Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/3in65EemwCAkv34YusPFxmYaWLI.roa
File:                     3in65EemwCAkv34YusPFxmYaWLI.roa (raw, json)
Hash identifier:          bkNNuHjUKVm7IXI6ocZJZVtzzZXRMBNgLUADxp0NEyc=
Subject key identifier:   DE:29:FA:E4:47:A6:C0:20:24:BF:7E:18:BA:C3:C5:C6:66:1A:58:B2
Certificate issuer:       /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial:       1C4BCBBB
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/3in65EemwCAkv34YusPFxmYaWLI.roa
Signing time:             Mon 20 Jun 2022 21:46:44 +0000
ROA not before:           Mon 20 Jun 2022 21:46:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42831
IP address blocks:        45.43.64.0/23 maxlen: 24
                          45.43.86.0/24 maxlen: 24
                          89.33.6.0/23 maxlen: 24
                          2a05:9f40:1f::/48 maxlen: 48
                          2a05:9f44:2a05::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 474729403 (0x1c4bcbbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
        Validity
            Not Before: Jun 20 21:46:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de29fae447a6c02024bf7e18bac3c5c6661a58b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:fa:7b:96:f3:84:e3:02:5c:9b:25:f7:cb:ae:
                    c2:28:ba:f8:2c:f6:7b:cc:1e:20:81:04:1c:01:17:
                    4d:e2:b0:ff:89:11:96:cf:3e:fe:5c:3e:e2:34:1e:
                    c4:e9:0b:fb:f0:6b:64:38:51:7f:82:c8:f2:2b:27:
                    9b:0f:b9:5a:6e:81:a7:6d:3a:0e:05:6e:31:68:62:
                    5d:6f:a1:b3:27:9f:b4:61:78:3d:d3:93:3d:a6:18:
                    8a:8f:a3:78:35:fc:93:53:b6:fe:a6:ec:26:73:50:
                    75:d1:8d:71:0c:aa:87:92:82:19:e9:ed:e7:39:84:
                    4a:ba:65:3e:62:35:fe:03:6a:cb:05:5d:18:5b:a0:
                    93:66:e7:f7:ef:1a:c2:c6:50:ee:a0:71:cb:21:09:
                    cb:e6:fe:2d:87:97:c5:a5:b5:4d:a1:ca:49:9b:c9:
                    7d:91:59:60:91:ff:91:c7:37:29:07:4c:78:0c:d0:
                    72:d5:99:3a:40:21:aa:e6:d1:f5:c7:7d:3c:49:30:
                    60:2b:fd:f5:bf:3f:5d:6f:ae:04:82:76:32:eb:c5:
                    43:e0:ec:e4:75:07:9e:57:a3:e9:6c:17:3f:db:61:
                    12:e7:84:d1:ee:ff:fc:17:6b:d3:65:af:61:c1:a9:
                    9c:2a:fa:f8:5f:2d:10:cb:05:d7:60:4e:4e:6b:02:
                    01:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:29:FA:E4:47:A6:C0:20:24:BF:7E:18:BA:C3:C5:C6:66:1A:58:B2
            X509v3 Authority Key Identifier:
                keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/3in65EemwCAkv34YusPFxmYaWLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.64.0/23
                  45.43.86.0/24
                  89.33.6.0/23
                IPv6:
                  2a05:9f40:1f::/48
                  2a05:9f44:2a05::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:33:ba:73:ae:c2:a4:1e:04:a4:b1:87:2d:62:2c:26:01:23:
         32:eb:3d:19:68:63:77:10:f5:e1:1e:e8:ff:d9:f5:cb:48:11:
         bf:4a:58:3e:49:0e:66:b9:92:8e:48:6f:ae:51:9c:8e:77:a0:
         4a:85:5d:99:d3:d9:5d:a7:bd:fc:52:df:12:92:9e:b7:a6:6e:
         f3:e6:d4:a8:c7:32:81:37:2e:a5:69:8d:cb:91:23:46:6a:d4:
         c1:f7:4f:b8:cf:8e:23:27:4b:39:a0:83:0c:1b:06:65:6e:44:
         9c:98:2c:96:11:22:f0:e7:31:06:cf:c6:c4:af:62:a3:c6:aa:
         35:92:4a:d9:a1:89:25:f3:18:44:cd:52:f7:fb:5b:d6:8a:ef:
         a5:91:ec:c6:5f:25:d2:9d:b1:1a:60:ec:44:da:2c:c0:97:e9:
         02:dc:54:6b:58:11:bd:2f:f3:6d:5a:cd:7e:0e:7f:8f:67:fd:
         1a:ea:e4:6f:24:d6:ab:7b:15:73:bd:8b:92:8b:55:58:93:6f:
         2b:81:07:c7:e0:dd:0f:be:28:b3:8f:b7:07:cf:69:96:ff:19:
         ef:db:fd:e0:73:79:67:c7:bc:c4:45:8e:35:b5:e6:57:67:12:
         3f:4b:21:d3:fd:da:bb:8e:e0:8f:48:02:f4:33:53:39:53:4f:
         39:3c:ef:f8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEHEvLuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDYy
MDIxNDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUyOWZhZTQ0N2E2
YzAyMDI0YmY3ZTE4YmFjM2M1YzY2NjFhNThiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf6e5bzhOMCXJsl98uuwii6+Cz2e8weIIEEHAEXTeKw/4kR
ls8+/lw+4jQexOkL+/BrZDhRf4LI8isnmw+5Wm6Bp206DgVuMWhiXW+hsyeftGF4
PdOTPaYYio+jeDX8k1O2/qbsJnNQddGNcQyqh5KCGent5zmESrplPmI1/gNqywVd
GFugk2bn9+8awsZQ7qBxyyEJy+b+LYeXxaW1TaHKSZvJfZFZYJH/kcc3KQdMeAzQ
ctWZOkAhqubR9cd9PEkwYCv99b8/XW+uBIJ2MuvFQ+Ds5HUHnlej6WwXP9thEueE
0e7//Bdr02WvYcGpnCr6+F8tEMsF12BOTmsCASUCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTeKfrkR6bAICS/fhi6w8XGZhpYsjAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
LzNpbjY1RWVtd0NBa3YzNFl1c1BGeG1ZYVdMSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEAS0rQAMEAC0rVgMEAVkhBjAYBAIA
AjASAwcAKgWfQAAfAwcAKgWfRCoFMA0GCSqGSIb3DQEBCwUAA4IBAQAQM7pzrsKk
HgSksYctYiwmASMy6z0ZaGN3EPXhHuj/2fXLSBG/Slg+SQ5muZKOSG+uUZyOd6BK
hV2Z09ldp738Ut8Skp63pm7z5tSoxzKBNy6laY3LkSNGatTB90+4z44jJ0s5oIMM
GwZlbkScmCyWESLw5zEGz8bEr2Kjxqo1kkrZoYkl8xhEzVL3+1vWiu+lkezGXyXS
nbEaYOxE2izAl+kC3FRrWBG9L/NtWs1+Dn+PZ/0a6uRvJNarexVzvYuSi1VYk28r
gQfH4N0Pviizj7cHz2mW/xnv2/3gc3lnx7zERY41teZXZxI/SyHT/dq7juCPSAL0
M1M5U085PO/4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:52 2024 by rpki-client on console-ams.rpki-client.org