Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/3aLzbbulEU1HIALvsojp4ln3PNc.roa
File:                     3aLzbbulEU1HIALvsojp4ln3PNc.roa (raw, json)
Hash identifier:          7yNJTKTRpkQ2njIoi30WCSyHoxhR+iMJEM/4+fd3pnM=
Subject key identifier:   DD:A2:F3:6D:BB:A5:11:4D:47:20:02:EF:B2:88:E9:E2:59:F7:3C:D7
Certificate issuer:       /CN=d344e0134bbfd2e4c681d5995efe42748c4458f7
Certificate serial:       032586BE
Authority key identifier: D3:44:E0:13:4B:BF:D2:E4:C6:81:D5:99:5E:FE:42:74:8C:44:58:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/00TgE0u_0uTGgdWZXv5CdIxEWPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/3aLzbbulEU1HIALvsojp4ln3PNc.roa
Signing time:             Sat 01 Jan 2022 11:05:22 +0000
ROA not before:           Sat 01 Jan 2022 11:05:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211982
IP address blocks:        185.231.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52790974 (0x32586be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d344e0134bbfd2e4c681d5995efe42748c4458f7
        Validity
            Not Before: Jan  1 11:05:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dda2f36dbba5114d472002efb288e9e259f73cd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b5:77:5f:20:2c:b0:c7:c6:94:30:52:6b:da:
                    42:64:9a:80:48:90:c1:c4:74:ea:78:c0:a4:e8:87:
                    0d:67:1f:f0:2c:68:8c:b0:59:44:1b:d8:48:d9:79:
                    26:90:6e:11:38:38:d9:dd:be:c1:8f:16:f1:d4:9b:
                    6b:66:bc:7b:2e:73:4c:9a:0e:26:66:e6:0a:71:99:
                    b8:4c:ca:2f:65:93:f9:bb:fc:e0:72:76:f3:13:17:
                    95:70:6d:fc:90:33:6e:e6:c5:b3:3c:8e:35:1c:65:
                    c6:36:0a:d0:5a:34:5f:94:e2:d6:c6:c1:52:90:34:
                    0a:7e:82:c4:b7:2a:a9:19:43:f0:7e:ff:a4:3c:76:
                    04:c6:9f:c2:76:5a:10:c0:67:95:4b:49:f7:6a:4a:
                    99:15:88:57:bd:02:4c:3f:21:3f:bb:24:1f:87:26:
                    1d:fd:a3:6c:00:1a:a9:44:89:ea:16:67:3e:cc:4c:
                    f6:88:4b:11:5f:fb:d2:88:ac:fd:62:bd:58:87:cd:
                    7d:bf:a5:8e:0e:44:af:6d:e3:92:24:7e:f2:62:46:
                    7e:05:fd:e1:2e:cb:ff:13:76:4b:1a:02:a0:d8:68:
                    f4:ff:01:6a:e2:4a:c6:12:50:e9:ed:59:94:9e:a5:
                    33:4c:a2:21:ea:64:99:b6:25:ec:e6:2e:76:11:09:
                    87:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A2:F3:6D:BB:A5:11:4D:47:20:02:EF:B2:88:E9:E2:59:F7:3C:D7
            X509v3 Authority Key Identifier:
                keyid:D3:44:E0:13:4B:BF:D2:E4:C6:81:D5:99:5E:FE:42:74:8C:44:58:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00TgE0u_0uTGgdWZXv5CdIxEWPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/3aLzbbulEU1HIALvsojp4ln3PNc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/00TgE0u_0uTGgdWZXv5CdIxEWPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.231.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:84:44:51:15:98:ea:b1:20:48:2e:dd:70:3d:40:43:57:b8:
