Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/duLmLMZ1fK0DweEHqBMVcsuff6Q.roa
File:                     duLmLMZ1fK0DweEHqBMVcsuff6Q.roa (raw, json)
Hash identifier:          Rlx7hFrbFx0oV2BxTOIk+OPd5QSe32s2jT39QYfJwXM=
Subject key identifier:   76:E2:E6:2C:C6:75:7C:AD:03:C1:E1:07:A8:13:15:72:CB:9F:7F:A4
Certificate issuer:       /CN=3d2188ad597b58aaa597003f8f0843496c6c7c93
Certificate serial:       9EFDC9
Authority key identifier: 3D:21:88:AD:59:7B:58:AA:A5:97:00:3F:8F:08:43:49:6C:6C:7C:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PSGIrVl7WKqllwA_jwhDSWxsfJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/duLmLMZ1fK0DweEHqBMVcsuff6Q.roa
Signing time:             Sat 01 Jan 2022 03:02:48 +0000
ROA not before:           Sat 01 Jan 2022 03:02:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33850
IP address blocks:        194.6.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10419657 (0x9efdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2188ad597b58aaa597003f8f0843496c6c7c93
        Validity
            Not Before: Jan  1 03:02:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76e2e62cc6757cad03c1e107a8131572cb9f7fa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f2:26:88:cc:6c:d8:fa:9b:49:04:73:7c:f4:
                    aa:31:9f:c0:3c:e6:ba:0f:8d:45:4e:61:73:d7:e8:
                    7c:79:23:39:f4:71:94:53:29:d8:3f:ec:08:85:22:
                    00:41:79:67:09:17:46:32:b3:5c:cc:69:6d:79:a6:
                    3a:a1:97:ca:98:47:2a:e8:df:da:d0:08:88:40:02:
                    e2:15:72:ee:f8:16:50:c4:aa:9a:a5:5b:20:49:d4:
                    51:e4:07:05:9a:88:82:45:4b:08:73:01:6a:c1:7a:
                    53:6b:bb:dd:14:8f:5a:e1:cf:75:1a:0a:0e:af:b6:
                    b6:5b:bd:b4:7e:4c:f1:bd:11:67:77:9b:02:00:8e:
                    4e:1a:36:c2:66:cf:ec:63:79:5f:20:4a:1a:97:35:
                    d6:bc:94:b3:8b:bf:8b:53:b0:50:72:31:c2:47:b3:
                    90:04:be:c5:a7:74:d2:5c:63:50:6b:eb:65:f4:23:
                    14:11:73:77:71:e4:2f:ab:2f:47:d2:01:a4:16:74:
                    d1:fb:cd:33:bf:b4:61:7a:b8:ae:db:f2:22:24:6b:
                    ba:1a:4b:99:44:1c:28:ad:d1:ac:16:8d:ca:e0:64:
                    d8:49:b5:80:73:59:80:96:df:a7:df:57:cd:98:02:
                    86:00:50:d6:f6:e6:61:d8:4f:10:16:e2:72:21:27:
                    bc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:E2:E6:2C:C6:75:7C:AD:03:C1:E1:07:A8:13:15:72:CB:9F:7F:A4
            X509v3 Authority Key Identifier:
                keyid:3D:21:88:AD:59:7B:58:AA:A5:97:00:3F:8F:08:43:49:6C:6C:7C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSGIrVl7WKqllwA_jwhDSWxsfJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/duLmLMZ1fK0DweEHqBMVcsuff6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/PSGIrVl7WKqllwA_jwhDSWxsfJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.6.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:29:47:f7:e8:2d:2a:87:7f:b8:4f:2c:44:c1:a8:3c:8d:a7:
