Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/BlUvZhz35M9VuQIhQ-koqxN-lHo.roa
File:                     BlUvZhz35M9VuQIhQ-koqxN-lHo.roa (raw, json)
Hash identifier:          c4/csxfsZgoQLV0AfOVWtYXqwiTr5MijkI0Cg5sdtHI=
Subject key identifier:   06:55:2F:66:1C:F7:E4:CF:55:B9:02:21:43:E9:28:AB:13:7E:94:7A
Certificate issuer:       /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial:       1A95A837
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/BlUvZhz35M9VuQIhQ-koqxN-lHo.roa
Signing time:             Sat 01 Jan 2022 01:57:05 +0000
ROA not before:           Sat 01 Jan 2022 01:57:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199386
IP address blocks:        37.130.198.0/24 maxlen: 24
                          37.130.199.0/24 maxlen: 24
                          37.130.196.0/24 maxlen: 24
                          37.130.197.0/24 maxlen: 24
                          2a04:dc0::/48 maxlen: 48
                          2a04:dc1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 446015543 (0x1a95a837)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
        Validity
            Not Before: Jan  1 01:57:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06552f661cf7e4cf55b9022143e928ab137e947a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ec:24:e1:fa:6c:2c:13:80:4d:5d:92:ce:3f:
                    e4:22:50:ed:62:63:27:7b:5d:25:85:88:51:5e:b6:
                    d3:b0:90:5a:1c:c0:c1:b6:89:44:7c:38:e4:62:07:
                    d0:69:3b:74:ca:ca:92:e9:c6:a4:00:4d:90:0d:2f:
                    77:ab:f6:53:3c:eb:45:66:9f:3f:2a:34:fc:b8:c9:
                    e4:f6:1d:5e:15:89:09:c3:81:24:9f:bd:a7:2b:26:
                    10:3f:37:49:4f:5f:8f:85:f1:50:79:30:da:ba:f3:
                    04:34:37:7f:69:32:47:1f:56:d4:63:ce:5a:82:4c:
                    74:0e:47:96:40:9c:49:cb:b9:42:e6:0f:2a:3f:e2:
                    b7:12:ac:80:a9:fc:fc:ad:1f:58:c2:da:ff:a0:3c:
                    30:90:65:fa:e3:61:32:78:c4:5d:da:fa:d0:74:71:
                    92:96:5f:87:73:30:02:bb:f6:78:c5:66:b5:5b:93:
                    2c:9e:92:20:a5:68:a9:4e:96:c3:1c:ac:42:a0:a3:
                    8f:7b:26:4e:3c:48:ad:47:9d:2b:40:b4:04:6a:83:
                    0c:19:c3:2b:33:c6:a8:36:6f:96:a1:5f:68:33:81:
                    7a:2b:b8:9e:4b:1f:19:25:38:18:0d:0f:10:c5:d1:
                    25:f2:0c:8e:30:61:23:28:7b:84:74:74:21:f5:16:
                    83:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:55:2F:66:1C:F7:E4:CF:55:B9:02:21:43:E9:28:AB:13:7E:94:7A
            X509v3 Authority Key Identifier:
                keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/BlUvZhz35M9VuQIhQ-koqxN-lHo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.130.196.0/22
                IPv6:
