Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s-ESHOEzlBTBVSTGNmV2XxNZq_4.roa
File:                     s-ESHOEzlBTBVSTGNmV2XxNZq_4.roa (raw, json)
Hash identifier:          PL7jQWdRn/v6LsaX1/UhVdYz4tcKV9y+6De2x34/zIQ=
Subject key identifier:   B3:E1:12:1C:E1:33:94:14:C1:55:24:C6:36:65:76:5F:13:59:AB:FE
Certificate issuer:       /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial:       0FFC8404
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s-ESHOEzlBTBVSTGNmV2XxNZq_4.roa
Signing time:             Sat 01 Jan 2022 08:53:45 +0000
ROA not before:           Sat 01 Jan 2022 08:53:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49871
IP address blocks:        212.19.51.240/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 268207108 (0xffc8404)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
        Validity
            Not Before: Jan  1 08:53:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3e1121ce1339414c15524c63665765f1359abfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:cc:cb:85:a9:0a:5f:c4:ca:39:d3:91:22:bc:
                    bc:f2:06:f1:6b:cb:8b:d0:41:79:7e:e3:92:9b:97:
                    2d:68:01:f0:c2:a5:12:49:ac:4f:15:42:0a:1c:4d:
                    24:db:62:86:a6:34:d8:93:2d:f5:dc:47:f1:f7:98:
                    2b:57:db:98:27:6c:98:29:c5:a8:d1:16:af:d1:fa:
                    ee:17:0b:97:a2:d3:b1:6b:89:15:65:58:b5:a1:13:
                    b6:0a:04:ec:c2:cd:79:68:92:4f:7b:e9:85:5d:26:
                    ee:74:d8:81:31:45:c0:e3:d1:ce:1b:e8:2c:5c:50:
                    8f:e2:27:7f:52:c4:e2:05:d8:80:d8:f7:5d:d0:c7:
                    93:50:0f:ad:bd:d3:2a:4c:78:da:15:b6:89:c8:cc:
                    70:28:e4:8a:bc:7e:9a:48:5c:2d:d7:c0:14:19:d6:
                    51:64:d8:0a:f9:ba:42:4c:6f:49:27:69:be:c3:f8:
                    99:6d:b5:c4:dc:5d:88:e8:58:2e:0b:c0:c7:c2:2a:
                    4a:8e:96:a7:b8:e7:d8:68:aa:35:52:5d:bb:93:8e:
                    18:96:6f:93:c5:96:7e:3a:c8:8f:76:fc:bf:1e:98:
                    ba:6e:e0:33:fc:fd:70:94:9d:fb:54:2a:c5:db:00:
                    2a:73:57:c2:d2:92:fb:67:e9:c5:e8:06:21:ef:7d:
                    a3:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:E1:12:1C:E1:33:94:14:C1:55:24:C6:36:65:76:5F:13:59:AB:FE
            X509v3 Authority Key Identifier:
                keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s-ESHOEzlBTBVSTGNmV2XxNZq_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.19.51.240/29

    Signature Algorithm: sha256WithRSAEncryption
         b8:e8:cf:8e:47:1f:6e:80:a1:6f:de:42:1c:79:02:aa:df:86:
         d8:fd:49:5a:47:c6:d5:b8:56:7e:41:6b:b3:83:00:f5:26:d7:
         3c:6b:81:07:64:bc:73:8b:99:c1:17:d3:50:35:9d:30:0f:f9:
         c3:41:84:bc:3c:3b:d6:7b:f4:ce:c7:f7:1a:0f:77:42:fc:a5:
         fe:de:02:33:23:4e:a9:ce:86:6d:48:7a:37:57:ec:89:a0:17:
         0d:77:55:0d:76:c8:90:34:7a:59:93:9a:f2:6e:5a:2f:f2:34:
         ac:7e:7e:c1:b9:18:cf:f2:2e:aa:7c:69:1b:af:3f:22:57:00:
         ca:e8:87:71:a1:aa:8c:15:2c:2a:dc:f6:23:85:91:83:21:ac:
         c9:db:8e:6f:a6:fe:ed:34:08:c9:b6:00:99:8c:a9:48:3d:5c:
         f9:88:c1:a8:a1:25:75:9b:c2:b3:07:06:22:b0:a2:ed:24:36:
         86:cc:1a:a5:94:9e:c1:aa:33:b9:80:33:70:a3:e5:9d:e6:fb:
         7a:91:c3:20:a4:f6:71:06:7a:77:17:bd:b6:2f:46:21:c2:a2:
         ab:40:35:4d:fc:5a:88:2d:77:47:02:9d:03:7a:53:80:4b:88:
         84:23:1b:1f:33:4e:0a:43:57:68:d4:e8:44:b2:10:a4:fb:4f:
         3d:1d:82:d8
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIED/yEBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDhiYTBhNTJjNDIxMjlhZjFkNGY3NDNmZWIzM2JiMTQ0ZDRiYjVjMB4XDTIyMDEw
MTA4NTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNlMTEyMWNlMTMz
OTQxNGMxNTUyNGM2MzY2NTc2NWYxMzU5YWJmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3My4WpCl/EyjnTkSK8vPIG8WvLi9BBeX7jkpuXLWgB8MKl
EkmsTxVCChxNJNtihqY02JMt9dxH8feYK1fbmCdsmCnFqNEWr9H67hcLl6LTsWuJ
FWVYtaETtgoE7MLNeWiST3vphV0m7nTYgTFFwOPRzhvoLFxQj+Inf1LE4gXYgNj3
XdDHk1APrb3TKkx42hW2icjMcCjkirx+mkhcLdfAFBnWUWTYCvm6QkxvSSdpvsP4
mW21xNxdiOhYLgvAx8IqSo6Wp7jn2GiqNVJdu5OOGJZvk8WWfjrIj3b8vx6Yum7g
M/z9cJSd+1QqxdsAKnNXwtKS+2fpxegGIe99o6ECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSz4RIc4TOUFMFVJMY2ZXZfE1mr/jAfBgNVHSMEGDAWgBQ9i6ClLEISmvHU
90P+szuxRNS7XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BZdWdwU3hDRXByeDFQZERfck03c1VUVXUxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZmY2ZjRhLThkNWYtNDViMi04NzVjLWE1NjgzODQ0ZTc5Mi8x
L3MtRVNIT0V6bEJUQlZTVEdObVYyWHhOWnFfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZmY2ZjRhLThkNWYtNDViMi04NzVjLWE1NjgzODQ0ZTc5Mi8xL1BZdWdwU3hDRXBy
eDFQZERfck03c1VUVXUxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFA9QTM/AwDQYJKoZIhvcNAQELBQAD
ggEBALjoz45HH26AoW/eQhx5Aqrfhtj9SVpHxtW4Vn5Ba7ODAPUm1zxrgQdkvHOL
mcEX01A1nTAP+cNBhLw8O9Z79M7H9xoPd0L8pf7eAjMjTqnOhm1IejdX7ImgFw13
VQ12yJA0elmTmvJuWi/yNKx+fsG5GM/yLqp8aRuvPyJXAMroh3GhqowVLCrc9iOF
kYMhrMnbjm+m/u00CMm2AJmMqUg9XPmIwaihJXWbwrMHBiKwou0kNobMGqWUnsGq
M7mAM3Cj5Z3m+3qRwyCk9nEGencXvbYvRiHCoqtANU38Wogtd0cCnQN6U4BLiIQj
Gx8zTgpDV2jU6ESyEKT7Tz0dgtg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:37 2024 by rpki-client on console-fra.rpki-client.org