Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PTw78eE7NNhLfpmc9kIlv99V6EE.roa
File:                     PTw78eE7NNhLfpmc9kIlv99V6EE.roa (raw, json)
Hash identifier:          81ga7uhrmBJNXKiQVLyA6uMgYOQWC23/cO69QSM8Clo=
Subject key identifier:   3D:3C:3B:F1:E1:3B:34:D8:4B:7E:99:9C:F6:42:25:BF:DF:55:E8:41
Certificate issuer:       /CN=114c56d595de33cb8751739dbdd9b45edb2eff0c
Certificate serial:       5EFB
Authority key identifier: 11:4C:56:D5:95:DE:33:CB:87:51:73:9D:BD:D9:B4:5E:DB:2E:FF:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PTw78eE7NNhLfpmc9kIlv99V6EE.roa
Signing time:             Thu 31 Mar 2022 18:07:53 +0000
ROA not before:           Thu 31 Mar 2022 18:07:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60274
IP address blocks:        185.233.67.0/24 maxlen: 24
                          2a10:df80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24315 (0x5efb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=114c56d595de33cb8751739dbdd9b45edb2eff0c
        Validity
            Not Before: Mar 31 18:07:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d3c3bf1e13b34d84b7e999cf64225bfdf55e841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:11:50:91:26:3a:9b:26:91:93:51:23:c3:0f:
                    5e:19:ce:3b:c6:6f:6b:a9:19:15:1b:68:d9:30:38:
                    6b:04:67:d9:67:59:93:da:76:ba:ff:53:df:55:dc:
                    76:d8:ed:a0:f3:e7:8a:2a:cf:cc:16:c0:9f:15:6f:
                    a5:52:93:81:54:dc:62:59:c5:20:77:5f:3e:80:df:
                    53:10:ef:fc:ca:1f:25:aa:a7:ab:36:50:cd:53:79:
                    0d:f1:6b:bb:61:cc:f3:ab:5f:1a:7b:2d:4a:43:71:
                    e0:13:2b:ed:d6:2a:a3:de:6a:eb:0a:be:e9:67:d8:
                    6b:0a:f2:f7:95:da:ec:4f:4e:f5:23:cb:fd:2f:28:
                    63:ba:fb:2c:94:b0:47:c7:e4:64:09:c0:de:92:01:
                    2e:44:56:c5:56:3a:dc:d0:45:a0:f8:c5:c4:c1:de:
                    23:ef:3e:ca:b1:17:ed:88:11:c7:70:65:0d:63:19:
                    a5:5a:b6:46:f6:83:60:31:7a:d7:42:47:ff:45:87:
                    c6:9a:63:ec:01:16:c8:f4:cc:a9:41:4a:c3:e2:cc:
                    be:ea:03:4b:d6:9f:5a:12:2e:08:3f:78:73:45:9b:
                    92:65:a9:64:5b:14:da:f3:e3:59:96:95:a6:4b:5a:
                    d9:5b:25:dd:f8:ad:be:50:e5:b1:8a:91:f6:71:d2:
                    a0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:3C:3B:F1:E1:3B:34:D8:4B:7E:99:9C:F6:42:25:BF:DF:55:E8:41
            X509v3 Authority Key Identifier:
                keyid:11:4C:56:D5:95:DE:33:CB:87:51:73:9D:BD:D9:B4:5E:DB:2E:FF:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/PTw78eE7NNhLfpmc9kIlv99V6EE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0f082c-b18f-41c5-9fd4-3011068eeb69/1/EUxW1ZXeM8uHUXOdvdm0Xtsu_ww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.233.67.0/24
