Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/3WXZf5qLzixhb-HzbSabk0xhI84.roa
File:                     3WXZf5qLzixhb-HzbSabk0xhI84.roa (raw, json)
Hash identifier:          +lCzhgDo/BylQFOM+GNc/KNrSS1yfbj5bli7YVjn6P8=
Subject key identifier:   DD:65:D9:7F:9A:8B:CE:2C:61:6F:E1:F3:6D:26:9B:93:4C:61:23:CE
Certificate issuer:       /CN=f7d535083fb140ddab453abf821f5db3a6f461a4
Certificate serial:       018268828FB85FCEA9DBC1B8D269BB4622EA
Authority key identifier: F7:D5:35:08:3F:B1:40:DD:AB:45:3A:BF:82:1F:5D:B3:A6:F4:61:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/99U1CD-xQN2rRTq_gh9ds6b0YaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/3WXZf5qLzixhb-HzbSabk0xhI84.roa
Signing time:             Thu 04 Aug 2022 10:59:23 +0000
ROA not before:           Thu 04 Aug 2022 10:59:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213299
IP address blocks:        185.155.116.0/24 maxlen: 24
                          2a10:40c0::/32 maxlen: 32
                          2a10:40c0:100::/48 maxlen: 48
                          2a10:40c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:68:82:8f:b8:5f:ce:a9:db:c1:b8:d2:69:bb:46:22:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7d535083fb140ddab453abf821f5db3a6f461a4
        Validity
            Not Before: Aug  4 10:59:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd65d97f9a8bce2c616fe1f36d269b934c6123ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:74:9f:e8:3b:1f:0b:95:65:4c:e8:bd:77:09:
                    c8:ac:fd:99:01:fd:f2:4a:ef:9b:8e:58:ed:50:3e:
                    2a:9d:f9:c5:7a:5d:0e:56:7b:7d:2e:b2:50:30:18:
                    92:97:06:47:8e:2b:5d:bc:5b:6d:bd:69:a6:5f:f3:
                    9e:f1:83:24:ee:96:42:b7:8b:6e:83:be:33:d3:97:
                    f2:66:b7:8f:16:eb:92:3e:27:25:d5:f0:24:2f:38:
                    53:0d:61:0d:11:58:d0:80:57:5c:89:7e:e6:d8:a3:
                    ec:49:00:3f:76:74:47:f2:9c:80:98:62:3e:28:ec:
                    15:c5:ec:79:0e:8a:e9:dc:fe:8c:58:b5:ee:3a:65:
                    49:e8:24:16:d6:cc:52:c8:18:18:61:38:22:35:90:
                    de:5a:ad:69:73:03:ad:a9:89:0b:f2:9f:40:c6:d3:
                    ac:f2:b6:36:c6:2f:7d:45:15:f9:f7:79:3a:5a:03:
                    3f:22:c8:fc:68:df:76:e3:e4:4d:33:fc:56:9e:5b:
                    06:a9:eb:98:bc:46:d2:f6:8a:65:99:14:8d:c8:f0:
                    c3:fa:48:62:86:b6:d3:d8:d6:40:8c:85:3e:9a:8f:
                    8d:43:e7:5e:fe:8e:e0:7c:b9:3d:5f:5a:9c:cd:5c:
                    8b:ef:ff:01:35:34:bd:d1:ec:41:e9:ec:78:ed:e6:
                    39:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:65:D9:7F:9A:8B:CE:2C:61:6F:E1:F3:6D:26:9B:93:4C:61:23:CE
            X509v3 Authority Key Identifier:
