Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/T8EyGCffj6UlBypDCa6py-myxtU.roa
File:                     T8EyGCffj6UlBypDCa6py-myxtU.roa (raw, json)
Hash identifier:          d60f8YhKoq5rGjZqjEa5hUQlIUlk98EgSOfKGRp/upw=
Subject key identifier:   4F:C1:32:18:27:DF:8F:A5:25:07:2A:43:09:AE:A9:CB:E9:B2:C6:D5
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0182EDAC522503ACFCA2BA33A9CA73155E89
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/T8EyGCffj6UlBypDCa6py-myxtU.roa
Signing time:             Tue 30 Aug 2022 07:34:29 +0000
ROA not before:           Tue 30 Aug 2022 07:34:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208911
IP address blocks:        213.209.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ed:ac:52:25:03:ac:fc:a2:ba:33:a9:ca:73:15:5e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Aug 30 07:34:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4fc1321827df8fa525072a4309aea9cbe9b2c6d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:46:7d:b0:80:4e:78:9b:2d:00:16:8b:86:91:
                    4b:d7:93:c9:74:e6:8b:70:e3:2c:b5:fb:78:72:07:
                    26:14:ad:77:ce:ed:8d:13:1f:1d:25:f9:1f:41:be:
                    6f:bf:e4:d8:0f:41:77:91:50:54:e5:2f:c5:19:02:
                    4b:12:99:7f:27:1b:e3:17:ed:48:37:30:b3:30:cc:
                    8a:04:bd:0d:22:d1:67:a3:ad:e4:09:a8:a6:7f:1e:
                    7d:fd:c6:74:73:80:64:da:57:df:a9:d4:5a:89:3d:
                    75:fa:31:4e:56:f6:06:a9:cf:6b:43:02:40:6c:0c:
                    4b:c5:1e:15:97:29:e3:6f:45:1a:4f:b7:e1:6a:2e:
                    00:e7:ec:cc:fa:3c:a2:3f:a5:58:21:85:ab:09:ca:
                    e0:31:41:3d:2c:9b:1b:1d:f8:d6:bf:23:0a:25:63:
                    63:71:bb:4c:69:65:13:c5:bb:b5:3f:f0:9a:74:e1:
                    ea:56:a6:d2:be:3a:ba:38:0e:54:43:4a:33:b6:7d:
                    37:c7:44:47:e3:9f:77:52:10:7e:5e:8e:c0:ab:39:
                    08:64:49:09:1f:50:39:0c:0e:5f:81:5a:17:0c:76:
                    af:78:fa:60:ac:a6:49:2a:fb:cd:63:b3:6a:0c:88:
                    b1:ca:28:4b:2e:0b:49:fc:ec:39:f4:a1:b9:8f:d4:
                    e8:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:C1:32:18:27:DF:8F:A5:25:07:2A:43:09:AE:A9:CB:E9:B2:C6:D5
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/T8EyGCffj6UlBypDCa6py-myxtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:fb:c8:c2:da:5e:c4:92:44:b9:f6:6e:b6:b7:a5:1b:c4:ef:
         52:80:d1:de:47:a5:85:8c:fd:44:b9:1d:cb:73:d5:4a:c6:c2:
         b0:13:59:df:06:b9:a4:b0:74:32:3a:87:14:ac:ba:6c:f2:ae:
         6e:03:e5:c5:23:b0:64:97:d2:03:9d:a6:f4:4b:73:a8:79:13:
         2f:27:e2:96:63:fa:02:d6:79:f5:cd:89:bf:76:69:6b:c0:42:
         ab:0a:b0:4e:2c:96:a8:42:2e:b7:97:73:9b:34:6c:da:17:62:
         20:34:c0:8f:11:00:64:e9:59:d5:e0:3d:e7:46:4a:e6:d2:e8:
         ab:1e:be:bf:9a:65:3f:31:0d:02:89:eb:81:5b:bd:8b:67:0c:
         bd:26:02:39:ce:3d:fc:38:dd:a4:de:03:a5:52:99:3d:6f:d8:
         2e:d5:43:8b:5d:0c:6d:10:fb:2d:d9:a3:11:1f:8d:89:19:88:
         37:34:1f:5a:9d:ad:ec:2b:eb:b3:d3:c6:0b:13:ca:43:67:19:
         2c:91:b9:5a:1b:f2:a6:f5:67:f1:74:f5:63:e2:dd:dc:93:e7:
         83:1e:a5:dd:6b:60:a8:c0:05:29:69:ba:dc:87:9e:b1:0a:40:
         57:e4:19:d7:1c:3c:72:f2:12:5c:22:39:4d:c0:df:d7:1f:e2:
         33:df:05:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLtrFIlA6z8orozqcpzFV6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODMwMDczNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmMxMzIxODI3ZGY4ZmE1MjUwNzJhNDMwOWFlYTljYmU5YjJjNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEZ9sIBOeJstABaLhpFL15PJdOaL
cOMstft4cgcmFK13zu2NEx8dJfkfQb5vv+TYD0F3kVBU5S/FGQJLEpl/JxvjF+1I
NzCzMMyKBL0NItFno63kCaimfx59/cZ0c4Bk2lffqdRaiT11+jFOVvYGqc9rQwJA
bAxLxR4Vlynjb0UaT7fhai4A5+zM+jyiP6VYIYWrCcrgMUE9LJsbHfjWvyMKJWNj
cbtMaWUTxbu1P/CadOHqVqbSvjq6OA5UQ0oztn03x0RH4593UhB+Xo7AqzkIZEkJ
H1A5DA5fgVoXDHavePpgrKZJKvvNY7NqDIixyihLLgtJ/Ow59KG5j9ToHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/BMhgn34+lJQcqQwmuqcvpssbVMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVDhFeUdDZmZqNlVsQnlwRENhNnB5LW15eHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGWMA0G
CSqGSIb3DQEBCwUAA4IBAQBM+8jC2l7EkkS59m62t6UbxO9SgNHeR6WFjP1EuR3L
c9VKxsKwE1nfBrmksHQyOocUrLps8q5uA+XFI7Bkl9IDnab0S3OoeRMvJ+KWY/oC
1nn1zYm/dmlrwEKrCrBOLJaoQi63l3ObNGzaF2IgNMCPEQBk6VnV4D3nRkrm0uir
Hr6/mmU/MQ0CieuBW72LZwy9JgI5zj38ON2k3gOlUpk9b9gu1UOLXQxtEPst2aMR
H42JGYg3NB9ana3sK+uz08YLE8pDZxkskblaG/Km9WfxdPVj4t3ck+eDHqXda2Co
wAUpabrch56xCkBX5BnXHDxy8hJcIjlNwN/XH+Iz3wUx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org