Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/AZT36tGyMFI3lxZOEaaE-NuBUf4.roa
File:                     AZT36tGyMFI3lxZOEaaE-NuBUf4.roa (raw, json)
Hash identifier:          Rqo4i3crHmQ671DIFfomsGqoPgnUZEgqkUMsDxAU5MI=
Subject key identifier:   01:94:F7:EA:D1:B2:30:52:37:97:16:4E:11:A6:84:F8:DB:81:51:FE
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       0183F99763BCAE84A82FA5C4F46D770FF3F6
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/AZT36tGyMFI3lxZOEaaE-NuBUf4.roa
Signing time:             Fri 21 Oct 2022 08:09:51 +0000
ROA not before:           Fri 21 Oct 2022 08:09:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        212.30.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f9:97:63:bc:ae:84:a8:2f:a5:c4:f4:6d:77:0f:f3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Oct 21 08:09:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0194f7ead1b230523797164e11a684f8db8151fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:60:00:3c:03:8a:cd:0d:d8:2e:b2:98:5b:a0:
                    5c:39:7f:03:64:d4:6f:d1:a6:a6:2e:eb:d2:cd:70:
                    90:ff:9b:67:e9:c1:63:b8:23:42:9e:61:67:10:7a:
                    1f:b7:22:49:37:89:84:d9:e0:61:c2:83:3a:83:8f:
                    ef:12:28:5a:88:22:74:c4:57:65:e6:84:d7:ac:b9:
                    79:0e:2d:e8:d3:29:8b:b8:89:b3:31:d7:1c:c2:fe:
                    a9:c3:c0:95:6d:76:83:55:2a:44:37:8c:9f:cc:dd:
                    a4:bf:ff:f9:ac:65:e6:df:4e:10:32:f2:02:80:f8:
                    ed:19:d8:8e:43:8e:60:20:2f:0c:df:cd:42:6a:eb:
                    9e:53:b5:a4:b1:eb:e3:8d:72:40:b8:85:a0:f8:79:
                    fa:dc:b1:57:b8:b2:ee:ad:5b:34:05:89:f2:3d:a9:
                    5e:58:a4:bb:b5:19:6c:fb:3e:6e:50:0b:b4:1c:9e:
                    48:66:ff:88:39:34:a9:81:6a:4a:c3:1a:20:c4:0a:
                    c1:99:86:10:d4:85:cb:5e:3f:6f:2c:65:14:85:5e:
                    f5:82:d8:f1:b7:dc:1f:ac:93:62:f7:d5:ed:31:cb:
                    b0:ae:75:01:2c:6b:78:01:94:e7:c3:5c:31:4c:68:
                    cd:98:b2:4a:cc:cc:9d:82:7a:13:37:b2:11:09:73:
                    97:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:94:F7:EA:D1:B2:30:52:37:97:16:4E:11:A6:84:F8:DB:81:51:FE
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/AZT36tGyMFI3lxZOEaaE-NuBUf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:8d:1c:57:b2:82:29:8d:85:fb:93:df:c4:04:34:82:fa:48:
         7e:5d:7d:7f:e3:5a:74:84:8d:0d:9d:ed:2c:71:e9:c9:9a:70:
         ea:41:50:af:7b:d6:1a:84:5e:f0:c0:12:51:73:e9:6d:ee:e2:
         cf:40:cd:57:5b:9e:e7:b0:59:6b:29:a0:1b:70:62:9c:c6:86:
         2d:d9:c5:97:b3:5e:3d:0e:da:9c:0c:dc:02:62:e9:23:b4:4c:
         51:df:9b:4d:ab:b7:51:ed:75:77:ca:ab:d1:33:50:42:d7:7b:
         d0:d3:07:34:00:df:a6:d2:9a:97:f0:83:94:6c:50:45:15:34:
         89:b0:08:0a:82:f5:53:2f:cc:9f:e5:d2:b4:36:40:a5:9f:9b:
         d6:67:3d:52:a6:b3:5e:75:e4:5d:a8:b8:db:fd:f9:42:c5:51:
         f5:3d:a3:50:d0:45:f0:72:e9:e0:4f:bc:0a:a3:66:4a:48:a3:
         2a:ac:ac:24:56:71:66:57:c0:8f:0f:04:ea:82:ef:bc:44:8c:
         d1:41:19:07:b6:c3:df:39:76:36:34:9f:cf:85:0e:c0:92:de:
         a2:0c:57:69:f4:7a:28:2a:20:ab:8f:0b:2b:f5:c5:2f:45:e4:
         0e:25:dd:57:70:0a:5a:24:13:59:ea:97:d3:ac:67:9f:31:fa:
         2d:e7:87:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5l2O8roSoL6XE9G13D/P2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjIxMDIxMDgwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk0ZjdlYWQxYjIzMDUyMzc5NzE2NGUxMWE2ODRmOGRiODE1MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42AAPAOKzQ3YLrKYW6BcOX8DZNRv
0aamLuvSzXCQ/5tn6cFjuCNCnmFnEHoftyJJN4mE2eBhwoM6g4/vEihaiCJ0xFdl
5oTXrLl5Di3o0ymLuImzMdccwv6pw8CVbXaDVSpEN4yfzN2kv//5rGXm304QMvIC
gPjtGdiOQ45gIC8M381CauueU7WksevjjXJAuIWg+Hn63LFXuLLurVs0BYnyPale
WKS7tRls+z5uUAu0HJ5IZv+IOTSpgWpKwxogxArBmYYQ1IXLXj9vLGUUhV71gtjx
t9wfrJNi99XtMcuwrnUBLGt4AZTnw1wxTGjNmLJKzMydgnoTN7IRCXOXvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGU9+rRsjBSN5cWThGmhPjbgVH+MB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvQVpUMzZ0R3lNRkkzbHhaT0VhYUUtTnVCVWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B48MA0G
CSqGSIb3DQEBCwUAA4IBAQC1jRxXsoIpjYX7k9/EBDSC+kh+XX1/41p0hI0Nne0s
cenJmnDqQVCve9YahF7wwBJRc+lt7uLPQM1XW57nsFlrKaAbcGKcxoYt2cWXs149
DtqcDNwCYukjtExR35tNq7dR7XV3yqvRM1BC13vQ0wc0AN+m0pqX8IOUbFBFFTSJ
sAgKgvVTL8yf5dK0NkCln5vWZz1SprNedeRdqLjb/flCxVH1PaNQ0EXwcungT7wK
o2ZKSKMqrKwkVnFmV8CPDwTqgu+8RIzRQRkHtsPfOXY2NJ/PhQ7Akt6iDFdp9Hoo
KiCrjwsr9cUvReQOJd1XcApaJBNZ6pfTrGefMfot54cQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org