Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1BPYlZ8C8U_m8n2ODrZyNNvdog4.roa
File:                     1BPYlZ8C8U_m8n2ODrZyNNvdog4.roa (raw, json)
Hash identifier:          h1YMgiN/aYvZOgWGUAs3sk07rkptR/iZfzitQGVbgUU=
Subject key identifier:   D4:13:D8:95:9F:02:F1:4F:E6:F2:7D:8E:0E:B6:72:34:DB:DD:A2:0E
Certificate issuer:       /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial:       4438F162
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1BPYlZ8C8U_m8n2ODrZyNNvdog4.roa
Signing time:             Sat 01 Jan 2022 09:54:48 +0000
ROA not before:           Sat 01 Jan 2022 09:54:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     680
IP address blocks:        192.166.56.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1144582498 (0x4438f162)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
        Validity
            Not Before: Jan  1 09:54:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d413d8959f02f14fe6f27d8e0eb67234dbdda20e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:36:2b:4e:92:13:96:99:c7:fe:72:a1:23:9c:
                    10:dd:2e:53:58:b2:3e:f6:36:8c:e3:46:0c:30:b6:
                    7a:34:04:08:5f:95:43:d4:b6:0f:14:a4:e4:e1:8c:
                    b9:e4:4c:09:34:33:71:58:79:25:ef:28:b7:36:9a:
                    df:a4:9d:ca:61:09:ec:6a:16:54:ee:44:5c:aa:98:
                    ae:bf:62:21:50:6f:1f:34:2b:5a:53:a2:6d:8a:12:
                    32:4c:11:9d:d9:ab:d8:dc:e6:9c:aa:3f:f4:61:e2:
                    15:9b:2a:d7:0b:26:9d:64:49:c1:7d:81:b4:b7:d6:
                    72:52:a3:98:83:a8:1a:50:b3:e8:85:cf:63:42:77:
                    53:e8:c0:c2:1a:86:08:30:2a:83:33:25:55:21:0f:
                    9f:01:f9:23:51:25:b0:5e:60:c3:31:d1:8e:3c:71:
                    a2:e6:55:6b:8a:38:c3:49:76:76:d2:01:16:3a:d9:
                    47:3e:bd:c4:1b:94:4b:fc:08:a7:71:aa:2f:05:93:
                    34:73:4b:15:ce:f0:8a:83:03:66:09:b7:4e:a7:44:
                    e1:ad:c1:7b:af:71:99:e6:f5:1e:1c:b1:31:c5:2a:
                    ba:8c:60:20:6f:d6:f4:cc:a5:6a:1d:4f:ba:37:6f:
                    fb:77:9f:2b:4c:02:a3:36:7b:09:6a:f6:3e:44:59:
                    31:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:13:D8:95:9F:02:F1:4F:E6:F2:7D:8E:0E:B6:72:34:DB:DD:A2:0E
            X509v3 Authority Key Identifier:
                keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1BPYlZ8C8U_m8n2ODrZyNNvdog4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.166.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2a:4f:ad:78:5a:6f:a9:cc:52:e3:85:01:bd:be:45:3c:b8:24:
         fa:a4:c8:7b:90:52:50:ca:73:3d:9e:a0:18:d9:6a:09:ba:df:
         f8:b3:75:3d:e4:6b:77:90:6f:5e:7c:6a:38:ee:93:36:8c:4b:
         80:a8:6a:6f:db:7a:b6:12:40:de:f0:2e:ee:3c:a2:cf:76:57:
         02:43:1f:48:aa:b2:29:f5:13:d2:a7:d8:45:54:22:86:99:e1:
         b6:8b:5f:82:c7:05:6c:7b:a2:6f:71:8e:c6:c2:3a:29:24:b6:
         96:66:bb:28:9f:11:67:cf:a1:59:92:65:9a:96:ca:02:be:05:
         1d:60:19:68:71:0e:87:84:fd:49:12:34:1b:d4:02:b7:0e:12:
         f6:46:28:c7:ed:7a:81:04:9d:f4:6c:9c:2c:b4:2c:59:f0:e4:
         7b:c6:f9:bf:20:f4:32:04:a2:f9:c4:e7:a1:36:34:82:08:44:
         f4:1f:08:c5:66:d1:fc:e4:6f:7b:53:d0:eb:21:dd:a3:86:98:
         82:e4:43:b7:0d:83:16:3d:9e:ae:fa:a1:c4:2e:3e:c4:d5:02:
         0e:69:ee:8d:28:4e:f0:9b:57:05:ce:0e:16:f6:bd:a2:b1:af:
         2a:62:81:87:26:ee:47:d5:36:f8:1e:79:04:df:f2:1a:32:3f:
         e1:c8:c2:2b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIERDjxYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQ3MTAwZTc3ZWQ5MTE5ZDY2ZTIzMjFiYjY3MTFkN2U3NjA5ODJiMB4XDTIyMDEw
MTA5NTQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQxM2Q4OTU5ZjAy
ZjE0ZmU2ZjI3ZDhlMGViNjcyMzRkYmRkYTIwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI2K06SE5aZx/5yoSOcEN0uU1iyPvY2jONGDDC2ejQECF+V
Q9S2DxSk5OGMueRMCTQzcVh5Je8otzaa36SdymEJ7GoWVO5EXKqYrr9iIVBvHzQr
WlOibYoSMkwRndmr2NzmnKo/9GHiFZsq1wsmnWRJwX2BtLfWclKjmIOoGlCz6IXP
Y0J3U+jAwhqGCDAqgzMlVSEPnwH5I1ElsF5gwzHRjjxxouZVa4o4w0l2dtIBFjrZ
Rz69xBuUS/wIp3GqLwWTNHNLFc7wioMDZgm3TqdE4a3Be69xmeb1HhyxMcUquoxg
IG/W9Mylah1Pujdv+3efK0wCozZ7CWr2PkRZMWUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTUE9iVnwLxT+byfY4OtnI0292iDjAfBgNVHSMEGDAWgBT61xAOd+2RGdZu
IyG7ZxHX52CYKzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzNlLzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2Uv
MS8xQlBZbFo4QzhVX204bjJPRHJaeU5OdmRvZzQucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNl
LzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2UvMS8xLXRjUURuZnRr
Um5XYmlNaHUyY1IxLWRnbUNzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwKY4MA0GCSqGSIb3DQEBCwUA
A4IBAQAqT614Wm+pzFLjhQG9vkU8uCT6pMh7kFJQynM9nqAY2WoJut/4s3U95Gt3
kG9efGo47pM2jEuAqGpv23q2EkDe8C7uPKLPdlcCQx9IqrIp9RPSp9hFVCKGmeG2
i1+CxwVse6JvcY7GwjopJLaWZrsonxFnz6FZkmWalsoCvgUdYBlocQ6HhP1JEjQb
1AK3DhL2RijH7XqBBJ30bJwstCxZ8OR7xvm/IPQyBKL5xOehNjSCCET0HwjFZtH8
5G97U9DrId2jhpiC5EO3DYMWPZ6u+qHELj7E1QIOae6NKE7wm1cFzg4W9r2isa8q
YoGHJu5H1Tb4HnkE3/IaMj/hyMIr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:26 2024 by rpki-client on console-ams.rpki-client.org