Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3h6nsVIn4hbkw2mw0jVKpbZTeIo.roa
File:                     3h6nsVIn4hbkw2mw0jVKpbZTeIo.roa (raw, json)
Hash identifier:          wkOr035r2ehsKhRuWx4+wKs+xHTE3bF2Oqll9e1Kmbg=
Subject key identifier:   DE:1E:A7:B1:52:27:E2:16:E4:C3:69:B0:D2:35:4A:A5:B6:53:78:8A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018249F8E1B4110BD66C54184CEA6A9D549E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3h6nsVIn4hbkw2mw0jVKpbZTeIo.roa
Signing time:             Fri 29 Jul 2022 12:40:23 +0000
ROA not before:           Fri 29 Jul 2022 12:40:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        193.37.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:49:f8:e1:b4:11:0b:d6:6c:54:18:4c:ea:6a:9d:54:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jul 29 12:40:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de1ea7b15227e216e4c369b0d2354aa5b653788a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:38:c3:c7:e9:d0:9b:9e:12:ce:74:e3:23:54:
                    f9:3e:19:76:a7:57:e6:e0:da:78:a6:2b:56:fc:f3:
                    fd:3b:48:21:2e:5d:94:7b:21:9b:df:1c:d5:53:b9:
                    6c:ca:6f:a2:8f:cc:ce:13:6c:70:d4:1c:46:2c:74:
                    df:37:fb:ed:38:a1:cd:0a:4e:19:4b:cb:3d:d9:61:
                    97:f9:14:05:4e:40:d5:a6:c4:7e:ad:06:d4:51:23:
                    d6:43:1c:b7:04:0b:28:0d:c8:25:7d:99:05:a6:ae:
                    f9:02:f0:6e:d3:af:2a:29:20:0b:91:04:b5:75:6a:
                    c1:93:9f:40:56:c1:c2:6d:e2:5d:0b:0f:e2:3e:84:
                    93:dd:ec:3b:eb:bf:0c:d3:4c:b2:c6:38:59:8f:81:
                    c3:52:33:fe:88:87:da:1d:93:d3:d3:1a:42:ff:d7:
                    e5:06:51:8e:c4:fd:43:e7:de:3f:3e:e6:33:b9:06:
                    d2:8a:1a:1f:a3:d6:55:7e:af:9a:8c:6b:01:8b:8f:
                    d2:6c:14:cc:a3:a8:a0:aa:12:ff:77:0e:a5:6b:a7:
                    ba:f6:17:ec:e9:b6:dd:ec:5c:66:78:4f:5b:83:90:
                    8c:ac:5d:f5:05:74:7a:2a:a1:f0:7d:cd:d7:4e:03:
                    1a:d5:6d:ae:88:0f:ce:54:27:2e:78:85:c3:15:d2:
                    ad:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:1E:A7:B1:52:27:E2:16:E4:C3:69:B0:D2:35:4A:A5:B6:53:78:8A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3h6nsVIn4hbkw2mw0jVKpbZTeIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:5b:89:ed:1d:ea:11:95:b1:d2:1f:8d:72:7d:e8:40:8c:f5:
         97:e9:17:4d:ab:70:51:c7:34:82:56:36:b4:52:12:18:5f:ca:
         f3:63:31:1c:78:69:e3:91:cc:0e:3f:d4:1b:74:b2:91:8c:0c:
         18:f7:45:43:5d:cd:cf:f2:3d:15:ec:f6:a0:f1:da:36:b2:23:
         eb:a6:a3:e1:09:fe:ea:33:4c:1e:23:8b:c3:0e:c6:69:97:3a:
         a0:23:14:7f:8a:45:7e:14:9c:c0:38:2e:46:67:32:eb:ba:ed:
         3b:be:65:2e:d5:60:07:6f:40:0e:0d:8a:5a:01:59:de:2c:37:
         f8:1f:0d:b3:6d:a7:5a:cd:e9:52:e8:0d:0d:d0:eb:63:11:28:
         50:12:3c:01:66:2d:70:97:11:e7:9a:29:8d:a8:1d:ff:13:da:
         6d:96:4b:ec:47:9c:7c:d8:a7:68:ae:27:e6:5a:26:5e:c0:78:
         31:2f:d8:14:7c:89:04:cc:e9:69:8b:9f:2c:01:cb:f7:ca:95:
         be:77:a6:b1:51:a3:0c:0a:b9:4f:c6:7e:b2:df:e0:33:8f:38:
         3a:51:59:cf:62:ce:58:b0:88:b0:e8:23:f4:6c:48:5d:a5:2b:
         9d:2c:99:02:5c:8f:97:1d:cf:cc:b8:e9:cd:68:c8:37:84:c5:
         ae:fc:fb:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJJ+OG0EQvWbFQYTOpqnVSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzI5MTI0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTFlYTdiMTUyMjdlMjE2ZTRjMzY5YjBkMjM1NGFhNWI2NTM3ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjjDx+nQm54SznTjI1T5Phl2p1fm
4Np4pitW/PP9O0ghLl2UeyGb3xzVU7lsym+ij8zOE2xw1BxGLHTfN/vtOKHNCk4Z
S8s92WGX+RQFTkDVpsR+rQbUUSPWQxy3BAsoDcglfZkFpq75AvBu068qKSALkQS1
dWrBk59AVsHCbeJdCw/iPoST3ew7678M00yyxjhZj4HDUjP+iIfaHZPT0xpC/9fl
BlGOxP1D594/PuYzuQbSihofo9ZVfq+ajGsBi4/SbBTMo6igqhL/dw6la6e69hfs
6bbd7FxmeE9bg5CMrF31BXR6KqHwfc3XTgMa1W2uiA/OVCcueIXDFdKt8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4ep7FSJ+IW5MNpsNI1SqW2U3iKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM2g2bnNWSW40aGJrdzJtdzBqVktwYlpUZUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSUpMA0G
CSqGSIb3DQEBCwUAA4IBAQCXW4ntHeoRlbHSH41yfehAjPWX6RdNq3BRxzSCVja0
UhIYX8rzYzEceGnjkcwOP9QbdLKRjAwY90VDXc3P8j0V7Pag8do2siPrpqPhCf7q
M0weI4vDDsZplzqgIxR/ikV+FJzAOC5GZzLruu07vmUu1WAHb0AODYpaAVneLDf4
Hw2zbadazelS6A0N0OtjEShQEjwBZi1wlxHnmimNqB3/E9ptlkvsR5x82Kdorifm
WiZewHgxL9gUfIkEzOlpi58sAcv3ypW+d6axUaMMCrlPxn6y3+Azjzg6UVnPYs5Y
sIiw6CP0bEhdpSudLJkCXI+XHc/MuOnNaMg3hMWu/Pv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org