Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/PbvhrfIg9s-9n9_DgL_X9EkoulI.roa
File:                     PbvhrfIg9s-9n9_DgL_X9EkoulI.roa (raw, json)
Hash identifier:          x+IYW396HFXYYE6yvQ6zaC+e5qG1clY8Abtth9QN/BQ=
Subject key identifier:   3D:BB:E1:AD:F2:20:F6:CF:BD:9F:DF:C3:80:BF:D7:F4:49:28:BA:52
Certificate issuer:       /CN=8c9dccf9e2f37eb107496a7aaf13894ec476e375
Certificate serial:       01841844153D3577F35BF999A99497E5C602
Authority key identifier: 8C:9D:CC:F9:E2:F3:7E:B1:07:49:6A:7A:AF:13:89:4E:C4:76:E3:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jJ3M-eLzfrEHSWp6rxOJTsR243U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/PbvhrfIg9s-9n9_DgL_X9EkoulI.roa
Signing time:             Thu 27 Oct 2022 07:07:05 +0000
ROA not before:           Thu 27 Oct 2022 07:07:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21150
IP address blocks:        188.64.16.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:18:44:15:3d:35:77:f3:5b:f9:99:a9:94:97:e5:c6:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c9dccf9e2f37eb107496a7aaf13894ec476e375
        Validity
            Not Before: Oct 27 07:07:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3dbbe1adf220f6cfbd9fdfc380bfd7f44928ba52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:18:0b:79:06:fe:a7:80:91:fb:12:20:5b:88:
                    f4:f7:d0:27:f1:0f:58:20:51:4e:5e:3a:f9:8e:03:
                    8d:ac:1e:a6:f1:55:14:a9:9b:50:b6:ee:93:3c:85:
                    71:8b:1a:63:5b:c6:52:1a:cb:3f:26:f9:44:0c:97:
                    1a:75:ab:94:11:5b:11:b0:17:24:6c:1a:a0:d5:1f:
                    53:ac:f8:2d:fd:eb:5f:d1:fe:36:54:32:75:60:4c:
                    12:ef:7f:94:d4:8e:26:44:2d:0c:14:89:72:fb:c6:
                    ae:16:84:cb:58:57:d2:ef:8e:5c:48:5b:8b:5e:7c:
                    49:9c:c7:48:ad:a3:01:9a:a4:79:8d:91:5f:14:35:
                    28:8b:a3:78:59:91:f2:9f:16:22:a6:b1:33:d6:90:
                    39:27:d9:80:d2:39:2d:76:0a:8c:dd:84:50:e5:6b:
                    50:a2:74:b0:89:11:fc:e3:f7:66:3f:8e:99:93:24:
                    24:f0:ab:7a:44:43:64:b3:62:e3:10:a3:35:b3:f5:
                    d8:8f:01:f0:1d:b1:ba:4e:66:89:8c:1b:1c:5f:4d:
                    f7:96:25:97:a7:7b:e5:5a:59:b4:dd:7f:79:0f:cc:
                    2a:c8:05:9c:d8:1c:6f:4c:d8:27:ee:28:38:13:55:
                    43:d7:d3:e3:bc:9b:47:a8:d7:1b:73:94:02:e9:5e:
                    2b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:BB:E1:AD:F2:20:F6:CF:BD:9F:DF:C3:80:BF:D7:F4:49:28:BA:52
            X509v3 Authority Key Identifier:
                keyid:8C:9D:CC:F9:E2:F3:7E:B1:07:49:6A:7A:AF:13:89:4E:C4:76:E3:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jJ3M-eLzfrEHSWp6rxOJTsR243U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/PbvhrfIg9s-9n9_DgL_X9EkoulI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/jJ3M-eLzfrEHSWp6rxOJTsR243U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:bf:a9:06:fa:ac:89:d1:42:48:6c:0c:ca:1e:6d:b4:06:32:
