Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/045986-b3a4-49e4-8f45-126d5e60fdd1/1/3-_q3fQFytLCCvXB83MOC8tHQ60.roa
File:                     3-_q3fQFytLCCvXB83MOC8tHQ60.roa (raw, json)
Hash identifier:          klGdn9lopYFpkvIfZ+2U1Eq1JMAKD0Q9fUhoATMDYjU=
Subject key identifier:   DF:EF:EA:DD:F4:05:CA:D2:C2:0A:F5:C1:F3:73:0E:0B:CB:47:43:AD
Certificate issuer:       /CN=e3710607ba7a815e911c4892f968b18ae6604389
Certificate serial:       0184F217DC9011817FCC3010D7BD95A8F74C
Authority key identifier: E3:71:06:07:BA:7A:81:5E:91:1C:48:92:F9:68:B1:8A:E6:60:43:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/43EGB7p6gV6RHEiS-WixiuZgQ4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/045986-b3a4-49e4-8f45-126d5e60fdd1/1/3-_q3fQFytLCCvXB83MOC8tHQ60.roa
Signing time:             Thu 08 Dec 2022 14:16:00 +0000
ROA not before:           Thu 08 Dec 2022 14:16:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12337
IP address blocks:        194.77.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f2:17:dc:90:11:81:7f:cc:30:10:d7:bd:95:a8:f7:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3710607ba7a815e911c4892f968b18ae6604389
        Validity
            Not Before: Dec  8 14:16:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfefeaddf405cad2c20af5c1f3730e0bcb4743ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:43:2c:03:15:71:9c:c5:97:eb:7f:0f:8c:3d:
                    db:d5:46:6b:a2:3b:dc:49:be:05:27:78:bf:1f:bc:
                    4b:76:92:61:a5:a3:7d:d6:a7:d2:0a:d6:d5:46:7b:
                    a8:51:17:98:01:ca:c7:35:3f:bf:0e:a7:e1:ec:c3:
                    0f:14:d2:cc:eb:c2:0d:0e:35:e3:2a:82:c0:44:04:
                    f6:fe:4e:92:67:1f:f7:f1:c4:8f:5d:4a:3a:21:0c:
                    78:33:19:dd:c4:f8:68:51:ec:71:4b:45:d7:a9:4b:
                    5a:12:ad:fb:d0:a7:0e:8a:d7:b8:a2:10:35:1b:f3:
                    12:c6:40:d1:d3:59:b7:63:72:a7:31:35:8d:43:7c:
                    a0:33:ed:7d:1f:06:ca:ae:ff:55:a8:ec:d0:a6:dc:
                    a7:97:90:a9:a5:91:37:07:6c:e6:02:fa:e9:8e:f3:
                    bb:52:a7:c9:51:e7:52:2c:3a:bd:f1:e2:88:b1:3b:
                    be:43:77:03:e6:72:53:58:cb:14:c3:6c:89:07:4d:
                    ef:83:b3:97:45:44:09:92:55:ab:ba:a2:1e:18:86:
                    a9:87:a0:7c:38:17:4a:b2:30:2f:41:38:12:91:07:
                    f1:1f:fc:85:9f:01:db:0a:d1:5f:a3:0c:82:67:85:
                    8f:ba:54:16:5d:7b:26:48:b9:82:c1:45:96:9a:87:
                    89:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:EF:EA:DD:F4:05:CA:D2:C2:0A:F5:C1:F3:73:0E:0B:CB:47:43:AD
            X509v3 Authority Key Identifier:
