Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7262b8-a1a7-4d13-8793-d3887dc45c6d/1/3peoj7silvHSGDLm7-Y0b92jN8I.roa
File:                     3peoj7silvHSGDLm7-Y0b92jN8I.roa (raw, json)
Hash identifier:          HqcDmr280flcuIgzfESAonMmn5b5b6OuucFtdFZj4+Q=
Subject key identifier:   DE:97:A8:8F:BB:22:96:F1:D2:18:32:E6:EF:E6:34:6F:DD:A3:37:C2
Certificate issuer:       /CN=6325f514270167a43e65e27df9b3d26efb29c31c
Certificate serial:       081C019B
Authority key identifier: 63:25:F5:14:27:01:67:A4:3E:65:E2:7D:F9:B3:D2:6E:FB:29:C3:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YyX1FCcBZ6Q-ZeJ9-bPSbvspwxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/7262b8-a1a7-4d13-8793-d3887dc45c6d/1/3peoj7silvHSGDLm7-Y0b92jN8I.roa
Signing time:             Sat 01 Jan 2022 05:01:03 +0000
ROA not before:           Sat 01 Jan 2022 05:01:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47641
IP address blocks:        139.28.60.0/22 maxlen: 24
                          2a09:f580::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136053147 (0x81c019b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6325f514270167a43e65e27df9b3d26efb29c31c
        Validity
            Not Before: Jan  1 05:01:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de97a88fbb2296f1d21832e6efe6346fdda337c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:16:25:f6:bf:d7:58:b7:93:a6:25:ce:c1:8a:
                    3a:a5:45:4d:63:3d:23:04:84:c7:6a:d7:15:64:27:
                    11:a8:fb:d5:2c:98:03:8c:24:1b:4e:38:c3:dd:7b:
                    42:0e:7c:95:a3:ce:55:42:68:32:64:39:01:ea:74:
                    cf:7b:a1:db:9e:26:f3:e7:f0:ee:a9:df:7b:b0:65:
                    5e:f7:ac:65:70:b9:72:09:a0:a2:b8:1f:a0:a2:91:
                    66:dd:45:b3:ee:f4:b2:f4:5f:c0:fd:4e:d5:28:5a:
                    cc:ca:63:ab:a8:d7:cb:1c:37:58:d8:15:85:df:fe:
                    32:70:20:04:af:02:18:09:bf:7c:8c:2f:4b:41:9d:
                    2d:8c:39:d3:db:c6:93:12:06:4a:f1:94:17:a1:04:
                    8f:8a:6c:98:a7:ee:c8:cc:6b:dd:a8:e0:33:64:a7:
                    a1:ca:aa:0e:84:1a:b8:db:58:0b:25:2c:23:2d:82:
                    cd:37:a9:c1:f1:1c:c5:e8:b6:84:c2:38:c9:5c:30:
                    95:79:90:ae:0c:54:fe:b6:89:fd:fb:df:ed:aa:6a:
                    49:05:87:3f:41:69:1e:14:7a:51:e2:4b:26:d0:06:
                    1a:d1:5f:e6:c1:71:e1:7c:d4:0a:d1:64:cf:7d:43:
                    9b:28:18:37:e7:cf:e9:d7:01:46:b0:00:e0:92:6d:
                    22:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:97:A8:8F:BB:22:96:F1:D2:18:32:E6:EF:E6:34:6F:DD:A3:37:C2
            X509v3 Authority Key Identifier:
                keyid:63:25:F5:14:27:01:67:A4:3E:65:E2:7D:F9:B3:D2:6E:FB:29:C3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyX1FCcBZ6Q-ZeJ9-bPSbvspwxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7262b8-a1a7-4d13-8793-d3887dc45c6d/1/3peoj7silvHSGDLm7-Y0b92jN8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7262b8-a1a7-4d13-8793-d3887dc45c6d/1/YyX1FCcBZ6Q-ZeJ9-bPSbvspwxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.60.0/22
