Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/310388-6cf4-455d-b551-1eaa3f22df52/1/3ToTicsKsIBcMV7ldylJZSuxRjw.roa
File:                     3ToTicsKsIBcMV7ldylJZSuxRjw.roa (raw, json)
Hash identifier:          jBbVkBaepf28g2ZdGvhM6j39ugxxQShR98sRLZ1CaTs=
Subject key identifier:   DD:3A:13:89:CB:0A:B0:80:5C:31:5E:E5:77:29:49:65:2B:B1:46:3C
Certificate issuer:       /CN=05d089a7148b261a059e666feba59f92a268c16c
Certificate serial:       0184F35EB3BE3C546A15031274BE246FF37A
Authority key identifier: 05:D0:89:A7:14:8B:26:1A:05:9E:66:6F:EB:A5:9F:92:A2:68:C1:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BdCJpxSLJhoFnmZv66WfkqJowWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/310388-6cf4-455d-b551-1eaa3f22df52/1/3ToTicsKsIBcMV7ldylJZSuxRjw.roa
Signing time:             Thu 08 Dec 2022 20:13:00 +0000
ROA not before:           Thu 08 Dec 2022 20:13:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57325
IP address blocks:        185.239.60.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f3:5e:b3:be:3c:54:6a:15:03:12:74:be:24:6f:f3:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05d089a7148b261a059e666feba59f92a268c16c
        Validity
            Not Before: Dec  8 20:13:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd3a1389cb0ab0805c315ee5772949652bb1463c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:84:c1:56:cd:47:10:8f:1a:7b:4e:47:14:62:
                    ba:14:6f:be:b6:a7:93:4c:f2:f3:bd:7f:29:bc:93:
                    03:3a:fd:80:bd:96:45:71:2e:5c:36:f6:77:50:a2:
                    5c:b4:31:5e:13:5a:79:13:cc:ba:1f:37:4a:e6:1e:
                    af:08:aa:1c:08:b1:93:ed:ed:22:53:e2:81:42:c0:
                    7b:24:05:73:04:52:05:ab:46:6f:eb:44:07:3d:d5:
                    3f:a4:ac:30:2a:ad:f4:41:e4:f8:49:b4:4c:2b:77:
                    81:28:b8:f2:d6:d6:ab:74:5c:b8:32:a2:5b:7f:0d:
                    14:86:97:f7:cd:93:74:6c:c2:95:5b:dd:1a:b0:b7:
                    ac:da:e8:0d:f1:c8:93:17:93:02:cc:0c:04:86:32:
                    3e:93:86:a7:c5:07:80:fd:69:5e:69:7a:f5:58:0a:
                    f2:bd:8b:33:26:10:74:b3:a5:9b:f0:a1:c9:a8:a7:
                    21:ca:36:6c:4a:c8:5f:9f:91:5e:8f:58:60:d0:ea:
                    ed:ed:17:bd:85:ae:a0:67:88:d0:86:ad:f6:4f:83:
                    b2:62:38:85:3c:f8:d3:18:b2:c5:f9:d1:69:07:c6:
                    a9:16:8b:e7:ae:01:dc:58:86:48:ac:2c:32:1a:bc:
                    b2:10:4d:e4:b1:18:b3:ee:8b:56:ba:0a:9a:69:29:
                    50:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:3A:13:89:CB:0A:B0:80:5C:31:5E:E5:77:29:49:65:2B:B1:46:3C
            X509v3 Authority Key Identifier:
