Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vuEYxSn1c5PfvE7IV4IUKCWsWq8.roa
File:                     vuEYxSn1c5PfvE7IV4IUKCWsWq8.roa (raw, json)
Hash identifier:          vO51cCt7zkFB2Ft0bXsGx79BfcWKboDwQAXJ5Ur/gBs=
Subject key identifier:   BE:E1:18:C5:29:F5:73:93:DF:BC:4E:C8:57:82:14:28:25:AC:5A:AF
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       06E57EAE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vuEYxSn1c5PfvE7IV4IUKCWsWq8.roa
Signing time:             Sat 01 Jan 2022 07:00:19 +0000
ROA not before:           Sat 01 Jan 2022 07:00:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        213.209.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115703470 (0x6e57eae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan  1 07:00:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bee118c529f57393dfbc4ec85782142825ac5aaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:03:bc:cf:37:67:79:20:9f:2a:18:38:67:cc:
                    af:d0:8f:ec:0d:26:e0:3a:d8:30:06:c9:e5:40:2b:
                    01:e5:00:e4:51:da:d6:5f:5f:0c:4d:61:d4:fc:ed:
                    70:7b:9c:4f:c4:1c:02:9e:75:d4:bf:20:03:b0:d1:
                    83:63:68:4b:4d:0c:bf:d4:26:87:d7:ba:4b:b6:6e:
                    6a:af:e8:d7:97:c2:bc:de:f0:a6:d4:03:ea:16:4a:
                    96:a6:6e:ae:39:15:52:9c:d7:d9:81:66:b1:86:46:
                    e6:f7:04:07:29:9e:8d:c9:84:67:6c:b8:64:64:8e:
                    d7:e4:41:22:66:36:59:e4:ea:7f:f5:72:13:0b:7b:
                    9d:80:60:6b:2b:b2:f9:01:91:fe:7d:1f:4d:59:9c:
                    a0:29:58:d2:b3:fc:ab:f7:8d:94:46:f4:17:87:3f:
                    1e:dd:a9:be:a9:47:11:67:93:d1:89:c0:07:99:96:
                    0e:8e:d3:2f:87:fc:66:f3:28:b2:cd:3a:b4:19:75:
                    3d:3c:ff:35:3d:16:c8:a3:bd:a1:32:a5:4e:01:43:
                    6d:dd:d6:55:cb:7b:e8:a9:c4:f6:a4:67:e3:1c:ab:
                    d8:91:9d:5f:cf:4c:f6:96:9a:80:ba:d5:a5:ca:6b:
                    73:13:7e:97:4d:11:33:fe:ad:5d:2c:be:7a:6f:96:
                    81:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E1:18:C5:29:F5:73:93:DF:BC:4E:C8:57:82:14:28:25:AC:5A:AF
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vuEYxSn1c5PfvE7IV4IUKCWsWq8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ed:1b:73:07:e5:ca:18:20:bb:f5:25:8a:d2:99:23:09:bb:
         5e:16:b6:25:25:91:2f:7b:ad:48:17:c0:8f:2d:15:57:46:d2:
         16:53:3d:87:59:b7:08:04:5d:2b:78:e2:f5:e4:67:ab:88:3d:
         88:3f:48:a1:80:86:9b:2f:85:c6:1b:ca:b3:4e:68:6b:29:5a:
         66:ba:d5:af:36:d2:ab:99:79:ac:51:9e:33:5d:b3:75:22:05:
         85:4e:8a:65:0b:87:21:29:a2:90:6c:f8:5f:67:fd:a0:41:6f:
         53:2b:5e:a2:81:fc:8b:8e:f2:d0:fd:98:90:d5:9b:3a:48:61:
         63:aa:2b:c6:d7:56:2f:48:2c:8b:eb:f1:98:92:75:38:d0:f9:
         f6:04:4e:14:79:24:a2:35:2e:1b:cf:de:da:74:cb:b2:90:44:
         ec:6f:41:b6:27:4d:45:40:c7:b6:bc:91:f6:f2:9e:d7:bf:b0:
         c8:af:72:d9:5b:0c:6a:f5:25:81:ec:0c:1a:96:87:79:7f:64:
         16:06:08:32:a8:fd:90:ab:7d:f1:65:fe:1b:31:62:a8:5c:7a:
         97:3b:43:60:78:b1:84:2d:9f:22:16:f0:22:f8:f6:62:8a:d2:
         1d:30:c0:bd:96:7d:ab:ed:06:27:08:a4:81:e3:53:7d:d4:5a:
         36:e4:d0:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBuV+rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDEw
MTA3MDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVlMTE4YzUyOWY1
NzM5M2RmYmM0ZWM4NTc4MjE0MjgyNWFjNWFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgDvM83Z3kgnyoYOGfMr9CP7A0m4DrYMAbJ5UArAeUA5FHa
1l9fDE1h1PztcHucT8QcAp511L8gA7DRg2NoS00Mv9Qmh9e6S7Zuaq/o15fCvN7w
ptQD6hZKlqZurjkVUpzX2YFmsYZG5vcEBymejcmEZ2y4ZGSO1+RBImY2WeTqf/Vy
Ewt7nYBgayuy+QGR/n0fTVmcoClY0rP8q/eNlEb0F4c/Ht2pvqlHEWeT0YnAB5mW
Do7TL4f8ZvMoss06tBl1PTz/NT0WyKO9oTKlTgFDbd3WVct76KnE9qRn4xyr2JGd
X89M9paagLrVpcprcxN+l00RM/6tXSy+em+WgUkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+4RjFKfVzk9+8TshXghQoJaxarzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3Z1RVl4U24xYzVQZnZFN0lWNElVS0NXc1dxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXRljANBgkqhkiG9w0BAQsFAAOC
AQEAiO0bcwflyhggu/UlitKZIwm7Xha2JSWRL3utSBfAjy0VV0bSFlM9h1m3CARd
K3ji9eRnq4g9iD9IoYCGmy+FxhvKs05oaylaZrrVrzbSq5l5rFGeM12zdSIFhU6K
ZQuHISmikGz4X2f9oEFvUyteooH8i47y0P2YkNWbOkhhY6orxtdWL0gsi+vxmJJ1
OND59gROFHkkojUuG8/e2nTLspBE7G9BtidNRUDHtryR9vKe17+wyK9y2VsMavUl
gewMGpaHeX9kFgYIMqj9kKt98WX+GzFiqFx6lztDYHixhC2fIhbwIvj2YorSHTDA
vZZ9q+0GJwikgeNTfdRaNuTQTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org