         30:d2:a1:af:e3:12:7a:7f:ff:e3:04:15:b7:5d:c1:66:2c:55:
         fd:f8:ae:ad:c9:97:be:5e:4e:67:71:27:11:9d:b3:df:29:b9:
         94:b2:d7:79:b3:3b:d0:35:36:1f:6e:83:19:95:1a:69:ca:98:
         de:2a:9c:66:e9:ec:3d:71:8e:0a:be:28:f2:70:d0:c1:55:d8:
         07:c6:db:bc:09:fa:b0:56:38:76:11:45:b8:9d:1a:09:2f:a7:
         39:53:12:56:43:77:24:76:67:e8:da:3c:06:21:a7:2b:d8:be:
         1e:e8:ca:5f:8f:76:62:2e:ff:72:ed:ee:ad:d0:34:c3:80:d1:
         b9:96:29:38:be:d0:06:f3:49:c8:a3:8e:65:34:67:7b:93:d0:
         71:2f:16:b9:73:8c:f0:90:3a:c1:35:a9:45:82:3a:72:cb:e6:
         2f:13:f3:e9:e7:13:6f:45:30:5a:89:32:2d:f6:3d:5a:5f:f4:
         b8:ff:aa:14:41:3e:b5:a2:0e:2b:c6:bd:72:f6:31:c2:c1:af:
         2d:4c:e0:9c:73:37:19:25:5b:6e:ff:fd:c6:46:70:c3:9c:d5:
         1c:b8:30:75:59:74:f1:3d:43:4b:33:3b:32:a7:72:e7:a1:21:
         69:ed:85:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQYRBU9NXfzW/mZqZSX5cYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjOWRjY2Y5ZTJmMzdlYjEwNzQ5NmE3YWFmMTM4OTRlYzQ3
NmUzNzUwHhcNMjIxMDI3MDcwNzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJiZTFhZGYyMjBmNmNmYmQ5ZmRmYzM4MGJmZDdmNDQ5MjhiYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxgLeQb+p4CR+xIgW4j099An8Q9Y
IFFOXjr5jgONrB6m8VUUqZtQtu6TPIVxixpjW8ZSGss/JvlEDJcadauUEVsRsBck
bBqg1R9TrPgt/etf0f42VDJ1YEwS73+U1I4mRC0MFIly+8auFoTLWFfS745cSFuL
XnxJnMdIraMBmqR5jZFfFDUoi6N4WZHynxYiprEz1pA5J9mA0jktdgqM3YRQ5WtQ
onSwiRH84/dmP46ZkyQk8Kt6RENks2LjEKM1s/XYjwHwHbG6TmaJjBscX033liWX
p3vlWlm03X95D8wqyAWc2BxvTNgn7ig4E1VD19PjvJtHqNcbc5QC6V4rXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD274a3yIPbPvZ/fw4C/1/RJKLpSMB8GA1UdIwQY
MBaAFIydzPni836xB0lqeq8TiU7EduN1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakozTS1lTHpmckVIU1dwNnJ4T0pUc1IyNDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iZDU1ZWUtYzdhNi00MWI4LWJiMzEt
NmE4YzNiNjc2YjU3LzEvUGJ2aHJmSWc5cy05bjlfRGdMX1g5RWtvdWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iZDU1ZWUtYzdhNi00MWI4LWJiMzEtNmE4YzNiNjc2YjU3
LzEvakozTS1lTHpmckVIU1dwNnJ4T0pUc1IyNDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEAQMA0G
CSqGSIb3DQEBCwUAA4IBAQBMv6kG+qyJ0UJIbAzKHm20BjIw0qGv4xJ6f//jBBW3
XcFmLFX9+K6tyZe+Xk5ncScRnbPfKbmUstd5szvQNTYfboMZlRppypjeKpxm6ew9
cY4KvijycNDBVdgHxtu8CfqwVjh2EUW4nRoJL6c5UxJWQ3ckdmfo2jwGIacr2L4e
6Mpfj3ZiLv9y7e6t0DTDgNG5lik4vtAG80nIo45lNGd7k9BxLxa5c4zwkDrBNalF
gjpyy+YvE/Pp5xNvRTBaiTIt9j1aX/S4/6oUQT61og4rxr1y9jHCwa8tTOCcczcZ
JVtu//3GRnDDnNUcuDB1WXTxPUNLMzsyp3LnoSFp7YUO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:25 2024 by rpki-client on console-ams.rpki-client.org