Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/DrB3LN4DgmqyTLk293aGZR-X1vA.roa
File:                     DrB3LN4DgmqyTLk293aGZR-X1vA.roa (raw, json)
Hash identifier:          asFFvGexTXCj58F/f8f2V625EPvTS7bV2WTgqSrqxj4=
Subject key identifier:   0E:B0:77:2C:DE:03:82:6A:B2:4C:B9:36:F7:76:86:65:1F:97:D6:F0
Certificate issuer:       /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial:       03A7AFA3
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/DrB3LN4DgmqyTLk293aGZR-X1vA.roa
Signing time:             Sat 01 Jan 2022 15:58:13 +0000
ROA not before:           Sat 01 Jan 2022 15:58:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12963
IP address blocks:        94.247.224.0/21 maxlen: 21
                          94.247.224.0/23 maxlen: 23
                          185.192.216.0/22 maxlen: 22
                          194.183.160.0/24 maxlen: 24
                          194.183.160.0/19 maxlen: 19
                          213.160.128.0/19 maxlen: 19
                          2a00:9880::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61321123 (0x3a7afa3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
        Validity
            Not Before: Jan  1 15:58:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0eb0772cde03826ab24cb936f77686651f97d6f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c7:dc:6d:21:b8:1b:24:62:32:49:e1:b4:40:
                    48:94:2a:7e:51:f1:f0:e9:11:fb:3c:94:99:66:28:
                    86:af:17:86:c9:83:35:a7:2e:9d:81:4d:9a:3a:3a:
                    0e:b7:d1:bc:e0:24:af:9e:40:79:53:ab:83:49:fa:
                    f3:df:7f:eb:22:c2:2d:43:4a:7d:60:52:3e:ae:ca:
                    0e:0f:72:8a:8b:61:6e:97:bc:7b:55:12:87:b3:94:
                    67:d8:44:c0:ad:75:d4:60:8a:f5:72:b7:b0:86:cd:
                    5b:9d:f6:bd:44:dd:dc:84:17:ff:41:dc:0c:28:35:
                    dc:61:7b:98:39:93:55:3a:7c:94:eb:57:39:8f:30:
                    b3:da:fb:6c:78:3c:dc:9c:ef:b4:92:a2:b8:55:9a:
                    03:fb:a4:23:52:57:eb:66:02:7f:85:6d:62:61:21:
                    be:d8:80:fa:3f:0e:15:76:f0:88:fd:bf:f0:76:0f:
                    6b:3e:46:54:01:1f:1f:f8:53:c3:e8:d1:85:f1:54:
                    b0:8c:0a:59:32:ac:f8:0c:fa:f3:8b:27:6f:f4:e6:
                    96:bd:e9:5a:1e:45:af:46:96:e6:6a:e5:80:35:05:
                    73:01:42:ea:63:b1:e8:f6:46:e8:88:18:6b:80:f7:
                    7c:19:bd:e2:64:c8:c2:f5:26:f8:50:a5:e0:23:f2:
                    23:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B0:77:2C:DE:03:82:6A:B2:4C:B9:36:F7:76:86:65:1F:97:D6:F0
            X509v3 Authority Key Identifier:
                keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/DrB3LN4DgmqyTLk293aGZR-X1vA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.247.224.0/21
                  185.192.216.0/22
                  194.183.160.0/19
                  213.160.128.0/19
                IPv6:
                  2a00:9880::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:eb:fe:8f:db:cf:ea:a0:34:1b:d7:74:8d:c6:f5:e6:62:cf:
         c7:66:15:7c:57:3b:51:16:f3:a2:86:21:46:fb:26:22:56:db:
         86:db:0a:e9:00:b1:1b:5f:1a:3d:c4:7a:1c:c0:cc:97:9f:52:
         36:4d:6e:47:b0:3f:1f:34:2d:94:4e:c2:f2:1e:33:40:06:58:
         4d:e4:75:a9:44:a3:d1:53:c6:c7:be:55:68:d9:cc:d4:c5:e8:
         40:35:08:c8:e5:60:58:e0:96:43:c8:c1:66:38:54:c3:89:a3:
         a5:c1:0c:16:39:b1:34:77:de:b1:17:e6:1c:b7:3d:0b:eb:4e:
         5b:35:af:b2:39:54:f4:d2:2c:c3:7a:c7:05:0b:6d:a2:62:04:
         18:75:58:96:9b:91:cd:e3:ce:63:54:b5:e3:89:3d:40:12:d2:
         b4:4f:40:e6:b2:3b:d7:5e:6b:48:a8:07:17:7a:9b:a0:f5:c8:
         a0:12:c5:4a:3e:65:2e:84:fd:19:16:ff:c6:b6:e1:22:7b:a3:
         74:28:0b:a4:ce:9c:ba:e8:34:1a:2b:7a:f6:92:34:5b:01:24:
         d0:75:a2:33:5a:a1:0e:f5:3a:8a:da:6a:6b:87:be:08:33:e4:
         5b:35:a7:52:58:e2:99:0b:de:4d:5a:7e:f4:1f:9b:86:78:5a:
         7d:de:c7:90
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEA6evozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGUzYzMzNjk3MjA5NGIxYThjMTNkNDE4MTY4NTdkMTk3YTNhYWU5MB4XDTIyMDEw
MTE1NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGViMDc3MmNkZTAz
ODI2YWIyNGNiOTM2Zjc3Njg2NjUxZjk3ZDZmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnH3G0huBskYjJJ4bRASJQqflHx8OkR+zyUmWYohq8XhsmD
NacunYFNmjo6DrfRvOAkr55AeVOrg0n6899/6yLCLUNKfWBSPq7KDg9yiothbpe8
e1USh7OUZ9hEwK111GCK9XK3sIbNW532vUTd3IQX/0HcDCg13GF7mDmTVTp8lOtX
OY8ws9r7bHg83JzvtJKiuFWaA/ukI1JX62YCf4VtYmEhvtiA+j8OFXbwiP2/8HYP
az5GVAEfH/hTw+jRhfFUsIwKWTKs+Az684snb/Tmlr3pWh5Fr0aW5mrlgDUFcwFC
6mOx6PZG6IgYa4D3fBm94mTIwvUm+FCl4CPyI4cCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQOsHcs3gOCarJMuTb3doZlH5fW8DAfBgNVHSMEGDAWgBR048M2lyCUsajB
PUGBaFfRl6Oq6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RPUEROcGNnbExHb3dUMUJnV2hYMFplanF1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8x
L0RyQjNMTjREZ21xeVRMazI5M2FHWlItWDF2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8xL2RPUEROcGNnbExH
b3dUMUJnV2hYMFplanF1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1734AMEArnA2AMEBcK3oAMEBdWg
gDANBAIAAjAHAwUAKgCYgDANBgkqhkiG9w0BAQsFAAOCAQEAHev+j9vP6qA0G9d0
jcb15mLPx2YVfFc7URbzooYhRvsmIlbbhtsK6QCxG18aPcR6HMDMl59SNk1uR7A/
HzQtlE7C8h4zQAZYTeR1qUSj0VPGx75VaNnM1MXoQDUIyOVgWOCWQ8jBZjhUw4mj
pcEMFjmxNHfesRfmHLc9C+tOWzWvsjlU9NIsw3rHBQttomIEGHVYlpuRzePOY1S1
44k9QBLStE9A5rI7115rSKgHF3qboPXIoBLFSj5lLoT9GRb/xrbhInujdCgLpM6c
uug0Git69pI0WwEk0HWiM1qhDvU6itpqa4e+CDPkWzWnUljimQveTVp+9B+bhnha
fd7HkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org