Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kAxXMF8sCCVwQFzdJUGwNykFvhY.roa
File:                     kAxXMF8sCCVwQFzdJUGwNykFvhY.roa (raw, json)
Hash identifier:          oGiM4CZ5sfZQUWndCwRe4s+HgGMuV2S/mzhPXWZhVHo=
Subject key identifier:   90:0C:57:30:5F:2C:08:25:70:40:5C:DD:25:41:B0:37:29:05:BE:16
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0184C5578EF14097C3D93007171032668B4C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kAxXMF8sCCVwQFzdJUGwNykFvhY.roa
Signing time:             Tue 29 Nov 2022 21:42:40 +0000
ROA not before:           Tue 29 Nov 2022 21:42:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        213.209.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c5:57:8e:f1:40:97:c3:d9:30:07:17:10:32:66:8b:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Nov 29 21:42:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=900c57305f2c082570405cdd2541b0372905be16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:25:e4:32:87:c8:2e:7e:5f:83:0d:5d:3f:5e:
                    cd:6d:a5:67:59:bf:eb:b4:c5:9b:7a:6e:56:5f:fa:
                    35:b6:17:19:9c:9d:04:a0:a5:74:ff:cc:c6:a5:c9:
                    ba:12:91:87:2f:c4:3a:ec:1c:27:3e:51:7a:2d:d0:
                    5d:68:e7:26:47:ce:43:40:85:50:12:d7:a2:1c:bc:
                    a7:7e:05:90:1f:d5:39:ce:16:13:0e:0f:d7:30:fa:
                    0f:5d:fd:82:a3:02:f5:15:ec:db:db:6e:46:43:da:
                    eb:4e:12:d8:73:e4:a8:e8:3a:8d:23:c6:eb:61:0c:
                    40:ab:c3:a4:5a:31:c5:e4:52:10:cd:bf:5e:4c:e7:
                    57:96:6d:9e:e5:3b:4a:d5:fe:28:77:42:c0:b9:12:
                    30:cc:0f:10:84:09:88:6f:46:39:8f:2f:a2:67:31:
                    d3:b8:31:e6:c0:9f:1d:cf:e0:f2:2e:54:68:15:b9:
                    0a:b8:b8:f2:5f:4e:b5:a4:5b:3e:2c:73:b2:f7:12:
                    a9:50:01:b1:e7:6c:1c:cf:5d:4d:12:cb:0c:4c:28:
                    4c:e5:af:b0:af:03:38:e9:07:81:8e:d6:0e:57:0e:
                    12:40:1f:e4:05:1b:63:f9:49:81:36:5c:4f:b4:ec:
                    30:a3:87:64:a7:bc:65:d4:86:43:64:f8:d8:f2:26:
                    cd:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:0C:57:30:5F:2C:08:25:70:40:5C:DD:25:41:B0:37:29:05:BE:16
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kAxXMF8sCCVwQFzdJUGwNykFvhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:3c:67:67:c2:df:da:76:59:5f:b3:ca:aa:a1:e2:60:dd:84:
         ef:ea:89:e3:ad:a2:49:e8:a5:6b:2b:96:70:cf:12:cf:30:2c:
         ac:40:d1:35:cf:37:83:74:26:19:02:1c:35:37:51:d3:75:14:
         2f:f0:96:ae:9c:b8:e1:0d:38:ca:b7:69:be:55:34:a5:02:f3:
         69:09:cf:48:29:6a:2e:93:2e:9b:33:70:80:3c:fb:12:51:c1:
         ab:27:9d:76:a7:53:b1:a6:d9:6f:91:e6:11:04:35:0b:14:07:
         44:1c:ad:54:d1:6e:5f:2a:13:4a:5c:72:66:58:24:c1:b1:2f:
         6e:cd:ff:cd:51:95:72:bf:d6:57:00:06:7a:bd:60:d3:26:d9:
         cb:5e:58:52:f4:72:d4:2e:24:25:46:00:24:7b:cd:66:20:f4:
         a7:97:0b:31:74:01:f0:da:82:d8:3e:46:67:fb:30:f0:a1:ae:
         4f:3c:1a:ec:db:61:c8:86:8e:a8:d3:38:d6:d2:58:35:3d:5b:
         d4:d3:cf:2e:44:c1:99:b1:ed:17:50:f3:fc:58:49:81:9d:9e:
         97:60:3f:9e:86:98:21:d1:b1:37:d2:a1:ff:f4:9f:8a:54:c4:
         c3:4f:94:2b:c7:6d:ed:be:26:b5:a2:44:e6:da:c3:27:61:95:
         8c:87:84:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTFV47xQJfD2TAHFxAyZotMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTI5MjE0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBjNTczMDVmMmMwODI1NzA0MDVjZGQyNTQxYjAzNzI5MDViZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSXkMofILn5fgw1dP17NbaVnWb/r
tMWbem5WX/o1thcZnJ0EoKV0/8zGpcm6EpGHL8Q67BwnPlF6LdBdaOcmR85DQIVQ
EteiHLynfgWQH9U5zhYTDg/XMPoPXf2CowL1Fezb225GQ9rrThLYc+So6DqNI8br
YQxAq8OkWjHF5FIQzb9eTOdXlm2e5TtK1f4od0LAuRIwzA8QhAmIb0Y5jy+iZzHT
uDHmwJ8dz+DyLlRoFbkKuLjyX061pFs+LHOy9xKpUAGx52wcz11NEssMTChM5a+w
rwM46QeBjtYOVw4SQB/kBRtj+UmBNlxPtOwwo4dkp7xl1IZDZPjY8ibNNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAMVzBfLAglcEBc3SVBsDcpBb4WMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEva0F4WE1GOHNDQ1Z3UUZ6ZEpVR3dOeWtGdmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGRMA0G
CSqGSIb3DQEBCwUAA4IBAQCkPGdnwt/adllfs8qqoeJg3YTv6onjraJJ6KVrK5Zw
zxLPMCysQNE1zzeDdCYZAhw1N1HTdRQv8JaunLjhDTjKt2m+VTSlAvNpCc9IKWou
ky6bM3CAPPsSUcGrJ512p1OxptlvkeYRBDULFAdEHK1U0W5fKhNKXHJmWCTBsS9u
zf/NUZVyv9ZXAAZ6vWDTJtnLXlhS9HLULiQlRgAke81mIPSnlwsxdAHw2oLYPkZn
+zDwoa5PPBrs22HIho6o0zjW0lg1PVvU088uRMGZse0XUPP8WEmBnZ6XYD+ehpgh
0bE30qH/9J+KVMTDT5Qrx23tvia1okTm2sMnYZWMh4T7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org