Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/De8z-gf27AVWS-goHAfqPm03r_s.roa
File:                     De8z-gf27AVWS-goHAfqPm03r_s.roa (raw, json)
Hash identifier:          USOtPIhusKhyMap75NKLJuxLc+2vNZ1v8ZK2HmdRXLk=
Subject key identifier:   0D:EF:33:FA:07:F6:EC:05:56:4B:E8:28:1C:07:EA:3E:6D:37:AF:FB
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       32FED803
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/De8z-gf27AVWS-goHAfqPm03r_s.roa
Signing time:             Sat 01 Jan 2022 06:53:17 +0000
ROA not before:           Sat 01 Jan 2022 06:53:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200548
IP address blocks:        84.39.96.0/21 maxlen: 24
                          2a01:b1c1::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855562243 (0x32fed803)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 06:53:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0def33fa07f6ec05564be8281c07ea3e6d37affb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f5:70:99:5d:88:8c:f0:58:a8:f1:c2:a1:86:
                    f9:79:9e:e9:fc:4b:3b:98:19:95:79:73:b8:11:9b:
                    7b:e5:58:87:92:ac:48:e0:67:72:e1:d6:66:8d:d6:
                    f3:d4:a7:e5:4b:40:70:9d:e0:aa:31:28:66:6c:72:
                    42:eb:29:aa:65:80:61:26:23:fb:36:92:70:a4:f1:
                    b3:c5:34:66:6f:3a:50:8a:2a:17:53:7f:96:b2:90:
                    64:55:5a:18:4e:8d:4c:0d:19:e2:72:18:e9:bc:f9:
                    90:f8:d9:cd:65:ae:a5:78:5a:56:b6:24:b4:55:02:
                    7b:f1:5d:81:08:24:16:b3:f8:2a:d0:5a:e0:23:1a:
                    48:17:09:cb:d7:32:e4:de:51:53:02:8a:f1:9b:6c:
                    72:68:cb:a7:c7:09:cb:69:9e:7b:c1:be:84:7b:ec:
                    c6:5e:99:38:09:46:dd:4e:02:e0:44:e0:21:e6:75:
                    fe:e0:30:97:b8:af:0b:48:2f:e7:72:05:5e:a6:62:
                    9b:e9:bf:aa:a2:b2:b8:f8:d3:2a:b9:b7:eb:4d:38:
                    bf:4b:54:ea:6f:8d:4b:8e:e9:e0:7d:2d:a8:7a:2e:
                    dc:ad:5e:c0:08:80:84:93:57:81:c6:d6:4b:d1:46:
                    15:22:93:cd:cc:d1:35:e9:89:5a:d0:fd:3a:6c:0c:
                    c1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:EF:33:FA:07:F6:EC:05:56:4B:E8:28:1C:07:EA:3E:6D:37:AF:FB
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/De8z-gf27AVWS-goHAfqPm03r_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.39.96.0/21
                IPv6:
                  2a01:b1c1::/32

    Signature Algorithm: sha256WithRSAEncryption
         8d:17:af:fd:7a:ad:ae:8a:de:03:d9:14:61:a0:a1:0b:34:46:
         6d:22:43:cf:d1:e9:da:23:e7:7f:0d:1a:fd:0a:b7:59:74:0b:
         0b:01:c6:bc:96:e1:0d:8f:a1:f4:f9:9c:13:b0:ea:ed:db:c4:
         7b:40:e5:8d:56:fa:55:76:74:e1:e5:e0:6a:f9:f6:e4:8b:19:
         a1:93:30:9c:f6:90:4f:98:df:20:f2:03:59:73:f7:94:31:7f:
         45:18:68:07:c8:bb:59:2b:15:6c:a1:e6:6e:81:48:3f:56:76:
         43:8a:58:d8:26:81:3c:07:53:08:d6:d8:fa:2e:ad:c7:63:86:
         26:a3:e9:f7:ff:2a:28:8c:50:0f:a2:4e:d3:99:3a:fb:32:d3:
         9f:9b:f5:f2:77:4d:42:48:2e:e1:e7:4e:3e:68:80:d3:01:43:
         aa:33:b8:74:11:9a:30:9f:35:ab:27:19:3d:2e:06:c0:5c:9d:
         d6:6c:4d:19:05:8a:9b:f5:e3:78:16:d5:97:05:aa:96:b5:ee:
         07:36:af:ce:5a:16:ab:1f:91:62:44:6c:dd:78:0f:52:dc:56:
         bf:54:a7:56:9b:99:04:b5:ec:51:6b:3a:73:74:09:f9:a3:54:
         dc:72:c2:9b:f6:72:d8:5b:f5:bc:42:8f:0d:a7:a9:94:ec:c7:
         0a:00:1a:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEMv7YAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjA3NDMzOWJiMjE2Yjg1YmRjODNkNjE3Nzg4MjFhZGY5MTQ5ZDU2MB4XDTIyMDEw
MTA2NTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRlZjMzZmEwN2Y2
ZWMwNTU2NGJlODI4MWMwN2VhM2U2ZDM3YWZmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKX1cJldiIzwWKjxwqGG+Xme6fxLO5gZlXlzuBGbe+VYh5Ks
SOBncuHWZo3W89Sn5UtAcJ3gqjEoZmxyQuspqmWAYSYj+zaScKTxs8U0Zm86UIoq
F1N/lrKQZFVaGE6NTA0Z4nIY6bz5kPjZzWWupXhaVrYktFUCe/FdgQgkFrP4KtBa
4CMaSBcJy9cy5N5RUwKK8ZtscmjLp8cJy2mee8G+hHvsxl6ZOAlG3U4C4ETgIeZ1
/uAwl7ivC0gv53IFXqZim+m/qqKyuPjTKrm36004v0tU6m+NS47p4H0tqHou3K1e
wAiAhJNXgcbWS9FGFSKTzczRNemJWtD9OmwMwdMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQN7zP6B/bsBVZL6CgcB+o+bTev+zAfBgNVHSMEGDAWgBSiB0M5uyFrhb3I
PWF3iCGt+RSdVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29nZERPYnNoYTRXOXlEMWhkNGdocmZrVW5WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8x
L0RlOHotZ2YyN0FWV1MtZ29IQWZxUG0wM3Jfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8xL29nZERPYnNoYTRX
OXlEMWhkNGdocmZrVW5WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1QnYDANBAIAAjAHAwUAKgGxwTAN
BgkqhkiG9w0BAQsFAAOCAQEAjRev/XqtroreA9kUYaChCzRGbSJDz9Hp2iPnfw0a
/Qq3WXQLCwHGvJbhDY+h9PmcE7Dq7dvEe0DljVb6VXZ04eXgavn25IsZoZMwnPaQ
T5jfIPIDWXP3lDF/RRhoB8i7WSsVbKHmboFIP1Z2Q4pY2CaBPAdTCNbY+i6tx2OG
JqPp9/8qKIxQD6JO05k6+zLTn5v18ndNQkgu4edOPmiA0wFDqjO4dBGaMJ81qycZ
PS4GwFyd1mxNGQWKm/XjeBbVlwWqlrXuBzavzloWqx+RYkRs3XgPUtxWv1SnVpuZ
BLXsUWs6c3QJ+aNU3HLCm/Zy2Fv1vEKPDaeplOzHCgAapQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org