Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/T3xsEPemc5FOOi2hihAbMbHyVvA.roa
File:                     T3xsEPemc5FOOi2hihAbMbHyVvA.roa (raw, json)
Hash identifier:          SLi6UA08r5ar7MUdfXK53d66ek91KtrFD91b/KsVQ6w=
Subject key identifier:   4F:7C:6C:10:F7:A6:73:91:4E:3A:2D:A1:8A:10:1B:31:B1:F2:56:F0
Certificate issuer:       /CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Certificate serial:       29A99202
Authority key identifier: CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/T3xsEPemc5FOOi2hihAbMbHyVvA.roa
Signing time:             Sat 01 Jan 2022 10:03:08 +0000
ROA not before:           Sat 01 Jan 2022 10:03:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200924
IP address blocks:        217.147.48.0/20 maxlen: 24
                          217.147.60.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 698978818 (0x29a99202)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
        Validity
            Not Before: Jan  1 10:03:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f7c6c10f7a673914e3a2da18a101b31b1f256f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f8:7a:ef:13:a8:d3:7e:9d:92:a2:d8:6d:05:
                    61:4b:24:51:18:ca:8a:88:4d:c6:1e:41:77:5b:7c:
                    21:68:77:aa:d7:a6:cf:d1:7f:0e:6f:9f:31:44:ff:
                    a9:8b:e2:2d:ac:6a:52:b5:7a:74:8c:53:6d:0e:4d:
                    2a:18:06:b9:da:84:60:88:cc:06:15:e9:8b:76:13:
                    c3:a3:a7:e5:6b:3b:a0:dc:28:ed:b2:23:cc:5f:b2:
                    61:7b:c2:96:0a:27:df:b4:20:3e:27:b9:7d:56:06:
                    6c:6d:70:b6:6c:dd:c7:6f:8c:79:a6:3b:49:14:b6:
                    62:f2:9b:98:67:2b:f2:cf:db:af:0e:52:24:bf:3a:
                    e9:65:75:d1:2b:07:38:2a:43:1f:85:bf:c0:a7:5a:
                    81:40:fb:d4:07:a2:7a:d3:de:08:c7:51:53:8b:eb:
                    a2:ab:2d:08:d4:49:7e:dc:34:03:e9:e2:43:46:6a:
                    e3:2f:ad:88:09:ab:d3:1c:20:88:70:0e:66:0a:04:
                    00:83:49:6c:02:9c:90:80:89:3c:6e:97:86:9f:6a:
                    4e:de:8a:c9:d2:37:c8:db:2a:36:72:f6:e5:e3:31:
                    87:db:f9:ab:43:65:65:02:c3:45:3c:04:80:64:7e:
                    4d:b3:5b:f0:39:89:a7:8c:a7:85:9e:4d:27:fc:94:
                    7b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:7C:6C:10:F7:A6:73:91:4E:3A:2D:A1:8A:10:1B:31:B1:F2:56:F0
            X509v3 Authority Key Identifier:
                keyid:CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/T3xsEPemc5FOOi2hihAbMbHyVvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.147.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2d:a6:cf:60:9a:5e:8d:08:87:97:0e:fe:e3:e8:b3:57:83:2a:
         41:14:c1:01:c0:5b:f6:01:c8:fa:d2:3e:25:cc:13:6a:f6:77:
         ff:df:90:92:28:ae:66:05:bf:79:19:1a:cf:bf:24:5d:f5:83:
         4f:08:b8:40:d9:2d:04:04:28:97:c3:01:79:21:04:96:7e:16:
         56:3f:93:c9:5b:49:e2:1f:63:7a:63:b1:9b:8d:56:33:7e:4e:
         98:d9:7a:52:ef:c8:5b:74:fc:08:2e:96:52:51:36:a9:bb:3b:
         6c:aa:3a:71:63:a0:a3:71:4d:58:81:19:50:ff:ce:31:4d:ed:
         c3:fe:60:48:c4:ea:90:08:97:28:5c:5e:c6:a6:68:01:aa:c4:
         08:9d:c7:93:a3:22:d6:c6:d8:fa:52:92:40:cd:36:64:fe:c2:
         1d:d1:bb:8f:5c:3a:f5:39:8a:74:fe:83:79:69:f6:08:2c:6d:
         5e:d5:bd:30:f0:33:73:e3:39:eb:f8:a0:07:d7:f5:f6:51:e6:
         2e:3f:81:f2:94:2e:64:9f:90:fa:0c:9c:0f:e8:66:2e:33:18:
         c5:c7:09:fb:86:c8:c9:f9:c5:3d:c8:f6:87:0f:00:9b:70:3a:
         48:00:66:05:8d:81:7f:81:16:5d:89:b7:0c:23:e5:b0:50:df:
         44:d9:18:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKamSAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2NhNzYzZjNkYjI5NjVhMWU0ZWIwYmY3NmMxY2I4NjhiYWFlNDZkMB4XDTIyMDEw
MTEwMDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY3YzZjMTBmN2E2
NzM5MTRlM2EyZGExOGExMDFiMzFiMWYyNTZmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJT4eu8TqNN+nZKi2G0FYUskURjKiohNxh5Bd1t8IWh3qtem
z9F/Dm+fMUT/qYviLaxqUrV6dIxTbQ5NKhgGudqEYIjMBhXpi3YTw6On5Ws7oNwo
7bIjzF+yYXvClgon37QgPie5fVYGbG1wtmzdx2+MeaY7SRS2YvKbmGcr8s/brw5S
JL866WV10SsHOCpDH4W/wKdagUD71AeietPeCMdRU4vroqstCNRJftw0A+niQ0Zq
4y+tiAmr0xwgiHAOZgoEAINJbAKckICJPG6Xhp9qTt6KydI3yNsqNnL25eMxh9v5
q0NlZQLDRTwEgGR+TbNb8DmJp4ynhZ5NJ/yUe7kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPfGwQ96ZzkU46LaGKEBsxsfJW8DAfBgNVHSMEGDAWgBTMynY/PbKWWh5O
sL92wcuGi6rkbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pNcDJQejJ5bGxvZVRyQ19kc0hMaG91cTVHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvMWMwOTBjLTc0ZGItNDUzMS05NmY3LWZhYzYzYzAzYzI1YS8x
L1QzeHNFUGVtYzVGT09pMmhpaEFiTWJIeVZ2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
MWMwOTBjLTc0ZGItNDUzMS05NmY3LWZhYzYzYzAzYzI1YS8xL3pNcDJQejJ5bGxv
ZVRyQ19kc0hMaG91cTVHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmTMDANBgkqhkiG9w0BAQsFAAOC
AQEALabPYJpejQiHlw7+4+izV4MqQRTBAcBb9gHI+tI+JcwTavZ3/9+QkiiuZgW/
eRkaz78kXfWDTwi4QNktBAQol8MBeSEEln4WVj+TyVtJ4h9jemOxm41WM35OmNl6
Uu/IW3T8CC6WUlE2qbs7bKo6cWOgo3FNWIEZUP/OMU3tw/5gSMTqkAiXKFxexqZo
AarECJ3Hk6Mi1sbY+lKSQM02ZP7CHdG7j1w69TmKdP6DeWn2CCxtXtW9MPAzc+M5
6/igB9f19lHmLj+B8pQuZJ+Q+gycD+hmLjMYxccJ+4bIyfnFPcj2hw8Am3A6SABm
BY2Bf4EWXYm3DCPlsFDfRNkYcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:29 2024 by rpki-client on console-fra.rpki-client.org