Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/2k5lwnPIz6ecNrUgbewv6MUlSV8.roa
File:                     2k5lwnPIz6ecNrUgbewv6MUlSV8.roa (raw, json)
Hash identifier:          jV/IeN6OpCzufEGL4ODxHE5MxOknL41qwvJMT+XeBDU=
Subject key identifier:   DA:4E:65:C2:73:C8:CF:A7:9C:36:B5:20:6D:EC:2F:E8:C5:25:49:5F
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       0182682AAC0CF301A216C71416A72FB184FB
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/2k5lwnPIz6ecNrUgbewv6MUlSV8.roa
Signing time:             Thu 04 Aug 2022 09:23:23 +0000
ROA not before:           Thu 04 Aug 2022 09:23:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211936
IP address blocks:        109.160.38.0/24 maxlen: 24
                          109.160.37.0/24 maxlen: 24
                          109.160.36.0/24 maxlen: 24
                          109.160.41.0/24 maxlen: 24
                          109.160.40.0/24 maxlen: 24
                          109.160.39.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:68:2a:ac:0c:f3:01:a2:16:c7:14:16:a7:2f:b1:84:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Aug  4 09:23:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=da4e65c273c8cfa79c36b5206dec2fe8c525495f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:fd:16:e0:8d:45:d0:b4:a2:e7:2b:10:d1:5d:
                    d4:e2:ed:1b:71:d8:bc:19:fc:3f:3c:20:e7:67:87:
                    a6:97:6d:52:fd:df:9c:5d:16:da:54:b4:2d:51:2b:
                    9b:bc:8e:ca:0a:43:60:40:aa:16:c2:30:29:83:60:
                    16:b2:da:ac:bc:10:d6:32:6a:40:4e:af:5d:14:0d:
                    73:37:62:b4:5b:ad:62:2d:50:bc:f9:10:d4:29:aa:
                    e0:90:48:f3:8b:21:18:25:09:88:87:b7:06:00:32:
                    87:60:c3:eb:8f:59:81:d0:5f:aa:b2:73:95:7d:41:
                    19:0a:51:a6:12:7d:76:cf:7c:8c:e9:c4:8c:ab:4d:
                    63:50:86:e5:f1:55:6d:05:29:57:05:6f:79:c9:e3:
                    e4:ff:69:70:2f:d8:8a:70:69:13:10:f1:27:c0:3b:
                    07:6d:b4:6e:18:a5:49:f0:1d:91:c1:91:e5:6b:21:
                    54:82:58:92:3d:c9:40:cc:2c:d1:7b:df:e4:7a:e7:
                    02:06:59:3e:ca:36:14:60:2a:5c:ad:53:86:a2:3c:
                    35:7e:67:df:ed:e8:ec:23:74:7f:19:54:b2:11:6e:
                    6d:bf:00:26:99:27:5e:c4:93:e1:3a:0f:bb:11:bd:
                    cb:4e:2b:51:e9:a7:67:55:89:62:d7:1a:1c:9e:78:
                    1a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4E:65:C2:73:C8:CF:A7:9C:36:B5:20:6D:EC:2F:E8:C5:25:49:5F
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/2k5lwnPIz6ecNrUgbewv6MUlSV8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.36.0-109.160.41.255

    Signature Algorithm: sha256WithRSAEncryption
         30:09:21:f8:d6:ab:f4:6e:16:c0:32:d4:b6:fc:f2:c6:87:13:
         16:9b:bd:60:45:fc:af:b0:80:2f:06:d7:dc:41:92:2e:66:d4:
         c3:aa:b9:65:3a:56:f4:74:46:d1:49:fe:10:02:76:8b:3b:60:
         8e:ee:f7:44:5d:53:9e:df:0f:a8:db:a1:c0:ef:4e:8c:88:5e:
         44:0f:0d:01:25:fe:80:0b:ea:d5:c6:c2:62:d3:5a:2b:72:4b:
         87:10:b4:ec:91:a4:a4:f5:23:08:16:92:2b:a6:87:92:4a:84:
         49:48:64:68:8c:d1:80:ed:7b:27:d2:d5:e4:4f:e7:aa:bf:ad:
         f9:6c:da:7e:4d:26:d5:b0:79:2c:c8:6d:15:80:d8:67:b7:24:
         6a:22:23:c8:28:69:9b:e6:e9:56:95:72:f2:b4:4e:f1:83:b7:
         53:89:2e:02:db:ce:ee:1d:7b:86:dc:a8:0a:40:9f:c6:9d:a4:
         98:ba:94:d1:d4:67:ca:40:eb:35:81:f9:8d:a5:2b:91:a3:7a:
         c7:01:8d:b2:aa:08:6c:7f:52:7b:55:8f:c7:47:36:d9:34:12:
         87:f2:cd:9f:d4:3e:e2:63:e2:f0:26:5e:3c:26:10:75:32:7d:
         94:ae:0d:80:51:e9:86:97:53:2f:15:38:f5:ce:22:d2:53:3b:
         22:49:33:74
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJoKqwM8wGiFscUFqcvsYT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODA0MDkyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRlNjVjMjczYzhjZmE3OWMzNmI1MjA2ZGVjMmZlOGM1MjU0OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv0W4I1F0LSi5ysQ0V3U4u0bcdi8
Gfw/PCDnZ4eml21S/d+cXRbaVLQtUSubvI7KCkNgQKoWwjApg2AWstqsvBDWMmpA
Tq9dFA1zN2K0W61iLVC8+RDUKargkEjziyEYJQmIh7cGADKHYMPrj1mB0F+qsnOV
fUEZClGmEn12z3yM6cSMq01jUIbl8VVtBSlXBW95yePk/2lwL9iKcGkTEPEnwDsH
bbRuGKVJ8B2RwZHlayFUgliSPclAzCzRe9/keucCBlk+yjYUYCpcrVOGojw1fmff
7ejsI3R/GVSyEW5tvwAmmSdexJPhOg+7Eb3LTitR6adnVYli1xocnnga4wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNpOZcJzyM+nnDa1IG3sL+jFJUlfMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvMms1bHduUEl6NmVjTnJVZ2Jld3Y2TVVsU1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJtoCQD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBADAJIfjWq/RuFsAy1Lb88saHExabvWBF
/K+wgC8G19xBki5m1MOquWU6VvR0RtFJ/hACdos7YI7u90RdU57fD6jbocDvToyI
XkQPDQEl/oAL6tXGwmLTWityS4cQtOyRpKT1IwgWkiumh5JKhElIZGiM0YDteyfS
1eRP56q/rfls2n5NJtWweSzIbRWA2Ge3JGoiI8goaZvm6VaVcvK0TvGDt1OJLgLb
zu4de4bcqApAn8adpJi6lNHUZ8pA6zWB+Y2lK5GjescBjbKqCGx/UntVj8dHNtk0
EofyzZ/UPuJj4vAmXjwmEHUyfZSuDYBR6YaXUy8VOPXOItJTOyJJM3Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org