Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/ba3UGuyxeeQgVAhQ5nxGH0Uk1S4.roa
File:                     ba3UGuyxeeQgVAhQ5nxGH0Uk1S4.roa (raw, json)
Hash identifier:          cfKLyRLkHDWHwQ18jThE/LcAZeNl8wX0s28RdvcFgOc=
Subject key identifier:   6D:AD:D4:1A:EC:B1:79:E4:20:54:08:50:E6:7C:46:1F:45:24:D5:2E
Certificate issuer:       /CN=c7ab6b2254e45730aafa45ab51973203614bb6cc
Certificate serial:       03E388F1
Authority key identifier: C7:AB:6B:22:54:E4:57:30:AA:FA:45:AB:51:97:32:03:61:4B:B6:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x6trIlTkVzCq-kWrUZcyA2FLtsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/ba3UGuyxeeQgVAhQ5nxGH0Uk1S4.roa
Signing time:             Sat 01 Jan 2022 16:05:30 +0000
ROA not before:           Sat 01 Jan 2022 16:05:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205118
IP address blocks:        185.229.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65243377 (0x3e388f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7ab6b2254e45730aafa45ab51973203614bb6cc
        Validity
            Not Before: Jan  1 16:05:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6dadd41aecb179e420540850e67c461f4524d52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:06:a9:92:85:18:50:6a:fb:49:14:87:a9:bf:
                    3e:6f:26:35:2e:d2:bf:ec:e5:f6:28:36:ac:35:2f:
                    a6:cf:7c:da:24:25:7f:60:d9:08:0c:54:e2:d3:f1:
                    7c:1d:ae:8f:fd:06:dd:ca:cf:77:4b:8a:57:6f:c4:
                    7a:3e:ab:d6:88:2a:1f:2b:66:46:12:7b:ce:c0:a2:
                    7e:64:93:36:e1:03:ac:37:c8:9f:47:fc:58:b8:ca:
                    6b:de:57:7b:10:84:be:29:80:ff:5c:5f:2f:e1:ac:
                    7e:f6:a0:c9:7e:4c:ad:be:ec:45:fb:a2:8f:b6:b8:
                    27:e6:2f:23:35:a2:01:7d:f5:5c:47:61:e4:14:4b:
                    25:03:b2:03:3a:b0:2b:cb:ea:62:68:d1:b3:9e:d4:
                    23:01:b5:e7:92:b4:e8:7d:c9:94:8c:7d:b4:2b:9d:
                    88:57:98:37:2d:59:dd:bc:ff:ec:91:9d:4b:86:4c:
                    19:4d:dd:65:a1:6e:fb:5e:a9:41:e7:f2:98:3a:c9:
                    ec:67:0c:ef:85:28:cc:ff:63:bd:82:c4:6c:be:7b:
                    b6:41:48:7f:17:7a:0c:54:01:17:95:6d:6b:7c:41:
                    3d:c1:c9:e4:61:6c:f7:ce:84:75:14:7b:96:da:e0:
                    96:12:be:f8:49:64:2f:e1:4b:88:a2:6a:23:3e:d7:
                    1a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:AD:D4:1A:EC:B1:79:E4:20:54:08:50:E6:7C:46:1F:45:24:D5:2E
            X509v3 Authority Key Identifier:
                keyid:C7:AB:6B:22:54:E4:57:30:AA:FA:45:AB:51:97:32:03:61:4B:B6:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6trIlTkVzCq-kWrUZcyA2FLtsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/ba3UGuyxeeQgVAhQ5nxGH0Uk1S4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/x6trIlTkVzCq-kWrUZcyA2FLtsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:cf:12:e0:78:6c:38:17:d2:ae:4a:ca:99:31:5c:e3:93:1a:
