Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3kiGfPGeTmhzhXu2jO17GRDFzvk.roa
File:                     3kiGfPGeTmhzhXu2jO17GRDFzvk.roa (raw, json)
Hash identifier:          8GuSCb4EgfNwH9rgpLpDwOokTqZncycwp0ruNwlvflI=
Subject key identifier:   DE:48:86:7C:F1:9E:4E:68:73:85:7B:B6:8C:ED:7B:19:10:C5:CE:F9
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0184C9068DFAD588F0E255AFD4EF6C97E091
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3kiGfPGeTmhzhXu2jO17GRDFzvk.roa
Signing time:             Wed 30 Nov 2022 14:52:40 +0000
ROA not before:           Wed 30 Nov 2022 14:52:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     17447
IP address blocks:        80.71.226.0/24 maxlen: 24
                          80.71.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c9:06:8d:fa:d5:88:f0:e2:55:af:d4:ef:6c:97:e0:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Nov 30 14:52:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de48867cf19e4e6873857bb68ced7b1910c5cef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f3:b5:d2:68:01:5b:9a:87:bd:90:81:a3:d3:
                    cc:6f:a4:92:00:c1:10:0e:4e:19:6d:a1:22:b1:37:
                    20:9d:10:a7:f0:ae:54:d8:f5:b2:ce:59:ee:03:9e:
                    ba:cc:2b:75:7f:11:87:75:c5:69:96:ef:3a:18:ca:
                    d2:36:75:61:18:e8:48:62:79:6f:e3:90:0e:f4:60:
                    9d:d0:54:8a:7e:8a:5a:5a:09:18:36:b1:8b:6c:01:
                    9a:86:23:10:f7:a4:03:d7:8d:67:4f:02:23:74:bc:
                    a5:cf:71:9d:d6:db:64:4b:3a:33:e0:7c:6a:0a:a3:
                    5a:e8:ba:1f:ac:9d:4b:57:d8:5c:b2:5b:e6:25:df:
                    f2:85:6c:de:d5:bb:f6:33:51:96:9a:db:91:0b:8c:
                    f5:27:d8:c6:3e:a5:86:40:0d:2c:ca:77:a9:16:e8:
                    8d:4e:07:10:e8:b7:f3:47:70:3c:63:06:eb:8c:f5:
                    06:24:77:38:cb:a0:bc:24:14:b9:61:29:41:12:59:
                    09:3b:c3:43:e3:66:94:87:d7:fc:f2:b6:9c:b3:ec:
                    79:96:c9:93:20:69:f1:eb:14:50:c1:86:c4:ec:54:
                    15:5b:09:c7:40:fb:08:69:25:28:b8:25:61:d2:50:
                    5e:e0:1c:3a:ab:be:b2:4b:0b:f9:29:36:15:22:04:
                    16:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:48:86:7C:F1:9E:4E:68:73:85:7B:B6:8C:ED:7B:19:10:C5:CE:F9
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3kiGfPGeTmhzhXu2jO17GRDFzvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.225.0-80.71.226.255

    Signature Algorithm: sha256WithRSAEncryption
         52:4b:9d:8f:b7:d6:23:4a:4e:4c:fe:1e:0f:07:f6:9b:5e:64:
         47:b3:d2:75:fa:7c:f5:2b:e8:30:64:f9:05:6a:d2:77:63:2f:
         08:af:c0:a3:88:29:08:e5:55:4b:ca:6d:6c:3b:3d:bd:3a:a5:
         e4:54:85:c5:ca:5c:75:9e:11:a8:fa:16:55:cc:b4:84:ca:80:
         7a:98:be:e2:24:4e:0e:1f:9e:5f:36:fc:d7:70:8a:66:8e:26:
         48:6e:4c:da:ce:de:25:bb:c7:14:57:7d:a0:7f:61:0c:83:d7:
         91:a4:cb:f4:d7:a2:63:90:b7:b2:af:59:a5:ad:fe:5b:90:83:
         43:10:3a:24:db:69:f1:f1:62:28:5f:4b:a8:57:e1:f5:07:7a:
         7b:86:a2:60:0a:45:31:84:69:49:f4:e1:6b:cb:e7:65:b7:f1:
         8d:bf:e2:dc:c5:bb:65:fb:28:48:da:d6:f1:36:07:b7:d5:3c:
         5f:be:62:31:1c:1d:2b:59:c9:57:e8:c7:a5:7c:be:d5:e7:20:
         75:21:a7:a7:09:c2:d2:65:33:e4:18:39:3d:b1:29:ce:11:97:
         11:59:e5:35:4a:ea:23:f9:05:d0:7b:a8:73:6a:bc:5e:af:d8:
         da:e9:51:e1:b4:47:5e:13:ed:79:0f:bb:59:0e:b8:1e:de:af:
         22:48:23:68
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYTJBo361Yjw4lWv1O9sl+CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMTMwMTQ1MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ4ODY3Y2YxOWU0ZTY4NzM4NTdiYjY4Y2VkN2IxOTEwYzVjZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPO10mgBW5qHvZCBo9PMb6SSAMEQ
Dk4ZbaEisTcgnRCn8K5U2PWyzlnuA566zCt1fxGHdcVplu86GMrSNnVhGOhIYnlv
45AO9GCd0FSKfopaWgkYNrGLbAGahiMQ96QD141nTwIjdLylz3Gd1ttkSzoz4Hxq
CqNa6LofrJ1LV9hcslvmJd/yhWze1bv2M1GWmtuRC4z1J9jGPqWGQA0synepFuiN
TgcQ6LfzR3A8YwbrjPUGJHc4y6C8JBS5YSlBElkJO8ND42aUh9f88racs+x5lsmT
IGnx6xRQwYbE7FQVWwnHQPsIaSUouCVh0lBe4Bw6q76ySwv5KTYVIgQWlQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN5Ihnzxnk5oc4V7toztexkQxc75MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvM2tpR2ZQR2VUbWh6aFh1MmpPMTdHUkRGenZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABQR+ED
BABQR+IwDQYJKoZIhvcNAQELBQADggEBAFJLnY+31iNKTkz+Hg8H9pteZEez0nX6
fPUr6DBk+QVq0ndjLwivwKOIKQjlVUvKbWw7Pb06peRUhcXKXHWeEaj6FlXMtITK
gHqYvuIkTg4fnl82/NdwimaOJkhuTNrO3iW7xxRXfaB/YQyD15Gky/TXomOQt7Kv
WaWt/luQg0MQOiTbafHxYihfS6hX4fUHenuGomAKRTGEaUn04WvL52W38Y2/4tzF
u2X7KEja1vE2B7fVPF++YjEcHStZyVfox6V8vtXnIHUhp6cJwtJlM+QYOT2xKc4R
lxFZ5TVK6iP5BdB7qHNqvF6v2NrpUeG0R14T7XkPu1kOuB7eryJII2g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org