                IPv6:
                  2a10:df80::/29

    Signature Algorithm: sha256WithRSAEncryption
         04:28:f5:c8:b1:1f:bc:53:5d:6a:a3:67:bd:a1:ed:30:40:a1:
         06:8d:65:91:9a:41:c3:4d:02:13:61:20:88:f6:d3:e8:84:0f:
         27:82:4e:bd:b1:dd:f5:35:ce:58:d0:98:fe:57:a4:9d:db:ad:
         74:01:fd:6d:f3:06:fc:ee:25:d4:b4:84:3f:ee:77:8a:87:12:
         e4:1c:6b:50:bd:18:bd:f8:9a:d6:db:d9:92:05:00:ab:d8:17:
         ff:7f:83:69:34:a7:cf:15:62:84:27:c6:1f:36:81:ca:8e:a4:
         90:bf:7b:4c:49:7d:e2:54:79:67:da:90:b0:1b:4a:31:bf:94:
         cb:9c:f2:33:29:3c:37:d4:7e:ae:25:d9:51:ae:2e:39:0e:36:
         b6:14:f4:38:7f:e1:91:e0:89:9a:f7:24:67:cc:cd:05:9c:aa:
         b2:6d:75:9d:70:4b:2e:b3:9e:48:46:4d:1c:ab:59:b5:d7:f4:
         0b:8d:c7:79:5e:1b:f8:7d:cd:50:06:a2:38:62:8d:b2:d2:00:
         40:32:d5:76:7b:1d:b1:12:a2:fb:d6:55:0a:bf:de:ca:2c:54:
         f5:eb:1d:da:62:66:be:4b:81:ad:c8:38:67:0c:55:02:40:10:
         9b:fa:0c:38:84:08:19:86:8b:db:bd:26:bb:48:e5:c9:6a:72:
         0e:9c:eb:aa
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgICXvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTE0
YzU2ZDU5NWRlMzNjYjg3NTE3MzlkYmRkOWI0NWVkYjJlZmYwYzAeFw0yMjAzMzEx
ODA3NTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNkM2MzYmYxZTEzYjM0
ZDg0YjdlOTk5Y2Y2NDIyNWJmZGY1NWU4NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUEVCRJjqbJpGTUSPDD14ZzjvGb2upGRUbaNkwOGsEZ9lnWZPa
drr/U99V3HbY7aDz54oqz8wWwJ8Vb6VSk4FU3GJZxSB3Xz6A31MQ7/zKHyWqp6s2
UM1TeQ3xa7thzPOrXxp7LUpDceATK+3WKqPeausKvuln2GsK8veV2uxPTvUjy/0v
KGO6+yyUsEfH5GQJwN6SAS5EVsVWOtzQRaD4xcTB3iPvPsqxF+2IEcdwZQ1jGaVa
tkb2g2AxetdCR/9Fh8aaY+wBFsj0zKlBSsPizL7qA0vWn1oSLgg/eHNFm5JlqWRb
FNrz41mWlaZLWtlbJd34rb5Q5bGKkfZx0qC7AgMBAAGjggIYMIICFDAdBgNVHQ4E
FgQUPTw78eE7NNhLfpmc9kIlv99V6EEwHwYDVR0jBBgwFoAUEUxW1ZXeM8uHUXOd
vdm0Xtsu/wwwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9F
VXhXMVpYZU04dUhVWE9kdmRtMFh0c3Vfd3cuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzhhLzBmMDgyYy1iMThmLTQxYzUtOWZkNC0zMDExMDY4ZWViNjkvMS9Q
VHc3OGVFN05OaExmcG1jOWtJbHY5OVY2RUUucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhLzBm
MDgyYy1iMThmLTQxYzUtOWZkNC0zMDExMDY4ZWViNjkvMS9FVXhXMVpYZU04dUhV
WE9kdmRtMFh0c3Vfd3cuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYI
KwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC56UMwDQQCAAIwBwMFAyoQ34AwDQYJ
KoZIhvcNAQELBQADggEBAAQo9cixH7xTXWqjZ72h7TBAoQaNZZGaQcNNAhNhIIj2
0+iEDyeCTr2x3fU1zljQmP5XpJ3brXQB/W3zBvzuJdS0hD/ud4qHEuQca1C9GL34
mtbb2ZIFAKvYF/9/g2k0p88VYoQnxh82gcqOpJC/e0xJfeJUeWfakLAbSjG/lMuc
8jMpPDfUfq4l2VGuLjkONrYU9Dh/4ZHgiZr3JGfMzQWcqrJtdZ1wSy6znkhGTRyr
WbXX9AuNx3leG/h9zVAGojhijbLSAEAy1XZ7HbESovvWVQq/3sosVPXrHdpiZr5L
ga3IOGcMVQJAEJv6DDiECBmGi9u9JrtI5clqcg6c66o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:11 2024 by rpki-client on console-fra.rpki-client.org