         a5:0a:89:5a:bc:bd:44:b9:d2:69:4b:4e:cc:18:b8:a1:ce:0b:
         67:e8:d2:d1:bb:1e:7d:f1:68:ec:94:87:08:6c:87:ed:3c:70:
         25:36:5e:91:30:ac:e7:0b:ee:cf:fe:7b:40:f6:42:61:ec:ec:
         d0:86:08:07:cc:d1:75:d2:d0:77:48:23:1a:79:1e:c7:19:cd:
         41:53:99:26:c0:f1:ee:5f:f8:fd:18:f3:16:8c:04:37:cd:85:
         a5:a5:bf:99:5f:87:d3:c7:e1:97:e6:2a:ea:2d:e5:6d:ec:cb:
         34:61:d5:ac:75:a9:35:dd:87:59:d4:3d:b2:c2:68:aa:af:cb:
         92:22:24:87:fe:51:cf:81:4d:ab:3a:07:7b:aa:27:65:e4:a3:
         94:6c:16:79:61:26:5c:17:fb:fc:10:04:71:e4:2c:cc:e7:97:
         44:2a:4f:f4:e6:13:46:7c:f3:7f:b6:03:16:35:21:03:43:4d:
         3e:d8:d2:a9:e9:7b:1c:e7:c4:bc:34:99:40:5a:15:53:a4:66:
         29:bc:84:d2:d3:79:52:0c:23:af:5b:8e:94:05:34:62:75:33:
         fb:08:db:8c:f6:1d:42:f9:d2:c5:98:2c:08:5c:a2:d1:0f:87:
         9e:db:8c:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+OI8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2FiNmIyMjU0ZTQ1NzMwYWFmYTQ1YWI1MTk3MzIwMzYxNGJiNmNjMB4XDTIyMDEw
MTE2MDUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRhZGQ0MWFlY2Ix
NzllNDIwNTQwODUwZTY3YzQ2MWY0NTI0ZDUyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsGqZKFGFBq+0kUh6m/Pm8mNS7Sv+zl9ig2rDUvps982iQl
f2DZCAxU4tPxfB2uj/0G3crPd0uKV2/Eej6r1ogqHytmRhJ7zsCifmSTNuEDrDfI
n0f8WLjKa95XexCEvimA/1xfL+GsfvagyX5Mrb7sRfuij7a4J+YvIzWiAX31XEdh
5BRLJQOyAzqwK8vqYmjRs57UIwG155K06H3JlIx9tCudiFeYNy1Z3bz/7JGdS4ZM
GU3dZaFu+16pQefymDrJ7GcM74UozP9jvYLEbL57tkFIfxd6DFQBF5Vta3xBPcHJ
5GFs986EdRR7ltrglhK++ElkL+FLiKJqIz7XGlMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtrdQa7LF55CBUCFDmfEYfRSTVLjAfBgNVHSMEGDAWgBTHq2siVORXMKr6
RatRlzIDYUu2zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g2dHJJbFRrVnpDcS1rV3JVWmN5QTJGTHRzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvMzNiNjlkLWY0Y2EtNDNhYS05NzgwLTFkNTVkNTkyOWNlYy8x
L2JhM1VHdXl4ZWVRZ1ZBaFE1bnhHSDBVazFTNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
MzNiNjlkLWY0Y2EtNDNhYS05NzgwLTFkNTVkNTkyOWNlYy8xL3g2dHJJbFRrVnpD
cS1rV3JVWmN5QTJGTHRzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnlAzANBgkqhkiG9w0BAQsFAAOC
AQEAVs8S4HhsOBfSrkrKmTFc45MapQqJWry9RLnSaUtOzBi4oc4LZ+jS0bseffFo
7JSHCGyH7TxwJTZekTCs5wvuz/57QPZCYezs0IYIB8zRddLQd0gjGnkexxnNQVOZ
JsDx7l/4/RjzFowEN82FpaW/mV+H08fhl+Yq6i3lbezLNGHVrHWpNd2HWdQ9ssJo
qq/LkiIkh/5Rz4FNqzoHe6onZeSjlGwWeWEmXBf7/BAEceQszOeXRCpP9OYTRnzz
f7YDFjUhA0NNPtjSqel7HOfEvDSZQFoVU6RmKbyE0tN5Ugwjr1uOlAU0YnUz+wjb
jPYdQvnSxZgsCFyi0Q+HntuM/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:03 2024 by rpki-client on console-ams.rpki-client.org