Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/E4VVvJ60bMm72HZoLwGQi2CnxNE.roa
File:                     E4VVvJ60bMm72HZoLwGQi2CnxNE.roa (raw, json)
Hash identifier:          Zz7tY+7WWHj6UuHRfBRG2w1215rwvsXs9jT5i1Kf5Io=
Subject key identifier:   13:85:55:BC:9E:B4:6C:C9:BB:D8:76:68:2F:01:90:8B:60:A7:C4:D1
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       0C82ABCC
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/E4VVvJ60bMm72HZoLwGQi2CnxNE.roa
Signing time:             Sat 01 Jan 2022 10:57:17 +0000
ROA not before:           Sat 01 Jan 2022 10:57:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39855
IP address blocks:        212.124.68.0/22 maxlen: 24
                          212.124.76.0/22 maxlen: 24
                          212.124.72.0/22 maxlen: 24
                          212.124.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209890252 (0xc82abcc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Jan  1 10:57:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=138555bc9eb46cc9bbd876682f01908b60a7c4d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c1:ae:f1:83:0b:b4:e9:db:ba:1a:51:7a:14:
                    12:71:cf:15:0e:93:dd:3d:09:36:0b:23:8f:53:fd:
                    ce:1c:74:c5:1e:a6:c1:1d:05:a4:ba:0d:14:f7:40:
                    f1:3e:3d:ab:a9:10:dd:13:d9:ca:19:ba:e1:42:a1:
                    7e:23:e0:e9:53:c3:29:33:f8:df:f3:98:21:04:dd:
                    1e:2b:cb:58:98:ff:3b:99:90:e3:83:9e:a0:37:21:
                    f8:c9:07:2a:28:64:35:8d:2e:95:36:c5:a3:de:d8:
                    2f:91:bc:c7:98:66:9c:29:8f:54:22:a3:c5:0f:06:
                    f6:94:fb:f3:ed:64:68:9d:07:b6:64:6e:b4:9f:8f:
                    50:c3:bb:6d:fb:61:df:9d:7c:18:1a:80:38:8f:c3:
                    3b:42:28:f8:bb:54:2e:de:ab:34:9f:fe:13:42:31:
                    9c:a3:1b:48:0e:1f:df:5e:ef:50:77:65:b7:70:e4:
                    6b:97:f8:c4:81:6e:34:9e:4d:c6:9a:79:3b:7f:4a:
                    64:03:67:75:c0:a6:0e:7f:0a:0d:92:e6:4e:3e:e2:
                    37:86:08:ba:29:80:73:f2:65:99:5e:d9:45:11:70:
                    c7:4a:99:ad:a4:b3:44:50:64:3c:41:95:2a:10:9c:
                    d9:3a:94:a5:9a:8a:19:23:5a:4c:ca:9c:dd:8b:00:
                    36:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:85:55:BC:9E:B4:6C:C9:BB:D8:76:68:2F:01:90:8B:60:A7:C4:D1
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/E4VVvJ60bMm72HZoLwGQi2CnxNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.68.0-212.124.79.255
                  212.124.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:c8:c4:45:12:a4:eb:69:7a:ab:a6:bc:8f:3b:15:fa:b8:28:
         33:bc:b3:88:0f:a3:2b:38:a0:e7:72:8c:cc:99:14:3b:68:9b:
         02:84:32:9d:93:58:70:3d:0a:0b:9c:09:10:3a:ba:11:d8:4d:
         c2:61:dd:9a:1c:c5:15:72:84:8a:45:a9:35:50:93:46:5a:dc:
         63:24:5a:17:96:92:16:49:fd:6b:00:91:b2:f3:38:0e:81:1a:
         ae:cd:4e:89:a3:68:b5:18:c8:40:17:33:70:7c:b7:e3:6a:53:
         d0:55:4d:68:21:89:e7:5c:6a:21:52:a7:33:48:c5:f7:2e:5b:
         dc:4e:19:9b:fa:7f:92:2a:ac:56:e0:b4:03:10:dc:69:b6:ee:
         0e:52:69:fe:44:36:a6:2e:0c:45:9a:de:69:11:34:30:27:85:
         3f:e1:1b:bc:27:57:73:c3:d7:7f:64:8c:bf:4a:17:46:80:6b:
         80:84:e9:e5:d7:88:f3:ca:4d:35:b2:2b:5b:1a:e9:47:8d:8b:
         cb:09:33:a6:72:98:69:30:33:de:12:4b:3c:38:82:e6:e5:7a:
         f4:7c:4c:d1:bc:73:4f:1c:29:97:21:0a:09:46:97:11:d2:6b:
         45:1c:0d:94:a8:57:57:79:f6:59:f5:69:3b:5c:51:46:88:96:
         27:93:52:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEDIKrzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDEw
MTEwNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM4NTU1YmM5ZWI0
NmNjOWJiZDg3NjY4MmYwMTkwOGI2MGE3YzRkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTBrvGDC7Tp27oaUXoUEnHPFQ6T3T0JNgsjj1P9zhx0xR6m
wR0FpLoNFPdA8T49q6kQ3RPZyhm64UKhfiPg6VPDKTP43/OYIQTdHivLWJj/O5mQ
44OeoDch+MkHKihkNY0ulTbFo97YL5G8x5hmnCmPVCKjxQ8G9pT78+1kaJ0HtmRu
tJ+PUMO7bfth3518GBqAOI/DO0Io+LtULt6rNJ/+E0IxnKMbSA4f317vUHdlt3Dk
a5f4xIFuNJ5Nxpp5O39KZANndcCmDn8KDZLmTj7iN4YIuimAc/JlmV7ZRRFwx0qZ
raSzRFBkPEGVKhCc2TqUpZqKGSNaTMqc3YsANtECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQThVW8nrRsybvYdmgvAZCLYKfE0TAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
L0U0VlZ2SjYwYk1tNzJIWm9Md0dRaTJDbnhORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQC1HxEAwQE1HxAAwQA1HxcMA0G
CSqGSIb3DQEBCwUAA4IBAQAzyMRFEqTraXqrpryPOxX6uCgzvLOID6MrOKDncozM
mRQ7aJsChDKdk1hwPQoLnAkQOroR2E3CYd2aHMUVcoSKRak1UJNGWtxjJFoXlpIW
Sf1rAJGy8zgOgRquzU6Jo2i1GMhAFzNwfLfjalPQVU1oIYnnXGohUqczSMX3Llvc
Thmb+n+SKqxW4LQDENxptu4OUmn+RDamLgxFmt5pETQwJ4U/4Ru8J1dzw9d/ZIy/
ShdGgGuAhOnl14jzyk01sitbGulHjYvLCTOmcphpMDPeEks8OILm5Xr0fEzRvHNP
HCmXIQoJRpcR0mtFHA2UqFdXefZZ9Wk7XFFGiJYnk1Jm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org