMEAE6fnDAMAwQA
W1whAwQAW1wiAwQAW1wxAwQAXZjNAwQAXhpZMA0GCSqGSIb3DQEBCwUAA4IBAQCL
c2/yZ5g9LfuWcX7nt4kfRSxVCfkpeo/rPzkr2RDVFZcPT3lz//APQXWpC3DmtIP8
P+e24lV/YdcKkB/f8O6H1+JYHiRokBtIm3De8sNnHJOn28JZH4Pkyp/agHvAoXYt
qTsZPJAZRA5CCEe0J+IS7aYFq7/ywSv+7ikw/o1Oxr0mjRyVmPOoixAQ/+f+OkLZ
u7TDZMqo4qbHphbiGigTWih3c26EzAY3Q0coo+29hOggMdcuL0KMWcJoABmLdSaT
DRw9OuBjUiolAI9m+KtoNkMXEd9d8/va8bFiW8od7VhER98VDliLs82SS8e+vPW+
mzA972/orrxdSO1a4HOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org