Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/3cly-DsQnGDdVXyDOX00_1Um98s.roa
File:                     3cly-DsQnGDdVXyDOX00_1Um98s.roa (raw, json)
Hash identifier:          kUikQs0DOUZDk271toIBGOJo8e+W3H0+CuRCT+0qtrM=
Subject key identifier:   DD:C9:72:F8:3B:10:9C:60:DD:55:7C:83:39:7D:34:FF:55:26:F7:CB
Certificate issuer:       /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial:       0A4EF3DA
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/3cly-DsQnGDdVXyDOX00_1Um98s.roa
Signing time:             Sat 11 Jun 2022 13:36:03 +0000
ROA not before:           Sat 11 Jun 2022 13:36:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        185.144.236.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172946394 (0xa4ef3da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
        Validity
            Not Before: Jun 11 13:36:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ddc972f83b109c60dd557c83397d34ff5526f7cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:cd:0d:60:d6:1e:ba:6a:81:27:97:2d:2b:6a:
                    69:a6:60:93:c3:aa:96:9f:58:c8:67:17:42:22:44:
                    45:29:53:95:0d:15:bd:68:f4:08:c8:6a:d6:00:5f:
                    b7:92:1a:00:21:32:04:d2:75:15:be:62:fd:6a:3b:
                    e7:90:70:72:f5:d7:c6:fd:65:5b:6c:e4:72:04:8b:
                    dd:e6:4f:dd:b6:72:ca:30:69:20:d9:d4:be:68:20:
                    53:a1:9b:8a:db:9e:4b:76:7c:92:9c:0c:8b:ea:74:
                    39:26:30:a3:41:70:c5:8a:19:3c:4f:31:d5:39:8f:
                    06:71:9b:bd:01:f7:6a:dc:63:e6:29:b1:93:87:d4:
                    2f:4f:ab:dc:2e:de:dc:7e:7a:1e:ac:4d:13:48:13:
                    55:d3:53:79:ce:54:ab:c2:c4:d0:d6:2d:94:10:0d:
                    72:c3:81:4d:b4:95:a6:ef:5d:ce:e4:f2:33:1f:04:
                    17:87:c8:24:fb:89:0f:e9:6f:47:f5:9e:53:9d:28:
                    0c:1f:62:c8:5b:3a:8f:0b:a1:20:8f:84:76:97:35:
                    87:c3:ea:9f:69:57:2f:02:bb:b5:3f:26:4e:1b:00:
                    10:49:fe:a5:e2:15:2b:6c:a9:8a:dd:6f:bf:5e:02:
                    e2:fb:0a:0a:81:16:b4:8f:9f:57:3b:f8:0c:a9:dd:
                    00:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C9:72:F8:3B:10:9C:60:DD:55:7C:83:39:7D:34:FF:55:26:F7:CB
            X509v3 Authority Key Identifier:
                keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/3cly-DsQnGDdVXyDOX00_1Um98s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:c7:d5:23:ad:24:e9:6b:ae:9f:04:fc:dc:c2:b9:0d:d6:d8:
         cd:71:aa:0d:bd:41:09:1f:0f:15:73:0e:3d:bd:f9:c6:d8:07:
         9a:ec:92:81:6b:12:54:3f:81:6a:b3:f9:3a:5d:41:14:42:31:
         e2:ba:1b:ad:53:a0:00:7f:28:e2:bb:e5:89:8e:4a:21:d7:61:
         fa:7d:4d:3b:1c:06:92:af:00:a8:e4:34:ee:52:3f:8c:a8:e1:
         63:63:f1:1e:9d:b6:9f:bf:e2:27:13:64:9c:4b:07:ed:f2:44:
         2e:02:68:0a:0d:9a:59:44:24:66:07:80:fc:57:aa:0d:1f:ab:
         8b:90:07:ba:b8:d4:90:e5:84:5e:20:00:5e:90:9c:15:5c:0a:
         30:c2:4d:f8:14:3c:41:2c:c2:d3:84:cf:59:c6:21:d8:d8:d8:
         b7:4c:0b:51:b1:50:35:d1:83:e3:d2:c2:c7:90:93:b0:5e:a5:
         01:4b:9e:d4:89:45:e1:ac:79:0a:42:5c:10:cc:20:f3:45:73:
         c5:da:cf:cd:f1:8d:c6:98:99:ee:70:ea:dc:23:86:bb:18:a4:
         6d:33:e7:76:8f:f7:b2:3d:b7:47:af:3a:bd:01:6f:a7:2b:9e:
         42:54:db:a4:d3:86:bf:6f:98:b2:ef:19:11:b3:7a:4a:ab:8f:
         57:f8:ea:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECk7z2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzI4MmE3OTRiM2Y3YWI0Y2Q2ZmViNmM1ZmQ2YjNkMjU2YWZjNDYxMB4XDTIyMDYx
MTEzMzYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRjOTcyZjgzYjEw
OWM2MGRkNTU3YzgzMzk3ZDM0ZmY1NTI2ZjdjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPvNDWDWHrpqgSeXLStqaaZgk8Oqlp9YyGcXQiJERSlTlQ0V
vWj0CMhq1gBft5IaACEyBNJ1Fb5i/Wo755BwcvXXxv1lW2zkcgSL3eZP3bZyyjBp
INnUvmggU6GbitueS3Z8kpwMi+p0OSYwo0FwxYoZPE8x1TmPBnGbvQH3atxj5imx
k4fUL0+r3C7e3H56HqxNE0gTVdNTec5Uq8LE0NYtlBANcsOBTbSVpu9dzuTyMx8E
F4fIJPuJD+lvR/WeU50oDB9iyFs6jwuhII+Edpc1h8Pqn2lXLwK7tT8mThsAEEn+
peIVK2ypit1vv14C4vsKCoEWtI+fVzv4DKndAB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdyXL4OxCcYN1VfIM5fTT/VSb3yzAfBgNVHSMEGDAWgBT8KCp5Sz96tM1v
62xf1rPSVq/EYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19DZ3FlVXNfZXJUTmItdHNYOWF6MGxhdnhHRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvZTQ4NWUxLWE2NWYtNDNkNC1iNTcyLWQzMzI2YzU5YmNkMi8x
LzNjbHktRHNRbkdEZFZYeURPWDAwXzFVbTk4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
ZTQ4NWUxLWE2NWYtNDNkNC1iNTcyLWQzMzI2YzU5YmNkMi8xL19DZ3FlVXNfZXJU
TmItdHNYOWF6MGxhdnhHRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmQ7DANBgkqhkiG9w0BAQsFAAOC
AQEAx8fVI60k6WuunwT83MK5DdbYzXGqDb1BCR8PFXMOPb35xtgHmuySgWsSVD+B
arP5Ol1BFEIx4robrVOgAH8o4rvliY5KIddh+n1NOxwGkq8AqOQ07lI/jKjhY2Px
Hp22n7/iJxNknEsH7fJELgJoCg2aWUQkZgeA/FeqDR+ri5AHurjUkOWEXiAAXpCc
FVwKMMJN+BQ8QSzC04TPWcYh2NjYt0wLUbFQNdGD49LCx5CTsF6lAUue1IlF4ax5
CkJcEMwg80VzxdrPzfGNxpiZ7nDq3COGuxikbTPndo/3sj23R686vQFvpyueQlTb
pNOGv2+Ysu8ZEbN6SquPV/jqXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org