Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/YNxIEIb3cV8rUJQYWQtg1H2Jja4.roa
File:                     YNxIEIb3cV8rUJQYWQtg1H2Jja4.roa (raw, json)
Hash identifier:          vzK4xHpQmGtEKEE3nhkLHuBXOMTD4PKd+e5wFPI9VoQ=
Subject key identifier:   60:DC:48:10:86:F7:71:5F:2B:50:94:18:59:0B:60:D4:7D:89:8D:AE
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       0CDFCE43
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/YNxIEIb3cV8rUJQYWQtg1H2Jja4.roa
Signing time:             Tue 08 Feb 2022 08:26:44 +0000
ROA not before:           Tue 08 Feb 2022 08:26:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54103
IP address blocks:        212.124.85.0/24 maxlen: 24
                          212.124.80.0/22 maxlen: 24
                          212.124.84.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215993923 (0xcdfce43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Feb  8 08:26:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=60dc481086f7715f2b509418590b60d47d898dae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:14:bc:95:e3:c8:16:e7:15:61:a2:30:ca:0e:
                    95:10:71:00:6e:99:99:40:1f:d3:e4:76:dc:d9:2e:
                    d2:71:5f:5d:50:b7:01:2b:ed:3f:4d:77:24:a6:24:
                    80:93:83:35:30:75:7a:44:ae:09:67:a4:d7:98:e1:
                    ac:fc:6d:ad:c5:05:3c:dd:ae:ad:11:a3:f5:d3:3b:
                    4a:f8:f8:cf:4a:13:de:a9:84:0e:11:01:61:d6:c5:
                    e6:b2:1e:9f:d8:1e:c0:88:e9:be:1c:0a:97:4b:b2:
                    05:4a:02:c9:41:36:39:52:89:e3:e1:5e:3b:64:ea:
                    8f:23:48:28:9f:cd:cd:73:e0:f9:c9:b4:03:73:eb:
                    0f:7b:0b:91:60:5c:73:6a:c4:cf:b9:cc:6c:89:9f:
                    de:88:d4:e4:84:b0:29:fa:c6:83:2d:f9:86:21:93:
                    86:31:d1:8f:3f:9d:f9:5c:09:fb:e6:23:f6:80:01:
                    6d:27:f3:e8:7a:65:21:78:ce:0c:2d:51:33:94:16:
                    7b:0a:f2:38:6d:fc:2e:e2:2a:3c:bc:91:f9:74:45:
                    06:d7:cf:29:44:d8:a5:76:1d:7e:9a:a7:9b:32:cb:
                    73:b2:b7:98:d3:62:1b:e9:26:4e:29:a3:5c:39:1c:
                    0b:eb:bb:73:58:4d:33:82:73:b1:e0:68:5d:0a:53:
                    04:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:DC:48:10:86:F7:71:5F:2B:50:94:18:59:0B:60:D4:7D:89:8D:AE
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/YNxIEIb3cV8rUJQYWQtg1H2Jja4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.80.0-212.124.85.255

    Signature Algorithm: sha256WithRSAEncryption
         51:db:b5:7e:75:ce:e7:c8:90:92:06:18:8a:f8:3d:0c:b3:86:
         2e:d2:dd:8f:fb:cb:61:56:8a:25:2b:ec:0c:ce:69:aa:03:9b:
         24:3c:31:ca:72:e5:dc:b1:fe:48:30:a1:09:e0:1b:2d:50:b6:
         26:68:e0:3f:3a:ae:a3:b5:6e:e2:ff:63:ae:8c:10:9f:f9:a6:
         52:45:b2:71:e1:c3:50:10:cd:ba:49:b7:1a:fc:fd:92:35:d2:
         7f:e7:df:6d:29:ab:63:49:de:98:0c:13:14:b1:7f:05:49:32:
         83:1f:74:29:c6:d6:eb:8a:15:4a:73:d5:aa:25:7b:b6:f1:23:
         45:c0:00:7b:0f:2f:24:c5:9e:71:7f:d5:f1:39:3a:75:4c:f4:
         d7:93:f6:d4:4a:bc:20:ac:d5:5c:4d:8e:af:33:0e:ae:19:d1:
         c4:e2:1f:42:c7:e8:f1:4c:f9:3a:ee:94:4c:5c:a4:06:f6:8e:
         d5:c2:a4:d5:f5:7a:39:00:51:6a:8a:e5:8e:83:6f:2c:7d:43:
         11:8e:e8:47:dd:6b:23:2f:0c:fe:e4:d7:65:5c:05:7a:bb:87:
         66:6c:fe:46:4b:bc:40:e1:6b:cf:14:ab:ff:e8:39:03:52:13:
         e8:8a:22:64:7f:38:0e:b6:81:18:79:13:7a:e4:ab:65:85:4a:
         93:16:a0:47
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDN/OQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDIw
ODA4MjY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBkYzQ4MTA4NmY3
NzE1ZjJiNTA5NDE4NTkwYjYwZDQ3ZDg5OGRhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4UvJXjyBbnFWGiMMoOlRBxAG6ZmUAf0+R23Nku0nFfXVC3
ASvtP013JKYkgJODNTB1ekSuCWek15jhrPxtrcUFPN2urRGj9dM7Svj4z0oT3qmE
DhEBYdbF5rIen9gewIjpvhwKl0uyBUoCyUE2OVKJ4+FeO2TqjyNIKJ/NzXPg+cm0
A3PrD3sLkWBcc2rEz7nMbImf3ojU5ISwKfrGgy35hiGThjHRjz+d+VwJ++Yj9oAB
bSfz6HplIXjODC1RM5QWewryOG38LuIqPLyR+XRFBtfPKUTYpXYdfpqnmzLLc7K3
mNNiG+kmTimjXDkcC+u7c1hNM4JzseBoXQpTBFsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRg3EgQhvdxXytQlBhZC2DUfYmNrjAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
L1lOeElFSWIzY1Y4clVKUVlXUXRnMUgySmphNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQE1HxQAwQB1HxUMA0GCSqGSIb3
DQEBCwUAA4IBAQBR27V+dc7nyJCSBhiK+D0Ms4Yu0t2P+8thVoolK+wMzmmqA5sk
PDHKcuXcsf5IMKEJ4BstULYmaOA/Oq6jtW7i/2OujBCf+aZSRbJx4cNQEM26Sbca
/P2SNdJ/599tKatjSd6YDBMUsX8FSTKDH3QpxtbrihVKc9WqJXu28SNFwAB7Dy8k
xZ5xf9XxOTp1TPTXk/bUSrwgrNVcTY6vMw6uGdHE4h9Cx+jxTPk67pRMXKQG9o7V
wqTV9Xo5AFFqiuWOg28sfUMRjuhH3WsjLwz+5NdlXAV6u4dmbP5GS7xA4WvPFKv/
6DkDUhPoiiJkfzgOtoEYeRN65KtlhUqTFqBH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org