Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/3rV5cXTpGIEHMgbj-aQx6wVJJx4.roa
File:                     3rV5cXTpGIEHMgbj-aQx6wVJJx4.roa (raw, json)
Hash identifier:          Ta+Rgf61AqC9npV/q5Ev/vS//j3xwNGtnWTFb62O4MI=
Subject key identifier:   DE:B5:79:71:74:E9:18:81:07:32:06:E3:F9:A4:31:EB:05:49:27:1E
Certificate issuer:       /CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Certificate serial:       0208E2C0
Authority key identifier: 3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/3rV5cXTpGIEHMgbj-aQx6wVJJx4.roa
Signing time:             Sat 01 Jan 2022 12:04:44 +0000
ROA not before:           Sat 01 Jan 2022 12:04:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        86.36.48.0/24 maxlen: 24
                          86.36.49.0/24 maxlen: 24
                          86.36.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34136768 (0x208e2c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
        Validity
            Not Before: Jan  1 12:04:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=deb5797174e91881073206e3f9a431eb0549271e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:56:9d:25:2a:43:c2:03:73:68:cc:4b:46:63:
                    97:e9:7d:15:ee:a2:ba:63:0f:a3:aa:80:0e:0c:22:
                    3f:99:d3:23:1e:05:69:15:1a:71:fd:d5:36:01:34:
                    25:10:60:02:e6:78:3d:bd:87:1c:7f:35:c4:1a:f5:
                    0b:2e:24:07:88:ce:7c:cb:1b:a2:9e:ef:78:b2:0a:
                    2e:74:5d:d7:ba:a7:c1:f7:cd:f8:47:fb:21:85:79:
                    a3:b5:29:6a:a0:af:1c:20:16:0e:8a:4f:77:bb:0e:
                    0e:f1:ea:d4:dd:27:85:cc:8d:88:40:74:e2:31:a0:
                    48:0b:65:97:cf:29:61:df:b1:1f:92:d5:6b:55:e0:
                    e1:9f:d4:12:3f:0b:00:d2:13:31:45:43:69:9c:46:
                    b6:22:54:76:e7:05:16:14:f1:79:43:d3:19:fa:a8:
                    aa:9e:1e:f5:21:47:6a:d2:05:c2:2d:76:0f:2b:e6:
                    8d:dd:7e:5a:88:78:b7:51:6f:dd:fb:a4:06:cd:ed:
                    07:c9:da:bb:bc:35:bb:67:5c:88:e6:a9:4a:17:48:
                    b0:5e:31:db:ba:64:b4:28:5b:81:2a:ca:cc:82:f6:
                    b1:22:89:fc:b2:88:6d:9d:72:a9:90:37:05:2b:ec:
                    26:e3:c2:ab:85:37:22:85:bb:f7:a2:fc:0c:14:d2:
                    43:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:B5:79:71:74:E9:18:81:07:32:06:E3:F9:A4:31:EB:05:49:27:1E
            X509v3 Authority Key Identifier:
                keyid:3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/3rV5cXTpGIEHMgbj-aQx6wVJJx4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.36.48.0/23
                  86.36.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:ea:5b:fb:41:0f:6c:b6:c6:87:82:bc:74:cf:98:95:ab:c6:
         bc:7a:05:94:dc:4b:e7:48:75:f6:18:25:50:a7:24:f6:a8:31:
         d5:fd:a0:7c:f6:21:b3:37:f9:49:af:0c:ae:26:13:97:8f:76:
         6e:23:03:96:a2:82:f7:40:90:47:67:5f:5e:a3:3e:e6:ab:81:
         f5:ed:3b:6b:06:40:f1:4d:0c:96:ce:f8:77:62:32:f1:e3:a1:
         19:e5:5f:dc:64:63:02:f3:9d:1b:dc:d0:be:46:40:9f:b6:50:
         b5:0e:96:03:ae:61:a0:31:0b:86:af:da:4e:46:90:0b:eb:ac:
         35:ac:9f:bd:f2:62:53:16:81:e5:42:95:28:c6:75:29:c6:44:
         60:af:b0:6f:aa:76:dc:ea:a7:b1:7a:59:26:01:00:f4:0e:2c:
         31:52:54:63:86:80:ce:35:38:f1:08:82:42:d7:42:f7:10:6a:
         13:f1:89:60:01:d6:2e:1d:83:62:8c:f7:b1:d4:8f:3b:25:f7:
         0a:ec:89:a6:90:d6:30:3c:04:ac:2c:a5:87:65:47:9a:15:56:
         a5:10:8b:b7:f1:1c:86:87:07:0b:83:37:b1:7b:38:ab:55:0d:
         b3:bd:d7:2d:cb:79:56:55:32:ca:f1:88:2c:92:7e:f8:a0:c1:
         5e:69:b0:13
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAgjiwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRkM2ZiMDQ0ZWIxYzBhMTFiZTA2MDJhY2VlZjg4ZTVmNWQyZGRmMB4XDTIyMDEw
MTEyMDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGViNTc5NzE3NGU5
MTg4MTA3MzIwNmUzZjlhNDMxZWIwNTQ5MjcxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1WnSUqQ8IDc2jMS0Zjl+l9Fe6iumMPo6qADgwiP5nTIx4F
aRUacf3VNgE0JRBgAuZ4Pb2HHH81xBr1Cy4kB4jOfMsbop7veLIKLnRd17qnwffN
+Ef7IYV5o7UpaqCvHCAWDopPd7sODvHq1N0nhcyNiEB04jGgSAtll88pYd+xH5LV
a1Xg4Z/UEj8LANITMUVDaZxGtiJUducFFhTxeUPTGfqoqp4e9SFHatIFwi12Dyvm
jd1+Woh4t1Fv3fukBs3tB8nau7w1u2dciOapShdIsF4x27pktChbgSrKzIL2sSKJ
/LKIbZ1yqZA3BSvsJuPCq4U3IoW796L8DBTSQ00CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTetXlxdOkYgQcyBuP5pDHrBUknHjAfBgNVHSMEGDAWgBQ8TT+wROscChG+
BgKs7viOX10t3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFMF9zRVRySEFvUnZnWUNyTzc0amw5ZExkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNzZlMDdjLThhMzItNDg5ZC05MWQxLWIxODRlM2Y0YjUwZS8x
LzNyVjVjWFRwR0lFSE1nYmotYVF4NndWSkp4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NzZlMDdjLThhMzItNDg5ZC05MWQxLWIxODRlM2Y0YjUwZS8xL1BFMF9zRVRySEFv
UnZnWUNyTzc0amw5ZExkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVYkMAMEAFYkaDANBgkqhkiG9w0B
AQsFAAOCAQEAB+pb+0EPbLbGh4K8dM+YlavGvHoFlNxL50h19hglUKck9qgx1f2g
fPYhszf5Sa8MriYTl492biMDlqKC90CQR2dfXqM+5quB9e07awZA8U0Mls74d2Iy
8eOhGeVf3GRjAvOdG9zQvkZAn7ZQtQ6WA65hoDELhq/aTkaQC+usNayfvfJiUxaB
5UKVKMZ1KcZEYK+wb6p23OqnsXpZJgEA9A4sMVJUY4aAzjU48QiCQtdC9xBqE/GJ
YAHWLh2DYoz3sdSPOyX3CuyJppDWMDwErCylh2VHmhVWpRCLt/EchocHC4M3sXs4
q1UNs73XLct5VlUyyvGILJJ++KDBXmmwEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:42 2024 by rpki-client on console-fra.rpki-client.org