Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3M1WujuiOHEMuf4fAehEn9DOEsY.roa
File:                     3M1WujuiOHEMuf4fAehEn9DOEsY.roa (raw, json)
Hash identifier:          2U+NYkGr4jMZqs4sv7NYP6JE7yXlD0Zjs3l54mKRedY=
Subject key identifier:   DC:CD:56:BA:3B:A2:38:71:0C:B9:FE:1F:01:E8:44:9F:D0:CE:12:C6
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0185392877248F8C973161E17BAFC5DB55DA
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3M1WujuiOHEMuf4fAehEn9DOEsY.roa
Signing time:             Thu 22 Dec 2022 09:27:11 +0000
ROA not before:           Thu 22 Dec 2022 09:27:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399471
IP address blocks:        5.105.22.0/24 maxlen: 24
                          5.105.21.0/24 maxlen: 24
                          5.105.18.0/24 maxlen: 24
                          5.105.36.0/24 maxlen: 24
                          5.105.35.0/24 maxlen: 24
                          5.105.34.0/24 maxlen: 24
                          5.105.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:39:28:77:24:8f:8c:97:31:61:e1:7b:af:c5:db:55:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Dec 22 09:27:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dccd56ba3ba238710cb9fe1f01e8449fd0ce12c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:57:fe:a6:29:fb:02:e3:02:95:f2:88:a6:47:
                    b3:73:92:e0:92:07:20:ec:49:2c:b7:fe:10:55:80:
                    4e:f1:6e:d2:27:5d:64:7c:1a:6c:e5:a7:07:6b:d6:
                    f3:38:9d:a7:9b:68:38:63:db:da:c7:8c:b5:8c:1a:
                    6e:64:c3:57:41:25:bb:a3:c8:bb:b9:2c:bc:fb:94:
                    21:19:0f:99:5f:77:80:98:b2:7e:dc:79:97:ae:a7:
                    1b:51:ad:54:ec:8d:dc:f2:d8:0a:33:b9:c7:ba:23:
                    9c:05:96:05:71:df:c0:76:7e:8c:5d:67:91:90:11:
                    d2:73:93:6f:b3:52:fe:03:87:35:56:54:5a:41:e6:
                    36:d6:eb:a1:67:8b:0a:7a:1f:3d:e9:58:17:78:31:
                    71:57:cb:f8:9e:d0:6b:f8:c7:1e:71:e2:11:69:3a:
                    f3:19:fb:67:bc:81:41:3f:e8:5a:6d:da:15:10:e9:
                    22:a0:1f:39:92:b7:8d:a4:9d:5d:04:3c:9c:81:a4:
                    82:ef:79:84:40:b1:72:49:5c:12:95:a1:7d:38:2b:
                    d2:54:0b:52:f8:48:d3:a2:0e:46:bf:41:40:72:7f:
                    89:05:b5:58:22:34:4c:4e:f0:68:27:0d:13:1d:92:
                    12:4f:93:f6:7e:fb:bd:78:05:99:e6:66:bc:69:e9:
                    4b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:CD:56:BA:3B:A2:38:71:0C:B9:FE:1F:01:E8:44:9F:D0:CE:12:C6
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3M1WujuiOHEMuf4fAehEn9DOEsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.18.0/24
                  5.105.21.0-5.105.22.255
                  5.105.34.0-5.105.37.255

    Signature Algorithm: sha256WithRSAEncryption
         24:14:94:29:c1:97:f0:20:18:f4:a7:94:51:13:7c:c6:75:74:
         bf:68:ae:a6:1a:bf:3b:ca:7a:b5:15:24:d1:8a:d3:a0:8d:b6:
         7d:5e:94:7c:f3:70:ab:b5:d0:4b:a3:d2:a3:c1:2a:f6:8c:1d:
         fd:ec:9f:d2:71:77:03:53:6b:c9:87:99:40:44:58:3f:3c:88:
         a6:6f:26:b6:38:87:40:b7:66:14:03:14:b7:71:b1:56:b6:ee:
         72:fb:86:66:f7:cf:2f:89:e4:9f:53:85:a8:e3:be:05:bf:b0:
         f6:db:13:1c:f8:41:eb:7b:0f:ce:e4:3a:80:38:3e:0d:10:62:
         a2:08:00:dd:11:1a:43:f3:b0:83:32:f9:30:92:c0:11:ff:cc:
         d2:1d:85:0b:89:08:bf:84:83:45:99:8e:a9:f8:15:01:d0:52:
         3b:65:b8:04:cf:24:b9:21:ae:b1:9d:7b:9e:0a:ac:fa:a6:0c:
         d5:50:a0:8f:0d:92:b8:f0:18:ce:d9:97:26:9b:64:d5:10:63:
         e0:2b:37:1e:d8:88:65:94:11:61:8a:1d:fe:ba:cd:df:28:91:
         15:2b:2a:b4:e5:c6:3c:5c:c0:e1:07:c5:d0:b9:33:62:b8:ba:
         3d:01:cc:d8:34:cc:f3:54:65:19:c0:6f:78:9c:0c:ad:f1:be:
         ba:15:3c:3e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYU5KHckj4yXMWHhe6/F21XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjIyMDkyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NkNTZiYTNiYTIzODcxMGNiOWZlMWYwMWU4NDQ5ZmQwY2UxMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFf+pin7AuMClfKIpkezc5Lgkgcg
7Ekst/4QVYBO8W7SJ11kfBps5acHa9bzOJ2nm2g4Y9vax4y1jBpuZMNXQSW7o8i7
uSy8+5QhGQ+ZX3eAmLJ+3HmXrqcbUa1U7I3c8tgKM7nHuiOcBZYFcd/Adn6MXWeR
kBHSc5Nvs1L+A4c1VlRaQeY21uuhZ4sKeh896VgXeDFxV8v4ntBr+MceceIRaTrz
GftnvIFBP+habdoVEOkioB85kreNpJ1dBDycgaSC73mEQLFySVwSlaF9OCvSVAtS
+EjTog5Gv0FAcn+JBbVYIjRMTvBoJw0THZIST5P2fvu9eAWZ5ma8aelLYwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNzNVro7ojhxDLn+HwHoRJ/QzhLGMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvM00xV3VqdWlPSEVNdWY0ZkFlaEVuOURPRXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQABWkSMAwD
BAAFaRUDBAAFaRYwDAMEAQVpIgMEAQVpJDANBgkqhkiG9w0BAQsFAAOCAQEAJBSU
KcGX8CAY9KeUURN8xnV0v2iuphq/O8p6tRUk0YrToI22fV6UfPNwq7XQS6PSo8Eq
9owd/eyf0nF3A1NryYeZQERYPzyIpm8mtjiHQLdmFAMUt3GxVrbucvuGZvfPL4nk
n1OFqOO+Bb+w9tsTHPhB63sPzuQ6gDg+DRBioggA3REaQ/OwgzL5MJLAEf/M0h2F
C4kIv4SDRZmOqfgVAdBSO2W4BM8kuSGusZ17ngqs+qYM1VCgjw2SuPAYztmXJptk
1RBj4Cs3HtiIZZQRYYod/rrN3yiRFSsqtOXGPFzA4QfF0LkzYri6PQHM2DTM81Rl
GcBveJwMrfG+uhU8Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org