Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/3XRd91oKLzXhJU5fGpinz6TISmo.roa
File:                     3XRd91oKLzXhJU5fGpinz6TISmo.roa (raw, json)
Hash identifier:          tEAYGEEzg1Khm0tfCbz6Fs+lSC7Q9fz2CBguilrDn2s=
Subject key identifier:   DD:74:5D:F7:5A:0A:2F:35:E1:25:4E:5F:1A:98:A7:CF:A4:C8:4A:6A
Certificate issuer:       /CN=4c61d118479b5222ef0f864167cac5b4c07cc219
Certificate serial:       08540469
Authority key identifier: 4C:61:D1:18:47:9B:52:22:EF:0F:86:41:67:CA:C5:B4:C0:7C:C2:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TGHRGEebUiLvD4ZBZ8rFtMB8whk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/3XRd91oKLzXhJU5fGpinz6TISmo.roa
Signing time:             Sat 01 Jan 2022 14:55:02 +0000
ROA not before:           Sat 01 Jan 2022 14:55:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     196858
IP address blocks:        213.5.200.0/21 maxlen: 21
                          2001:67c:188c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139723881 (0x8540469)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c61d118479b5222ef0f864167cac5b4c07cc219
        Validity
            Not Before: Jan  1 14:55:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd745df75a0a2f35e1254e5f1a98a7cfa4c84a6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ca:ed:26:2d:a0:5b:a2:7c:84:a5:fb:80:f8:
                    d0:84:9a:87:92:f3:95:e7:76:74:b6:9d:0c:ee:49:
                    ca:11:50:14:19:90:bc:15:b2:ce:45:57:f8:43:6f:
                    10:93:e7:bb:9b:76:0d:b4:ac:64:ae:29:18:48:ad:
                    9a:ff:cc:d7:5e:cd:d8:a7:86:b9:58:14:11:5b:ba:
                    fe:08:a8:73:21:91:0d:39:9f:1d:56:9e:fc:f7:45:
                    7b:e3:7b:0e:2c:8f:43:74:b2:db:a7:58:59:73:a5:
                    28:20:23:3f:01:67:67:8f:5d:aa:3c:64:f5:34:38:
                    0e:3e:d9:b0:9d:97:64:32:65:00:22:bd:42:4b:10:
                    0f:7e:c7:9b:b9:64:04:c3:43:29:0b:ec:45:c7:b0:
                    50:b1:16:5e:5c:61:bd:88:64:d7:f1:aa:e7:09:2b:
                    3b:c6:d4:77:fa:2b:78:10:b2:a7:65:64:18:9b:36:
                    d7:ca:38:db:2e:8b:57:02:1a:a3:50:ad:82:ae:43:
                    3a:67:5b:30:c1:b4:6f:21:9c:b0:81:3b:e4:a2:66:
                    87:28:c6:61:2a:ca:ac:11:68:e5:3f:b6:df:00:90:
                    39:b5:04:83:9b:eb:f1:45:1f:6a:03:57:71:d1:ec:
                    fa:1c:b2:c4:a4:ee:07:96:96:ce:7d:02:c8:5d:8d:
                    b0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:74:5D:F7:5A:0A:2F:35:E1:25:4E:5F:1A:98:A7:CF:A4:C8:4A:6A
            X509v3 Authority Key Identifier:
                keyid:4C:61:D1:18:47:9B:52:22:EF:0F:86:41:67:CA:C5:B4:C0:7C:C2:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGHRGEebUiLvD4ZBZ8rFtMB8whk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/3XRd91oKLzXhJU5fGpinz6TISmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6e9dfd-ce47-4e61-a315-e5aa74700f9d/1/TGHRGEebUiLvD4ZBZ8rFtMB8whk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.5.200.0/21
