Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PdimCrp15ENtpIRChWSYTL2kRs4.roa
File:                     PdimCrp15ENtpIRChWSYTL2kRs4.roa (raw, json)
Hash identifier:          pBiFCBR6unOTKkbKRK+llJbmytjvUdt1hmOh2Tu55H8=
Subject key identifier:   3D:D8:A6:0A:BA:75:E4:43:6D:A4:84:42:85:64:98:4C:BD:A4:46:CE
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1DE0FA1A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PdimCrp15ENtpIRChWSYTL2kRs4.roa
Signing time:             Tue 12 Apr 2022 05:42:16 +0000
ROA not before:           Tue 12 Apr 2022 05:42:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        85.217.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 501283354 (0x1de0fa1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 12 05:42:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3dd8a60aba75e4436da484428564984cbda446ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b3:7d:3d:ed:42:94:f9:59:d5:55:0a:1b:ed:
                    8e:1f:b1:ae:e8:ac:7f:1f:dd:69:f2:04:aa:64:94:
                    4d:d4:09:f1:d7:7a:8a:ce:d7:1a:c8:07:bd:6f:b1:
                    41:51:a8:c1:61:5c:05:7b:22:55:d2:01:c1:c3:5e:
                    82:02:11:dc:e1:82:14:f6:89:27:fb:bb:3d:78:e8:
                    f2:d7:e9:2c:c8:4d:04:f4:05:e7:34:c1:25:6c:1b:
                    8f:df:73:7b:64:b6:da:99:9a:bd:db:9a:da:9a:89:
                    10:94:70:ae:85:7b:7c:78:b6:cb:29:e3:da:f5:22:
                    49:49:08:32:f8:c7:cd:10:24:43:f1:00:7d:b4:c7:
                    b7:ec:96:95:c0:43:2d:da:57:34:10:af:22:2e:2e:
                    9d:77:3d:aa:4b:b5:a5:45:2e:b9:d0:6b:f4:fb:51:
                    a0:e3:6c:f1:03:2e:17:1b:73:fd:f6:63:d4:cc:f7:
                    af:3f:7f:b2:35:81:75:4a:c7:9f:ed:20:d8:b0:7b:
                    ae:9b:7b:57:36:e3:54:88:09:10:65:c2:1c:37:c5:
                    26:8d:b0:0c:a0:ec:f2:f2:1f:67:c7:1e:6b:8f:07:
                    43:fe:73:c8:54:0f:3c:c0:29:64:9d:48:6d:54:0a:
                    47:4b:f6:78:b8:ee:ef:e8:b6:37:7a:70:d2:57:04:
                    b7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D8:A6:0A:BA:75:E4:43:6D:A4:84:42:85:64:98:4C:BD:A4:46:CE
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PdimCrp15ENtpIRChWSYTL2kRs4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.217.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:46:89:c1:7b:e0:1f:45:69:0a:d9:96:34:fe:94:0c:31:1f:
         74:f7:de:f2:27:4c:72:cd:8f:76:32:7e:e5:ea:43:ca:8d:fb:
         2c:59:4b:97:4c:11:25:4c:1b:49:45:25:59:69:25:95:50:25:
         3b:e3:c4:8e:e4:49:84:d2:ec:cf:43:8c:8a:0c:33:10:da:13:
         31:a8:62:d3:03:d6:63:6d:6d:6a:41:4e:a2:2d:03:1e:48:26:
         2b:c9:7f:35:75:bc:1e:3a:7e:79:08:8c:54:61:21:d5:81:5b:
         8a:fa:de:d0:52:bc:8b:15:25:21:6a:c8:11:8c:3f:c5:d3:00:
         fe:56:28:c0:31:66:c9:6c:13:2f:fd:20:fa:47:29:93:e1:40:
         f0:14:ee:ae:bb:a9:d9:9c:8c:7d:9d:90:8d:74:20:86:20:d6:
         52:d8:e7:19:c7:25:77:a9:10:70:72:82:f2:6a:66:62:d2:e2:
         a4:b7:92:92:4f:e6:50:2b:83:f9:3e:c8:9e:ca:d0:2d:24:8e:
         1f:de:4e:fb:89:b3:ea:1f:fd:e5:c8:c2:f3:4c:4d:0d:94:7c:
         40:56:a9:f2:4a:f0:78:29:23:51:5a:27:7a:34:41:e7:6f:6e:
         05:e2:fd:06:6b:c9:57:9d:aa:69:6d:27:c2:56:6c:02:68:c4:
         12:7f:d3:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHeD6GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQx
MjA1NDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RkOGE2MGFiYTc1
ZTQ0MzZkYTQ4NDQyODU2NDk4NGNiZGE0NDZjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGzfT3tQpT5WdVVChvtjh+xruisfx/dafIEqmSUTdQJ8dd6
is7XGsgHvW+xQVGowWFcBXsiVdIBwcNeggIR3OGCFPaJJ/u7PXjo8tfpLMhNBPQF
5zTBJWwbj99ze2S22pmavdua2pqJEJRwroV7fHi2yynj2vUiSUkIMvjHzRAkQ/EA
fbTHt+yWlcBDLdpXNBCvIi4unXc9qku1pUUuudBr9PtRoONs8QMuFxtz/fZj1Mz3
rz9/sjWBdUrHn+0g2LB7rpt7VzbjVIgJEGXCHDfFJo2wDKDs8vIfZ8cea48HQ/5z
yFQPPMApZJ1IbVQKR0v2eLju7+i2N3pw0lcEt40CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ92KYKunXkQ22khEKFZJhMvaRGzjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1BkaW1DcnAxNUVOdHBJUkNoV1NZVEwya1JzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXZkTANBgkqhkiG9w0BAQsFAAOC
AQEASEaJwXvgH0VpCtmWNP6UDDEfdPfe8idMcs2PdjJ+5epDyo37LFlLl0wRJUwb
SUUlWWkllVAlO+PEjuRJhNLsz0OMigwzENoTMahi0wPWY21takFOoi0DHkgmK8l/
NXW8Hjp+eQiMVGEh1YFbivre0FK8ixUlIWrIEYw/xdMA/lYowDFmyWwTL/0g+kcp
k+FA8BTurrup2ZyMfZ2QjXQghiDWUtjnGccld6kQcHKC8mpmYtLipLeSkk/mUCuD
+T7InsrQLSSOH95O+4mz6h/95cjC80xNDZR8QFap8krweCkjUVonejRB529uBeL9
BmvJV52qaW0nwlZsAmjEEn/Tuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org