Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/T6po2NcC8B8H31UVyuewrDU48ss.roa
File:                     T6po2NcC8B8H31UVyuewrDU48ss.roa (raw, json)
Hash identifier:          ENzT9sbxhFUNL8LINAMpW8jyikhRt0HB+AVgT9KzQcs=
Subject key identifier:   4F:AA:68:D8:D7:02:F0:1F:07:DF:55:15:CA:E7:B0:AC:35:38:F2:CB
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       0C84145C
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/T6po2NcC8B8H31UVyuewrDU48ss.roa
Signing time:             Sat 01 Jan 2022 10:57:18 +0000
ROA not before:           Sat 01 Jan 2022 10:57:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48806
IP address blocks:        212.124.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209982556 (0xc84145c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Jan  1 10:57:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4faa68d8d702f01f07df5515cae7b0ac3538f2cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5e:a4:68:fc:06:09:e4:56:2c:50:f7:4e:91:
                    10:fb:ba:7d:5d:b7:e4:6d:25:c9:55:55:d5:a6:c8:
                    b0:d7:6a:08:7c:4f:e8:30:42:4a:92:ab:88:65:51:
                    be:cd:73:24:68:43:33:84:c8:95:9c:42:15:e7:7a:
                    04:31:8a:0f:00:28:64:cf:4b:5f:04:fb:bb:64:b7:
                    bf:ce:15:7e:1f:8c:2c:45:20:51:98:7f:61:1f:55:
                    2c:d3:e7:20:90:f9:d9:6b:c4:1e:1d:7d:88:b3:39:
                    d9:22:1b:eb:b7:8a:e2:0f:66:01:ea:e8:6e:8e:bc:
                    ae:d0:b1:99:5a:dc:1b:ff:5d:ac:33:99:81:7a:c1:
                    0b:70:76:20:c8:f7:b3:7a:d9:e5:aa:0a:8e:b2:0d:
                    d2:36:fa:49:8e:09:67:ec:e5:b2:3e:ad:61:05:31:
                    06:d0:e2:7b:35:a8:de:79:67:bf:73:fd:64:e9:00:
                    e7:d1:f7:22:dc:7d:a3:5e:66:e9:de:15:94:b7:79:
                    dc:54:5b:0f:93:b4:01:d9:97:0b:80:33:58:7b:f9:
                    cb:11:fd:2b:4a:d8:02:59:3f:dd:5e:5c:30:bc:2d:
                    87:e7:be:1f:d4:18:79:48:3b:58:7c:91:4f:05:a6:
                    13:dc:ea:b1:c4:0a:a9:ec:0b:32:11:9a:aa:5f:25:
                    aa:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AA:68:D8:D7:02:F0:1F:07:DF:55:15:CA:E7:B0:AC:35:38:F2:CB
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/T6po2NcC8B8H31UVyuewrDU48ss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:9f:fc:1e:97:c3:cc:5c:d9:4b:7a:28:48:f2:d0:ee:f9:7f:
         c9:07:64:9a:65:26:74:64:76:54:7a:a3:b3:e6:bc:de:47:e3:
         75:db:59:a0:1f:93:4e:8a:b5:a2:1d:05:26:0b:c1:9f:2e:46:
         fe:f3:3d:fd:de:25:d9:a6:91:40:0e:dc:0c:db:66:49:28:03:
         b1:02:ad:39:63:64:f6:9b:3d:ef:1a:ea:41:e9:90:c2:7a:5f:
         10:3a:ff:9b:9c:99:09:93:1e:90:b2:91:e2:84:e8:06:75:7b:
         5d:59:9f:9a:f0:4d:45:02:fd:3d:66:52:ba:34:89:c5:bd:01:
         eb:cb:e5:77:72:06:af:79:52:49:fa:89:cb:4d:b1:f3:25:69:
         c9:62:13:24:24:d3:5f:e0:ff:ee:d9:f2:69:3b:60:1d:29:a6:
         7b:19:4a:d8:1f:52:a7:61:6f:b6:32:c6:2c:04:33:3a:8a:df:
         ec:c9:79:22:8a:09:c8:50:5a:b9:71:5b:31:76:6f:ed:90:09:
         19:52:bf:fe:c6:1c:ac:08:46:dd:45:61:5b:3d:b7:b9:91:4b:
         2c:8b:2a:3f:d2:ed:e5:74:95:4d:4e:d8:cc:e9:b2:07:16:f8:
         fe:b7:63:3f:b4:d5:ce:a0:59:ea:29:5c:72:e7:bb:c5:45:80:
         54:54:c5:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDIQUXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDEw
MTEwNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZhYTY4ZDhkNzAy
ZjAxZjA3ZGY1NTE1Y2FlN2IwYWMzNTM4ZjJjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNepGj8BgnkVixQ906REPu6fV235G0lyVVV1abIsNdqCHxP
6DBCSpKriGVRvs1zJGhDM4TIlZxCFed6BDGKDwAoZM9LXwT7u2S3v84Vfh+MLEUg
UZh/YR9VLNPnIJD52WvEHh19iLM52SIb67eK4g9mAerobo68rtCxmVrcG/9drDOZ
gXrBC3B2IMj3s3rZ5aoKjrIN0jb6SY4JZ+zlsj6tYQUxBtDiezWo3nlnv3P9ZOkA
59H3Itx9o15m6d4VlLd53FRbD5O0AdmXC4AzWHv5yxH9K0rYAlk/3V5cMLwth+e+
H9QYeUg7WHyRTwWmE9zqscQKqewLMhGaql8lqj0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPqmjY1wLwHwffVRXK57CsNTjyyzAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
L1Q2cG8yTmNDOEI4SDMxVVZ5dWV3ckRVNDhzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANR8XTANBgkqhkiG9w0BAQsFAAOC
AQEAWZ/8HpfDzFzZS3ooSPLQ7vl/yQdkmmUmdGR2VHqjs+a83kfjddtZoB+TToq1
oh0FJgvBny5G/vM9/d4l2aaRQA7cDNtmSSgDsQKtOWNk9ps97xrqQemQwnpfEDr/
m5yZCZMekLKR4oToBnV7XVmfmvBNRQL9PWZSujSJxb0B68vld3IGr3lSSfqJy02x
8yVpyWITJCTTX+D/7tnyaTtgHSmmexlK2B9Sp2FvtjLGLAQzOorf7Ml5IooJyFBa
uXFbMXZv7ZAJGVK//sYcrAhG3UVhWz23uZFLLIsqP9Lt5XSVTU7YzOmyBxb4/rdj
P7TVzqBZ6ilccue7xUWAVFTFyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org