                IPv6:
                  2a09:f580::/29

    Signature Algorithm: sha256WithRSAEncryption
         3e:09:bc:89:34:0c:ac:51:d0:0d:43:c4:52:a4:0e:f7:71:7c:
         f0:55:10:ba:44:8b:12:f2:a6:d8:6b:00:44:28:4f:16:67:26:
         56:7a:c4:34:8b:d6:ba:64:74:7d:94:db:a2:bc:9f:1d:d5:4a:
         bf:75:bb:1c:3d:6b:b1:90:1b:00:0f:9c:ef:52:6f:85:50:d7:
         14:50:a2:1e:8c:da:29:98:11:bc:b2:bf:87:c5:fb:42:6f:a0:
         42:7c:c3:72:f1:27:02:df:e0:a8:f0:9d:da:4b:11:3e:cd:85:
         07:62:f4:37:64:ef:e7:bb:63:9c:07:1c:a6:35:c3:cf:a3:03:
         8e:07:47:20:eb:bd:cc:55:84:7a:b9:71:25:13:f2:f8:a6:1e:
         16:0e:a7:14:fe:c9:9c:93:b8:7b:cc:d2:57:f2:30:9a:5b:ec:
         0f:f7:73:1e:85:75:5a:6f:2d:57:0e:14:3c:e2:22:36:d4:e5:
         46:f4:0d:80:7d:74:a5:87:01:04:4a:5d:bc:ca:34:8b:97:d7:
         ba:1e:cd:a0:e3:06:38:35:2b:6d:89:42:33:52:f3:df:a8:c2:
         ca:08:fc:04:db:d1:5f:94:ff:ac:6f:7d:9d:ba:ea:81:bc:1d:
         e9:4e:11:36:b3:f6:8e:c3:38:99:40:ff:cb:36:e7:f8:45:da:
         ee:b8:02:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECBwBmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzI1ZjUxNDI3MDE2N2E0M2U2NWUyN2RmOWIzZDI2ZWZiMjljMzFjMB4XDTIyMDEw
MTA1MDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5N2E4OGZiYjIy
OTZmMWQyMTgzMmU2ZWZlNjM0NmZkZGEzMzdjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYWJfa/11i3k6YlzsGKOqVFTWM9IwSEx2rXFWQnEaj71SyY
A4wkG044w917Qg58laPOVUJoMmQ5Aep0z3uh254m8+fw7qnfe7BlXvesZXC5cgmg
orgfoKKRZt1Fs+70svRfwP1O1ShazMpjq6jXyxw3WNgVhd/+MnAgBK8CGAm/fIwv
S0GdLYw509vGkxIGSvGUF6EEj4psmKfuyMxr3ajgM2SnocqqDoQauNtYCyUsIy2C
zTepwfEcxei2hMI4yVwwlXmQrgxU/raJ/fvf7apqSQWHP0FpHhR6UeJLJtAGGtFf
5sFx4XzUCtFkz31DmygYN+fP6dcBRrAA4JJtIrkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTel6iPuyKW8dIYMubv5jRv3aM3wjAfBgNVHSMEGDAWgBRjJfUUJwFnpD5l
4n35s9Ju+ynDHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l5WDFGQ2NCWjZRLVplSjktYlBTYnZzcHd4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzI2MmI4LWExYTctNGQxMy04NzkzLWQzODg3ZGM0NWM2ZC8x
LzNwZW9qN3NpbHZIU0dETG03LVkwYjkyak44SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzI2MmI4LWExYTctNGQxMy04NzkzLWQzODg3ZGM0NWM2ZC8xL1l5WDFGQ2NCWjZR
LVplSjktYlBTYnZzcHd4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAoscPDANBAIAAjAHAwUDKgn1gDAN
BgkqhkiG9w0BAQsFAAOCAQEAPgm8iTQMrFHQDUPEUqQO93F88FUQukSLEvKm2GsA
RChPFmcmVnrENIvWumR0fZTboryfHdVKv3W7HD1rsZAbAA+c71JvhVDXFFCiHoza
KZgRvLK/h8X7Qm+gQnzDcvEnAt/gqPCd2ksRPs2FB2L0N2Tv57tjnAccpjXDz6MD
jgdHIOu9zFWEerlxJRPy+KYeFg6nFP7JnJO4e8zSV/IwmlvsD/dzHoV1Wm8tVw4U
POIiNtTlRvQNgH10pYcBBEpdvMo0i5fXuh7NoOMGODUrbYlCM1Lz36jCygj8BNvR
X5T/rG99nbrqgbwd6U4RNrP2jsM4mUD/yzbn+EXa7rgC3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:28 2024 by rpki-client on console-ams.rpki-client.org