Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/rnkTlezLbi_QX6FI3uhXviidRQo.roa
File:                     rnkTlezLbi_QX6FI3uhXviidRQo.roa (raw, json)
Hash identifier:          JuZR9CdTpbv/YvXkR0GNiNJkTKnJLb0OU+xllCx/9WM=
Subject key identifier:   AE:79:13:95:EC:CB:6E:2F:D0:5F:A1:48:DE:E8:57:BE:28:9D:45:0A
Certificate issuer:       /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial:       0183370006F29A52CCEE5AE44F5650CD2D00
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/rnkTlezLbi_QX6FI3uhXviidRQo.roa
Signing time:             Tue 13 Sep 2022 13:18:12 +0000
ROA not before:           Tue 13 Sep 2022 13:18:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198500
IP address blocks:        217.69.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:37:00:06:f2:9a:52:cc:ee:5a:e4:4f:56:50:cd:2d:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
        Validity
            Not Before: Sep 13 13:18:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae791395eccb6e2fd05fa148dee857be289d450a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4e:0c:ab:01:4b:a6:ac:67:7a:22:16:75:86:
                    69:ff:46:f0:c7:48:50:05:18:f7:10:f5:40:e6:63:
                    c4:79:66:9f:b7:91:a0:28:4e:4d:0b:b4:46:ea:a1:
                    63:83:11:8b:71:78:de:be:9e:57:95:73:d9:4a:42:
                    16:d8:57:d1:9f:10:db:5e:b1:b5:a9:a2:3b:1a:73:
                    9c:19:a1:04:60:2e:84:b4:88:e8:cb:07:28:21:c1:
                    9d:74:20:fc:76:dd:94:12:c4:34:c4:cc:a2:7b:0f:
                    84:65:c4:c9:83:43:c7:77:42:49:0d:08:ed:21:cf:
                    56:c2:94:d1:06:55:f8:a4:37:bb:fb:53:28:bf:69:
                    de:ac:64:75:87:cd:e8:94:7c:08:ff:52:0b:5a:b7:
                    c8:02:86:4d:b8:a9:8f:e2:a1:fa:d8:4c:d9:f7:49:
                    a7:af:15:40:7d:75:6b:a4:a0:a9:75:d2:26:bf:7a:
                    b0:96:c8:59:e8:a6:a7:44:54:a5:4d:6e:83:7a:34:
                    e8:00:03:45:3f:ef:2d:ca:59:20:44:2e:e9:ac:4c:
                    1e:dd:90:68:30:4e:03:df:a2:5d:e3:31:4f:b8:28:
                    bf:62:0b:33:e3:ac:27:4c:31:a5:13:13:d3:cd:b0:
                    3b:13:3c:ed:c3:5c:8a:f3:11:24:dd:83:ca:02:3c:
                    8e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:79:13:95:EC:CB:6E:2F:D0:5F:A1:48:DE:E8:57:BE:28:9D:45:0A
            X509v3 Authority Key Identifier:
                keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/rnkTlezLbi_QX6FI3uhXviidRQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.69.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         43:ef:3f:bd:50:b6:17:b9:ea:59:f3:9c:2f:12:e9:74:93:e8:
         16:7d:f2:25:f0:f6:0d:19:2e:cd:5b:cd:de:b6:f1:a1:13:f8:
         40:cd:b3:54:cb:58:f2:d8:42:08:76:1f:24:7c:e5:9d:68:1e:
         9a:fd:ae:8a:e6:db:3d:85:8d:67:c5:1c:01:6c:d6:68:34:37:
         80:98:b1:16:d5:c9:f5:f3:e5:de:b7:62:a6:21:38:cd:de:9b:
         78:bc:0b:e0:d9:26:f4:24:8b:3f:81:38:26:7d:82:d6:20:12:
         d4:82:67:cd:42:a7:39:f4:fa:9c:19:98:5d:0a:a2:af:66:8b:
         e4:b1:f1:da:e7:50:4a:77:fd:66:3d:38:96:07:18:68:e6:14:
         61:5b:af:5e:7d:f5:0a:ec:0b:74:1d:a9:31:52:ac:81:fe:ff:
         25:44:aa:55:a6:a5:c2:d8:2d:4c:05:cb:1a:a4:69:6f:bc:8f:
         4d:44:83:a0:2c:3c:dd:da:de:4b:8a:a9:fb:67:f8:ed:62:5c:
         4d:7c:91:a4:86:a6:3e:4e:28:b3:69:a4:22:f5:1e:6c:8d:80:
         58:d3:1f:6b:02:0c:fe:22:5e:75:c8:0e:1d:cb:65:0e:79:de:
         12:17:e3:40:b6:8c:1f:0c:a3:e3:2f:fc:55:e4:0b:8a:78:2c:
         bc:df:80:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM3AAbymlLM7lrkT1ZQzS0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjIwOTEzMTMxODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc5MTM5NWVjY2I2ZTJmZDA1ZmExNDhkZWU4NTdiZTI4OWQ0NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk4MqwFLpqxneiIWdYZp/0bwx0hQ
BRj3EPVA5mPEeWaft5GgKE5NC7RG6qFjgxGLcXjevp5XlXPZSkIW2FfRnxDbXrG1
qaI7GnOcGaEEYC6EtIjoywcoIcGddCD8dt2UEsQ0xMyiew+EZcTJg0PHd0JJDQjt
Ic9WwpTRBlX4pDe7+1Mov2nerGR1h83olHwI/1ILWrfIAoZNuKmP4qH62EzZ90mn
rxVAfXVrpKCpddImv3qwlshZ6KanRFSlTW6DejToAANFP+8tylkgRC7prEwe3ZBo
ME4D36Jd4zFPuCi/Ygsz46wnTDGlExPTzbA7Ezztw1yK8xEk3YPKAjyOCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK55E5Xsy24v0F+hSN7oV74onUUKMB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvcm5rVGxlekxiaV9RWDZGSTN1aFh2aWlkUlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2UVgMA0G
CSqGSIb3DQEBCwUAA4IBAQBD7z+9ULYXuepZ85wvEul0k+gWffIl8PYNGS7NW83e
tvGhE/hAzbNUy1jy2EIIdh8kfOWdaB6a/a6K5ts9hY1nxRwBbNZoNDeAmLEW1cn1
8+Xet2KmITjN3pt4vAvg2Sb0JIs/gTgmfYLWIBLUgmfNQqc59PqcGZhdCqKvZovk
sfHa51BKd/1mPTiWBxho5hRhW69effUK7At0HakxUqyB/v8lRKpVpqXC2C1MBcsa
pGlvvI9NRIOgLDzd2t5Liqn7Z/jtYlxNfJGkhqY+TiizaaQi9R5sjYBY0x9rAgz+
Il51yA4dy2UOed4SF+NAtowfDKPjL/xV5AuKeCy834D2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org