         90:c4:f8:42:81:39:65:d3:f0:d5:f1:9e:8f:95:58:3c:11:2d:
         87:96:9c:5e:21:b7:b5:3c:5d:06:9b:60:45:64:ab:55:7a:50:
         21:45:2a:61:c1:97:2c:ef:5f:65:c7:6d:d6:b6:9c:6a:62:a0:
         4b:d0:73:94:51:de:f8:90:22:48:45:1d:69:40:c8:f5:72:48:
         7e:c2:81:e4:56:4f:79:29:3c:1a:33:0f:91:5c:46:c5:8a:ad:
         c3:0d:ad:59:f7:45:75:3e:67:75:7f:94:57:5e:ea:36:5b:ca:
         e9:09:fc:0c:f7:39:82:15:2e:4f:3e:35:2a:21:77:16:e5:76:
         f1:26:63:1d:b8:c8:2d:2f:1f:16:84:29:41:c4:c2:b8:2b:61:
         91:71:0b:97:d2:ca:76:f7:15:6d:37:24:1f:6c:84:7e:89:2e:
         b6:eb:dd:fe:92:5d:77:93:5c:96:f6:f5:e1:52:be:c5:60:80:
         d7:68:ca:aa:43:78:2e:5f:fa:2a:cc:ed:bb:c0:e7:e6:05:2e:
         c0:9b:43:fc:23:88:e0:c5:c6:a6:a8:e4:ea:69:d7:f2:6a:aa:
         76:d6:e2:2c:85:8d:87:ef:5a:a0:76:39:97:9b:66:71:dd:d1:
         53:2a:1b:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ79yTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDIxODhhZDU5N2I1OGFhYTU5NzAwM2Y4ZjA4NDM0OTZjNmM3YzkzMB4XDTIyMDEw
MTAzMDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZlMmU2MmNjNjc1
N2NhZDAzYzFlMTA3YTgxMzE1NzJjYjlmN2ZhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTyJojMbNj6m0kEc3z0qjGfwDzmug+NRU5hc9fofHkjOfRx
lFMp2D/sCIUiAEF5ZwkXRjKzXMxpbXmmOqGXyphHKujf2tAIiEAC4hVy7vgWUMSq
mqVbIEnUUeQHBZqIgkVLCHMBasF6U2u73RSPWuHPdRoKDq+2tlu9tH5M8b0RZ3eb
AgCOTho2wmbP7GN5XyBKGpc11ryUs4u/i1OwUHIxwkezkAS+xad00lxjUGvrZfQj
FBFzd3HkL6svR9IBpBZ00fvNM7+0YXq4rtvyIiRruhpLmUQcKK3RrBaNyuBk2Em1
gHNZgJbfp99XzZgChgBQ1vbmYdhPEBbiciEnvLUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR24uYsxnV8rQPB4QeoExVyy59/pDAfBgNVHSMEGDAWgBQ9IYitWXtYqqWX
AD+PCENJbGx8kzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BTR0lyVmw3V0txbGx3QV9qd2hEU1d4c2ZKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvM2JmZDBhLTAxN2YtNDgxZi1iNjc2LWJjMzZmZWViOTBiMy8x
L2R1TG1MTVoxZkswRHdlRUhxQk1WY3N1ZmY2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
M2JmZDBhLTAxN2YtNDgxZi1iNjc2LWJjMzZmZWViOTBiMy8xL1BTR0lyVmw3V0tx
bGx3QV9qd2hEU1d4c2ZKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIG7TANBgkqhkiG9w0BAQsFAAOC
AQEAXylH9+gtKod/uE8sRMGoPI2nkMT4QoE5ZdPw1fGej5VYPBEth5acXiG3tTxd
BptgRWSrVXpQIUUqYcGXLO9fZcdt1racamKgS9BzlFHe+JAiSEUdaUDI9XJIfsKB
5FZPeSk8GjMPkVxGxYqtww2tWfdFdT5ndX+UV17qNlvK6Qn8DPc5ghUuTz41KiF3
FuV28SZjHbjILS8fFoQpQcTCuCthkXELl9LKdvcVbTckH2yEfokutuvd/pJdd5Nc
lvb14VK+xWCA12jKqkN4Ll/6Ksztu8Dn5gUuwJtD/COI4MXGpqjk6mnX8mqqdtbi
LIWNh+9aoHY5l5tmcd3RUyobGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:53 2024 by rpki-client on console-fra.rpki-client.org