                IPv6:
                  2001:67c:188c::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:b5:98:08:ec:eb:72:5d:61:4b:e5:79:ac:f2:58:f4:f3:8f:
         fe:2b:16:7a:90:25:fd:b8:32:de:cc:f6:d4:82:54:1d:32:9e:
         5d:2a:9c:9b:f3:38:52:20:ea:94:30:0e:99:4a:cc:2d:54:6d:
         19:cb:9d:86:c5:62:d7:b6:0d:cd:91:49:88:b0:54:71:71:16:
         ba:c6:08:af:a1:11:11:52:e7:43:96:29:dd:2a:9f:dc:f6:d1:
         be:18:38:6d:4b:d9:3d:36:e1:31:ad:db:15:40:6d:de:b0:36:
         74:84:0a:13:6f:18:3d:60:35:78:52:ea:52:98:b6:3c:fb:7f:
         63:03:7f:e7:0b:53:96:11:de:fe:d9:e2:30:ff:e1:3e:1d:3f:
         f5:49:28:6f:79:e8:26:c4:25:67:6c:f7:66:73:e0:f5:45:67:
         2e:35:ff:ec:9c:4b:e8:6a:25:72:3c:0a:44:61:cc:c5:57:37:
         53:23:22:85:13:13:71:c0:26:53:6f:0b:2f:cc:0a:8a:e0:9c:
         10:f8:a7:4d:68:7b:0a:64:7e:71:34:be:6d:37:eb:6b:7c:f1:
         f8:64:76:69:73:fb:58:29:23:4a:b1:1a:a1:23:49:a4:60:41:
         c4:53:d7:6c:47:6e:6f:ba:76:46:94:43:c3:0c:f4:ca:01:40:
         2b:00:eb:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECFQEaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzYxZDExODQ3OWI1MjIyZWYwZjg2NDE2N2NhYzViNGMwN2NjMjE5MB4XDTIyMDEw
MTE0NTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ3NDVkZjc1YTBh
MmYzNWUxMjU0ZTVmMWE5OGE3Y2ZhNGM4NGE2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPK7SYtoFuifISl+4D40ISah5Lzled2dLadDO5JyhFQFBmQ
vBWyzkVX+ENvEJPnu5t2DbSsZK4pGEitmv/M117N2KeGuVgUEVu6/giocyGRDTmf
HVae/PdFe+N7DiyPQ3Sy26dYWXOlKCAjPwFnZ49dqjxk9TQ4Dj7ZsJ2XZDJlACK9
QksQD37Hm7lkBMNDKQvsRcewULEWXlxhvYhk1/Gq5wkrO8bUd/oreBCyp2VkGJs2
18o42y6LVwIao1Ctgq5DOmdbMMG0byGcsIE75KJmhyjGYSrKrBFo5T+23wCQObUE
g5vr8UUfagNXcdHs+hyyxKTuB5aWzn0CyF2NsKUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTddF33WgovNeElTl8amKfPpMhKajAfBgNVHSMEGDAWgBRMYdEYR5tSIu8P
hkFnysW0wHzCGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RHSFJHRWViVWlMdkQ0WkJaOHJGdE1COHdoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvNmU5ZGZkLWNlNDctNGU2MS1hMzE1LWU1YWE3NDcwMGY5ZC8x
LzNYUmQ5MW9LTHpYaEpVNWZHcGluejZUSVNtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
NmU5ZGZkLWNlNDctNGU2MS1hMzE1LWU1YWE3NDcwMGY5ZC8xL1RHSFJHRWViVWlM
dkQ0WkJaOHJGdE1COHdoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA9UFyDAPBAIAAjAJAwcAIAEGfBiM
MA0GCSqGSIb3DQEBCwUAA4IBAQAJtZgI7OtyXWFL5Xms8lj084/+KxZ6kCX9uDLe
zPbUglQdMp5dKpyb8zhSIOqUMA6ZSswtVG0Zy52GxWLXtg3NkUmIsFRxcRa6xgiv
oRERUudDlindKp/c9tG+GDhtS9k9NuExrdsVQG3esDZ0hAoTbxg9YDV4UupSmLY8
+39jA3/nC1OWEd7+2eIw/+E+HT/1SShveegmxCVnbPdmc+D1RWcuNf/snEvoaiVy
PApEYczFVzdTIyKFExNxwCZTbwsvzAqK4JwQ+KdNaHsKZH5xNL5tN+trfPH4ZHZp
c/tYKSNKsRqhI0mkYEHEU9dsR25vunZGlEPDDPTKAUArAOsA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:14 2024 by rpki-client on console-ams.rpki-client.org