Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa
File:                     98lt729vIcxMoLimNnZOB8F-Mnc.roa (raw, json)
Hash identifier:          YI4u1HDpEnkDRQEfU36TyJ5n3i5eiLhVolDkNfiaoZg=
Subject key identifier:   F7:C9:6D:EF:6F:6F:21:CC:4C:A0:B8:A6:36:76:4E:07:C1:7E:32:77
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       0CDFB6A1
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa
Signing time:             Tue 08 Feb 2022 08:26:43 +0000
ROA not before:           Tue 08 Feb 2022 08:26:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39855
IP address blocks:        212.124.68.0/22 maxlen: 24
                          212.124.72.0/22 maxlen: 24
                          212.124.76.0/22 maxlen: 24
                          212.124.86.0/24 maxlen: 24
                          212.124.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215987873 (0xcdfb6a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Feb  8 08:26:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7c96def6f6f21cc4ca0b8a636764e07c17e3277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:6e:65:da:5d:94:b6:83:96:e6:be:4a:8a:b7:
                    06:3a:be:62:0d:d8:e6:50:26:3e:92:c7:2e:62:8c:
                    09:93:51:ad:8f:44:15:84:84:da:76:81:1e:f9:a1:
                    db:02:a4:ed:e1:2c:c7:99:24:e3:20:fc:40:4b:e1:
                    81:d5:f0:98:3d:0c:3a:42:07:70:0a:9d:40:aa:c4:
                    e1:19:20:71:4a:b5:34:bc:fb:bb:25:db:68:ee:d6:
                    1f:2c:13:9a:16:e4:cd:83:b1:fe:09:74:d2:65:61:
                    63:7e:9c:38:d5:58:02:9e:cf:bc:c4:ab:78:fb:de:
                    fe:3f:bf:91:29:1d:52:24:b2:77:33:dc:83:ec:5b:
                    1e:76:1d:d6:18:c8:76:18:ad:c6:65:70:57:17:d7:
                    67:ae:c6:27:aa:1d:ca:48:ac:74:2d:80:03:18:32:
                    82:f4:32:04:3a:a6:20:29:9c:28:12:e4:d6:42:c5:
                    79:53:cb:a1:50:db:bd:db:cf:bb:59:0d:7a:fb:63:
                    03:42:96:c2:fd:09:49:18:fa:db:14:4b:e6:3f:b3:
                    97:8e:de:b8:70:20:fb:8f:0b:e3:fe:6e:f6:30:f3:
                    8d:da:27:be:e2:3d:5a:b3:58:15:ce:7f:f7:77:1c:
                    a2:8d:d9:9b:b7:0d:c0:95:f0:ec:b9:67:5e:7f:a9:
                    82:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:C9:6D:EF:6F:6F:21:CC:4C:A0:B8:A6:36:76:4E:07:C1:7E:32:77
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.68.0-212.124.79.255
                  212.124.86.0/24
                  212.124.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:f4:4c:ac:4c:1b:83:07:d8:6c:ac:88:3a:e3:2f:0a:04:17:
         54:8b:bc:cb:c5:92:db:60:cc:d0:f3:0b:b0:b9:dd:f1:d2:8e:
         80:06:53:5f:71:8f:24:64:7d:99:18:98:7d:a0:44:03:82:86:
         c5:4d:62:07:92:d3:32:d7:fd:37:c1:29:7f:11:81:47:9a:f4:
         4b:b0:1e:d0:5a:7b:55:d2:86:bc:0c:70:e5:47:b4:83:ba:c1:
         92:cb:fd:14:08:32:45:7e:1e:d7:65:4a:c7:5e:97:c0:ac:68:
         8e:1a:4e:01:bc:ca:42:f0:e0:10:ea:4f:10:d0:d5:66:74:12:
         cd:03:f9:d3:6d:de:b7:cd:52:32:19:65:1d:64:05:d0:d5:ea:
         5a:e8:b6:ed:f6:7c:a4:a8:8f:db:33:cb:94:ce:58:a6:8c:82:
         2f:59:45:94:2a:54:71:21:5e:7b:b8:30:ec:6e:d5:bf:9d:7a:
         1d:70:85:cd:ae:3a:59:60:09:60:08:2e:5b:63:42:17:82:39:
         25:8c:9f:c9:77:61:60:da:e3:d4:61:26:2a:fb:2d:27:3a:a0:
         c9:ff:dd:c1:43:dc:44:ba:bb:dc:00:1f:d6:24:1e:3a:b5:e3:
         ac:4a:3e:16:52:99:2b:4a:51:b8:6b:f6:23:5b:8f:fd:c8:4f:
         6c:85:64:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEDN+2oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDIw
ODA4MjY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjOTZkZWY2ZjZm
MjFjYzRjYTBiOGE2MzY3NjRlMDdjMTdlMzI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9uZdpdlLaDlua+Soq3Bjq+Yg3Y5lAmPpLHLmKMCZNRrY9E
FYSE2naBHvmh2wKk7eEsx5kk4yD8QEvhgdXwmD0MOkIHcAqdQKrE4RkgcUq1NLz7
uyXbaO7WHywTmhbkzYOx/gl00mVhY36cONVYAp7PvMSrePve/j+/kSkdUiSydzPc
g+xbHnYd1hjIdhitxmVwVxfXZ67GJ6odykisdC2AAxgygvQyBDqmICmcKBLk1kLF
eVPLoVDbvdvPu1kNevtjA0KWwv0JSRj62xRL5j+zl47euHAg+48L4/5u9jDzjdon
vuI9WrNYFc5/93ccoo3Zm7cNwJXw7LlnXn+pgvsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBT3yW3vb28hzEyguKY2dk4HwX4ydzAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
Lzk4bHQ3Mjl2SWN4TW9MaW1OblpPQjhGLU1uYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQC1HxEAwQE1HxAAwQA1HxWAwQA
1HxcMA0GCSqGSIb3DQEBCwUAA4IBAQAR9EysTBuDB9hsrIg64y8KBBdUi7zLxZLb
YMzQ8wuwud3x0o6ABlNfcY8kZH2ZGJh9oEQDgobFTWIHktMy1/03wSl/EYFHmvRL
sB7QWntV0oa8DHDlR7SDusGSy/0UCDJFfh7XZUrHXpfArGiOGk4BvMpC8OAQ6k8Q
0NVmdBLNA/nTbd63zVIyGWUdZAXQ1epa6Lbt9nykqI/bM8uUzlimjIIvWUWUKlRx
IV57uDDsbtW/nXodcIXNrjpZYAlgCC5bY0IXgjkljJ/Jd2Fg2uPUYSYq+y0nOqDJ
/93BQ9xEurvcAB/WJB46teOsSj4WUpkrSlG4a/YjW4/9yE9shWRx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org