Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/svaiAGZ1dvX0OJyp3F_poLFwBYc.roa
File:                     svaiAGZ1dvX0OJyp3F_poLFwBYc.roa (raw, json)
Hash identifier:          5j2dmILD5SdYs/oPM2KcMQQWB0rTTNvq46NOHdmGpBY=
Subject key identifier:   B2:F6:A2:00:66:75:76:F5:F4:38:9C:A9:DC:5F:E9:A0:B1:70:05:87
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       32FDCA3E
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/svaiAGZ1dvX0OJyp3F_poLFwBYc.roa
Signing time:             Sat 01 Jan 2022 06:53:16 +0000
ROA not before:           Sat 01 Jan 2022 06:53:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48200
IP address blocks:        84.39.96.0/20 maxlen: 32
                          194.62.23.0/24 maxlen: 32
                          2a01:b1c0::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855493182 (0x32fdca3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 06:53:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2f6a200667576f5f4389ca9dc5fe9a0b1700587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:27:80:9a:1b:91:38:92:d4:7c:f4:bd:0c:cb:
                    d6:77:4f:b4:d8:a7:d1:51:58:7d:01:37:cf:cd:58:
                    41:21:c0:d7:bf:e7:9c:4c:30:dc:8b:45:99:e7:cd:
                    79:b5:65:eb:dc:55:69:75:22:c1:d6:00:a6:8b:0e:
                    d9:94:2c:b4:df:fa:fb:cd:dd:c8:b3:a7:70:ae:da:
                    73:7a:7a:1a:0d:8f:00:0f:c3:1a:2d:30:67:76:54:
                    1a:95:15:81:70:45:52:38:e4:dd:3b:3e:21:cb:e6:
                    5c:d8:93:a6:07:45:27:60:72:4a:ba:12:29:91:84:
                    21:2d:01:a2:d6:47:81:cd:97:1e:b7:30:6f:ff:b2:
                    8c:1a:3b:53:c6:50:6c:88:38:fe:b6:af:0d:9d:08:
                    f4:b1:4a:54:a6:4c:75:7c:e8:75:c5:a2:9b:ec:0d:
                    e9:97:e4:26:23:a4:86:2e:0d:8d:c9:36:87:ef:8d:
                    13:4b:9f:5c:5a:e8:80:27:a2:e4:49:82:dc:49:4c:
                    62:16:54:9d:79:5d:71:d5:dc:b4:b1:70:a0:84:05:
                    01:03:79:92:b1:4f:7d:4d:4f:49:fa:c5:e3:ad:4d:
                    1f:96:cd:d9:30:18:f3:2f:7f:26:5b:5d:fc:51:dc:
                    ad:41:83:89:dc:bc:28:d5:51:95:c6:9b:1e:d3:01:
                    ca:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F6:A2:00:66:75:76:F5:F4:38:9C:A9:DC:5F:E9:A0:B1:70:05:87
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/svaiAGZ1dvX0OJyp3F_poLFwBYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.39.96.0/20
                  194.62.23.0/24
                IPv6:
                  2a01:b1c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:66:cc:ac:12:a5:4e:a2:bf:db:79:e4:1f:2e:05:0d:ec:0f:
         e2:93:8a:d4:79:5d:bc:5f:5a:c4:f9:e4:0d:68:d0:2d:28:fe:
         57:df:2c:03:6d:f8:b2:db:5f:b5:e8:b1:f2:ba:ff:f3:09:cc:
         58:ac:4e:93:5b:a4:ed:f4:0a:38:36:97:e0:04:8d:e5:9f:a1:
         b4:2f:43:fe:65:1c:09:1d:88:ff:34:41:2e:de:8e:76:c9:21:
         29:0a:f4:84:e6:a4:eb:97:19:87:ca:82:a2:2a:d0:33:0d:ce:
         0d:d2:85:be:99:64:95:78:31:98:ea:4c:70:f7:bd:39:ac:57:
         18:7c:17:7c:20:17:7c:3b:26:8a:db:c5:bd:da:c2:b1:cf:21:
         4e:fa:c4:29:c9:f0:16:d7:fc:ba:aa:11:16:23:58:df:65:8d:
         de:49:84:83:3a:0d:3f:60:5b:d5:c5:9f:12:c5:ae:e2:d9:68:
         11:f6:2b:09:06:1e:a0:9c:c4:68:53:ac:71:37:76:61:4e:76:
         b9:e3:29:3a:4f:17:1c:46:25:1c:fd:25:8f:96:08:79:29:05:
         51:86:de:62:1e:0d:5b:74:73:e4:f8:c6:0c:f2:65:fc:8f:4e:
         24:e3:57:a6:f5:55:95:73:ac:b8:77:db:2e:6b:a9:ba:c9:ac:
         6a:40:16:fb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMv3KPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjA3NDMzOWJiMjE2Yjg1YmRjODNkNjE3Nzg4MjFhZGY5MTQ5ZDU2MB4XDTIyMDEw
MTA2NTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJmNmEyMDA2Njc1
NzZmNWY0Mzg5Y2E5ZGM1ZmU5YTBiMTcwMDU4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQngJobkTiS1Hz0vQzL1ndPtNin0VFYfQE3z81YQSHA17/n
nEww3ItFmefNebVl69xVaXUiwdYAposO2ZQstN/6+83dyLOncK7ac3p6Gg2PAA/D
Gi0wZ3ZUGpUVgXBFUjjk3Ts+IcvmXNiTpgdFJ2BySroSKZGEIS0BotZHgc2XHrcw
b/+yjBo7U8ZQbIg4/ravDZ0I9LFKVKZMdXzodcWim+wN6ZfkJiOkhi4Njck2h++N
E0ufXFrogCei5EmC3ElMYhZUnXldcdXctLFwoIQFAQN5krFPfU1PSfrF461NH5bN
2TAY8y9/Jltd/FHcrUGDidy8KNVRlcabHtMByicCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSy9qIAZnV29fQ4nKncX+mgsXAFhzAfBgNVHSMEGDAWgBSiB0M5uyFrhb3I
PWF3iCGt+RSdVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29nZERPYnNoYTRXOXlEMWhkNGdocmZrVW5WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8x
L3N2YWlBR1oxZHZYME9KeXAzRl9wb0xGd0JZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8xL29nZERPYnNoYTRX
OXlEMWhkNGdocmZrVW5WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFQnYAMEAMI+FzANBAIAAjAHAwUD
KgGxwDANBgkqhkiG9w0BAQsFAAOCAQEAk2bMrBKlTqK/23nkHy4FDewP4pOK1Hld
vF9axPnkDWjQLSj+V98sA234sttfteix8rr/8wnMWKxOk1uk7fQKODaX4ASN5Z+h
tC9D/mUcCR2I/zRBLt6OdskhKQr0hOak65cZh8qCoirQMw3ODdKFvplklXgxmOpM
cPe9OaxXGHwXfCAXfDsmitvFvdrCsc8hTvrEKcnwFtf8uqoRFiNY32WN3kmEgzoN
P2Bb1cWfEsWu4tloEfYrCQYeoJzEaFOscTd2YU52ueMpOk8XHEYlHP0lj5YIeSkF
UYbeYh4NW3Rz5PjGDPJl/I9OJONXpvVVlXOsuHfbLmupusmsakAW+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org