                keyid:F7:D5:35:08:3F:B1:40:DD:AB:45:3A:BF:82:1F:5D:B3:A6:F4:61:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99U1CD-xQN2rRTq_gh9ds6b0YaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/3WXZf5qLzixhb-HzbSabk0xhI84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/99U1CD-xQN2rRTq_gh9ds6b0YaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.116.0/24
                IPv6:
                  2a10:40c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         77:d6:c2:25:d1:a0:7d:a5:d0:80:7d:48:fd:97:e0:de:02:09:
         d2:65:96:f7:ba:c7:b1:e4:a4:83:d5:6b:dd:4b:d2:bb:b2:08:
         69:55:40:69:9f:1e:6e:e8:dc:f8:63:8c:7a:6a:ad:bc:c5:91:
         59:2a:94:35:32:77:3e:a1:a7:0c:ff:83:68:b9:84:ae:e4:d0:
         2e:c1:ad:87:b8:07:39:6d:51:a2:39:a7:7d:8d:f5:9d:22:70:
         1c:87:dc:f4:63:9e:75:84:b3:21:c5:bd:6c:db:0e:ed:a3:28:
         a4:fe:13:8f:c1:a6:15:2a:11:78:40:61:6f:93:70:9b:f0:e0:
         b1:2f:bb:3c:d6:a9:78:bb:f6:85:3c:6b:5d:a8:e7:22:80:f0:
         65:cb:82:d3:9a:4b:4a:26:81:88:a2:4b:0b:60:d9:f4:18:a1:
         bd:19:42:42:68:d4:1d:3a:aa:f3:dc:49:24:ca:18:7c:d2:7e:
         bc:46:c7:71:8f:d3:21:5c:dd:36:f0:0a:e5:2a:f2:fa:b8:84:
         40:90:8f:c1:82:30:41:3d:0b:fe:1a:81:43:d5:c1:68:7a:29:
         29:69:64:83:e3:a8:aa:28:62:08:7b:5b:be:3f:b4:32:58:dd:
         67:c4:a2:2b:7e:53:35:cc:05:3d:fc:f0:41:e2:d3:c0:fa:24:
         dd:68:bb:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJogo+4X86p28G40mm7RiLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDUzNTA4M2ZiMTQwZGRhYjQ1M2FiZjgyMWY1ZGIzYTZm
NDYxYTQwHhcNMjIwODA0MTA1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY1ZDk3ZjlhOGJjZTJjNjE2ZmUxZjM2ZDI2OWI5MzRjNjEyM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnSf6DsfC5VlTOi9dwnIrP2ZAf3y
Su+bjljtUD4qnfnFel0OVnt9LrJQMBiSlwZHjitdvFttvWmmX/Oe8YMk7pZCt4tu
g74z05fyZrePFuuSPicl1fAkLzhTDWENEVjQgFdciX7m2KPsSQA/dnRH8pyAmGI+
KOwVxex5Dorp3P6MWLXuOmVJ6CQW1sxSyBgYYTgiNZDeWq1pcwOtqYkL8p9AxtOs
8rY2xi99RRX593k6WgM/Isj8aN924+RNM/xWnlsGqeuYvEbS9oplmRSNyPDD+khi
hrbT2NZAjIU+mo+NQ+de/o7gfLk9X1qczVyL7/8BNTS90exB6ex47eY5bwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN1l2X+ai84sYW/h820mm5NMYSPOMB8GA1UdIwQY
MBaAFPfVNQg/sUDdq0U6v4IfXbOm9GGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlVMUNELXhRTjJyUlRxX2doOWRzNmIwWWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85M2NlNjItNmYzZC00OTNjLWJmNmYt
NWNkODg1NDg5ZjgyLzEvM1dYWmY1cUx6aXhoYi1IemJTYWJrMHhoSTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85M2NlNjItNmYzZC00OTNjLWJmNmYtNWNkODg1NDg5Zjgy
LzEvOTlVMUNELXhRTjJyUlRxX2doOWRzNmIwWWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZt0MA0E
AgACMAcDBQAqEEDAMA0GCSqGSIb3DQEBCwUAA4IBAQB31sIl0aB9pdCAfUj9l+De
AgnSZZb3usex5KSD1WvdS9K7sghpVUBpnx5u6Nz4Y4x6aq28xZFZKpQ1Mnc+oacM
/4NouYSu5NAuwa2HuAc5bVGiOad9jfWdInAch9z0Y551hLMhxb1s2w7toyik/hOP
waYVKhF4QGFvk3Cb8OCxL7s81ql4u/aFPGtdqOcigPBly4LTmktKJoGIoksLYNn0
GKG9GUJCaNQdOqrz3Ekkyhh80n68Rsdxj9MhXN028ArlKvL6uIRAkI/BgjBBPQv+
GoFD1cFoeikpaWSD46iqKGIIe1u+P7QyWN1nxKIrflM1zAU9/PBB4tPA+iTdaLsr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org