         c2:2d:d8:95:2d:49:c1:de:3a:1f:c2:bc:3c:49:f4:e0:5a:3b:
         ae:63:38:02:60:ea:50:cd:66:c8:c8:1c:61:26:a4:87:b6:19:
         2a:68:73:82:16:d7:cc:05:47:90:e9:d0:92:80:36:b3:2a:91:
         2d:a5:91:05:87:7f:e3:b6:52:4d:0c:0b:d3:a4:96:59:e6:5a:
         69:09:4b:5e:24:de:b3:69:0d:bb:44:6c:e2:56:3c:1b:5f:85:
         11:95:32:da:c6:dc:9b:d0:a1:26:18:ac:64:18:b1:3a:b6:ba:
         e3:25:30:a7:38:84:1d:fa:a3:48:64:a4:3d:47:43:62:34:53:
         da:72:71:2d:18:7f:15:4f:07:f0:2b:20:9d:79:85:14:cc:06:
         a7:07:56:4d:eb:05:e1:18:f9:07:84:12:66:f7:c4:67:77:41:
         d5:cf:60:d2:bc:6c:72:cc:b3:1d:e4:93:cb:1e:d0:c1:bb:10:
         06:76:41:e5:8c:68:b5:cc:ba:bc:d4:f4:35:29:08:b3:8a:26:
         c6:36:79:bc:26:22:71:ea:93:38:14:9f:8a:ab:2f:6b:73:cb:
         d8:2b:cb:56:f3:f7:fd:e7:fb:80:08:6e:81:e4:e5:59:0c:30:
         2e:c3:43:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyWGvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzQ0ZTAxMzRiYmZkMmU0YzY4MWQ1OTk1ZWZlNDI3NDhjNDQ1OGY3MB4XDTIyMDEw
MTExMDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRhMmYzNmRiYmE1
MTE0ZDQ3MjAwMmVmYjI4OGU5ZTI1OWY3M2NkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANO1d18gLLDHxpQwUmvaQmSagEiQwcR06njApOiHDWcf8Cxo
jLBZRBvYSNl5JpBuETg42d2+wY8W8dSba2a8ey5zTJoOJmbmCnGZuEzKL2WT+bv8
4HJ28xMXlXBt/JAzbubFszyONRxlxjYK0Fo0X5Ti1sbBUpA0Cn6CxLcqqRlD8H7/
pDx2BMafwnZaEMBnlUtJ92pKmRWIV70CTD8hP7skH4cmHf2jbAAaqUSJ6hZnPsxM
9ohLEV/70ois/WK9WIfNfb+ljg5Er23jkiR+8mJGfgX94S7L/xN2SxoCoNho9P8B
auJKxhJQ6e1ZlJ6lM0yiIepkmbYl7OYudhEJh70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdovNtu6URTUcgAu+yiOniWfc81zAfBgNVHSMEGDAWgBTTROATS7/S5MaB
1Zle/kJ0jERY9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAwVGdFMHVfMHVUR2dkV1pYdjVDZEl4RVdQYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMjBiODViLTk4YjEtNDE2OS1iNzFhLTYxYTFiZGYyNGIxMy8x
LzNhTHpiYnVsRVUxSElBTHZzb2pwNGxuM1BOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MjBiODViLTk4YjEtNDE2OS1iNzFhLTYxYTFiZGYyNGIxMy8xLzAwVGdFMHVfMHVU
R2dkV1pYdjVDZEl4RVdQYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnn6zANBgkqhkiG9w0BAQsFAAOC
AQEATYREURWY6rEgSC7dcD1AQ1e4wi3YlS1Jwd46H8K8PEn04Fo7rmM4AmDqUM1m
yMgcYSakh7YZKmhzghbXzAVHkOnQkoA2syqRLaWRBYd/47ZSTQwL06SWWeZaaQlL
XiTes2kNu0Rs4lY8G1+FEZUy2sbcm9ChJhisZBixOra64yUwpziEHfqjSGSkPUdD
YjRT2nJxLRh/FU8H8CsgnXmFFMwGpwdWTesF4Rj5B4QSZvfEZ3dB1c9g0rxscsyz
HeSTyx7QwbsQBnZB5Yxotcy6vNT0NSkIs4omxjZ5vCYiceqTOBSfiqsva3PL2CvL
VvP3/ef7gAhugeTlWQwwLsND1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:27 2024 by rpki-client on console-fra.rpki-client.org