Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/3YiCRLulAJWyuZrhg18vhbQm75k.roa
File:                     3YiCRLulAJWyuZrhg18vhbQm75k.roa (raw, json)
Hash identifier:          3+iUz+uYzvhL7OpC04fGyW5v/IN6sDPwAHd2+eIqetE=
Subject key identifier:   DD:88:82:44:BB:A5:00:95:B2:B9:9A:E1:83:5F:2F:85:B4:26:EF:99
Certificate issuer:       /CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Certificate serial:       059CE4D6
Authority key identifier: 4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/3YiCRLulAJWyuZrhg18vhbQm75k.roa
Signing time:             Sat 01 Jan 2022 15:58:52 +0000
ROA not before:           Sat 01 Jan 2022 15:58:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29453
IP address blocks:        195.140.164.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94168278 (0x59ce4d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
        Validity
            Not Before: Jan  1 15:58:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd888244bba50095b2b99ae1835f2f85b426ef99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:4f:7d:92:54:cb:17:a9:1a:60:03:68:05:85:
                    2c:9a:fe:25:a9:86:68:e9:0f:86:aa:1f:27:11:c9:
                    8c:8c:e1:f5:af:d6:56:a7:e3:1e:cc:81:90:12:49:
                    65:e9:e9:ee:f1:29:e5:4f:d7:fb:81:ac:b7:55:4a:
                    b9:e0:e1:c8:81:f0:27:45:69:e1:60:5e:6b:73:1f:
                    07:0f:a1:6e:ae:4c:ca:77:99:d5:68:17:f7:2e:e3:
                    ed:f2:d5:5b:b3:55:9e:e9:22:61:da:40:25:d9:9b:
                    ca:7b:a4:d6:7c:00:6e:25:37:cc:10:3f:3d:6f:13:
                    78:49:d3:28:4a:04:34:98:a4:d4:7b:4f:f2:f6:9a:
                    9e:50:ba:0b:bc:be:dc:75:bc:43:75:95:73:3d:84:
                    df:05:3a:40:55:85:bd:9d:38:2c:7a:f3:c8:57:0f:
                    b7:34:ac:0e:44:c3:f5:bb:e3:f9:b1:ac:b5:d9:6b:
                    3c:ed:8d:14:f5:65:12:69:79:a6:ca:df:60:4f:b9:
                    a1:87:5a:2a:1f:11:ec:8f:cd:be:3f:f6:75:44:53:
                    9a:de:9d:60:4d:7e:31:30:b7:82:73:2d:2a:cf:53:
                    ab:76:4d:6d:e3:e9:23:a2:ea:ba:b1:c1:ae:37:ce:
                    b3:d1:90:9b:81:30:3d:11:96:5b:84:1d:91:d1:49:
                    97:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:88:82:44:BB:A5:00:95:B2:B9:9A:E1:83:5F:2F:85:B4:26:EF:99
            X509v3 Authority Key Identifier:
                keyid:4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/3YiCRLulAJWyuZrhg18vhbQm75k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.140.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:fc:d9:8d:cf:5a:0f:aa:bb:7a:e7:27:c8:60:79:36:7a:e8:
         76:fd:ff:56:83:90:38:8c:06:17:7c:dc:83:65:8c:52:cb:70:
         22:99:28:cc:b3:68:d4:ba:30:ad:6b:90:4e:48:f9:c9:3e:e0:
         04:dd:b1:ac:a4:16:e1:b4:e7:da:68:94:1e:24:c2:7e:32:d9:
         a7:d9:9b:89:12:1d:f9:5f:e1:e1:15:37:0d:b1:5e:c0:4e:12:
         b1:e6:8d:b0:29:f5:81:5c:99:44:3e:f0:09:89:8a:24:e2:d2:
         4d:db:d7:19:cf:ba:3a:d5:9b:87:17:fe:f6:9b:1e:16:9e:c1:
         b0:b9:4e:4b:b1:5c:0d:9c:c3:b0:30:b3:79:5d:e2:7c:50:a5:
         86:b8:f5:a1:29:83:d0:74:79:42:90:37:da:0f:41:08:e3:d6:
         25:be:73:d8:16:38:26:59:b3:3a:ec:cc:7c:df:99:3e:c1:f3:
         42:f8:88:6c:40:2e:b2:6e:15:bc:55:36:45:4f:37:e6:cc:c2:
         5d:15:fc:0d:60:da:c8:d1:90:ef:22:99:f2:b0:b3:3f:75:1d:
         a3:45:fe:89:50:50:8e:6c:c8:b8:50:d4:9e:a7:e7:d3:23:83:
         2a:94:a2:0b:1b:5c:7c:c4:19:29:e4:e6:42:31:75:3e:4c:7a:
         9c:e3:6c:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZzk1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTdhOTE3ZGRjZmMyNmU4Yzg3YjMwODU4YjZmMDdmMjlhM2RiNDNlMB4XDTIyMDEw
MTE1NTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ4ODgyNDRiYmE1
MDA5NWIyYjk5YWUxODM1ZjJmODViNDI2ZWY5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORPfZJUyxepGmADaAWFLJr+JamGaOkPhqofJxHJjIzh9a/W
VqfjHsyBkBJJZenp7vEp5U/X+4Gst1VKueDhyIHwJ0Vp4WBea3MfBw+hbq5MyneZ
1WgX9y7j7fLVW7NVnukiYdpAJdmbynuk1nwAbiU3zBA/PW8TeEnTKEoENJik1HtP
8vaanlC6C7y+3HW8Q3WVcz2E3wU6QFWFvZ04LHrzyFcPtzSsDkTD9bvj+bGstdlr
PO2NFPVlEml5psrfYE+5oYdaKh8R7I/Nvj/2dURTmt6dYE1+MTC3gnMtKs9Tq3ZN
bePpI6LqurHBrjfOs9GQm4EwPRGWW4QdkdFJlxsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdiIJEu6UAlbK5muGDXy+FtCbvmTAfBgNVHSMEGDAWgBRKepF93Pwm6Mh7
MIWLbwfymj20PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NucVJmZHo4SnVqSWV6Q0ZpMjhIOHBvOXRENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMzRjMmJiLTc5ZWEtNGYzOS1hYzgyLTgyMDE2ZGU0MjIxMi8x
LzNZaUNSTHVsQUpXeXVacmhnMTh2aGJRbTc1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MzRjMmJiLTc5ZWEtNGYzOS1hYzgyLTgyMDE2ZGU0MjIxMi8xL1NucVJmZHo4SnVq
SWV6Q0ZpMjhIOHBvOXRENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsOMpDANBgkqhkiG9w0BAQsFAAOC
AQEAQ/zZjc9aD6q7eucnyGB5Nnrodv3/VoOQOIwGF3zcg2WMUstwIpkozLNo1Low
rWuQTkj5yT7gBN2xrKQW4bTn2miUHiTCfjLZp9mbiRId+V/h4RU3DbFewE4SseaN
sCn1gVyZRD7wCYmKJOLSTdvXGc+6OtWbhxf+9pseFp7BsLlOS7FcDZzDsDCzeV3i
fFClhrj1oSmD0HR5QpA32g9BCOPWJb5z2BY4JlmzOuzMfN+ZPsHzQviIbEAusm4V
vFU2RU835szCXRX8DWDayNGQ7yKZ8rCzP3Udo0X+iVBQjmzIuFDUnqfn0yODKpSi
CxtcfMQZKeTmQjF1Pkx6nONsUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:01 2024 by rpki-client on console-ams.rpki-client.org