Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa
File:                     RIRL3rHbxFSEuAfvODhjIK8pD7w.roa (raw, json)
Hash identifier:          SOLnk5P7iXkt7J3wWhNMpPB7NuVPwNFh/I+7/G9dDmk=
Subject key identifier:   44:84:4B:DE:B1:DB:C4:54:84:B8:07:EF:38:38:63:20:AF:29:0F:BC
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018412FE6C2213AF2E827D65B63EB1C0069F
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa
Signing time:             Wed 26 Oct 2022 06:32:54 +0000
ROA not before:           Wed 26 Oct 2022 06:32:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44889
IP address blocks:        212.16.64.0/19 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.150.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.80.0.0/19 maxlen: 24
                          212.80.20.0/23 maxlen: 23
                          46.38.129.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:12:fe:6c:22:13:af:2e:82:7d:65:b6:3e:b1:c0:06:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Oct 26 06:32:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44844bdeb1dbc45484b807ef38386320af290fbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e3:cc:e4:be:d2:84:44:6a:c2:81:0f:15:3e:
                    c4:97:1c:12:7e:61:a9:1b:59:db:ff:d9:4e:09:81:
                    41:6a:dd:2f:ae:57:53:d5:09:3f:1b:f4:0d:10:f9:
                    c7:7e:eb:93:de:12:5c:57:60:ae:87:4c:e9:54:50:
                    0c:63:13:3f:45:28:76:44:2e:99:fe:f8:89:41:02:
                    7b:4b:1c:72:4d:be:4f:ca:cd:54:97:ac:99:a3:42:
                    3e:45:2a:53:3b:69:1b:1e:0a:8e:63:58:e6:6d:96:
                    ae:89:97:02:3e:74:b9:f4:ff:87:63:c0:a2:a1:ff:
                    6c:91:58:57:a7:a2:39:5a:18:b8:21:70:77:1c:9e:
                    f9:b9:0d:d0:8a:6b:f3:e8:05:4a:ec:74:8b:a1:ab:
                    bd:81:5f:aa:b3:50:ff:e2:ac:5c:df:c8:88:7d:7f:
                    ef:f2:c6:5c:29:a8:bc:22:85:56:2a:8f:27:a0:cc:
                    3e:b9:94:11:05:53:9e:4e:3c:72:0f:d2:8e:79:51:
                    36:07:fe:4d:4c:dd:d7:f2:c6:3c:db:ee:b2:15:98:
                    fd:e6:dd:19:af:76:53:1c:ba:6d:f2:a7:dd:d7:47:
                    e3:91:f8:11:95:e9:e6:57:07:b4:b5:e9:cc:e8:1f:
                    0b:98:f4:54:65:69:f2:a9:c2:38:45:a7:e5:c0:8c:
                    27:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:84:4B:DE:B1:DB:C4:54:84:B8:07:EF:38:38:63:20:AF:29:0F:BC
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.129.0/24
                  46.38.131.0/24
                  46.38.140.0/24
                  46.38.150.0/24
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         a3:d7:84:80:3c:ce:dd:3a:a5:bd:df:45:ad:f1:5e:b7:e6:2b:
         8b:a2:1f:88:54:d5:80:3c:13:2f:f0:bc:ef:11:72:9a:5b:ea:
         e6:b3:8c:72:66:bf:f7:8c:38:b3:7a:31:3d:61:be:9e:6b:a7:
         76:1e:6e:44:5e:3c:f0:1a:cf:2b:39:50:95:a0:e1:19:1d:f4:
         be:f4:1a:a6:49:20:49:ae:c3:ea:43:4c:e1:b1:fe:95:16:c5:
         26:fe:25:cf:2e:69:35:b3:82:de:79:69:b1:a5:70:39:73:61:
         8c:57:76:02:76:5a:64:ce:8b:40:6c:98:f9:19:e8:e3:98:25:
         64:dd:21:19:54:91:33:51:91:81:8d:f7:0c:83:4b:44:d0:77:
         68:7d:eb:e6:52:60:ca:46:88:ca:cc:ac:6c:76:63:70:dd:b4:
         01:42:8c:fd:ad:05:f1:55:8e:d9:ad:bf:d1:b4:0e:9e:77:72:
         86:7e:cc:95:13:09:e9:e3:e2:c7:0b:02:f3:4b:ae:ef:bd:0d:
         d7:2c:77:37:5f:e1:27:66:09:7c:83:0e:06:60:2e:93:a6:ad:
         46:5b:89:62:51:5f:1e:d4:42:e3:87:6a:0c:35:f7:99:41:41:
         31:96:b2:0e:91:a8:98:ac:c2:32:68:2a:a5:31:be:12:17:f7:
         5b:1b:03:0a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYQS/mwiE68ugn1ltj6xwAafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIxMDI2MDYzMjU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg0NGJkZWIxZGJjNDU0ODRiODA3ZWYzODM4NjMyMGFmMjkwZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPM5L7ShERqwoEPFT7ElxwSfmGp
G1nb/9lOCYFBat0vrldT1Qk/G/QNEPnHfuuT3hJcV2Cuh0zpVFAMYxM/RSh2RC6Z
/viJQQJ7SxxyTb5Pys1Ul6yZo0I+RSpTO2kbHgqOY1jmbZauiZcCPnS59P+HY8Ci
of9skVhXp6I5Whi4IXB3HJ75uQ3Qimvz6AVK7HSLoau9gV+qs1D/4qxc38iIfX/v
8sZcKai8IoVWKo8noMw+uZQRBVOeTjxyD9KOeVE2B/5NTN3X8sY82+6yFZj95t0Z
r3ZTHLpt8qfd10fjkfgRlenmVwe0tenM6B8LmPRUZWnyqcI4RaflwIwnBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFESES96x28RUhLgH7zg4YyCvKQ+8MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUklSTDNySGJ4RlNFdUFmdk9EaGpJSzhwRDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQCj14SAPM7dOqW930Wt8V635iuLoh+IVNWAPBMv8LzvEXKa
W+rms4xyZr/3jDizejE9Yb6ea6d2Hm5EXjzwGs8rOVCVoOEZHfS+9BqmSSBJrsPq
Q0zhsf6VFsUm/iXPLmk1s4LeeWmxpXA5c2GMV3YCdlpkzotAbJj5GejjmCVk3SEZ
VJEzUZGBjfcMg0tE0HdofevmUmDKRojKzKxsdmNw3bQBQoz9rQXxVY7Zrb/RtA6e
d3KGfsyVEwnp4+LHCwLzS67vvQ3XLHc3X+EnZgl8gw4GYC6Tpq1GW4liUV8e1ELj
h2oMNfeZQUExlrIOkaiYrMIyaCqlMb4SF/dbGwMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org