Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/c0SDwdPpUMkb9z9SQlzWf4DKl8U.roa
File:                     c0SDwdPpUMkb9z9SQlzWf4DKl8U.roa (raw, json)
Hash identifier:          2fHoFtwujY9Ki2kiHN84XlydQlh5dJyXXpD8pSnz9D0=
Subject key identifier:   73:44:83:C1:D3:E9:50:C9:1B:F7:3F:52:42:5C:D6:7F:80:CA:97:C5
Certificate issuer:       /CN=de6c6035042cc532516ebc1968f41bfff4b8537e
Certificate serial:       031B5DD8
Authority key identifier: DE:6C:60:35:04:2C:C5:32:51:6E:BC:19:68:F4:1B:FF:F4:B8:53:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3mxgNQQsxTJRbrwZaPQb__S4U34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/c0SDwdPpUMkb9z9SQlzWf4DKl8U.roa
Signing time:             Sat 01 Jan 2022 00:59:11 +0000
ROA not before:           Sat 01 Jan 2022 00:59:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212020
IP address blocks:        185.232.96.0/24 maxlen: 24
                          2a10:d280::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52125144 (0x31b5dd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de6c6035042cc532516ebc1968f41bfff4b8537e
        Validity
            Not Before: Jan  1 00:59:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=734483c1d3e950c91bf73f52425cd67f80ca97c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:49:8d:82:87:c8:0b:b0:f6:d7:37:af:94:71:
                    39:b5:60:2a:1b:02:d0:ec:c5:6e:7f:19:37:4c:10:
                    17:a7:cc:fc:6b:1c:f4:5f:ae:59:cb:b9:19:f8:e2:
                    ff:3c:e2:51:82:6b:d2:17:fd:aa:22:26:a3:07:98:
                    67:a5:de:3c:2f:8f:43:cb:8e:0c:5e:a4:c9:34:fc:
                    4e:35:bc:48:e3:fb:0b:23:a9:64:e4:21:cd:0e:45:
                    6b:5e:ea:25:3c:17:17:2c:82:95:0b:1d:e1:ce:e1:
                    cb:b6:26:4b:09:33:4d:a5:6d:1b:51:c0:7c:ce:8f:
                    22:0b:aa:f6:fe:2f:26:67:1e:7a:78:35:83:43:b0:
                    62:75:20:4b:9a:19:e2:41:14:cd:6a:a7:14:76:87:
                    5f:13:5b:28:e5:12:31:43:a4:eb:6e:c3:0c:6b:30:
                    83:5a:1a:f5:52:52:ef:85:91:db:b1:57:90:cc:56:
                    a7:3a:78:14:d9:89:88:36:c4:09:bd:e1:7f:24:9c:
                    c2:83:9f:9e:c2:9e:ec:93:98:73:67:f3:91:67:97:
                    53:d1:1d:28:29:60:c1:b8:e1:19:6b:a3:5f:9d:03:
                    5b:08:cc:3c:8c:e1:c9:ab:f4:a9:50:a5:95:a2:2e:
                    63:24:af:a0:5a:8d:90:1e:8e:24:fb:78:3c:4f:cf:
                    f5:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:44:83:C1:D3:E9:50:C9:1B:F7:3F:52:42:5C:D6:7F:80:CA:97:C5
            X509v3 Authority Key Identifier:
                keyid:DE:6C:60:35:04:2C:C5:32:51:6E:BC:19:68:F4:1B:FF:F4:B8:53:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mxgNQQsxTJRbrwZaPQb__S4U34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/c0SDwdPpUMkb9z9SQlzWf4DKl8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c2bb4d-8483-47ce-bb0a-f5f490d2c163/1/3mxgNQQsxTJRbrwZaPQb__S4U34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.96.0/24
