Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/v1453cFKwcoCujZJ5yAp9Kk2RPA.roa
File:                     v1453cFKwcoCujZJ5yAp9Kk2RPA.roa (raw, json)
Hash identifier:          nN4CXD0bfa9p6zjglkMnkvc93BUooTDQmR0Dkl9l/gs=
Subject key identifier:   BF:5E:39:DD:C1:4A:C1:CA:02:BA:36:49:E7:20:29:F4:A9:36:44:F0
Certificate issuer:       /CN=24295ce712473d0e3e6daa777db8906f8001df70
Certificate serial:       0292091E
Authority key identifier: 24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/v1453cFKwcoCujZJ5yAp9Kk2RPA.roa
Signing time:             Sat 01 Jan 2022 02:50:41 +0000
ROA not before:           Sat 01 Jan 2022 02:50:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42422
IP address blocks:        176.102.64.0/24 maxlen: 24
                          176.102.64.0/22 maxlen: 24
                          176.102.66.0/24 maxlen: 24
                          176.102.65.0/24 maxlen: 24
                          176.102.67.0/24 maxlen: 24
                          2a07:dbc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43125022 (0x292091e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24295ce712473d0e3e6daa777db8906f8001df70
        Validity
            Not Before: Jan  1 02:50:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bf5e39ddc14ac1ca02ba3649e72029f4a93644f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c4:30:ce:5c:8c:8f:25:09:c1:8c:63:9f:d5:
                    bf:db:cb:c5:f4:b0:a5:6f:56:88:11:2f:c7:16:bb:
                    3c:a2:df:fe:b9:a3:88:b8:7c:45:d2:89:60:2d:d0:
                    fd:39:8c:3c:09:a3:93:f2:62:d6:a1:95:27:26:0c:
                    e4:0c:8a:cb:6e:c1:f3:8e:db:fa:5b:17:2b:2f:e3:
                    bd:6a:eb:2b:9b:b6:44:b0:a7:cf:9f:d0:86:35:2d:
                    d3:18:5a:09:f4:4d:83:55:b9:23:af:3f:25:46:72:
                    bb:72:02:75:d7:ab:6f:74:eb:78:2e:74:8f:8b:b8:
                    df:86:38:11:a3:97:cd:a9:e7:38:ae:21:81:bf:a0:
                    bc:12:73:23:e0:31:af:f1:5f:ef:a8:cd:77:39:c0:
                    88:ac:ce:d0:89:82:e1:48:72:c2:ee:7d:00:9f:45:
                    38:36:f7:04:be:41:e3:1f:bd:99:33:25:b9:5c:ba:
                    a6:30:cd:ea:be:15:4a:92:49:a1:2f:9d:76:b7:68:
                    df:f1:a1:47:f4:ae:e0:7b:98:1e:3d:8d:48:0e:82:
                    c5:08:f9:69:96:6e:9c:75:da:52:e4:2c:ff:86:9d:
                    16:37:24:de:d9:64:ca:3c:19:0e:a1:95:d2:f2:bd:
                    18:8b:cc:39:cd:e0:1c:77:c9:e6:4a:e7:bc:0a:17:
                    91:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:5E:39:DD:C1:4A:C1:CA:02:BA:36:49:E7:20:29:F4:A9:36:44:F0
            X509v3 Authority Key Identifier:
                keyid:24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/v1453cFKwcoCujZJ5yAp9Kk2RPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/JClc5xJHPQ4-bap3fbiQb4AB33A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.102.64.0/22
