Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_i82nWjQ2LiUmbHxfW-qy0ADEC4.roa
File:                     _i82nWjQ2LiUmbHxfW-qy0ADEC4.roa (raw, json)
Hash identifier:          ecjZX+zpwQ/q97QlLzCRJi2uQrqFgmeXwUU0xyfk7aU=
Subject key identifier:   FE:2F:36:9D:68:D0:D8:B8:94:99:B1:F1:7D:6F:AA:CB:40:03:10:2E
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       13EEBB47
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_i82nWjQ2LiUmbHxfW-qy0ADEC4.roa
Signing time:             Sat 01 Jan 2022 11:55:25 +0000
ROA not before:           Sat 01 Jan 2022 11:55:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        213.238.186.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 334412615 (0x13eebb47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Jan  1 11:55:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe2f369d68d0d8b89499b1f17d6faacb4003102e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c0:ba:87:f6:91:b9:fb:c4:48:32:12:07:c0:
                    1b:78:50:7d:36:d8:e4:ca:7c:ea:79:56:3b:34:1d:
                    5c:36:58:da:15:8d:e0:15:82:05:93:61:59:3e:30:
                    3d:eb:bc:0d:72:8d:51:33:68:39:35:f5:28:65:5c:
                    a5:bd:58:ff:b6:fb:be:97:4e:24:99:8c:f5:3a:e8:
                    d4:86:7e:d0:05:32:4f:c4:c7:cc:b8:08:d2:4d:ea:
                    8c:95:3c:9f:7b:d7:75:d8:02:4c:e1:29:c0:62:0f:
                    68:57:f2:2b:19:fd:f5:37:e6:95:50:6b:41:7e:f1:
                    29:8d:e4:f0:9e:72:6d:b5:8c:da:1e:c6:81:9d:69:
                    70:b8:94:97:4f:f5:d0:39:2c:4d:4e:ef:60:a7:6a:
                    68:78:28:3e:98:3f:28:6a:a1:fb:8a:bc:55:9c:26:
                    c8:e5:a8:1d:da:93:50:18:6d:35:be:82:4f:8b:2c:
                    41:2e:c5:b5:93:e4:ba:c6:09:c9:18:b6:bf:a5:e0:
                    7e:f0:94:ca:aa:97:d4:c0:6b:af:0b:10:2f:1b:1b:
                    68:1e:06:74:f9:c7:30:fb:d5:77:59:f3:4d:2e:1c:
                    58:72:45:20:db:5e:6f:93:7c:08:f2:8d:7c:17:c0:
                    d2:cb:04:af:20:70:7c:3b:64:3f:f8:d4:13:66:e8:
                    07:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:2F:36:9D:68:D0:D8:B8:94:99:B1:F1:7D:6F:AA:CB:40:03:10:2E
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_i82nWjQ2LiUmbHxfW-qy0ADEC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:bb:65:e7:59:d9:29:78:7b:d4:5d:01:ae:e7:3c:84:ce:52:
         50:98:c1:ab:7a:27:78:cc:4e:81:7f:40:20:37:54:7c:cf:7c:
         62:13:16:99:6a:05:ae:ad:84:f6:48:06:8c:16:75:c3:15:fc:
         15:39:4a:ae:a8:eb:6b:c0:89:cf:ca:0a:a1:60:9f:bd:d0:cb:
         f4:0e:3a:f0:f2:fa:bd:15:77:02:6f:b3:f0:10:9c:7b:ee:05:
         85:a9:c2:a2:ce:85:96:9b:25:f4:a0:b1:77:17:f2:7a:e0:3a:
         64:d5:ca:49:ac:75:11:27:9a:0c:1a:47:e7:4a:a3:72:88:3c:
         99:c2:4d:28:01:76:fe:9a:8e:18:80:de:c2:34:c7:c4:25:fd:
         97:95:bc:72:65:8b:68:2d:f9:29:66:7c:bb:ff:97:9f:a3:8d:
         af:82:5f:f8:af:32:e7:10:0a:ac:63:83:58:6b:c6:9c:0a:e1:
         3c:5a:56:d9:88:50:ac:c1:38:52:0f:85:ef:d4:0b:c7:e3:74:
         cc:6e:f5:e7:d1:3a:fe:b4:2a:2a:bb:2a:9c:f1:29:91:e1:0e:
         25:8e:9b:7a:ad:09:d8:35:22:b3:8d:e0:8c:00:73:8e:e7:65:
         92:63:30:71:84:a4:0c:6b:9a:07:1f:48:19:d2:47:eb:36:15:
         88:95:32:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE+67RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDEw
MTExNTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUyZjM2OWQ2OGQw
ZDhiODk0OTliMWYxN2Q2ZmFhY2I0MDAzMTAyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTAuof2kbn7xEgyEgfAG3hQfTbY5Mp86nlWOzQdXDZY2hWN
4BWCBZNhWT4wPeu8DXKNUTNoOTX1KGVcpb1Y/7b7vpdOJJmM9Tro1IZ+0AUyT8TH
zLgI0k3qjJU8n3vXddgCTOEpwGIPaFfyKxn99TfmlVBrQX7xKY3k8J5ybbWM2h7G
gZ1pcLiUl0/10DksTU7vYKdqaHgoPpg/KGqh+4q8VZwmyOWoHdqTUBhtNb6CT4ss
QS7FtZPkusYJyRi2v6XgfvCUyqqX1MBrrwsQLxsbaB4GdPnHMPvVd1nzTS4cWHJF
INteb5N8CPKNfBfA0ssEryBwfDtkP/jUE2boB08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+LzadaNDYuJSZsfF9b6rLQAMQLjAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
L19pODJuV2pRMkxpVW1iSHhmVy1xeTBBREVDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8xL1ZNdmFlTEhSdGhQ
ZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXuujANBgkqhkiG9w0BAQsFAAOC
AQEAZbtl51nZKXh71F0Bruc8hM5SUJjBq3oneMxOgX9AIDdUfM98YhMWmWoFrq2E
9kgGjBZ1wxX8FTlKrqjra8CJz8oKoWCfvdDL9A468PL6vRV3Am+z8BCce+4FhanC
os6Flpsl9KCxdxfyeuA6ZNXKSax1ESeaDBpH50qjcog8mcJNKAF2/pqOGIDewjTH
xCX9l5W8cmWLaC35KWZ8u/+Xn6ONr4Jf+K8y5xAKrGODWGvGnArhPFpW2YhQrME4
Ug+F79QLx+N0zG7159E6/rQqKrsqnPEpkeEOJY6beq0J2DUis43gjABzjudlkmMw
cYSkDGuaBx9IGdJH6zYViJUy4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org