                keyid:05:D0:89:A7:14:8B:26:1A:05:9E:66:6F:EB:A5:9F:92:A2:68:C1:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdCJpxSLJhoFnmZv66WfkqJowWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/310388-6cf4-455d-b551-1eaa3f22df52/1/3ToTicsKsIBcMV7ldylJZSuxRjw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/310388-6cf4-455d-b551-1eaa3f22df52/1/BdCJpxSLJhoFnmZv66WfkqJowWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:77:42:d9:22:db:b4:9f:2f:42:d0:42:6f:e2:f9:0e:bb:f7:
         7a:a1:a0:40:7d:1c:f2:5e:fc:71:09:cd:d1:f1:8a:72:34:69:
         db:7e:c0:51:3d:ad:7a:a4:6a:bd:8c:40:5b:63:2a:c9:33:53:
         f0:a5:aa:31:03:5b:3b:67:2c:ce:ec:28:06:59:3c:d8:c8:68:
         f4:2d:18:46:95:1d:74:57:8e:7f:f3:61:63:01:ee:98:4b:14:
         a5:1a:a0:19:e0:f7:40:04:42:58:5a:4f:23:db:34:0d:d9:55:
         d4:d4:67:58:95:28:c1:a6:07:26:dc:f5:3d:ab:37:cf:15:18:
         26:2c:12:d0:3c:16:40:f2:e5:c5:e0:c9:c5:d8:e7:9d:57:99:
         80:38:92:10:79:59:11:d2:54:6a:50:74:c7:5a:77:96:46:e6:
         97:35:31:b6:a2:6c:11:90:e5:36:c0:2e:2f:ff:d8:84:86:eb:
         8a:b5:70:fd:46:9f:30:65:97:10:29:0a:62:dc:bf:98:e2:0d:
         62:d7:83:55:c7:0c:ed:39:bd:1e:74:f3:16:3d:33:9a:8d:b3:
         93:82:e6:2a:ee:4d:3c:4c:46:6b:2f:14:03:3d:70:52:c3:d0:
         80:0a:73:a3:91:91:1b:7f:8e:dc:20:02:8f:a5:11:d6:f8:b9:
         a7:cf:a5:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTzXrO+PFRqFQMSdL4kb/N6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDA4OWE3MTQ4YjI2MWEwNTllNjY2ZmViYTU5ZjkyYTI2
OGMxNmMwHhcNMjIxMjA4MjAxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNhMTM4OWNiMGFiMDgwNWMzMTVlZTU3NzI5NDk2NTJiYjE0NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYTBVs1HEI8ae05HFGK6FG++tqeT
TPLzvX8pvJMDOv2AvZZFcS5cNvZ3UKJctDFeE1p5E8y6HzdK5h6vCKocCLGT7e0i
U+KBQsB7JAVzBFIFq0Zv60QHPdU/pKwwKq30QeT4SbRMK3eBKLjy1tardFy4MqJb
fw0Uhpf3zZN0bMKVW90asLes2ugN8ciTF5MCzAwEhjI+k4anxQeA/WleaXr1WAry
vYszJhB0s6Wb8KHJqKchyjZsSshfn5Fej1hg0Ort7Re9ha6gZ4jQhq32T4OyYjiF
PPjTGLLF+dFpB8apFovnrgHcWIZIrCwyGryyEE3ksRiz7otWugqaaSlQcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN06E4nLCrCAXDFe5XcpSWUrsUY8MB8GA1UdIwQY
MBaAFAXQiacUiyYaBZ5mb+uln5KiaMFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRDSnB4U0xKaG9Gbm1adjY2V2ZrcUpvd1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zMTAzODgtNmNmNC00NTVkLWI1NTEt
MWVhYTNmMjJkZjUyLzEvM1RvVGljc0tzSUJjTVY3bGR5bEpaU3V4Ump3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zMTAzODgtNmNmNC00NTVkLWI1NTEtMWVhYTNmMjJkZjUy
LzEvQmRDSnB4U0xKaG9Gbm1adjY2V2ZrcUpvd1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue88MA0G
CSqGSIb3DQEBCwUAA4IBAQCOd0LZItu0ny9C0EJv4vkOu/d6oaBAfRzyXvxxCc3R
8YpyNGnbfsBRPa16pGq9jEBbYyrJM1PwpaoxA1s7ZyzO7CgGWTzYyGj0LRhGlR10
V45/82FjAe6YSxSlGqAZ4PdABEJYWk8j2zQN2VXU1GdYlSjBpgcm3PU9qzfPFRgm
LBLQPBZA8uXF4MnF2OedV5mAOJIQeVkR0lRqUHTHWneWRuaXNTG2omwRkOU2wC4v
/9iEhuuKtXD9Rp8wZZcQKQpi3L+Y4g1i14NVxwztOb0edPMWPTOajbOTguYq7k08
TEZrLxQDPXBSw9CACnOjkZEbf47cIAKPpRHW+Lmnz6Vv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:05 2024 by rpki-client on console-fra.rpki-client.org