Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/stYzR5nGuiBs0Fv-XE1_QJkvppw.roa
File:                     stYzR5nGuiBs0Fv-XE1_QJkvppw.roa (raw, json)
Hash identifier:          XWjCsvsFnjyYduNMIINo4yhM3fnIys39etpZJY4dVYw=
Subject key identifier:   B2:D6:33:47:99:C6:BA:20:6C:D0:5B:FE:5C:4D:7F:40:99:2F:A6:9C
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       063DA1A5
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/stYzR5nGuiBs0Fv-XE1_QJkvppw.roa
Signing time:             Sat 12 Mar 2022 17:29:58 +0000
ROA not before:           Sat 12 Mar 2022 17:29:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        94.26.89.0/24 maxlen: 24
                          78.159.131.0/24 maxlen: 24
                          91.92.33.0/24 maxlen: 24
                          91.92.34.0/24 maxlen: 24
                          93.152.208.0/24 maxlen: 24
                          91.92.49.0/24 maxlen: 24
                          45.141.233.0/24 maxlen: 24
                          45.141.232.0/24 maxlen: 24
                          45.141.234.0/24 maxlen: 24
                          45.141.235.0/24 maxlen: 24
                          78.159.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104702373 (0x63da1a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Mar 12 17:29:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2d6334799c6ba206cd05bfe5c4d7f40992fa69c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8a:95:df:8e:74:b7:16:bc:5c:58:40:a3:b8:
                    62:6d:ed:27:e4:fb:f6:22:dc:04:c2:41:48:66:68:
                    ad:7d:93:43:b0:80:c9:04:ec:69:bc:5e:9c:56:2e:
                    cd:db:1c:13:25:7e:bd:98:6b:31:4a:a7:a1:cf:d7:
                    46:a3:84:40:31:92:20:75:0c:8f:82:5f:59:8a:c9:
                    4b:b1:a7:8b:ea:16:97:66:e3:d5:09:69:1b:6b:e4:
                    72:8a:43:13:ff:86:46:d5:a6:ef:70:f8:40:a0:3d:
                    68:2d:82:ae:ac:9d:d5:8b:ff:79:9f:9e:f7:da:66:
                    34:90:ac:e5:26:f4:5e:df:0e:39:74:fa:8b:95:35:
                    e2:f4:8e:49:f5:08:fb:69:4d:5f:c7:6b:5b:fb:6d:
                    86:da:d8:54:2f:91:80:aa:88:d1:44:d6:67:ff:58:
                    7b:4e:10:9f:dd:e2:c5:7a:c6:98:4b:04:26:d4:68:
                    74:f1:d9:d2:29:26:de:3e:4e:f7:2e:fc:b6:75:0d:
                    81:0b:8c:af:03:7e:68:42:e7:3c:b7:b7:a4:f2:62:
                    4e:1f:70:05:9e:13:77:fb:e2:8a:15:0d:c2:55:e9:
                    17:7c:8c:31:8b:c1:58:49:51:b7:23:56:9e:47:89:
                    f3:a3:e3:e9:8b:39:5f:d0:6d:bc:2c:08:ca:b8:5f:
                    b7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D6:33:47:99:C6:BA:20:6C:D0:5B:FE:5C:4D:7F:40:99:2F:A6:9C
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/stYzR5nGuiBs0Fv-XE1_QJkvppw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.232.0/22
                  78.159.131.0/24
                  78.159.156.0/24
                  91.92.33.0-91.92.34.255
                  91.92.49.0/24
                  93.152.208.0/24
                  94.26.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:34:23:fe:dd:92:3f:da:79:25:80:61:c7:76:ec:3b:f6:7c:
         6f:28:02:53:56:0e:29:6e:42:4f:b4:ee:59:65:5c:7c:37:07:
         f5:97:aa:b9:d5:0f:a7:d9:2c:c5:b1:72:2f:50:62:2d:e3:4d:
         75:b9:ab:c1:f0:08:3a:58:19:f5:ca:70:5d:a3:40:1a:a0:89:
         9f:f9:89:31:05:9a:b7:84:78:30:17:fe:ff:6a:a3:74:fe:9b:
         3b:34:e3:49:9d:ff:78:14:1e:05:da:a3:6d:00:44:d0:ff:e9:
         27:21:f9:27:a6:95:de:14:55:7e:cd:6b:a5:d9:91:36:22:28:
         c1:ce:b9:a9:e6:e2:da:87:e7:4e:0d:ee:d6:a5:65:f1:f3:30:
         29:78:c7:8d:4d:c4:58:ef:db:0f:b1:bd:29:e7:a6:23:28:7a:
         e0:f5:cf:82:db:08:1f:6a:af:07:ac:01:04:ea:ef:87:08:f3:
         ef:82:5d:a2:5a:26:da:a3:a7:9b:28:19:56:22:9f:90:10:c1:
         4e:ff:a8:c4:ce:77:09:58:33:70:03:d3:ac:32:01:09:83:40:
         42:71:3d:63:1d:80:b1:29:c3:33:1e:68:ae:a3:a8:c5:1c:c9:
         a0:a0:b4:13:a7:2a:ed:52:51:56:69:12:bb:75:6e:67:d3:30:
         fa:53:01:6a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBj2hpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDMx
MjE3Mjk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJkNjMzNDc5OWM2
YmEyMDZjZDA1YmZlNWM0ZDdmNDA5OTJmYTY5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKKld+OdLcWvFxYQKO4Ym3tJ+T79iLcBMJBSGZorX2TQ7CA
yQTsabxenFYuzdscEyV+vZhrMUqnoc/XRqOEQDGSIHUMj4JfWYrJS7Gni+oWl2bj
1QlpG2vkcopDE/+GRtWm73D4QKA9aC2Crqyd1Yv/eZ+e99pmNJCs5Sb0Xt8OOXT6
i5U14vSOSfUI+2lNX8drW/tthtrYVC+RgKqI0UTWZ/9Ye04Qn93ixXrGmEsEJtRo
dPHZ0ikm3j5O9y78tnUNgQuMrwN+aELnPLe3pPJiTh9wBZ4Td/viihUNwlXpF3yM
MYvBWElRtyNWnkeJ86Pj6Ys5X9BtvCwIyrhft5ECAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSy1jNHmca6IGzQW/5cTX9AmS+mnDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3N0WXpSNW5HdWlCczBGdi1YRTFfUUprdnBwdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAi2N6AMEAE6fgwMEAE6fnDAMAwQA
W1whAwQAW1wiAwQAW1wxAwQAXZjQAwQAXhpZMA0GCSqGSIb3DQEBCwUAA4IBAQBV
NCP+3ZI/2nklgGHHduw79nxvKAJTVg4pbkJPtO5ZZVx8Nwf1l6q51Q+n2SzFsXIv
UGIt4011uavB8Ag6WBn1ynBdo0AaoImf+YkxBZq3hHgwF/7/aqN0/ps7NONJnf94
FB4F2qNtAETQ/+knIfknppXeFFV+zWul2ZE2IijBzrmp5uLah+dODe7WpWXx8zAp
eMeNTcRY79sPsb0p56YjKHrg9c+C2wgfaq8HrAEE6u+HCPPvgl2iWibao6ebKBlW
Ip+QEMFO/6jEzncJWDNwA9OsMgEJg0BCcT1jHYCxKcMzHmiuo6jFHMmgoLQTpyrt
UlFWaRK7dW5n0zD6UwFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org