                keyid:E3:71:06:07:BA:7A:81:5E:91:1C:48:92:F9:68:B1:8A:E6:60:43:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43EGB7p6gV6RHEiS-WixiuZgQ4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/045986-b3a4-49e4-8f45-126d5e60fdd1/1/3-_q3fQFytLCCvXB83MOC8tHQ60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/045986-b3a4-49e4-8f45-126d5e60fdd1/1/43EGB7p6gV6RHEiS-WixiuZgQ4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.77.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:8d:36:d3:a8:14:4e:b3:7e:5b:88:65:92:6e:71:40:ca:3d:
         d8:36:3b:6c:62:03:89:0a:29:9a:a0:00:89:03:17:e5:3f:6c:
         9e:ac:9e:4b:ee:d5:bb:d7:46:47:93:f7:e2:09:2c:da:e0:4f:
         fc:19:28:7c:af:0d:c5:ea:33:1c:37:7d:fd:6c:4a:6e:13:31:
         72:19:f1:9b:95:b1:6e:2f:9b:75:2f:fe:d3:2f:6c:50:35:e6:
         4d:0a:76:25:68:77:12:a2:14:c3:56:8b:7d:5a:0a:e0:58:30:
         23:53:a8:74:08:9b:e8:87:a9:41:a5:21:c6:52:9e:a2:c4:a0:
         84:bb:07:e9:6c:cf:f1:5b:10:38:a5:00:eb:90:f7:3c:9d:ad:
         8d:e7:50:f7:53:14:06:da:7c:cf:19:bd:e4:11:d3:b9:8c:34:
         3a:12:47:d9:17:76:7e:f7:1c:a3:4f:8d:2b:8a:c0:50:e3:32:
         b7:76:55:1f:93:96:40:24:a8:21:71:96:c4:76:34:df:30:33:
         36:7c:3a:6c:05:5f:e5:f3:16:64:93:0b:52:d4:ea:f5:bb:37:
         fa:8c:c2:cb:83:60:cc:66:81:3c:60:79:00:ad:e7:72:36:06:
         c6:d9:05:43:71:6e:68:3b:20:36:ac:b7:c4:8d:bb:ea:fb:f2:
         eb:8b:b1:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTyF9yQEYF/zDAQ172VqPdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzEwNjA3YmE3YTgxNWU5MTFjNDg5MmY5NjhiMThhZTY2
MDQzODkwHhcNMjIxMjA4MTQxNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVmZWFkZGY0MDVjYWQyYzIwYWY1YzFmMzczMGUwYmNiNDc0M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUMsAxVxnMWX638PjD3b1UZrojvc
Sb4FJ3i/H7xLdpJhpaN91qfSCtbVRnuoUReYAcrHNT+/Dqfh7MMPFNLM68INDjXj
KoLARAT2/k6SZx/38cSPXUo6IQx4MxndxPhoUexxS0XXqUtaEq370KcOite4ohA1
G/MSxkDR01m3Y3KnMTWNQ3ygM+19HwbKrv9VqOzQptynl5CppZE3B2zmAvrpjvO7
UqfJUedSLDq98eKIsTu+Q3cD5nJTWMsUw2yJB03vg7OXRUQJklWruqIeGIaph6B8
OBdKsjAvQTgSkQfxH/yFnwHbCtFfowyCZ4WPulQWXXsmSLmCwUWWmoeJewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/v6t30BcrSwgr1wfNzDgvLR0OtMB8GA1UdIwQY
MBaAFONxBge6eoFekRxIkvlosYrmYEOJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNFR0I3cDZnVjZSSEVpUy1XaXhpdVpnUTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wNDU5ODYtYjNhNC00OWU0LThmNDUt
MTI2ZDVlNjBmZGQxLzEvMy1fcTNmUUZ5dExDQ3ZYQjgzTU9DOHRIUTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wNDU5ODYtYjNhNC00OWU0LThmNDUtMTI2ZDVlNjBmZGQx
LzEvNDNFR0I3cDZnVjZSSEVpUy1XaXhpdVpnUTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwk2RMA0G
CSqGSIb3DQEBCwUAA4IBAQCbjTbTqBROs35biGWSbnFAyj3YNjtsYgOJCimaoACJ
AxflP2yerJ5L7tW710ZHk/fiCSza4E/8GSh8rw3F6jMcN339bEpuEzFyGfGblbFu
L5t1L/7TL2xQNeZNCnYlaHcSohTDVot9WgrgWDAjU6h0CJvoh6lBpSHGUp6ixKCE
uwfpbM/xWxA4pQDrkPc8na2N51D3UxQG2nzPGb3kEdO5jDQ6EkfZF3Z+9xyjT40r
isBQ4zK3dlUfk5ZAJKghcZbEdjTfMDM2fDpsBV/l8xZkkwtS1Or1uzf6jMLLg2DM
ZoE8YHkAredyNgbG2QVDcW5oOyA2rLfEjbvq+/Lri7Ex
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:28 2024 by rpki-client on console-fra.rpki-client.org