Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3v1DnFzDs7DQn9ZE7LrIdBBJB88.roa
File:                     3v1DnFzDs7DQn9ZE7LrIdBBJB88.roa (raw, json)
Hash identifier:          YzRpQU052nwwqWboG85Vo1IxIIQ5p5cKPOOgjOvGOuE=
Subject key identifier:   DE:FD:43:9C:5C:C3:B3:B0:D0:9F:D6:44:EC:BA:C8:74:10:49:07:CF
Certificate issuer:       /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial:       047F9FC3
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3v1DnFzDs7DQn9ZE7LrIdBBJB88.roa
Signing time:             Wed 02 Mar 2022 10:29:14 +0000
ROA not before:           Wed 02 Mar 2022 10:29:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206802
IP address blocks:        193.59.50.0/24 maxlen: 24
                          195.187.82.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75472835 (0x47f9fc3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
        Validity
            Not Before: Mar  2 10:29:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=defd439c5cc3b3b0d09fd644ecbac874104907cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d0:c4:66:ca:50:00:2e:96:d7:0e:f2:18:1b:
                    c4:a3:e8:0c:e0:bf:b8:40:f0:ad:32:40:78:5a:e4:
                    70:62:98:ac:88:b7:e4:2f:b2:62:93:55:91:7c:47:
                    63:00:16:22:c6:78:12:e1:43:46:64:14:6b:3f:53:
                    0c:4e:53:b8:0c:e1:82:ec:e2:95:4d:86:56:d5:6e:
                    ae:83:1f:e2:52:47:9c:82:b0:ca:07:fd:cc:68:03:
                    b5:03:94:6a:fa:20:5c:bc:43:d2:bd:1a:b4:4f:66:
                    bf:27:8b:f9:1c:88:e6:2c:d0:1b:00:d9:42:55:04:
                    20:de:5f:00:28:aa:96:74:81:fb:d8:80:d1:78:e7:
                    42:c1:82:73:dd:b7:b2:b7:bc:c4:f5:69:d5:fb:03:
                    c4:38:4e:a1:31:88:dd:7b:9d:a0:b0:13:0d:cd:28:
                    c5:23:42:1a:40:65:a2:87:be:7a:1c:e2:b8:ac:2b:
                    1f:8b:ff:0d:6f:4e:d4:84:c3:e5:81:0d:7b:9a:17:
                    62:ed:09:6b:fe:ce:21:57:34:7c:f1:0b:89:8f:73:
                    a4:f2:ac:66:a6:80:a4:61:84:fc:86:98:fc:f6:6c:
                    22:25:bf:73:36:77:33:a2:7a:80:93:1c:bf:89:74:
                    ed:38:ae:bd:66:69:0e:16:36:ed:1a:54:65:a6:5a:
                    bc:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:FD:43:9C:5C:C3:B3:B0:D0:9F:D6:44:EC:BA:C8:74:10:49:07:CF
            X509v3 Authority Key Identifier:
                keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3v1DnFzDs7DQn9ZE7LrIdBBJB88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.59.50.0/24
                  195.187.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:7b:11:6c:71:35:a1:ae:3a:b0:81:f4:4f:fd:e6:93:4f:90:
         3c:dc:7e:f5:7f:fc:64:b2:62:95:f6:87:6e:6f:65:f3:c4:88:
         40:5b:e0:a9:34:f3:ae:05:41:f4:f0:d7:f9:80:2c:ef:05:1c:
         50:c2:2f:1f:a1:bf:bd:ba:bf:dc:88:fc:58:57:53:d8:0e:01:
         72:6f:b8:2e:0e:f8:1d:c1:97:e6:47:47:45:8f:f4:19:cd:27:
         90:68:7e:10:b6:55:e0:6c:48:ee:44:e7:1e:33:ff:8a:ac:82:
         f1:2e:3f:2d:03:00:07:ca:1b:4e:0b:9f:5d:ff:c8:99:af:47:
         73:a9:68:95:4e:cd:5a:e0:36:1a:83:61:8a:d9:02:52:26:1a:
         bc:a1:51:11:94:04:96:ec:06:31:e1:12:2e:49:a9:e9:69:f9:
         c8:e1:c0:5b:6d:ef:46:fd:92:bb:e4:e8:75:07:68:0f:1b:13:
         d0:a0:72:97:31:b6:5f:9d:8b:8c:1c:b1:d5:b1:42:91:c5:29:
         9b:a0:05:d3:d4:7a:ce:23:df:a6:a4:bb:20:e2:dc:42:02:30:
         25:0a:96:57:11:fe:dc:db:ba:b4:4f:bd:fb:33:db:a5:9d:12:
         b5:49:2f:32:3d:7a:12:3b:ac:93:e3:62:ea:ea:c1:03:f6:fa:
         1b:35:b4:12
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBH+fwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGM0MDk2MTNmZWEwYTJiNDQyY2UxMTJlOWNiZGI0ODVlMDExODhmMB4XDTIyMDMw
MjEwMjkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGVmZDQzOWM1Y2Mz
YjNiMGQwOWZkNjQ0ZWNiYWM4NzQxMDQ5MDdjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvQxGbKUAAultcO8hgbxKPoDOC/uEDwrTJAeFrkcGKYrIi3
5C+yYpNVkXxHYwAWIsZ4EuFDRmQUaz9TDE5TuAzhguzilU2GVtVuroMf4lJHnIKw
ygf9zGgDtQOUavogXLxD0r0atE9mvyeL+RyI5izQGwDZQlUEIN5fACiqlnSB+9iA
0XjnQsGCc923sre8xPVp1fsDxDhOoTGI3XudoLATDc0oxSNCGkBlooe+ehziuKwr
H4v/DW9O1ITD5YENe5oXYu0Ja/7OIVc0fPELiY9zpPKsZqaApGGE/IaY/PZsIiW/
czZ3M6J6gJMcv4l07TiuvWZpDhY27RpUZaZavIUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTe/UOcXMOzsNCf1kTsush0EEkHzzAfBgNVHSMEGDAWgBQwxAlhP+oKK0Qs
4RLpy9tIXgEYjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01NUUpZVF9xQ2l0RUxPRVM2Y3ZiU0Y0QkdJOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8x
LzN2MURuRnpEczdEUW45WkU3THJJZEJCSkI4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Yjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8xL01NUUpZVF9xQ2l0
RUxPRVM2Y3ZiU0Y0QkdJOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAME7MgMEAMO7UjANBgkqhkiG9w0B
AQsFAAOCAQEAN3sRbHE1oa46sIH0T/3mk0+QPNx+9X/8ZLJilfaHbm9l88SIQFvg
qTTzrgVB9PDX+YAs7wUcUMIvH6G/vbq/3Ij8WFdT2A4Bcm+4Lg74HcGX5kdHRY/0
Gc0nkGh+ELZV4GxI7kTnHjP/iqyC8S4/LQMAB8obTgufXf/Ima9Hc6lolU7NWuA2
GoNhitkCUiYavKFREZQEluwGMeESLkmp6Wn5yOHAW23vRv2Su+TodQdoDxsT0KBy
lzG2X52LjByx1bFCkcUpm6AF09R6ziPfpqS7IOLcQgIwJQqWVxH+3Nu6tE+9+zPb
pZ0StUkvMj16Ejusk+Ni6urBA/b6GzW0Eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org