Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/N9Zqi13ZdT-h9Yf1bTkbrZ8u-dw.roa
File:                     N9Zqi13ZdT-h9Yf1bTkbrZ8u-dw.roa (raw, json)
Hash identifier:          QcgZj9YxAx0tZeLZdeE3Kak+eC203SRtjVXaZ/U1Dv0=
Subject key identifier:   37:D6:6A:8B:5D:D9:75:3F:A1:F5:87:F5:6D:39:1B:AD:9F:2E:F9:DC
Certificate issuer:       /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial:       14C601F7
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/N9Zqi13ZdT-h9Yf1bTkbrZ8u-dw.roa
Signing time:             Sat 01 Jan 2022 05:51:53 +0000
ROA not before:           Sat 01 Jan 2022 05:51:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28886
IP address blocks:        176.103.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 348520951 (0x14c601f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
        Validity
            Not Before: Jan  1 05:51:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37d66a8b5dd9753fa1f587f56d391bad9f2ef9dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b7:81:77:e2:d5:45:6c:a9:49:66:ca:fc:1d:
                    bc:a1:ff:e0:d4:61:e4:7c:a3:dc:d4:5e:ab:32:9f:
                    ef:09:e1:7c:69:ae:0c:41:85:19:1f:9d:92:b6:38:
                    fd:84:da:f4:b0:70:63:a2:a1:ac:7d:c8:d4:0d:b5:
                    ce:3e:7c:35:08:d1:88:ee:be:48:e1:97:48:4c:5a:
                    89:aa:79:00:38:f8:36:bc:52:61:4b:3e:7d:de:b4:
                    35:05:2c:51:60:cb:51:96:09:ac:09:ac:66:0b:3c:
                    58:06:05:eb:e3:be:5b:97:eb:f0:ab:11:1a:d6:0b:
                    3b:6e:3a:37:fc:dc:25:75:20:57:d6:ba:2d:2e:4e:
                    fb:a8:01:6d:63:b2:6c:ec:fe:c3:ed:5a:a0:03:6d:
                    38:06:23:a5:50:5f:9b:1b:02:31:77:9b:5f:aa:ad:
                    18:70:2e:a9:a6:7f:8b:89:7c:28:5a:49:e3:7c:5b:
                    5f:83:c6:79:d0:5c:14:88:e6:32:70:03:fc:ab:44:
                    01:cc:5f:bd:3a:18:1d:19:70:53:f9:92:ab:e7:4b:
                    43:b6:22:da:c0:6a:52:ae:68:f6:4d:f7:42:97:81:
                    77:fd:e0:ad:a5:62:65:2e:de:14:96:a3:67:73:06:
                    68:34:80:f0:96:9d:32:cb:ba:ae:70:46:56:38:1d:
                    e8:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:D6:6A:8B:5D:D9:75:3F:A1:F5:87:F5:6D:39:1B:AD:9F:2E:F9:DC
            X509v3 Authority Key Identifier:
                keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/N9Zqi13ZdT-h9Yf1bTkbrZ8u-dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.103.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:2f:b6:4e:d1:d3:c3:ff:77:19:da:29:a3:a8:b5:eb:0c:50:
         52:98:4d:01:f4:50:8c:59:bd:89:53:0b:e9:3c:14:14:1c:79:
         a2:e5:3e:28:8c:dd:b4:67:d8:eb:15:c5:2b:f0:d0:7c:5d:77:
         f7:00:f7:f5:01:af:71:b9:db:99:97:ff:3b:1f:54:f4:be:ba:
         79:50:e1:13:41:02:c3:cb:92:e6:f3:7e:b0:45:fb:6e:76:da:
         f0:bc:7c:36:53:f0:8c:e5:fa:6f:69:4c:cd:dd:1b:ba:a4:df:
         64:df:6f:0b:5d:a8:01:08:45:d8:88:ec:2a:ee:0d:0e:87:aa:
         65:8b:ee:c6:a2:f0:33:de:45:6d:97:c7:6a:77:a1:df:75:90:
         f0:dd:5f:0b:7a:13:82:cb:1d:8f:2b:f9:32:ed:5e:bc:e9:b1:
         57:11:32:fe:b5:1e:10:ea:60:5b:a4:06:4e:da:fd:62:24:be:
         6c:57:4a:ba:ff:f8:ad:de:d8:b8:b3:1e:2a:12:b8:cc:43:d3:
         c3:dd:3d:2e:f2:cf:38:fe:a9:a6:57:b8:63:25:bf:c0:0c:62:
         1e:43:fd:c9:49:9e:78:9b:0a:ab:80:ec:9f:92:6d:6c:03:ef:
         23:fb:d4:bf:11:bb:d9:31:8c:3c:c6:ac:c4:b8:72:a4:8e:2e:
         60:24:36:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFMYB9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdkNjZhOGI1ZGQ5
NzUzZmExZjU4N2Y1NmQzOTFiYWQ5ZjJlZjlkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW3gXfi1UVsqUlmyvwdvKH/4NRh5Hyj3NReqzKf7wnhfGmu
DEGFGR+dkrY4/YTa9LBwY6KhrH3I1A21zj58NQjRiO6+SOGXSExaiap5ADj4NrxS
YUs+fd60NQUsUWDLUZYJrAmsZgs8WAYF6+O+W5fr8KsRGtYLO246N/zcJXUgV9a6
LS5O+6gBbWOybOz+w+1aoANtOAYjpVBfmxsCMXebX6qtGHAuqaZ/i4l8KFpJ43xb
X4PGedBcFIjmMnAD/KtEAcxfvToYHRlwU/mSq+dLQ7Yi2sBqUq5o9k33QpeBd/3g
raViZS7eFJajZ3MGaDSA8JadMsu6rnBGVjgd6OsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ31mqLXdl1P6H1h/VtORutny753DAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L045WnFpMTNaZFQtaDlZZjFiVGticlo4dS1kdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBnuDANBgkqhkiG9w0BAQsFAAOC
AQEAGS+2TtHTw/93Gdopo6i16wxQUphNAfRQjFm9iVML6TwUFBx5ouU+KIzdtGfY
6xXFK/DQfF139wD39QGvcbnbmZf/Ox9U9L66eVDhE0ECw8uS5vN+sEX7bnba8Lx8
NlPwjOX6b2lMzd0buqTfZN9vC12oAQhF2IjsKu4NDoeqZYvuxqLwM95FbZfHaneh
33WQ8N1fC3oTgssdjyv5Mu1evOmxVxEy/rUeEOpgW6QGTtr9YiS+bFdKuv/4rd7Y
uLMeKhK4zEPTw909LvLPOP6pple4YyW/wAxiHkP9yUmeeJsKq4Dsn5JtbAPvI/vU
vxG72TGMPMasxLhypI4uYCQ28A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org