Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/kTemCYqF89TXgobUrVVZhojFmYw.roa
File:                     kTemCYqF89TXgobUrVVZhojFmYw.roa (raw, json)
Hash identifier:          nZ/+CsMpFcSoDFkWri2V6X3SR56qxRzzA2lziR5cQZA=
Subject key identifier:   91:37:A6:09:8A:85:F3:D4:D7:82:86:D4:AD:55:59:86:88:C5:99:8C
Certificate issuer:       /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial:       0182A16B87983944AB7C2184492B68CEF382
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/kTemCYqF89TXgobUrVVZhojFmYw.roa
Signing time:             Mon 15 Aug 2022 12:12:34 +0000
ROA not before:           Mon 15 Aug 2022 12:12:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210392
IP address blocks:        88.135.33.0/24 maxlen: 24
                          88.135.35.0/24 maxlen: 24
                          88.135.34.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a1:6b:87:98:39:44:ab:7c:21:84:49:2b:68:ce:f3:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
        Validity
            Not Before: Aug 15 12:12:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9137a6098a85f3d4d78286d4ad55598688c5998c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:99:87:e6:2b:00:bc:76:ee:b3:12:4c:68:7e:
                    12:3c:80:df:4a:e5:15:c1:9b:1c:63:94:00:f2:66:
                    6a:c7:ff:44:9a:38:14:5f:42:56:a9:a4:c5:ed:06:
                    40:e9:80:57:05:ab:7c:73:e7:4a:3c:b2:70:bc:cd:
                    36:18:06:b3:71:0b:32:a1:34:4b:1c:8c:0a:0a:e2:
                    22:4d:99:e2:33:58:66:9f:ec:d7:73:e4:6d:ad:0b:
                    8c:2f:3d:f3:cc:d8:7f:cd:62:f5:68:19:bc:a8:a9:
                    03:a7:96:5a:97:3f:37:3c:2a:b8:43:1a:05:2b:1c:
                    f3:df:64:fc:db:cf:a8:30:43:ae:56:1c:b3:60:4c:
                    0a:4e:0d:7e:83:f4:33:e2:c7:9e:cf:b7:20:68:e2:
                    b4:c2:47:19:24:bc:ab:83:38:43:b9:7a:b8:6d:26:
                    6d:17:72:cf:16:6e:1e:76:15:16:74:67:81:85:8f:
                    2e:84:12:27:14:45:0e:fc:ef:54:7b:89:43:01:f4:
                    94:62:c5:48:55:ab:ca:a9:d2:aa:61:d3:2f:fc:c3:
                    13:83:fa:27:b1:47:30:32:0c:c9:e6:d5:34:f5:2b:
                    b8:14:a8:f4:90:b4:71:4f:fe:4a:fd:45:0e:42:4e:
                    d4:de:79:8c:33:ae:2f:ad:be:e9:55:08:87:dd:f6:
                    c9:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:37:A6:09:8A:85:F3:D4:D7:82:86:D4:AD:55:59:86:88:C5:99:8C
            X509v3 Authority Key Identifier:
                keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/kTemCYqF89TXgobUrVVZhojFmYw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.135.33.0-88.135.35.255

    Signature Algorithm: sha256WithRSAEncryption
         23:1f:d4:0b:c8:19:fa:4d:90:c5:0f:e0:73:ac:90:79:ab:ec:
         25:6a:6e:ce:56:2e:ad:bf:3a:36:c0:4a:79:25:92:be:d5:f1:
         3d:94:07:7e:1e:46:95:7d:5f:86:33:90:1f:5c:69:1b:5a:b4:
         8a:ca:b1:89:e4:7a:81:5f:a1:9e:a8:6f:34:d4:8d:02:d2:64:
         2a:39:5f:ba:4f:cd:7f:22:b0:1b:de:a1:58:eb:a6:c3:d5:b3:
         0e:ec:a9:a3:53:40:3d:4b:36:77:96:17:9a:b7:7b:c3:df:2f:
         9f:21:43:6b:4b:f2:5e:19:82:5e:e0:1f:3c:f8:55:c9:c9:92:
         bc:42:75:6d:0a:d4:3d:11:aa:a0:7c:ee:f6:70:dc:fe:00:57:
         c0:16:11:2a:66:22:af:51:60:ce:8b:38:3d:39:14:72:d2:04:
         69:0b:cb:a0:16:70:8f:4c:bb:d8:51:84:b1:d3:a7:b0:ab:4e:
         9c:73:2c:ee:a0:53:2a:25:82:89:47:07:26:38:cf:8b:ab:7f:
         58:07:72:3c:f1:90:7f:86:1b:3c:f6:d7:f8:0f:08:cd:61:98:
         98:4d:46:82:48:f7:4b:a7:70:ff:4d:5a:e0:03:3f:41:eb:74:
         e3:a9:8f:b3:8d:39:65:9d:6c:78:f1:10:b5:fa:b3:1d:ce:b5:
         d6:7c:a1:d5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKha4eYOUSrfCGESStozvOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjIwODE1MTIxMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM3YTYwOThhODVmM2Q0ZDc4Mjg2ZDRhZDU1NTk4Njg4YzU5OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5mH5isAvHbusxJMaH4SPIDfSuUV
wZscY5QA8mZqx/9EmjgUX0JWqaTF7QZA6YBXBat8c+dKPLJwvM02GAazcQsyoTRL
HIwKCuIiTZniM1hmn+zXc+RtrQuMLz3zzNh/zWL1aBm8qKkDp5Zalz83PCq4QxoF
Kxzz32T828+oMEOuVhyzYEwKTg1+g/Qz4seez7cgaOK0wkcZJLyrgzhDuXq4bSZt
F3LPFm4edhUWdGeBhY8uhBInFEUO/O9Ue4lDAfSUYsVIVavKqdKqYdMv/MMTg/on
sUcwMgzJ5tU09Su4FKj0kLRxT/5K/UUOQk7U3nmMM64vrb7pVQiH3fbJ+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJE3pgmKhfPU14KG1K1VWYaIxZmMMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEva1RlbUNZcUY4OVRYZ29iVXJWVlpob2pGbVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABYhyED
BAJYhyAwDQYJKoZIhvcNAQELBQADggEBACMf1AvIGfpNkMUP4HOskHmr7CVqbs5W
Lq2/OjbASnklkr7V8T2UB34eRpV9X4YzkB9caRtatIrKsYnkeoFfoZ6obzTUjQLS
ZCo5X7pPzX8isBveoVjrpsPVsw7sqaNTQD1LNneWF5q3e8PfL58hQ2tL8l4Zgl7g
Hzz4VcnJkrxCdW0K1D0RqqB87vZw3P4AV8AWESpmIq9RYM6LOD05FHLSBGkLy6AW
cI9Mu9hRhLHTp7CrTpxzLO6gUyolgolHByY4z4urf1gHcjzxkH+GGzz21/gPCM1h
mJhNRoJI90uncP9NWuADP0HrdOOpj7ONOWWdbHjxELX6sx3OtdZ8odU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:14 2024 by rpki-client on console-fra.rpki-client.org