                IPv6:
                  2a10:d280::/29

    Signature Algorithm: sha256WithRSAEncryption
         ab:c5:70:66:4b:1f:5b:27:6d:2a:2a:6d:73:a2:6a:dc:94:40:
         e8:97:9f:79:77:19:0e:e0:7d:0f:cc:61:2f:0f:c8:3e:8e:69:
         9b:a5:b8:74:a6:90:e9:7d:c3:4b:91:8d:77:1c:f8:bf:61:9d:
         91:41:28:69:f5:f0:76:77:51:7d:b0:ce:29:55:d4:fc:73:6f:
         6e:94:da:98:3a:f2:cb:85:74:bc:04:1c:36:b7:b1:0a:9c:fe:
         64:0a:30:0b:81:ba:2f:44:63:b9:b4:01:ad:98:8e:90:83:54:
         e2:5e:40:54:26:50:cd:40:54:37:3a:7b:8c:8b:5a:37:3b:f7:
         3f:11:ed:ef:db:51:04:e2:ac:ea:42:77:56:64:33:67:20:fc:
         b8:ae:bb:7a:37:74:2e:10:12:d4:c9:92:01:e1:56:15:36:a9:
         37:29:54:17:3d:ca:b2:89:ad:c6:16:4e:9d:b7:81:50:0b:36:
         fc:dc:cc:c9:3b:9f:b8:04:25:3e:ab:5a:2e:2f:41:66:ed:1d:
         4c:50:ba:40:3d:fb:08:01:a5:25:af:70:fe:49:35:21:ea:06:
         c8:21:de:b1:0a:f4:a9:e4:c8:95:13:35:83:58:f5:2f:9b:ce:
         f8:4b:cb:5a:0e:12:13:db:83:80:1d:d3:57:1c:c6:11:5f:28:
         1b:75:73:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAxtd2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTZjNjAzNTA0MmNjNTMyNTE2ZWJjMTk2OGY0MWJmZmY0Yjg1MzdlMB4XDTIyMDEw
MTAwNTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM0NDgzYzFkM2U5
NTBjOTFiZjczZjUyNDI1Y2Q2N2Y4MGNhOTdjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZJjYKHyAuw9tc3r5RxObVgKhsC0OzFbn8ZN0wQF6fM/Gsc
9F+uWcu5Gfji/zziUYJr0hf9qiImoweYZ6XePC+PQ8uODF6kyTT8TjW8SOP7CyOp
ZOQhzQ5Fa17qJTwXFyyClQsd4c7hy7YmSwkzTaVtG1HAfM6PIguq9v4vJmceeng1
g0OwYnUgS5oZ4kEUzWqnFHaHXxNbKOUSMUOk627DDGswg1oa9VJS74WR27FXkMxW
pzp4FNmJiDbECb3hfyScwoOfnsKe7JOYc2fzkWeXU9EdKClgwbjhGWujX50DWwjM
PIzhyav0qVCllaIuYySvoFqNkB6OJPt4PE/P9Q0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRzRIPB0+lQyRv3P1JCXNZ/gMqXxTAfBgNVHSMEGDAWgBTebGA1BCzFMlFu
vBlo9Bv/9LhTfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNteGdOUVFzeFRKUmJyd1phUFFiX19TNFUzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvYzJiYjRkLTg0ODMtNDdjZS1iYjBhLWY1ZjQ5MGQyYzE2My8x
L2MwU0R3ZFBwVU1rYjl6OVNRbHpXZjRES2w4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
YzJiYjRkLTg0ODMtNDdjZS1iYjBhLWY1ZjQ5MGQyYzE2My8xLzNteGdOUVFzeFRK
UmJyd1phUFFiX19TNFUzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnoYDANBAIAAjAHAwUDKhDSgDAN
BgkqhkiG9w0BAQsFAAOCAQEAq8VwZksfWydtKiptc6Jq3JRA6JefeXcZDuB9D8xh
Lw/IPo5pm6W4dKaQ6X3DS5GNdxz4v2GdkUEoafXwdndRfbDOKVXU/HNvbpTamDry
y4V0vAQcNrexCpz+ZAowC4G6L0RjubQBrZiOkINU4l5AVCZQzUBUNzp7jItaNzv3
PxHt79tRBOKs6kJ3VmQzZyD8uK67ejd0LhAS1MmSAeFWFTapNylUFz3KsomtxhZO
nbeBUAs2/NzMyTufuAQlPqtaLi9BZu0dTFC6QD37CAGlJa9w/kk1IeoGyCHesQr0
qeTIlRM1g1j1L5vO+EvLWg4SE9uDgB3TVxzGEV8oG3VzbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:15 2024 by rpki-client on console-fra.rpki-client.org