Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3ltXgs6NmAPX9g1FZmKlY9jAEIg.roa
File:                     3ltXgs6NmAPX9g1FZmKlY9jAEIg.roa (raw, json)
Hash identifier:          H3uTl869BFwN2LAZTUxU2h+vZTndTOzunQMTiOFWHro=
Subject key identifier:   DE:5B:57:82:CE:8D:98:03:D7:F6:0D:45:66:62:A5:63:D8:C0:10:88
Certificate issuer:       /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial:       018539A99D1D53C8046547DB7D57AA0158B4
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3ltXgs6NmAPX9g1FZmKlY9jAEIg.roa
Signing time:             Thu 22 Dec 2022 11:48:15 +0000
ROA not before:           Thu 22 Dec 2022 11:48:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201389
IP address blocks:        93.179.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:39:a9:9d:1d:53:c8:04:65:47:db:7d:57:aa:01:58:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
        Validity
            Not Before: Dec 22 11:48:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de5b5782ce8d9803d7f60d456662a563d8c01088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6a:1c:8c:29:1f:50:5a:29:c5:5a:4b:00:50:
                    f4:59:53:38:37:5f:8f:4c:18:ee:a0:f5:33:b5:56:
                    66:44:64:49:04:4e:0a:3d:56:52:d1:26:6e:e2:a8:
                    10:e2:08:78:c0:c4:70:c5:09:f4:40:b2:7d:26:ce:
                    95:8a:1d:79:cd:90:b3:b2:aa:10:e8:6b:0a:c2:10:
                    59:05:cc:da:5e:68:a3:1e:31:d3:00:79:61:91:fc:
                    dc:b2:bf:c0:37:11:e1:82:10:23:48:78:59:9d:6a:
                    6f:df:92:b8:e5:74:99:b8:6e:25:5f:7f:5a:fc:c4:
                    76:13:d6:94:e3:62:c3:84:9d:97:44:70:4d:61:cc:
                    0d:17:f9:9f:37:12:b9:11:0e:28:82:4e:3c:49:14:
                    15:5c:74:8a:d5:e5:88:59:8e:a7:7b:3f:2a:9d:a8:
                    78:bf:60:9d:19:ca:fd:ca:a2:3a:77:8d:cb:b2:29:
                    f6:99:56:1f:77:c0:e4:50:b2:c7:b7:61:33:4a:16:
                    79:78:3e:81:ee:ff:c0:0c:21:fc:39:3d:d4:d7:7d:
                    d7:0e:69:d1:80:9b:e7:bf:95:3f:3a:5d:8e:14:60:
                    d7:71:0b:c6:d5:54:cd:11:cf:15:d9:32:7d:37:17:
                    77:db:87:63:f1:2a:d4:9b:8b:6b:35:99:fa:4b:3c:
                    3a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5B:57:82:CE:8D:98:03:D7:F6:0D:45:66:62:A5:63:D8:C0:10:88
            X509v3 Authority Key Identifier:
                keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3ltXgs6NmAPX9g1FZmKlY9jAEIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.179.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:a4:e3:a2:72:ee:de:dd:0f:a8:88:ca:34:9e:57:cb:b3:51:
         ba:82:9a:d4:0e:8e:37:3a:81:3b:1c:8d:6b:e0:f4:9c:ee:d4:
         56:ce:a5:0b:88:cb:a2:bd:b8:a4:16:d9:10:15:6c:21:71:1c:
         95:66:60:24:70:82:32:ed:a1:b8:70:85:b9:f1:6f:07:6d:0d:
         25:bc:d1:8b:b6:3f:f0:00:36:8d:be:de:b0:9a:32:79:76:57:
         ce:cb:3d:21:14:fe:7d:c3:56:83:20:dd:f8:5d:91:d6:96:7b:
         36:e2:5c:cc:3b:c6:85:6a:14:9a:f9:ac:75:86:cd:0d:87:1a:
         be:d0:f3:7d:3e:51:96:55:aa:e9:4f:a9:0e:2d:39:50:77:35:
         dc:4d:8f:34:d8:47:13:b7:33:34:e6:97:95:76:52:7d:e3:fc:
         a0:99:07:f3:34:b4:ad:48:ec:a0:53:a8:d0:96:c6:a7:5c:e4:
         15:d6:7b:27:ce:3e:55:2d:e1:37:13:fe:8c:af:10:ae:a9:3e:
         96:39:ea:d5:1b:34:6d:ac:41:ba:04:3c:4f:64:1e:c9:43:b8:
         d4:2a:f7:f3:a6:95:3b:c2:5b:05:4f:eb:7f:75:85:fd:92:a1:
         5f:d6:7e:f4:b0:b0:f7:cf:6d:c2:2b:e9:5e:23:53:0a:db:83:
         01:b6:fe:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU5qZ0dU8gEZUfbfVeqAVi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIxMjIyMTE0ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTViNTc4MmNlOGQ5ODAzZDdmNjBkNDU2NjYyYTU2M2Q4YzAxMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWocjCkfUFopxVpLAFD0WVM4N1+P
TBjuoPUztVZmRGRJBE4KPVZS0SZu4qgQ4gh4wMRwxQn0QLJ9Js6Vih15zZCzsqoQ
6GsKwhBZBczaXmijHjHTAHlhkfzcsr/ANxHhghAjSHhZnWpv35K45XSZuG4lX39a
/MR2E9aU42LDhJ2XRHBNYcwNF/mfNxK5EQ4ogk48SRQVXHSK1eWIWY6nez8qnah4
v2CdGcr9yqI6d43Lsin2mVYfd8DkULLHt2EzShZ5eD6B7v/ADCH8OT3U133XDmnR
gJvnv5U/Ol2OFGDXcQvG1VTNEc8V2TJ9Nxd324dj8SrUm4trNZn6Szw6eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5bV4LOjZgD1/YNRWZipWPYwBCIMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvM2x0WGdzNk5tQVBYOWcxRlptS2xZOWpBRUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbNCMA0G
CSqGSIb3DQEBCwUAA4IBAQBMpOOicu7e3Q+oiMo0nlfLs1G6gprUDo43OoE7HI1r
4PSc7tRWzqULiMuivbikFtkQFWwhcRyVZmAkcIIy7aG4cIW58W8HbQ0lvNGLtj/w
ADaNvt6wmjJ5dlfOyz0hFP59w1aDIN34XZHWlns24lzMO8aFahSa+ax1hs0Nhxq+
0PN9PlGWVarpT6kOLTlQdzXcTY802EcTtzM05peVdlJ94/ygmQfzNLStSOygU6jQ
lsanXOQV1nsnzj5VLeE3E/6MrxCuqT6WOerVGzRtrEG6BDxPZB7JQ7jUKvfzppU7
wlsFT+t/dYX9kqFf1n70sLD3z23CK+leI1MK24MBtv4G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:22 2024 by rpki-client on console-ams.rpki-client.org