Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/PBHVupZdJPgLIUpQa1gcyTOeBjM.roa
File:                     PBHVupZdJPgLIUpQa1gcyTOeBjM.roa (raw, json)
Hash identifier:          /tXt4ClBhUbMH8B5ku+A6oKuLYL2hk+yX7X6NXCfU0c=
Subject key identifier:   3C:11:D5:BA:96:5D:24:F8:0B:21:4A:50:6B:58:1C:C9:33:9E:06:33
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       01841C3C52CB8D1B41CCDA035DB4F5C40D7A
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/PBHVupZdJPgLIUpQa1gcyTOeBjM.roa
Signing time:             Fri 28 Oct 2022 01:37:06 +0000
ROA not before:           Fri 28 Oct 2022 01:37:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        31.43.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1c:3c:52:cb:8d:1b:41:cc:da:03:5d:b4:f5:c4:0d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Oct 28 01:37:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c11d5ba965d24f80b214a506b581cc9339e0633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:69:36:7a:ca:66:b0:58:87:1d:c5:a4:18:dc:
                    e8:58:d3:22:00:c0:d2:63:00:2f:11:8a:b8:08:6c:
                    35:db:3f:f7:9e:b8:e9:20:ec:a4:af:f2:12:2a:0b:
                    53:67:dd:21:12:48:84:cd:77:e1:56:94:87:a2:7c:
                    40:b8:ec:96:7a:48:fe:8d:15:7f:61:19:3b:e2:45:
                    5b:23:bb:a8:46:5e:f7:85:e7:f1:22:b0:26:10:53:
                    f0:1d:f1:38:10:47:34:e0:05:0a:95:a5:d2:55:d2:
                    28:3c:3e:7c:ca:6e:46:f4:1d:27:8e:80:49:93:e8:
                    78:dd:c4:d8:1d:43:5c:ad:d8:44:63:b7:89:44:1e:
                    67:7b:45:88:b8:43:df:1e:85:e7:9c:86:ea:f3:cf:
                    c2:79:57:64:51:8e:df:ea:54:be:1d:13:39:a6:45:
                    4d:f8:6c:d0:0e:e7:46:34:e2:af:e7:d1:39:ed:60:
                    f2:f8:6a:d6:ac:1c:67:dc:c4:bc:af:3f:75:51:a8:
                    f2:1c:6d:d5:ae:bf:85:4f:04:10:3d:74:5c:35:84:
                    14:29:95:f2:42:73:bb:29:1c:2d:77:93:2a:28:bd:
                    4d:bc:9e:67:07:bd:63:97:e4:aa:40:bf:a4:86:bc:
                    2b:6a:f2:b9:63:9c:00:5f:5c:ac:20:39:ef:52:22:
                    e7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:11:D5:BA:96:5D:24:F8:0B:21:4A:50:6B:58:1C:C9:33:9E:06:33
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/PBHVupZdJPgLIUpQa1gcyTOeBjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:cb:08:db:d7:05:86:04:95:6f:0a:e6:93:0a:be:2c:f5:b7:
         08:5d:5f:0f:38:a6:fd:60:72:c6:0d:c5:3f:ea:6b:f6:f4:16:
         9b:66:c5:d1:e2:12:db:13:fa:9e:35:54:9c:bd:8d:9a:76:c7:
         61:21:7b:69:23:4b:8a:fb:25:dc:c7:5f:92:d7:db:ab:1b:87:
         9b:3d:24:c9:d2:a8:da:8a:5b:64:cf:c3:80:fe:28:e0:25:ce:
         a0:d6:89:17:e1:9e:e6:98:ec:10:20:bb:7e:80:0e:f5:1e:eb:
         73:1c:03:e0:17:8e:8d:da:3b:be:02:eb:28:60:1c:5d:d9:79:
         ec:03:68:c4:55:36:40:21:21:1f:ff:9e:d0:69:ff:99:ac:04:
         d4:c7:9c:a1:67:37:fb:06:32:5e:91:7a:0e:53:c1:a6:02:e8:
         96:06:0e:42:5f:fd:d0:2b:a0:e4:25:cf:c5:a2:8a:74:9a:28:
         df:f9:4a:c4:f7:d7:41:17:28:08:5f:72:c6:bf:4e:89:8b:ab:
         18:53:50:60:88:fc:a5:cf:d0:93:4b:7d:c2:23:c4:29:d2:3a:
         45:0c:02:d9:e9:f3:fd:f7:cf:ea:0b:9f:13:f2:1b:ef:8a:1c:
         41:e2:0a:eb:a0:7c:5f:2b:fa:af:90:df:42:5d:30:f8:ab:63:
         85:b1:5e:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQcPFLLjRtBzNoDXbT1xA16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIxMDI4MDEzNzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzExZDViYTk2NWQyNGY4MGIyMTRhNTA2YjU4MWNjOTMzOWUwNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmk2espmsFiHHcWkGNzoWNMiAMDS
YwAvEYq4CGw12z/3nrjpIOykr/ISKgtTZ90hEkiEzXfhVpSHonxAuOyWekj+jRV/
YRk74kVbI7uoRl73hefxIrAmEFPwHfE4EEc04AUKlaXSVdIoPD58ym5G9B0njoBJ
k+h43cTYHUNcrdhEY7eJRB5ne0WIuEPfHoXnnIbq88/CeVdkUY7f6lS+HRM5pkVN
+GzQDudGNOKv59E57WDy+GrWrBxn3MS8rz91UajyHG3Vrr+FTwQQPXRcNYQUKZXy
QnO7KRwtd5MqKL1NvJ5nB71jl+SqQL+khrwravK5Y5wAX1ysIDnvUiLnwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwR1bqWXST4CyFKUGtYHMkzngYzMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvUEJIVnVwWmRKUGdMSVVwUWExZ2N5VE9lQmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyulMA0G
CSqGSIb3DQEBCwUAA4IBAQAYywjb1wWGBJVvCuaTCr4s9bcIXV8POKb9YHLGDcU/
6mv29BabZsXR4hLbE/qeNVScvY2adsdhIXtpI0uK+yXcx1+S19urG4ebPSTJ0qja
iltkz8OA/ijgJc6g1okX4Z7mmOwQILt+gA71HutzHAPgF46N2ju+AusoYBxd2Xns
A2jEVTZAISEf/57Qaf+ZrATUx5yhZzf7BjJekXoOU8GmAuiWBg5CX/3QK6DkJc/F
oop0mijf+UrE99dBFygIX3LGv06Ji6sYU1BgiPylz9CTS33CI8Qp0jpFDALZ6fP9
98/qC58T8hvvihxB4grroHxfK/qvkN9CXTD4q2OFsV67
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org