Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xr3jDQYnrnWx0SwR1CKrdi9YHcI.roa
File:                     xr3jDQYnrnWx0SwR1CKrdi9YHcI.roa (raw, json)
Hash identifier:          c+hn2o2QE7+W2ec+LQt2dATPqBguNzNAluvW1hIFJIs=
Subject key identifier:   C6:BD:E3:0D:06:27:AE:75:B1:D1:2C:11:D4:22:AB:76:2F:58:1D:C2
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       08611E2D
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xr3jDQYnrnWx0SwR1CKrdi9YHcI.roa
Signing time:             Sat 01 Jan 2022 11:04:55 +0000
ROA not before:           Sat 01 Jan 2022 11:04:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203663
IP address blocks:        185.12.215.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140582445 (0x8611e2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Jan  1 11:04:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6bde30d0627ae75b1d12c11d422ab762f581dc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:44:a0:b1:84:df:e0:53:23:09:5a:44:f8:97:
                    31:ec:36:6d:d4:6a:01:cc:39:eb:b4:88:5c:cf:20:
                    43:c2:bd:f2:33:92:d2:5c:60:1c:e9:a5:de:19:e0:
                    62:a3:ec:df:a7:c9:ac:cd:46:87:4b:e6:c8:62:b6:
                    63:b8:5e:d2:62:7a:ab:95:c6:d2:35:e5:e5:49:e3:
                    f8:34:7c:6f:bf:e3:0d:60:1e:9b:59:df:19:8b:72:
                    4e:de:56:2d:47:33:2a:b9:c3:33:e8:bd:ae:5c:6f:
                    aa:a6:02:00:a6:1d:7d:27:9a:f0:05:8e:4d:9e:3f:
                    d4:29:9d:86:27:0b:ed:e0:e5:b1:48:00:9f:00:a8:
                    7a:fa:15:bc:9d:7c:7e:ee:95:70:98:10:fa:72:a3:
                    47:aa:8d:c9:72:b0:42:60:02:80:cd:22:37:7b:af:
                    df:47:57:54:8d:1d:b8:bd:78:88:f8:61:85:77:47:
                    31:dc:3b:17:e0:99:6e:bd:46:07:1a:d4:2a:b2:b4:
                    a4:18:61:30:70:9f:cc:e9:77:cf:5f:7c:ff:b8:2b:
                    77:c7:22:f9:2d:3b:3f:b6:66:32:3b:4d:c6:7a:74:
                    a6:ee:62:b9:68:29:2f:8d:ac:d5:12:6d:89:2b:5d:
                    67:ab:90:c9:28:b2:22:62:d6:4e:67:c0:19:cb:76:
                    ba:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:BD:E3:0D:06:27:AE:75:B1:D1:2C:11:D4:22:AB:76:2F:58:1D:C2
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xr3jDQYnrnWx0SwR1CKrdi9YHcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:6e:05:93:6d:88:7e:7b:1a:40:cb:a9:91:d3:a3:27:82:0a:
         b6:e1:8b:a3:73:1b:57:80:b9:91:f5:1c:61:9f:06:57:f4:18:
         c5:eb:6c:5e:1c:3b:63:72:fd:75:e8:ea:b4:4e:92:61:bd:a7:
         8d:d6:67:bf:13:69:a1:08:34:3c:8a:b6:43:79:48:3a:07:7c:
         11:0c:57:e8:1c:fe:5d:ec:ac:74:0d:3b:9d:c9:10:4f:11:56:
         60:10:2f:0a:07:91:45:4b:49:d0:a1:0a:b6:6a:cf:16:bb:08:
         b8:7f:7c:d3:49:80:f0:6c:9f:70:66:db:25:a4:a3:bb:20:97:
         ad:39:0b:c8:48:c1:39:f6:ea:6b:8f:9f:d3:1e:0c:de:fa:fb:
         a2:a7:05:3b:03:a6:6b:28:a9:43:67:a0:15:27:43:2d:c0:e8:
         de:35:44:e8:ac:cd:64:94:f7:3c:10:cf:4b:73:b8:bd:96:e8:
         13:77:8b:51:91:b3:6a:93:5b:2c:de:64:21:8a:9f:79:5d:26:
         79:9c:5a:a3:c3:07:2b:2c:a4:a5:5a:eb:cb:75:43:4c:7e:33:
         49:59:71:5b:44:bd:82:88:03:90:0c:45:51:ea:2a:0d:a2:a1:
         a0:32:38:96:88:81:fd:b1:24:62:d8:6b:dc:ef:1e:5d:03:5c:
         1e:db:71:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECGEeLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGU0ZjZhNzczNjhiN2NlY2ZlNjcyMjBiNDM2NTc2YjFlMDA4YWVjMB4XDTIyMDEw
MTExMDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZiZGUzMGQwNjI3
YWU3NWIxZDEyYzExZDQyMmFiNzYyZjU4MWRjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANdEoLGE3+BTIwlaRPiXMew2bdRqAcw567SIXM8gQ8K98jOS
0lxgHOml3hngYqPs36fJrM1Gh0vmyGK2Y7he0mJ6q5XG0jXl5Unj+DR8b7/jDWAe
m1nfGYtyTt5WLUczKrnDM+i9rlxvqqYCAKYdfSea8AWOTZ4/1CmdhicL7eDlsUgA
nwCoevoVvJ18fu6VcJgQ+nKjR6qNyXKwQmACgM0iN3uv30dXVI0duL14iPhhhXdH
Mdw7F+CZbr1GBxrUKrK0pBhhMHCfzOl3z198/7grd8ci+S07P7ZmMjtNxnp0pu5i
uWgpL42s1RJtiStdZ6uQySiyImLWTmfAGct2uh0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGveMNBieudbHRLBHUIqt2L1gdwjAfBgNVHSMEGDAWgBQA5Panc2i3zs/m
ciC0NldrHgCK7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPVDJwM05vdDg3UDVuSWd0RFpYYXg0QWl1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvNjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8x
L3hyM2pEUVlucm5XeDBTd1IxQ0tyZGk5WUhjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
NjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8xL0FPVDJwM05vdDg3
UDVuSWd0RFpYYXg0QWl1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkM1zANBgkqhkiG9w0BAQsFAAOC
AQEAtm4Fk22IfnsaQMupkdOjJ4IKtuGLo3MbV4C5kfUcYZ8GV/QYxetsXhw7Y3L9
dejqtE6SYb2njdZnvxNpoQg0PIq2Q3lIOgd8EQxX6Bz+XeysdA07nckQTxFWYBAv
CgeRRUtJ0KEKtmrPFrsIuH9800mA8GyfcGbbJaSjuyCXrTkLyEjBOfbqa4+f0x4M
3vr7oqcFOwOmayipQ2egFSdDLcDo3jVE6KzNZJT3PBDPS3O4vZboE3eLUZGzapNb
LN5kIYqfeV0meZxao8MHKyykpVrry3VDTH4zSVlxW0S9gogDkAxFUeoqDaKhoDI4
loiB/bEkYthr3O8eXQNcHttxwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:35 2024 by rpki-client on console-fra.rpki-client.org