Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3xrs60NbQfOuT4elkw5Uj48hI2Q.roa
File:                     3xrs60NbQfOuT4elkw5Uj48hI2Q.roa (raw, json)
Hash identifier:          L1fyOsWpgAiilTVuQ6kwHL4vyhGEzjR1CFnYJ/Qx/a0=
Subject key identifier:   DF:1A:EC:EB:43:5B:41:F3:AE:4F:87:A5:93:0E:54:8F:8F:21:23:64
Certificate issuer:       /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial:       0183EAB40C34DB2BE53060EE4DF2CD32A1C5
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3xrs60NbQfOuT4elkw5Uj48hI2Q.roa
Signing time:             Tue 18 Oct 2022 10:46:51 +0000
ROA not before:           Tue 18 Oct 2022 10:46:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13287
IP address blocks:        193.246.156.0/23 maxlen: 23
                          193.246.154.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ea:b4:0c:34:db:2b:e5:30:60:ee:4d:f2:cd:32:a1:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
        Validity
            Not Before: Oct 18 10:46:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df1aeceb435b41f3ae4f87a5930e548f8f212364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7b:ab:52:f5:fb:c5:47:11:e4:25:19:99:7f:
                    2e:67:8e:8a:3e:56:e5:be:88:1f:fe:5d:8e:6f:bb:
                    46:a4:27:46:fe:7c:45:32:d5:2d:a7:3c:4e:e3:f2:
                    e5:c7:94:87:8c:17:ec:29:76:c5:61:06:5a:4f:64:
                    c4:40:84:22:fe:41:26:99:1a:5e:25:4f:bf:1e:3c:
                    6b:a7:49:1c:2d:87:a6:f0:9b:9f:c3:11:f1:ec:37:
                    5b:d4:75:08:cb:98:8a:94:dd:f4:c9:36:39:11:66:
                    2e:18:b8:91:46:e1:17:6e:a7:7e:36:75:c4:c2:ae:
                    77:e4:f5:02:7d:fc:dd:d3:0a:27:60:45:e2:4e:3c:
                    cd:89:41:99:0d:c8:89:47:f1:1b:1d:2a:af:ed:7e:
                    21:f8:b5:f0:15:75:33:31:0a:fe:a0:ab:01:88:99:
                    dc:e7:5e:4e:bd:89:03:a2:5d:e1:c7:07:63:9c:ab:
                    cf:34:9f:76:2f:f0:98:aa:2f:2e:bc:56:80:c5:fc:
                    57:1f:93:a4:b6:09:ee:83:de:d4:6d:9b:cf:4a:c0:
                    7d:69:3d:5f:aa:9e:4f:5c:03:3b:9c:b8:b6:c1:c9:
                    97:f0:ed:3d:5b:b1:43:66:b2:e6:b5:b8:e6:2c:7d:
                    67:2e:4a:15:ca:85:b2:b1:1a:72:2e:2a:12:09:b8:
                    9d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1A:EC:EB:43:5B:41:F3:AE:4F:87:A5:93:0E:54:8F:8F:21:23:64
            X509v3 Authority Key Identifier:
                keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/3xrs60NbQfOuT4elkw5Uj48hI2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.246.154.0-193.246.157.255

    Signature Algorithm: sha256WithRSAEncryption
         06:0e:c4:9b:09:29:8c:90:ad:fc:e0:93:0a:63:1c:d3:8d:7f:
         0d:73:28:88:66:dd:31:24:66:aa:ce:34:e7:bc:8c:b4:86:2e:
         34:68:cf:34:11:95:a8:bd:09:0d:1e:c4:f2:5e:5e:ee:97:ce:
         e8:d1:4c:56:6c:cc:60:8d:51:4b:bb:41:72:d5:e5:89:29:e4:
         38:0b:f1:cb:09:e3:d2:db:30:48:d2:0f:50:7a:db:b9:e2:9b:
         ef:1b:47:88:68:14:ca:03:f9:17:07:60:8e:b1:0f:1b:9f:bc:
         57:e0:18:1e:c0:34:23:e1:20:6e:80:0b:56:6a:4d:b2:8a:33:
         ba:96:2f:a1:76:c0:c1:fb:fa:4b:bb:fa:17:4c:ec:58:f0:be:
         9c:ec:00:ed:a6:1a:a8:88:3a:3b:bd:96:63:8a:c2:cc:5e:53:
         fd:d9:28:53:cb:ff:2f:b2:af:c2:56:24:f7:72:96:f7:e1:4f:
         fe:17:50:a8:28:54:2c:93:b5:70:0c:ee:8d:61:fd:df:cb:28:
         11:01:dc:8b:bf:e7:6f:ac:e9:2e:c6:fe:40:31:75:1b:8b:8a:
         20:cc:d6:b8:1c:67:43:e2:17:63:46:c2:49:ea:92:31:87:6e:
         c9:f7:2c:a1:8a:cc:61:ec:01:ad:e3:f3:6a:dc:dc:6d:ba:28:
         47:71:6a:b3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYPqtAw02yvlMGDuTfLNMqHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDE4MTA0NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFhZWNlYjQzNWI0MWYzYWU0Zjg3YTU5MzBlNTQ4ZjhmMjEyMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3urUvX7xUcR5CUZmX8uZ46KPlbl
vogf/l2Ob7tGpCdG/nxFMtUtpzxO4/Llx5SHjBfsKXbFYQZaT2TEQIQi/kEmmRpe
JU+/Hjxrp0kcLYem8JufwxHx7Ddb1HUIy5iKlN30yTY5EWYuGLiRRuEXbqd+NnXE
wq535PUCffzd0wonYEXiTjzNiUGZDciJR/EbHSqv7X4h+LXwFXUzMQr+oKsBiJnc
515OvYkDol3hxwdjnKvPNJ92L/CYqi8uvFaAxfxXH5Oktgnug97UbZvPSsB9aT1f
qp5PXAM7nLi2wcmX8O09W7FDZrLmtbjmLH1nLkoVyoWysRpyLioSCbidPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN8a7OtDW0Hzrk+HpZMOVI+PISNkMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvM3hyczYwTmJRZk91VDRlbGt3NVVqNDhoSTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHB9poD
BAHB9pwwDQYJKoZIhvcNAQELBQADggEBAAYOxJsJKYyQrfzgkwpjHNONfw1zKIhm
3TEkZqrONOe8jLSGLjRozzQRlai9CQ0exPJeXu6XzujRTFZszGCNUUu7QXLV5Ykp
5DgL8csJ49LbMEjSD1B627nim+8bR4hoFMoD+RcHYI6xDxufvFfgGB7ANCPhIG6A
C1ZqTbKKM7qWL6F2wMH7+ku7+hdM7FjwvpzsAO2mGqiIOju9lmOKwsxeU/3ZKFPL
/y+yr8JWJPdylvfhT/4XUKgoVCyTtXAM7o1h/d/LKBEB3Iu/52+s6S7G/kAxdRuL
iiDM1rgcZ0PiF2NGwknqkjGHbsn3LKGKzGHsAa3j82rc3G26KEdxarM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org