Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/CAe5asoY00Vbcf1n4zOA87Piw-w.roa
File:                     CAe5asoY00Vbcf1n4zOA87Piw-w.roa (raw, json)
Hash identifier:          rtLevq/Dg7gxDJrgyJia9U2sVa/PpzxLn204UMLTMcU=
Subject key identifier:   08:07:B9:6A:CA:18:D3:45:5B:71:FD:67:E3:33:80:F3:B3:E2:C3:EC
Certificate issuer:       /CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Certificate serial:       0182CF12C584D37A8F0B246F43BE86D173E4
Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/CAe5asoY00Vbcf1n4zOA87Piw-w.roa
Signing time:             Wed 24 Aug 2022 08:58:10 +0000
ROA not before:           Wed 24 Aug 2022 08:58:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        185.238.212.0/23 maxlen: 24
                          185.238.214.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:cf:12:c5:84:d3:7a:8f:0b:24:6f:43:be:86:d1:73:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19
        Validity
            Not Before: Aug 24 08:58:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0807b96aca18d3455b71fd67e33380f3b3e2c3ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0d:e5:e4:47:9a:39:f9:23:b6:ca:98:c6:af:
                    03:f4:80:14:57:e3:a7:ec:71:13:a7:1a:35:b1:b2:
                    1d:f8:8b:18:d0:2c:2e:5c:d7:0f:98:37:63:ab:55:
                    09:53:4e:7b:97:47:74:f0:20:5c:da:a7:60:4f:7e:
                    9e:0d:90:f5:00:e7:7c:60:6e:a4:22:b9:17:e8:d5:
                    de:7e:ac:be:21:e4:f4:bd:5d:64:da:3e:27:b4:d5:
                    3d:03:0d:a5:3b:7b:74:bc:7b:12:f5:b1:8f:7b:7f:
                    97:ed:d1:c0:41:f9:c1:1b:78:03:c1:dc:ad:df:78:
                    c8:70:4d:94:b6:23:55:80:34:b9:6b:14:4d:7d:5a:
                    82:3b:79:01:00:4a:1f:0c:41:7b:f4:8c:d2:3e:93:
                    4f:fc:49:ef:dd:8d:12:af:70:34:cf:ed:be:58:0c:
                    ec:ca:e3:2b:2a:15:59:8e:b0:c2:a7:ad:f0:5b:ba:
                    fb:e3:9b:16:da:40:5f:98:de:0a:9b:02:c3:11:92:
                    e6:79:62:78:00:91:44:b3:e0:76:cd:0d:09:24:b1:
                    97:b8:dc:c6:af:28:6e:4d:d5:74:a6:a7:9f:d3:71:
                    1e:95:71:70:8f:7e:5d:92:9e:44:eb:0c:fe:f7:3d:
                    1f:34:f0:17:78:56:b2:1b:43:14:62:3a:eb:de:68:
                    2d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:07:B9:6A:CA:18:D3:45:5B:71:FD:67:E3:33:80:F3:B3:E2:C3:EC
            X509v3 Authority Key Identifier:
                keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/CAe5asoY00Vbcf1n4zOA87Piw-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:71:c4:b4:81:94:de:8a:3a:ff:44:02:f0:ba:03:a2:a6:e2:
         e1:d2:d0:8b:1f:9d:69:60:7e:f8:ef:dd:0a:48:aa:30:19:70:
         e3:11:de:93:51:2b:ce:cb:0c:0e:40:8c:77:87:37:99:91:b1:
         e1:6e:1e:33:49:2e:c2:84:74:d3:48:51:c4:73:59:e2:2c:5b:
         ec:a4:50:bf:28:8c:be:fb:55:ab:14:8d:26:f5:56:9e:87:96:
         d9:2e:d3:e7:84:14:a7:27:a9:10:64:f1:3c:e2:c6:19:87:51:
         8d:fb:42:a8:2c:a3:8f:05:d1:d7:da:6e:41:3e:8f:8c:09:14:
         e3:19:57:ac:d2:df:6f:43:fa:fa:07:16:f3:db:ef:f6:f1:ad:
         d2:1e:73:cd:4a:91:48:fa:16:41:4b:fc:e9:18:65:1a:02:f3:
         d7:b2:01:41:95:15:f9:2d:05:d9:00:1e:0a:8e:59:68:b7:57:
         b8:86:4a:27:59:60:69:6d:66:b4:14:05:1e:7a:19:0b:6b:d3:
         15:85:30:d3:e6:e7:cb:99:b5:f1:66:5c:0e:fb:7e:f7:4e:86:
         77:44:f9:ee:ee:a2:7e:58:c0:8b:c3:e8:ba:6a:80:0b:d3:99:
         6b:de:87:6b:f3:7a:08:d8:c4:6e:ea:79:4d:59:d3:97:9c:ac:
         d0:80:87:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLPEsWE03qPCyRvQ76G0XPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZGI4NDdkMWRiMWUwYjJjMmMyNTUwMjIxMGZmNWE3MTk5
NjdhMTkwHhcNMjIwODI0MDg1ODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODA3Yjk2YWNhMThkMzQ1NWI3MWZkNjdlMzMzODBmM2IzZTJjM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg3l5EeaOfkjtsqYxq8D9IAUV+On
7HETpxo1sbId+IsY0CwuXNcPmDdjq1UJU057l0d08CBc2qdgT36eDZD1AOd8YG6k
IrkX6NXefqy+IeT0vV1k2j4ntNU9Aw2lO3t0vHsS9bGPe3+X7dHAQfnBG3gDwdyt
33jIcE2UtiNVgDS5axRNfVqCO3kBAEofDEF79IzSPpNP/Env3Y0Sr3A0z+2+WAzs
yuMrKhVZjrDCp63wW7r745sW2kBfmN4KmwLDEZLmeWJ4AJFEs+B2zQ0JJLGXuNzG
ryhuTdV0pqef03EelXFwj35dkp5E6wz+9z0fNPAXeFayG0MUYjrr3mgtCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgHuWrKGNNFW3H9Z+MzgPOz4sPsMB8GA1UdIwQY
MBaAFDHbhH0dseCywsJVAiEP9acZlnoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEt
YmQ2ZTNiMDI2YzM3LzEvQ0FlNWFzb1kwMFZiY2YxbjR6T0E4N1Bpdy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3
LzEvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue7UMA0G
CSqGSIb3DQEBCwUAA4IBAQBnccS0gZTeijr/RALwugOipuLh0tCLH51pYH74790K
SKowGXDjEd6TUSvOywwOQIx3hzeZkbHhbh4zSS7ChHTTSFHEc1niLFvspFC/KIy+
+1WrFI0m9Vaeh5bZLtPnhBSnJ6kQZPE84sYZh1GN+0KoLKOPBdHX2m5BPo+MCRTj
GVes0t9vQ/r6Bxbz2+/28a3SHnPNSpFI+hZBS/zpGGUaAvPXsgFBlRX5LQXZAB4K
jllot1e4hkonWWBpbWa0FAUeehkLa9MVhTDT5ufLmbXxZlwO+373ToZ3RPnu7qJ+
WMCLw+i6aoAL05lr3odr83oI2MRu6nlNWdOXnKzQgIdg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:45 2024 by rpki-client on console-ams.rpki-client.org