Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/s3OneX-P_-IEYls0I1qNA9EWnHw.roa
File:                     s3OneX-P_-IEYls0I1qNA9EWnHw.roa (raw, json)
Hash identifier:          8AibbkpuZXceC1I5/6BkoxSexUgGkrBAmEAhmhDp0g0=
Subject key identifier:   B3:73:A7:79:7F:8F:FF:E2:04:62:5B:34:23:5A:8D:03:D1:16:9C:7C
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0184AA4F8E09CFF2EAA8225E10639E0AB11E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/s3OneX-P_-IEYls0I1qNA9EWnHw.roa
Signing time:             Thu 24 Nov 2022 15:44:11 +0000
ROA not before:           Thu 24 Nov 2022 15:44:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211252
IP address blocks:        5.105.227.0/24 maxlen: 24
                          5.105.101.0/24 maxlen: 24
                          5.105.110.0/24 maxlen: 24
                          5.105.111.0/24 maxlen: 24
                          5.105.107.0/24 maxlen: 24
                          5.105.219.0/24 maxlen: 24
                          5.105.220.0/24 maxlen: 24
                          5.105.221.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:aa:4f:8e:09:cf:f2:ea:a8:22:5e:10:63:9e:0a:b1:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Nov 24 15:44:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b373a7797f8fffe204625b34235a8d03d1169c7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c1:41:3e:cd:a4:76:bd:00:17:5d:0d:0c:8e:
                    9b:b4:50:fb:91:b3:4d:2a:83:27:c6:8b:5c:1e:13:
                    a9:73:25:a3:3d:e2:b7:d0:b4:ab:12:34:5f:85:c9:
                    a6:2d:f5:94:2f:23:14:7e:8f:31:fc:60:2b:a7:0d:
                    29:9f:9e:b8:ac:69:d1:77:13:fa:5c:5c:c2:c9:03:
                    c8:0b:54:67:cc:57:20:87:43:34:37:4b:82:72:d9:
                    74:67:16:6a:8e:bb:09:b6:d4:b2:a1:90:c2:f8:cd:
                    4b:35:b7:7c:bf:7e:cc:9e:ba:af:f7:e6:32:ad:d1:
                    30:8d:74:03:c7:ab:74:0e:5f:0a:d2:eb:4a:1e:bf:
                    55:a6:48:26:73:ea:16:62:5f:3c:80:db:83:49:60:
                    d8:db:1d:7d:6b:c3:ce:2b:35:9c:9f:e1:68:5e:9d:
                    05:99:33:2e:b0:43:67:60:91:f0:70:9f:19:fc:3c:
                    3b:6a:59:f7:12:11:3d:6e:00:7e:c6:62:1d:66:cd:
                    a9:4d:e2:fc:b1:8c:62:1a:64:44:c5:1d:73:72:88:
                    86:18:82:3c:86:8e:0f:4f:48:b8:04:81:15:75:67:
                    db:dc:af:f6:22:b6:1b:71:f4:c6:a1:0f:9f:c4:f8:
                    9d:f4:59:3b:96:fe:ca:59:f2:30:c2:01:51:e3:c3:
                    fa:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:73:A7:79:7F:8F:FF:E2:04:62:5B:34:23:5A:8D:03:D1:16:9C:7C
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/s3OneX-P_-IEYls0I1qNA9EWnHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.101.0/24
                  5.105.107.0/24
                  5.105.110.0/23
                  5.105.219.0-5.105.221.255
                  5.105.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:13:fd:65:73:74:76:6d:74:ee:5e:da:de:6b:b8:2d:54:cb:
         b6:83:c2:00:51:da:9b:c2:b6:c6:94:bc:ea:10:3d:cd:08:59:
         e5:e4:a5:1e:80:6b:10:2c:73:ca:7c:a2:93:ec:97:50:e7:db:
         ae:a9:34:10:61:49:ae:fc:0b:c3:17:c8:5b:01:a0:97:1f:8b:
         e2:d6:08:2e:59:a5:34:4d:bd:9f:97:04:31:a6:69:3e:95:ba:
         42:8b:65:91:1e:60:5d:90:c8:fd:b3:11:db:50:5c:60:74:05:
         93:d2:14:c2:9b:6a:19:c2:02:38:37:c2:e5:ad:95:cb:51:10:
         f8:cb:d3:de:c9:07:21:cc:53:24:3b:cd:41:fa:56:01:5d:18:
         00:43:3a:80:bb:83:01:57:7b:28:c5:d4:ae:14:07:ef:c5:97:
         48:d1:40:f5:90:39:63:86:8e:f6:52:c6:05:7b:92:e6:5a:5a:
         35:8c:45:90:6e:80:47:2f:21:3e:68:d4:90:dd:4f:82:d7:bd:
         ba:6a:14:b8:1d:6a:27:63:cf:14:60:b0:1d:81:fa:46:39:f4:
         89:68:4d:a0:e1:a4:e0:b3:c2:e7:a7:83:93:e8:d9:6a:99:c6:
         18:d4:19:69:db:5f:35:20:ac:73:19:60:7f:95:ee:2c:76:f5:
         3f:37:3a:84
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSqT44Jz/LqqCJeEGOeCrEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI0MTU0NDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzczYTc3OTdmOGZmZmUyMDQ2MjViMzQyMzVhOGQwM2QxMTY5YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18FBPs2kdr0AF10NDI6btFD7kbNN
KoMnxotcHhOpcyWjPeK30LSrEjRfhcmmLfWULyMUfo8x/GArpw0pn564rGnRdxP6
XFzCyQPIC1RnzFcgh0M0N0uCctl0ZxZqjrsJttSyoZDC+M1LNbd8v37Mnrqv9+Yy
rdEwjXQDx6t0Dl8K0utKHr9Vpkgmc+oWYl88gNuDSWDY2x19a8POKzWcn+FoXp0F
mTMusENnYJHwcJ8Z/Dw7aln3EhE9bgB+xmIdZs2pTeL8sYxiGmRExR1zcoiGGII8
ho4PT0i4BIEVdWfb3K/2IrYbcfTGoQ+fxPid9Fk7lv7KWfIwwgFR48P6MQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLNzp3l/j//iBGJbNCNajQPRFpx8MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvczNPbmVYLVBfLUlFWWxzMEkxcU5BOUVXbkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABWllAwQA
BWlrAwQBBWluMAwDBAAFadsDBAEFadwDBAAFaeMwDQYJKoZIhvcNAQELBQADggEB
AAcT/WVzdHZtdO5e2t5ruC1Uy7aDwgBR2pvCtsaUvOoQPc0IWeXkpR6AaxAsc8p8
opPsl1Dn266pNBBhSa78C8MXyFsBoJcfi+LWCC5ZpTRNvZ+XBDGmaT6VukKLZZEe
YF2QyP2zEdtQXGB0BZPSFMKbahnCAjg3wuWtlctREPjL097JByHMUyQ7zUH6VgFd
GABDOoC7gwFXeyjF1K4UB+/Fl0jRQPWQOWOGjvZSxgV7kuZaWjWMRZBugEcvIT5o
1JDdT4LXvbpqFLgdaidjzxRgsB2B+kY59IloTaDhpOCzwueng5Po2WqZxhjUGWnb
XzUgrHMZYH+V7ix29T83OoQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org