                  2a04:dc0::/48
                  2a04:dc1::/48

    Signature Algorithm: sha256WithRSAEncryption
         98:49:f9:c4:11:cc:fc:cd:21:da:b2:d1:25:74:f7:4c:55:53:
         5a:c8:4e:f4:3b:34:7c:2c:b9:a8:4c:9c:a1:01:89:16:ac:92:
         5a:c7:f4:94:7e:70:51:04:32:77:ff:0b:84:35:e7:11:dd:97:
         cf:1d:34:9e:69:aa:73:b3:de:dc:58:f9:80:c2:73:11:49:34:
         22:94:10:8f:7a:96:5e:31:82:8b:61:da:91:99:74:9a:e9:02:
         46:19:01:4d:3d:90:a6:09:f0:0d:7b:d7:49:ae:f5:2c:99:1d:
         33:2c:37:bf:eb:a1:f8:29:aa:03:e1:17:a2:81:e2:d8:96:5a:
         27:0a:9b:2b:92:50:92:6a:3a:1a:98:96:d2:7b:11:ba:96:51:
         ed:02:45:c6:7c:d5:f9:4f:75:b8:de:f2:6b:84:7e:a7:b8:1d:
         2b:ff:a5:cd:3f:5b:47:bd:b8:2b:49:6e:ff:48:f8:93:37:86:
         20:e0:b5:9d:b9:f1:ad:44:6a:70:07:51:69:72:2e:49:ea:92:
         ca:1f:2f:43:5a:5e:c4:36:b1:fd:e2:ca:1e:db:d2:cd:82:c1:
         8c:09:53:39:06:04:b3:84:7a:e4:ce:cd:c3:2e:37:d8:1c:f1:
         ee:f9:d3:76:bf:f3:7c:cb:b4:73:c1:84:c2:47:98:2a:d1:56:
         ad:aa:e8:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEGpWoNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDQzYjBlYzc5OTUxZDVkNTU4MDEzM2U1MzI5YTkwZjJmZWUxYzViMB4XDTIyMDEw
MTAxNTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY1NTJmNjYxY2Y3
ZTRjZjU1YjkwMjIxNDNlOTI4YWIxMzdlOTQ3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXsJOH6bCwTgE1dks4/5CJQ7WJjJ3tdJYWIUV6207CQWhzA
wbaJRHw45GIH0Gk7dMrKkunGpABNkA0vd6v2UzzrRWafPyo0/LjJ5PYdXhWJCcOB
JJ+9pysmED83SU9fj4XxUHkw2rrzBDQ3f2kyRx9W1GPOWoJMdA5HlkCcScu5QuYP
Kj/itxKsgKn8/K0fWMLa/6A8MJBl+uNhMnjEXdr60HRxkpZfh3MwArv2eMVmtVuT
LJ6SIKVoqU6WwxysQqCjj3smTjxIrUedK0C0BGqDDBnDKzPGqDZvlqFfaDOBeiu4
nksfGSU4GA0PEMXRJfIMjjBhIyh7hHR0IfUWg2kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQGVS9mHPfkz1W5AiFD6SirE36UejAfBgNVHSMEGDAWgBR9Q7DseZUdXVWA
Ez5TKakPL+4cWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZVT3c3SG1WSFYxVmdCTS1VeW1wRHlfdUhGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMjYwNGUwLTkxZmEtNGZlOS1iYjI4LTkzYTYxOTJiMTc4NS8x
L0JsVXZaaHozNU05VnVRSWhRLWtvcXhOLWxIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MjYwNGUwLTkxZmEtNGZlOS1iYjI4LTkzYTYxOTJiMTc4NS8xL2ZVT3c3SG1WSFYx
VmdCTS1VeW1wRHlfdUhGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAiWCxDAYBAIAAjASAwcAKgQNwAAA
AwcAKgQNwQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCYSfnEEcz8zSHastEldPdMVVNa
yE70OzR8LLmoTJyhAYkWrJJax/SUfnBRBDJ3/wuENecR3ZfPHTSeaapzs97cWPmA
wnMRSTQilBCPepZeMYKLYdqRmXSa6QJGGQFNPZCmCfANe9dJrvUsmR0zLDe/66H4
KaoD4ReigeLYllonCpsrklCSajoamJbSexG6llHtAkXGfNX5T3W43vJrhH6nuB0r
/6XNP1tHvbgrSW7/SPiTN4Yg4LWdufGtRGpwB1Fpci5J6pLKHy9DWl7ENrH94soe
29LNgsGMCVM5BgSzhHrkzs3DLjfYHPHu+dN2v/N8y7RzwYTCR5gq0Vatqujl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org