                IPv6:
                  2a07:dbc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:8b:24:94:6f:58:c3:72:21:82:19:25:44:dd:e5:05:83:11:
         5b:1f:c3:a9:2a:1b:46:cd:05:2a:80:3e:dd:b4:75:c7:41:9d:
         9d:c7:c1:de:33:01:50:b9:6c:d0:86:51:b0:90:2f:7e:6a:1c:
         74:29:de:34:81:16:60:53:5d:d3:c2:65:b9:ab:59:0c:3b:4e:
         b0:51:e3:3d:34:34:8c:47:a5:5a:0a:c2:ae:4c:86:a4:59:8a:
         ae:fb:cf:a7:c0:54:4b:43:1e:4e:5f:66:99:b7:84:d3:0a:fd:
         6a:b4:d5:95:24:d1:f2:6e:37:52:3d:c4:9f:af:e9:9f:8f:af:
         aa:ef:a8:55:38:e4:da:76:03:ee:20:51:03:5b:1c:d9:c6:b5:
         db:f1:3c:79:88:2c:b0:32:34:7f:45:5f:f9:bc:56:b1:12:b1:
         f8:24:c2:55:09:33:2e:26:63:9e:1d:a9:65:8e:f3:95:8d:61:
         8f:08:a5:6c:c8:6c:93:dc:24:b3:0c:42:27:84:1e:69:27:a0:
         40:14:61:3a:ea:3f:b4:4a:c5:0e:e8:13:70:17:35:7c:9d:65:
         10:c9:9a:b3:64:7b:b2:73:df:14:29:f3:5c:73:86:9b:bf:fa:
         fb:56:81:66:53:ef:58:56:e4:54:b5:2a:bd:d2:e9:dd:d1:4c:
         6e:a3:57:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEApIJHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDI5NWNlNzEyNDczZDBlM2U2ZGFhNzc3ZGI4OTA2ZjgwMDFkZjcwMB4XDTIyMDEw
MTAyNTA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY1ZTM5ZGRjMTRh
YzFjYTAyYmEzNjQ5ZTcyMDI5ZjRhOTM2NDRmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvEMM5cjI8lCcGMY5/Vv9vLxfSwpW9WiBEvxxa7PKLf/rmj
iLh8RdKJYC3Q/TmMPAmjk/Ji1qGVJyYM5AyKy27B847b+lsXKy/jvWrrK5u2RLCn
z5/QhjUt0xhaCfRNg1W5I68/JUZyu3ICdderb3TreC50j4u434Y4EaOXzannOK4h
gb+gvBJzI+Axr/Ff76jNdznAiKzO0ImC4Uhywu59AJ9FODb3BL5B4x+9mTMluVy6
pjDN6r4VSpJJoS+ddrdo3/GhR/Su4HuYHj2NSA6CxQj5aZZunHXaUuQs/4adFjck
3tlkyjwZDqGV0vK9GIvMOc3gHHfJ5krnvAoXkW0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS/XjndwUrBygK6NknnICn0qTZE8DAfBgNVHSMEGDAWgBQkKVznEkc9Dj5t
qnd9uJBvgAHfcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pDbGM1eEpIUFE0LWJhcDNmYmlRYjRBQjMzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvMWEwYzZhLTFhNWUtNDI0Yi05YTY5LTk5NTUzMTg2MjQxOS8x
L3YxNDUzY0ZLd2NvQ3VqWko1eUFwOUtrMlJQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
MWEwYzZhLTFhNWUtNDI0Yi05YTY5LTk5NTUzMTg2MjQxOS8xL0pDbGM1eEpIUFE0
LWJhcDNmYmlRYjRBQjMzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArBmQDANBAIAAjAHAwUAKgfbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZosklG9Yw3IhghklRN3lBYMRWx/DqSobRs0FKoA+
3bR1x0GdncfB3jMBULls0IZRsJAvfmocdCneNIEWYFNd08JluatZDDtOsFHjPTQ0
jEelWgrCrkyGpFmKrvvPp8BUS0MeTl9mmbeE0wr9arTVlSTR8m43Uj3En6/pn4+v
qu+oVTjk2nYD7iBRA1sc2ca12/E8eYgssDI0f0Vf+bxWsRKx+CTCVQkzLiZjnh2p
ZY7zlY1hjwilbMhsk9wkswxCJ4QeaSegQBRhOuo/tErFDugTcBc1fJ1lEMmas2R7
snPfFCnzXHOGm7/6+1aBZlPvWFbkVLUqvdLp3dFMbqNXhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:39 2024 by rpki-client on console-fra.rpki-client.org