Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/3W0Llr3yn0mafBw9K-uE1JRia-k.roa
File:                     3W0Llr3yn0mafBw9K-uE1JRia-k.roa (raw, json)
Hash identifier:          aWZQabRU5aSWiqpT0pH2YnrqF5/bqgqoQBevo+89uHk=
Subject key identifier:   DD:6D:0B:96:BD:F2:9F:49:9A:7C:1C:3D:2B:EB:84:D4:94:62:6B:E9
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018536D730DE42EC1608BBE71DBE28C60F77
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/3W0Llr3yn0mafBw9K-uE1JRia-k.roa
Signing time:             Wed 21 Dec 2022 22:39:10 +0000
ROA not before:           Wed 21 Dec 2022 22:39:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206499
IP address blocks:        45.14.68.0/24 maxlen: 32
                          45.14.69.0/24 maxlen: 24
                          193.177.223.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:36:d7:30:de:42:ec:16:08:bb:e7:1d:be:28:c6:0f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Dec 21 22:39:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd6d0b96bdf29f499a7c1c3d2beb84d494626be9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7a:b7:b5:c9:d6:41:c0:55:ae:48:a8:4a:4e:
                    b0:dc:1f:8e:a8:cd:9e:ef:8a:bd:7a:40:9b:ee:34:
                    56:74:c6:c7:ef:05:e1:56:d2:02:e4:d9:0c:60:51:
                    55:a7:f7:27:ee:6f:24:5a:f4:db:91:3f:f9:42:ba:
                    d1:b6:aa:e3:0c:2c:b1:37:e2:e9:70:a7:eb:fd:b2:
                    af:d9:8c:b7:70:5a:fb:d4:4d:5e:fa:b2:bc:b0:44:
                    a5:0f:8a:ef:76:06:9a:5e:09:bd:5c:c5:e0:34:65:
                    4c:ba:f6:a0:f6:2f:1e:4c:26:55:1e:91:da:69:54:
                    5a:94:7c:d5:cd:79:3d:40:75:05:8a:98:92:06:4d:
                    6e:f2:e1:6b:fd:9d:df:cd:01:4d:4c:84:e3:41:49:
                    d6:ff:e9:c4:3c:98:f9:6f:80:44:cd:e2:33:a6:9e:
                    bc:9a:bd:cc:13:d5:82:9f:fb:ce:81:70:83:66:67:
                    7f:0f:8d:2e:19:4f:a1:d9:67:ca:b5:66:25:91:70:
                    c9:e5:79:33:8b:fa:ff:6d:d4:b0:99:e5:b7:a5:35:
                    4d:d3:64:89:f6:e5:0c:42:09:de:50:4c:07:9b:a3:
                    8e:6f:92:fe:b3:32:c8:cc:0a:48:75:32:da:b2:0a:
                    8a:d8:b7:09:8b:cf:46:4d:60:e8:cd:36:db:d7:ee:
                    f6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:6D:0B:96:BD:F2:9F:49:9A:7C:1C:3D:2B:EB:84:D4:94:62:6B:E9
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/3W0Llr3yn0mafBw9K-uE1JRia-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.68.0/23
                  193.177.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:3f:8d:45:0e:fa:d8:e6:3c:26:9b:81:82:3a:36:84:b3:14:
         f7:61:7b:b6:14:c8:f1:8a:37:aa:c0:ee:cd:fd:10:06:fa:b6:
         b5:5d:3e:4e:67:cd:47:8d:01:63:ff:69:e1:7c:ca:a9:08:5d:
         98:98:34:b0:05:4b:0d:27:6a:28:d5:cd:94:69:d6:55:fe:a3:
         80:0e:26:00:f5:c5:f7:38:2f:b0:db:19:07:69:0c:a3:eb:ac:
         7b:44:76:5d:c7:0d:93:e7:87:b1:df:13:f3:7c:82:e4:04:a7:
         26:2c:6a:e7:6e:9f:68:3b:b6:f7:6b:0c:6e:6e:8d:45:21:07:
         ba:fc:33:fc:67:b8:46:31:4b:3c:8a:16:66:c8:ae:4b:f4:a2:
         37:7a:67:04:d1:89:bf:53:fb:ea:06:20:33:63:64:b2:ba:be:
         dd:a5:49:2c:4b:56:57:dd:f1:fb:6b:eb:88:b6:5f:1c:c7:63:
         58:7c:f9:75:7c:0b:6e:92:5b:2c:62:e6:59:b2:d6:5d:14:a9:
         d0:c9:0c:55:c7:89:66:a8:34:28:6f:e4:7c:e4:2f:02:89:b5:
         8a:82:54:b0:93:42:61:88:54:53:7a:eb:70:f5:52:df:58:d1:
         06:2c:c4:62:13:34:cb:89:7c:0d:23:ec:35:b9:9b:b8:c1:0e:
         47:fd:b8:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU21zDeQuwWCLvnHb4oxg93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMjIxMjIzOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDZkMGI5NmJkZjI5ZjQ5OWE3YzFjM2QyYmViODRkNDk0NjI2YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnq3tcnWQcBVrkioSk6w3B+OqM2e
74q9ekCb7jRWdMbH7wXhVtIC5NkMYFFVp/cn7m8kWvTbkT/5QrrRtqrjDCyxN+Lp
cKfr/bKv2Yy3cFr71E1e+rK8sESlD4rvdgaaXgm9XMXgNGVMuvag9i8eTCZVHpHa
aVRalHzVzXk9QHUFipiSBk1u8uFr/Z3fzQFNTITjQUnW/+nEPJj5b4BEzeIzpp68
mr3ME9WCn/vOgXCDZmd/D40uGU+h2WfKtWYlkXDJ5Xkzi/r/bdSwmeW3pTVN02SJ
9uUMQgneUEwHm6OOb5L+szLIzApIdTLasgqK2LcJi89GTWDozTbb1+72WwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN1tC5a98p9JmnwcPSvrhNSUYmvpMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvM1cwTGxyM3luMG1hZkJ3OUstdUUxSlJpYS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQ5EAwQA
wbHfMA0GCSqGSIb3DQEBCwUAA4IBAQCZP41FDvrY5jwmm4GCOjaEsxT3YXu2FMjx
ijeqwO7N/RAG+ra1XT5OZ81HjQFj/2nhfMqpCF2YmDSwBUsNJ2oo1c2UadZV/qOA
DiYA9cX3OC+w2xkHaQyj66x7RHZdxw2T54ex3xPzfILkBKcmLGrnbp9oO7b3awxu
bo1FIQe6/DP8Z7hGMUs8ihZmyK5L9KI3emcE0Ym/U/vqBiAzY2Syur7dpUksS1ZX
3fH7a+uItl8cx2NYfPl1fAtuklssYuZZstZdFKnQyQxVx4lmqDQob+R85C8CibWK
glSwk0JhiFRTeutw9VLfWNEGLMRiEzTLiXwNI+w1uZu4wQ5H/bj2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org