Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0-pb0zs-N4tzuZokekB5_mamn2k.roa
File:                     0-pb0zs-N4tzuZokekB5_mamn2k.roa (raw, json)
Hash identifier:          YCf/t9i1U4YagiRnRSE2N+msmEz8lCvPEoJQsNVlV04=
Subject key identifier:   D3:EA:5B:D3:3B:3E:37:8B:73:B9:9A:24:7A:40:79:FE:66:A6:9F:69
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       13ED3006
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0-pb0zs-N4tzuZokekB5_mamn2k.roa
Signing time:             Sat 01 Jan 2022 11:55:23 +0000
ROA not before:           Sat 01 Jan 2022 11:55:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15464
IP address blocks:        213.238.144.0/21 maxlen: 21
                          213.238.158.0/23 maxlen: 23
                          213.238.155.0/24 maxlen: 24
                          213.238.157.0/24 maxlen: 24
                          213.238.156.0/24 maxlen: 24
                          213.238.128.0/20 maxlen: 20
                          2a02:50::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 334311430 (0x13ed3006)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Jan  1 11:55:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3ea5bd33b3e378b73b99a247a4079fe66a69f69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9a:7d:b2:6d:d2:db:1c:19:14:94:db:fc:f3:
                    e7:a0:93:db:c4:ab:0a:7f:4b:44:8d:b7:96:bb:fd:
                    45:f1:57:f4:ba:d3:b5:b5:82:7d:e4:13:92:2a:66:
                    f8:66:17:73:0a:80:0a:0a:51:b4:07:3e:8e:fd:89:
                    9d:fb:a2:84:cb:82:fe:92:82:99:12:1d:87:3a:1d:
                    5c:c1:b7:d5:93:4a:33:b1:06:40:46:ab:8b:77:f1:
                    1b:e0:69:d5:13:ba:2d:31:de:53:3c:63:47:76:e1:
                    e7:c0:d7:71:75:5a:55:23:90:19:d5:ca:47:a2:ef:
                    6c:04:d3:91:20:14:30:4e:69:68:2f:9d:a3:b0:62:
                    45:2a:20:a8:80:31:39:32:40:83:5e:a7:bb:b7:27:
                    49:58:9c:cc:fe:13:77:8e:3e:26:84:dc:0e:34:ca:
                    04:36:93:8b:95:6f:28:58:34:82:5e:e7:35:b7:5b:
                    d3:a1:8b:c2:82:d4:7b:3a:d6:f8:af:df:97:bf:95:
                    ea:18:0d:de:0e:85:54:f0:5b:a4:b3:bc:ae:98:83:
                    3c:38:9a:0a:e1:28:39:d6:e8:01:c9:a8:6e:6b:e7:
                    03:77:a5:61:4b:99:9c:d8:01:19:97:06:28:1a:44:
                    04:14:f3:21:b6:c0:73:34:c1:d7:21:75:36:3e:42:
                    9d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:EA:5B:D3:3B:3E:37:8B:73:B9:9A:24:7A:40:79:FE:66:A6:9F:69
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0-pb0zs-N4tzuZokekB5_mamn2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.128.0-213.238.151.255
                  213.238.155.0-213.238.159.255
                IPv6:
                  2a02:50::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:e3:12:95:7c:ee:3f:75:89:af:73:75:05:ac:5d:88:8e:da:
         99:51:64:5a:d5:c5:ab:1a:d2:8c:f6:92:03:1e:37:cd:05:68:
         61:dd:bd:41:91:6a:58:0f:3a:bd:2b:9f:e4:62:84:e7:47:d2:
         7d:69:33:37:a6:b4:4a:05:13:22:b6:c2:67:ca:c2:df:80:c4:
         b3:64:6e:c1:ec:b1:73:f6:e4:60:53:cc:43:33:4b:ce:73:99:
         ed:81:0d:ff:96:2d:ba:2d:ac:e7:41:65:a1:0f:cb:90:42:3f:
         65:84:d4:d9:59:96:9c:91:34:fd:00:2e:5c:5e:8f:49:bf:ae:
         8a:df:1d:14:54:b6:a1:83:bd:ff:ac:83:26:a8:3b:1a:1b:22:
         37:38:e4:ea:d0:48:64:bb:e0:16:48:1d:f5:30:46:bb:9d:e5:
         cb:cf:da:df:38:67:c4:db:74:44:1b:37:7b:f7:00:30:c0:91:
         d8:a2:94:b7:4a:b9:5b:b7:ed:25:4e:ca:0e:ee:30:a2:73:06:
         51:44:f2:46:b8:49:7b:4a:a2:55:6b:a5:97:71:f2:db:10:d7:
         c1:82:c5:2e:e3:dc:b1:45:01:d5:f9:23:26:75:e6:5e:8f:16:
         9a:90:c1:f5:bd:6d:a4:02:5a:43:49:46:48:10:07:a0:ab:97:
         4b:83:32:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEE+0wBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDEw
MTExNTUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNlYTViZDMzYjNl
Mzc4YjczYjk5YTI0N2E0MDc5ZmU2NmE2OWY2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOafbJt0tscGRSU2/zz56CT28SrCn9LRI23lrv9RfFX9LrT
tbWCfeQTkipm+GYXcwqACgpRtAc+jv2JnfuihMuC/pKCmRIdhzodXMG31ZNKM7EG
QEari3fxG+Bp1RO6LTHeUzxjR3bh58DXcXVaVSOQGdXKR6LvbATTkSAUME5paC+d
o7BiRSogqIAxOTJAg16nu7cnSViczP4Td44+JoTcDjTKBDaTi5VvKFg0gl7nNbdb
06GLwoLUezrW+K/fl7+V6hgN3g6FVPBbpLO8rpiDPDiaCuEoOdboAcmobmvnA3el
YUuZnNgBGZcGKBpEBBTzIbbAczTB1yF1Nj5CnXUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTT6lvTOz43i3O5miR6QHn+ZqafaTAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
LzAtcGIwenMtTjR0enVab2tla0I1X21hbW4yay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8xL1ZNdmFlTEhSdGhQ
ZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwIgQCAAEwHDAMAwQH1e6AAwQD1e6QMAwDBADV7psD
BAXV7oAwDwQCAAIwCQMHACoCAFAAADANBgkqhkiG9w0BAQsFAAOCAQEAfOMSlXzu
P3WJr3N1BaxdiI7amVFkWtXFqxrSjPaSAx43zQVoYd29QZFqWA86vSuf5GKE50fS
fWkzN6a0SgUTIrbCZ8rC34DEs2Ruweyxc/bkYFPMQzNLznOZ7YEN/5Ytui2s50Fl
oQ/LkEI/ZYTU2VmWnJE0/QAuXF6PSb+uit8dFFS2oYO9/6yDJqg7GhsiNzjk6tBI
ZLvgFkgd9TBGu53ly8/a3zhnxNt0RBs3e/cAMMCR2KKUt0q5W7ftJU7KDu4wonMG
UUTyRrhJe0qiVWull3Hy2xDXwYLFLuPcsUUB1fkjJnXmXo8WmpDB9b1tpAJaQ0lG
SBAHoKuXS4MyNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org