Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/PuBdGlcGJcqEUcMaWdXYz8i9E8I.roa
File:                     PuBdGlcGJcqEUcMaWdXYz8i9E8I.roa (raw, json)
Hash identifier:          PI3BrZGK4znNZ/Ki0bRgO6AdFrVcnhECGk6UAIFMD+M=
Subject key identifier:   3E:E0:5D:1A:57:06:25:CA:84:51:C3:1A:59:D5:D8:CF:C8:BD:13:C2
Certificate issuer:       /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial:       44D32986
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/PuBdGlcGJcqEUcMaWdXYz8i9E8I.roa
Signing time:             Sat 01 Jan 2022 14:06:50 +0000
ROA not before:           Sat 01 Jan 2022 14:06:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39700
IP address blocks:        176.74.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1154689414 (0x44d32986)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
        Validity
            Not Before: Jan  1 14:06:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ee05d1a570625ca8451c31a59d5d8cfc8bd13c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:af:bc:fa:8a:f8:d1:43:ac:f2:06:bd:52:9d:
                    11:03:50:a3:8a:4a:a1:1e:ac:f5:dd:e8:98:47:2f:
                    ec:e7:a6:d5:78:25:ab:ff:ee:37:5e:47:e4:7a:a1:
                    46:4d:68:16:dc:80:2b:fd:bb:c2:01:2e:06:48:25:
                    fc:a0:d4:ec:ae:d7:45:6a:16:a8:7c:1f:2e:36:c0:
                    a4:94:b2:f4:03:14:57:35:8f:16:fa:63:8d:ea:84:
                    f8:eb:dc:ee:20:4a:ff:99:45:4c:19:80:45:39:29:
                    d9:67:cf:cd:84:26:c5:79:65:4a:d6:51:4b:c8:c5:
                    2f:49:9c:5f:b6:79:83:b3:b7:51:ca:35:6b:de:68:
                    63:d7:7d:e2:1e:72:c6:b2:48:5f:33:5b:0d:ac:88:
                    84:62:f8:e4:e1:97:67:61:65:97:b3:40:94:49:d8:
                    98:fd:99:32:31:80:60:a9:15:d5:52:81:47:c6:13:
                    d9:1c:3c:62:ba:b8:09:d1:ce:8f:da:99:f7:5b:d6:
                    d8:b0:22:89:dc:7a:24:fc:2d:7c:4c:da:30:42:f7:
                    7e:35:d6:44:b2:51:55:30:b2:db:4c:d6:e0:43:65:
                    2a:51:e8:df:42:b1:83:c0:7d:87:35:74:57:52:36:
                    c0:39:60:dd:c9:a1:63:e6:0a:e2:37:e4:b3:83:f0:
                    6e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:E0:5D:1A:57:06:25:CA:84:51:C3:1A:59:D5:D8:CF:C8:BD:13:C2
            X509v3 Authority Key Identifier:
                keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/PuBdGlcGJcqEUcMaWdXYz8i9E8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.74.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:38:c9:02:fe:b0:23:4b:e7:7a:b5:cf:95:28:6b:b3:66:d3:
         7d:ab:60:df:7d:d3:dc:7a:ea:42:de:12:cd:da:ae:77:e2:ae:
         f6:f7:ee:e5:f4:43:2f:f9:44:31:0f:e4:e3:93:d8:d3:2b:9e:
         11:66:5b:a4:bf:90:e8:a6:e3:d7:e5:9f:ca:13:6d:51:a6:d9:
         10:8b:32:36:5c:30:ea:53:25:07:69:9b:29:64:c5:09:ae:cc:
         5a:7f:d8:ae:b5:17:07:40:cf:78:6f:e1:c0:a5:be:5f:47:61:
         f2:47:20:d1:85:39:16:35:70:08:aa:0b:70:f5:21:84:38:30:
         55:57:46:23:67:01:c9:0a:12:fc:40:bd:c3:d8:5f:bd:7b:fb:
         7f:18:a5:c0:11:95:57:7c:a4:f2:1b:56:7d:38:2a:f6:e9:d6:
         14:54:c4:6a:42:8a:c6:bc:12:0a:75:ea:8c:dc:90:2a:cf:b5:
         11:3b:e4:32:38:ae:ce:0b:b9:d5:bd:73:1e:d7:99:db:bc:7f:
         cf:2b:52:3b:d6:ef:47:3c:1a:20:11:b3:e2:46:b5:d2:96:9e:
         3f:4c:38:cc:d2:49:76:1d:8f:3a:fb:2f:90:16:c4:cd:17:ff:
         da:f8:39:0e:4e:1d:94:cf:a4:1f:05:c2:6f:43:4e:00:5b:f1:
         43:9f:4b:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERNMphjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTEzNjljY2JmODZiMWU4NGUxYWViNDZlNmQzMzZkMzlmNzUyYWU3MB4XDTIyMDEw
MTE0MDY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VlMDVkMWE1NzA2
MjVjYTg0NTFjMzFhNTlkNWQ4Y2ZjOGJkMTNjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+vvPqK+NFDrPIGvVKdEQNQo4pKoR6s9d3omEcv7Oem1Xgl
q//uN15H5HqhRk1oFtyAK/27wgEuBkgl/KDU7K7XRWoWqHwfLjbApJSy9AMUVzWP
FvpjjeqE+Ovc7iBK/5lFTBmARTkp2WfPzYQmxXllStZRS8jFL0mcX7Z5g7O3Uco1
a95oY9d94h5yxrJIXzNbDayIhGL45OGXZ2Fll7NAlEnYmP2ZMjGAYKkV1VKBR8YT
2Rw8Yrq4CdHOj9qZ91vW2LAiidx6JPwtfEzaMEL3fjXWRLJRVTCy20zW4ENlKlHo
30Kxg8B9hzV0V1I2wDlg3cmhY+YK4jfks4PwbrMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+4F0aVwYlyoRRwxpZ1djPyL0TwjAfBgNVHSMEGDAWgBT1E2nMv4ax6E4a
60bm0zbTn3Uq5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8x
L1B1QmRHbGNHSmNxRVVjTWFXZFhZejhpOUU4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8xLzlSTnB6TC1Hc2Vo
T0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBK4DANBgkqhkiG9w0BAQsFAAOC
AQEARzjJAv6wI0vnerXPlShrs2bTfatg333T3HrqQt4Szdqud+Ku9vfu5fRDL/lE
MQ/k45PY0yueEWZbpL+Q6Kbj1+WfyhNtUabZEIsyNlww6lMlB2mbKWTFCa7MWn/Y
rrUXB0DPeG/hwKW+X0dh8kcg0YU5FjVwCKoLcPUhhDgwVVdGI2cByQoS/EC9w9hf
vXv7fxilwBGVV3yk8htWfTgq9unWFFTEakKKxrwSCnXqjNyQKs+1ETvkMjiuzgu5
1b1zHteZ27x/zytSO9bvRzwaIBGz4ka10paeP0w4zNJJdh2POvsvkBbEzRf/2vg5
Dk4dlM+kHwXCb0NOAFvxQ59L7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org