Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/OR1pcJh4XryJa7B-wtL9C2zBqck.roa
File:                     OR1pcJh4XryJa7B-wtL9C2zBqck.roa (raw, json)
Hash identifier:          YgX5QzFGe+Q0LpST5zeWOHrYU35aoFEnuWwgU2Vie4Y=
Subject key identifier:   39:1D:69:70:98:78:5E:BC:89:6B:B0:7E:C2:D2:FD:0B:6C:C1:A9:C9
Certificate issuer:       /CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Certificate serial:       32DFE6
Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/OR1pcJh4XryJa7B-wtL9C2zBqck.roa
Signing time:             Sat 01 Jan 2022 02:51:02 +0000
ROA not before:           Sat 01 Jan 2022 02:51:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     10753
IP address blocks:        185.238.212.0/23 maxlen: 24
                          185.238.214.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3334118 (0x32dfe6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19
        Validity
            Not Before: Jan  1 02:51:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=391d697098785ebc896bb07ec2d2fd0b6cc1a9c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:82:ad:10:17:ec:ab:df:58:5c:20:9b:28:ca:
                    f8:23:58:f3:6a:83:4a:0e:a1:41:a2:74:a0:e2:95:
                    1b:af:1a:52:25:65:2d:98:66:08:25:f8:d1:16:a1:
                    8c:3b:99:3b:b6:19:ab:de:8f:cd:59:1f:5d:c6:37:
                    2c:a3:05:7c:59:2f:cc:09:d8:ff:21:5e:af:c3:d4:
                    b4:93:83:42:61:c4:e2:18:8d:9d:32:e1:00:5a:a6:
                    6a:95:a1:d6:93:39:89:33:e4:29:a9:6c:60:b6:76:
                    c6:09:cd:62:d0:a4:0d:cd:09:4c:4e:ee:da:43:d2:
                    00:1e:0d:80:08:ad:10:20:96:38:0e:19:c4:16:e2:
                    05:a4:b7:20:fb:91:b0:c5:30:bc:9f:a7:28:54:1c:
                    86:1e:a3:dc:18:35:e3:8a:c8:49:2d:76:f6:06:97:
                    59:0e:65:ba:03:c0:4a:e7:ca:40:d0:84:ba:14:1f:
                    9b:7b:40:c3:dc:d5:13:a9:60:8a:01:4c:5f:9c:d1:
                    8e:90:65:9b:55:a3:96:5d:cc:01:32:7d:be:2d:ee:
                    d3:16:0c:6b:d7:86:7e:33:90:ba:06:ac:97:c6:9e:
                    72:b1:3b:52:96:d4:d7:09:75:a9:21:31:0b:8b:7b:
                    25:63:73:dc:1a:6f:ed:53:97:01:54:ca:8d:8f:62:
                    5d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:1D:69:70:98:78:5E:BC:89:6B:B0:7E:C2:D2:FD:0B:6C:C1:A9:C9
            X509v3 Authority Key Identifier:
                keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/OR1pcJh4XryJa7B-wtL9C2zBqck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:0d:c6:c3:7a:41:06:ab:89:0b:84:6d:20:df:09:6b:a4:86:
         1b:9a:f8:e1:17:d1:a2:6d:81:c2:59:e8:47:22:1b:09:15:29:
         a7:b6:7b:5b:8c:f2:a4:0f:7d:11:2b:08:09:a9:91:2d:9b:d2:
         8d:e1:e3:3b:6f:70:89:13:95:2a:bc:ad:18:59:ed:5d:f9:18:
         7c:48:9e:7e:36:eb:66:6f:90:ac:d0:f8:c1:98:63:7a:ab:ad:
         d2:5e:2f:a6:cd:2c:19:c2:42:c4:76:a7:ba:3e:50:9b:83:c4:
         b2:b5:08:27:b1:05:10:fa:c7:f2:de:c8:0f:4f:32:8b:7c:59:
         7a:45:66:ee:f3:e8:02:2a:c1:3c:1f:e4:e2:1f:01:d8:e0:eb:
         23:f6:51:d4:5e:1a:e1:9a:7a:cb:07:56:0e:aa:36:a0:70:bf:
         a6:72:bf:d0:c2:4b:27:a0:a3:f3:38:8d:00:cf:f6:4a:3f:bd:
         e6:f0:fc:a4:fb:2f:08:85:e5:f9:3e:6c:ba:a2:95:2e:93:a4:
         f1:e1:30:c8:46:1c:be:db:46:1a:92:32:86:b5:2c:14:83:ef:
         09:54:77:58:31:91:bd:df:b2:4e:ad:b0:8a:77:68:cb:4d:26:
         70:30:1b:a2:d6:d1:5c:ae:37:b3:1c:14:67:1c:93:04:3f:3f:
         5b:d1:c9:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDMt/mMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMx
ZGI4NDdkMWRiMWUwYjJjMmMyNTUwMjIxMGZmNWE3MTk5NjdhMTkwHhcNMjIwMTAx
MDI1MTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzOTFkNjk3MDk4Nzg1
ZWJjODk2YmIwN2VjMmQyZmQwYjZjYzFhOWM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmYKtEBfsq99YXCCbKMr4I1jzaoNKDqFBonSg4pUbrxpSJWUt
mGYIJfjRFqGMO5k7thmr3o/NWR9dxjcsowV8WS/MCdj/IV6vw9S0k4NCYcTiGI2d
MuEAWqZqlaHWkzmJM+QpqWxgtnbGCc1i0KQNzQlMTu7aQ9IAHg2ACK0QIJY4DhnE
FuIFpLcg+5GwxTC8n6coVByGHqPcGDXjishJLXb2BpdZDmW6A8BK58pA0IS6FB+b
e0DD3NUTqWCKAUxfnNGOkGWbVaOWXcwBMn2+Le7TFgxr14Z+M5C6BqyXxp5ysTtS
ltTXCXWpITELi3slY3PcGm/tU5cBVMqNj2JdPwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDkdaXCYeF68iWuwfsLS/QtswanJMB8GA1UdIwQYMBaAFDHbhH0dseCywsJV
AiEP9acZlnoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3LzEv
T1IxcGNKaDRYcnlKYTdCLXd0TDlDMnpCcWNrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8z
ZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3LzEvTWR1RWZSMng0TExD
d2xVQ0lRXzFweG1XZWhrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue7UMA0GCSqGSIb3DQEBCwUAA4IB
AQChDcbDekEGq4kLhG0g3wlrpIYbmvjhF9GibYHCWehHIhsJFSmntntbjPKkD30R
KwgJqZEtm9KN4eM7b3CJE5UqvK0YWe1d+Rh8SJ5+Nutmb5Cs0PjBmGN6q63SXi+m
zSwZwkLEdqe6PlCbg8SytQgnsQUQ+sfy3sgPTzKLfFl6RWbu8+gCKsE8H+TiHwHY
4Osj9lHUXhrhmnrLB1YOqjagcL+mcr/QwksnoKPzOI0Az/ZKP73m8Pyk+y8IheX5
Pmy6opUuk6Tx4TDIRhy+20YakjKGtSwUg+8JVHdYMZG937JOrbCKd2jLTSZwMBui
1tFcrjezHBRnHJMEPz9b0cmm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:45 2024 by rpki-client on console-ams.rpki-client.org