Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa
File:                     AEDDghF0vdjyR8zYtEC8eJN8tQk.roa (raw, json)
Hash identifier:          PFBK+YZlvGSrSoeBW/DgtAICnfsCmjlP80U6f3L/VT0=
Subject key identifier:   00:40:C3:82:11:74:BD:D8:F2:47:CC:D8:B4:40:BC:78:93:7C:B5:09
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01845138890BCD41687BEDC8BD62C50F9EAB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa
Signing time:             Mon 07 Nov 2022 08:32:50 +0000
ROA not before:           Mon 07 Nov 2022 08:32:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        81.161.238.0/23 maxlen: 24
                          193.168.196.0/22 maxlen: 24
                          88.218.76.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:51:38:89:0b:cd:41:68:7b:ed:c8:bd:62:c5:0f:9e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Nov  7 08:32:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0040c3821174bdd8f247ccd8b440bc78937cb509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:57:69:33:25:ae:ac:df:60:81:39:2c:1f:68:
                    bd:36:04:59:b6:d3:74:95:de:73:02:02:61:f5:9d:
                    ec:65:18:ca:4b:48:ed:26:9f:6e:27:3e:cd:2b:40:
                    e9:04:48:c4:86:a0:d2:94:6a:bd:26:92:fc:a7:17:
                    fa:e4:af:45:d8:ed:bf:a6:5f:b9:ce:f9:7a:ec:20:
                    bd:83:7d:2a:f2:6b:bb:02:74:f0:7d:7a:21:16:89:
                    bb:bf:b3:8a:6b:b4:92:52:74:31:99:72:31:c7:4c:
                    b6:22:05:25:ec:60:23:ea:a4:6e:39:e3:b6:dd:20:
                    13:8e:ac:6a:a5:c6:de:ac:c9:50:2d:8a:4d:ff:66:
                    5e:98:9a:fd:2c:d2:04:e8:14:09:2b:16:11:3d:48:
                    28:b1:eb:f0:d3:f8:06:45:19:3e:e9:46:e3:bb:60:
                    10:75:9b:a4:56:3b:7f:65:d8:64:2d:fa:35:4e:9e:
                    e3:35:b3:ba:b0:85:3a:1f:63:72:c6:f8:09:02:e0:
                    04:c4:c7:ec:69:ae:a7:1d:02:c7:28:ae:93:4b:dc:
                    92:90:0a:4c:f3:ac:34:4c:69:7a:37:6a:8b:92:36:
                    24:4f:5d:75:30:14:a3:58:36:38:cd:50:98:2d:99:
                    88:0a:84:82:60:a9:f7:1a:67:a3:36:2f:7f:1c:2b:
                    5c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:40:C3:82:11:74:BD:D8:F2:47:CC:D8:B4:40:BC:78:93:7C:B5:09
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.238.0/23
                  88.218.76.0/22
                  193.168.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:66:85:36:1d:f4:e6:62:da:68:a4:d9:8b:30:a6:02:62:a2:
         dd:7a:a2:03:8d:f4:f1:cc:18:6d:16:77:1d:04:26:6b:2e:56:
         e0:fe:87:fe:2b:7a:eb:fc:3b:a6:d3:90:c1:40:2b:86:60:bf:
         a2:2a:ee:ce:52:ba:7c:b9:f0:29:b5:04:cc:88:90:e8:26:69:
         4e:a2:ca:e9:62:ae:f9:3c:5f:60:af:ee:97:03:be:60:9b:1f:
         68:cc:b5:8d:4a:58:70:41:af:57:c7:c9:04:0e:8b:15:c8:60:
         37:cc:70:62:fb:11:f5:c8:3f:53:67:3e:26:d5:29:e1:e6:97:
         27:22:87:0a:1c:ac:c6:ba:e0:0f:ca:33:e7:b2:e5:51:5f:f7:
         af:eb:9b:de:0c:47:5e:72:6e:d1:6b:1d:13:3b:a7:10:c6:ef:
         cf:50:f0:11:38:da:ad:02:f0:4e:70:6d:09:5a:c4:27:3c:71:
         9b:dd:9c:2e:37:2e:8a:79:04:80:ef:eb:ef:c0:29:0f:b6:d6:
         f8:3e:a2:45:d5:ac:63:51:04:d4:d1:ff:11:9b:e8:b0:33:da:
         da:a2:02:14:34:1d:63:ba:0d:e6:be:61:05:73:0d:15:45:e3:
         b2:60:29:cb:87:42:34:4d:84:54:0f:50:50:7d:cb:1b:40:af:
         fc:cf:63:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRROIkLzUFoe+3IvWLFD56rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTA3MDgzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQwYzM4MjExNzRiZGQ4ZjI0N2NjZDhiNDQwYmM3ODkzN2NiNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlldpMyWurN9ggTksH2i9NgRZttN0
ld5zAgJh9Z3sZRjKS0jtJp9uJz7NK0DpBEjEhqDSlGq9JpL8pxf65K9F2O2/pl+5
zvl67CC9g30q8mu7AnTwfXohFom7v7OKa7SSUnQxmXIxx0y2IgUl7GAj6qRuOeO2
3SATjqxqpcberMlQLYpN/2ZemJr9LNIE6BQJKxYRPUgosevw0/gGRRk+6Ubju2AQ
dZukVjt/ZdhkLfo1Tp7jNbO6sIU6H2NyxvgJAuAExMfsaa6nHQLHKK6TS9ySkApM
86w0TGl6N2qLkjYkT111MBSjWDY4zVCYLZmICoSCYKn3GmejNi9/HCtc3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFABAw4IRdL3Y8kfM2LRAvHiTfLUJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQUVERGdoRjB2ZGp5Ujh6WXRFQzhlSk44dFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUaHuAwQC
WNpMAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQC1ZoU2HfTmYtpopNmLMKYCYqLd
eqIDjfTxzBhtFncdBCZrLlbg/of+K3rr/Dum05DBQCuGYL+iKu7OUrp8ufAptQTM
iJDoJmlOosrpYq75PF9gr+6XA75gmx9ozLWNSlhwQa9Xx8kEDosVyGA3zHBi+xH1
yD9TZz4m1Snh5pcnIocKHKzGuuAPyjPnsuVRX/ev65veDEdecm7Rax0TO6cQxu/P
UPARONqtAvBOcG0JWsQnPHGb3ZwuNy6KeQSA7+vvwCkPttb4PqJF1axjUQTU0f8R
m+iwM9raogIUNB1jug3mvmEFcw0VReOyYCnLh0I0TYRUD1BQfcsbQK/8z2Oe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org