Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Tx2uqX1pWrlURX--N0eoogARewY.roa
File:                     Tx2uqX1pWrlURX--N0eoogARewY.roa (raw, json)
Hash identifier:          Go7s+tTz44IjeHeBnRmEKodViu9DhQddykDU1WOqz+8=
Subject key identifier:   4F:1D:AE:A9:7D:69:5A:B9:54:45:7F:BE:37:47:A8:A2:00:11:7B:06
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       0184FBB2B40C511A2EAC04F0859E8DDE5C52
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Tx2uqX1pWrlURX--N0eoogARewY.roa
Signing time:             Sat 10 Dec 2022 11:01:43 +0000
ROA not before:           Sat 10 Dec 2022 11:01:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        62.60.132.0/22 maxlen: 24
                          62.60.148.0/22 maxlen: 24
                          213.176.24.0/22 maxlen: 24
                          213.176.20.0/22 maxlen: 24
                          213.176.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:fb:b2:b4:0c:51:1a:2e:ac:04:f0:85:9e:8d:de:5c:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Dec 10 11:01:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f1daea97d695ab954457fbe3747a8a200117b06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ac:b0:a4:ef:08:2d:a7:f6:42:a8:28:47:cd:
                    7e:96:2f:ea:1c:fb:87:e9:94:91:8e:ef:75:99:0e:
                    15:0a:dd:1c:41:41:c1:88:35:95:83:18:c9:b3:65:
                    e4:ba:9d:83:1f:d0:40:48:ea:2e:ca:ef:a6:31:0e:
                    e1:4d:69:43:fa:e3:e9:79:22:98:0e:f7:fa:83:ce:
                    77:93:2d:a0:bb:59:42:07:03:b7:95:3c:2a:a2:43:
                    7a:58:dd:61:7e:2c:41:d6:c5:b2:a7:f7:63:b2:03:
                    62:ba:cb:5f:f8:a9:2d:86:42:28:25:5d:5b:06:fd:
                    48:94:65:06:62:19:e7:7b:88:75:d6:fb:98:ce:48:
                    e7:66:a0:c2:4a:6a:78:54:e9:d1:17:eb:cd:f2:93:
                    27:6e:45:1e:77:89:92:c1:58:10:41:f1:16:c2:02:
                    ad:da:c1:52:06:dc:e5:36:62:59:4e:14:5c:0a:7d:
                    09:86:66:20:77:eb:8a:ea:b3:a8:8e:1a:35:ff:13:
                    47:2d:aa:bc:08:3f:c7:a0:f5:b6:9d:a7:18:74:3a:
                    cd:dc:fd:dd:38:d2:31:76:e3:42:73:49:30:5c:65:
                    16:1b:3f:04:66:f9:0b:97:5a:7f:74:ec:4b:d5:4d:
                    06:24:fb:f4:e8:b6:6d:7f:03:29:d2:2e:51:f5:e8:
                    96:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:1D:AE:A9:7D:69:5A:B9:54:45:7F:BE:37:47:A8:A2:00:11:7B:06
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Tx2uqX1pWrlURX--N0eoogARewY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.132.0/22
                  62.60.148.0/22
                  213.176.20.0-213.176.31.255

    Signature Algorithm: sha256WithRSAEncryption
         59:37:2f:c6:20:df:d3:89:7c:29:b3:30:a5:62:f3:5d:3a:3f:
         04:14:b0:71:d1:dc:6a:31:a8:45:ff:07:32:0a:7a:73:74:9e:
         6b:2c:3f:e2:3b:bb:1b:f9:eb:7a:83:ad:6a:51:15:2c:58:f0:
         9d:f3:ad:8f:67:a0:9d:6a:80:83:3f:78:6f:22:a1:f3:8a:e0:
         d2:f9:0a:88:42:47:63:18:d0:0b:e2:e1:4c:e7:6f:7d:09:c6:
         28:70:70:fb:e2:3a:63:fd:cf:29:84:e9:19:04:04:e8:1f:02:
         bd:47:28:2c:5d:19:66:c9:1d:07:67:12:52:c9:e3:86:35:2e:
         10:71:e8:f1:e8:f0:43:af:17:54:77:65:3f:a8:b7:b2:26:c2:
         4b:79:93:5d:39:d0:9f:0b:f3:34:f0:db:ce:0f:9c:1c:ee:89:
         a5:69:3e:75:09:2c:4a:6d:1f:fb:72:d2:c8:75:72:91:f3:4a:
         94:db:c2:1a:6d:61:26:b8:8f:68:b3:12:df:9f:d1:ad:3c:bb:
         f4:fd:af:af:7d:47:67:b7:8d:f6:0a:1c:b5:a3:a2:f8:9e:1c:
         6d:41:ef:e2:96:76:79:9c:9f:34:8a:63:9e:f4:95:e3:8f:d0:
         b4:95:b4:c3:40:4a:09:55:7f:fc:d4:d7:e7:31:fb:fa:d2:76:
         29:ea:26:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYT7srQMURourATwhZ6N3lxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjEwMTEwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFkYWVhOTdkNjk1YWI5NTQ0NTdmYmUzNzQ3YThhMjAwMTE3YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKywpO8ILaf2QqgoR81+li/qHPuH
6ZSRju91mQ4VCt0cQUHBiDWVgxjJs2Xkup2DH9BASOouyu+mMQ7hTWlD+uPpeSKY
Dvf6g853ky2gu1lCBwO3lTwqokN6WN1hfixB1sWyp/djsgNiustf+KkthkIoJV1b
Bv1IlGUGYhnne4h11vuYzkjnZqDCSmp4VOnRF+vN8pMnbkUed4mSwVgQQfEWwgKt
2sFSBtzlNmJZThRcCn0JhmYgd+uK6rOojho1/xNHLaq8CD/HoPW2nacYdDrN3P3d
ONIxduNCc0kwXGUWGz8EZvkLl1p/dOxL1U0GJPv06LZtfwMp0i5R9eiWyQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE8drql9aVq5VEV/vjdHqKIAEXsGMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVHgydXFYMXBXcmxVUlgtLU4wZW9vZ0FSZXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCPjyEAwQC
PjyUMAwDBALVsBQDBAXVsAAwDQYJKoZIhvcNAQELBQADggEBAFk3L8Yg39OJfCmz
MKVi8106PwQUsHHR3GoxqEX/BzIKenN0nmssP+I7uxv563qDrWpRFSxY8J3zrY9n
oJ1qgIM/eG8iofOK4NL5CohCR2MY0Avi4Uznb30JxihwcPviOmP9zymE6RkEBOgf
Ar1HKCxdGWbJHQdnElLJ44Y1LhBx6PHo8EOvF1R3ZT+ot7Imwkt5k1050J8L8zTw
284PnBzuiaVpPnUJLEptH/ty0sh1cpHzSpTbwhptYSa4j2izEt+f0a08u/T9r699
R2e3jfYKHLWjovieHG1B7+KWdnmcnzSKY570leOP0LSVtMNASglVf/zU1+cx+/rS
dinqJtk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org