Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/3DC6R15cjF4evQiz2qZAx9l6ZEw.roa
File:                     3DC6R15cjF4evQiz2qZAx9l6ZEw.roa (raw, json)
Hash identifier:          /5cJsa4MgPfvciNBrAU/AN1tVfkBeV54cPDj+rtyP9s=
Subject key identifier:   DC:30:BA:47:5E:5C:8C:5E:1E:BD:08:B3:DA:A6:40:C7:D9:7A:64:4C
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       06FB4406
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/3DC6R15cjF4evQiz2qZAx9l6ZEw.roa
Signing time:             Sun 13 Mar 2022 21:20:32 +0000
ROA not before:           Sun 13 Mar 2022 21:20:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        185.103.4.0/24 maxlen: 24
                          185.103.7.0/24 maxlen: 24
                          185.103.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117130246 (0x6fb4406)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Mar 13 21:20:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc30ba475e5c8c5e1ebd08b3daa640c7d97a644c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:83:81:8f:1f:3a:e4:48:7d:d1:ed:34:b2:ec:
                    24:24:61:6e:2f:0d:67:27:73:d5:cc:a9:04:10:84:
                    31:ba:9e:ba:ec:84:2a:d5:42:7a:18:bf:31:e7:74:
                    a5:9a:d3:62:2d:a5:44:74:5f:d8:00:6d:c0:63:75:
                    04:e1:57:83:5c:e6:19:dd:4a:7d:45:1a:ef:65:e4:
                    c1:cf:d8:dd:b1:73:81:3b:92:34:f2:db:19:97:14:
                    68:50:e8:d2:aa:f6:79:c9:0e:35:88:c6:04:e0:ba:
                    8b:23:2b:df:db:b4:ea:57:2f:2b:6f:58:d4:ca:37:
                    c6:71:e6:9a:77:5a:36:37:82:da:f3:16:3e:fa:c7:
                    89:31:78:9a:fc:25:56:a5:6a:17:a2:90:d9:54:51:
                    66:22:fd:a8:d5:fb:3b:30:21:0a:aa:31:e4:c7:12:
                    65:b0:0b:4c:bb:2c:1f:48:5e:43:cc:12:3d:d5:72:
                    57:9a:64:0d:10:ba:5d:7e:00:91:2d:1f:b1:a5:b1:
                    25:b8:b7:4c:f7:14:77:ba:b1:3f:6c:1d:11:50:1c:
                    87:2e:e6:aa:14:34:01:9b:10:cb:68:c8:f3:fe:f7:
                    0d:0b:82:2b:c2:57:50:b2:e6:31:b2:7b:b7:0c:f0:
                    7e:9b:68:0f:b1:9e:0a:4d:a0:b5:08:35:21:f3:db:
                    91:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:30:BA:47:5E:5C:8C:5E:1E:BD:08:B3:DA:A6:40:C7:D9:7A:64:4C
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/3DC6R15cjF4evQiz2qZAx9l6ZEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.4.0/24
                  185.103.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:8e:b9:e6:76:6e:b6:02:f2:9d:47:57:5a:62:5e:ca:9c:6b:
         a4:37:5c:9b:45:02:f4:4a:6d:40:14:5b:a0:ad:24:ac:ea:33:
         ef:97:06:64:2a:0c:6e:6d:f9:e1:02:4f:3f:21:7f:08:87:ff:
         9e:98:63:c2:29:47:36:5e:77:2f:6c:8e:f3:01:e5:99:a5:59:
         fa:69:a3:66:05:c7:5f:05:9e:12:e6:de:da:51:28:8f:e2:18:
         32:eb:80:64:3d:e9:53:db:c9:e7:85:2b:1c:7c:e9:b5:2d:7e:
         99:fb:3c:38:b8:79:73:c3:c8:ab:57:c2:96:8b:66:56:e9:ed:
         d5:85:6c:ee:27:82:78:99:f0:37:4d:f6:29:93:bd:23:a4:a8:
         34:96:97:00:a1:5c:2f:bc:35:07:2b:1a:3a:73:92:4f:3d:37:
         67:59:7f:14:d2:9f:38:e6:df:cf:66:4a:55:af:a7:b6:d2:8a:
         7c:87:89:c5:a5:ef:37:52:73:95:1f:67:b9:f3:f0:35:16:cb:
         01:29:1c:89:a7:b1:58:2f:f2:1e:bc:ea:05:e3:fb:cc:1d:39:
         a1:66:61:cd:b7:9e:e7:1b:af:3f:52:f3:cc:76:39:f6:4d:53:
         30:66:44:e1:8e:bd:85:89:b7:ed:e2:ca:15:a9:a4:1b:1e:f9:
         52:66:24:17
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBvtEBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzIxOWVjNzM4M2ZhMDYxMDQ4MGRkZmE2MmMzZjgyYzQwMGNkNTZmMB4XDTIyMDMx
MzIxMjAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMzMGJhNDc1ZTVj
OGM1ZTFlYmQwOGIzZGFhNjQwYzdkOTdhNjQ0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiDgY8fOuRIfdHtNLLsJCRhbi8NZydz1cypBBCEMbqeuuyE
KtVCehi/Med0pZrTYi2lRHRf2ABtwGN1BOFXg1zmGd1KfUUa72Xkwc/Y3bFzgTuS
NPLbGZcUaFDo0qr2eckONYjGBOC6iyMr39u06lcvK29Y1Mo3xnHmmndaNjeC2vMW
PvrHiTF4mvwlVqVqF6KQ2VRRZiL9qNX7OzAhCqox5McSZbALTLssH0heQ8wSPdVy
V5pkDRC6XX4AkS0fsaWxJbi3TPcUd7qxP2wdEVAchy7mqhQ0AZsQy2jI8/73DQuC
K8JXULLmMbJ7twzwfptoD7GeCk2gtQg1IfPbkT0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTcMLpHXlyMXh69CLPapkDH2XpkTDAfBgNVHSMEGDAWgBTXIZ7HOD+gYQSA
3fpiw/gsQAzVbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF5R2V4emdfb0dFRWdOMzZZc1A0TEVBTTFXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZmJmZmJjLWFiODItNDA1OC1iOGI3LWQwYzgyYTNjZjRiNi8x
LzNEQzZSMTVjakY0ZXZRaXoycVpBeDlsNlpFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZmJmZmJjLWFiODItNDA1OC1iOGI3LWQwYzgyYTNjZjRiNi8xLzF5R2V4emdfb0dF
RWdOMzZZc1A0TEVBTTFXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlnBAMEAblnBjANBgkqhkiG9w0B
AQsFAAOCAQEAnY655nZutgLynUdXWmJeypxrpDdcm0UC9EptQBRboK0krOoz75cG
ZCoMbm354QJPPyF/CIf/nphjwilHNl53L2yO8wHlmaVZ+mmjZgXHXwWeEube2lEo
j+IYMuuAZD3pU9vJ54UrHHzptS1+mfs8OLh5c8PIq1fClotmVunt1YVs7ieCeJnw
N032KZO9I6SoNJaXAKFcL7w1BysaOnOSTz03Z1l/FNKfOObfz2ZKVa+nttKKfIeJ
xaXvN1JzlR9nufPwNRbLASkciaexWC/yHrzqBeP7zB05oWZhzbee5xuvP1LzzHY5
9k1TMGZE4Y69hYm37eLKFamkGx75UmYkFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:39 2024 by rpki-client on console-ams.rpki-client.org