Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/5f3zbbExwFTEzTmsVcBJUnUUqfs.roa
File:                     5f3zbbExwFTEzTmsVcBJUnUUqfs.roa (raw, json)
Hash identifier:          15UuiUw7D8uu2ZEUbw8BtgjNOZAJZQRLRsxaGbT8Ick=
Subject key identifier:   E5:FD:F3:6D:B1:31:C0:54:C4:CD:39:AC:55:C0:49:52:75:14:A9:FB
Certificate issuer:       /CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Certificate serial:       02EBC3AD
Authority key identifier: 39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/5f3zbbExwFTEzTmsVcBJUnUUqfs.roa
Signing time:             Sat 01 Jan 2022 09:01:46 +0000
ROA not before:           Sat 01 Jan 2022 09:01:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206860
IP address blocks:        85.202.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49005485 (0x2ebc3ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
        Validity
            Not Before: Jan  1 09:01:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e5fdf36db131c054c4cd39ac55c049527514a9fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b3:44:21:de:05:96:b5:b9:2d:0b:01:5c:1c:
                    f4:50:55:cb:48:02:69:6e:6f:fe:53:78:d2:ac:35:
                    d1:f8:7e:8e:41:be:b5:db:96:cf:3e:71:a6:ae:92:
                    78:66:be:9f:cd:1b:99:99:f3:ed:76:26:24:ab:64:
                    22:d4:bb:a3:4a:c7:52:02:ab:ea:ed:14:69:04:50:
                    96:e4:28:6b:a8:d6:ee:80:f8:96:f8:29:7b:d1:30:
                    ce:73:e6:31:20:2e:63:99:22:2c:c4:86:b9:46:ef:
                    02:38:48:60:46:53:b0:9c:c6:ff:84:8d:1c:93:e6:
                    40:cc:de:d5:06:16:b7:93:8d:ff:d6:04:3d:93:e7:
                    7b:5b:c5:dc:df:8b:20:cb:1d:67:7a:21:cf:03:34:
                    67:ed:e7:9b:9e:dc:a2:a6:34:cf:55:22:9f:46:46:
                    28:3e:d5:e8:99:da:06:9b:fc:d6:f6:db:8f:28:29:
                    6c:44:a6:4b:b8:74:e2:1c:5b:74:a0:b7:d9:65:f9:
                    fe:63:65:ad:35:0d:90:3a:25:c2:54:e2:ef:7c:63:
                    72:76:f7:92:db:5e:e1:32:88:2d:8e:f6:2c:d1:93:
                    5e:8e:df:75:a9:58:67:ad:c4:40:3e:59:69:ca:d6:
                    1c:d8:71:e4:8d:16:29:ba:d4:fc:08:1d:e4:d2:c5:
                    ac:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FD:F3:6D:B1:31:C0:54:C4:CD:39:AC:55:C0:49:52:75:14:A9:FB
            X509v3 Authority Key Identifier:
                keyid:39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/5f3zbbExwFTEzTmsVcBJUnUUqfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:6a:af:36:93:98:9d:48:80:d3:80:8d:1e:47:97:9e:c0:fd:
         d0:88:25:7f:3e:f4:39:99:4a:6b:67:92:b8:fd:45:c6:ad:26:
         ea:b3:8b:e6:ff:1d:a1:f0:a3:2a:70:85:ba:16:97:0a:cc:86:
         13:70:73:84:70:c9:6b:a1:16:9c:a1:35:f7:1d:08:c0:e2:c2:
         f4:29:ea:d0:2d:d6:a9:f9:d2:4d:50:6c:b6:45:3b:a6:4b:5d:
         66:07:be:74:0f:0c:59:b7:66:25:f7:32:00:1c:38:b1:52:d1:
         98:5e:96:eb:58:cf:bf:62:a0:b5:fe:dd:b0:3a:39:00:9a:19:
         42:d3:3c:d0:7d:2d:92:ba:4a:8c:1b:e2:c7:97:e6:fd:c1:9c:
         0e:f6:47:73:22:37:25:a6:91:e0:3e:50:7e:9a:1c:a4:58:a8:
         2c:5e:da:0b:bd:82:e9:d2:58:f9:1c:69:63:05:63:f7:1d:df:
         db:fc:8d:a0:d0:a4:cf:c3:df:71:8a:7b:05:d4:62:a2:e8:74:
         16:5e:5d:b8:d1:4b:df:04:ae:06:c5:fa:1a:40:6f:60:4e:fe:
         82:49:f2:72:39:ca:fa:53:2f:41:d9:72:03:04:65:b8:e5:6e:
         d8:66:6d:17:86:39:33:20:dc:4d:64:87:84:4d:a7:4b:64:4d:
         1b:87:81:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuvDrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OWNhNTA2NTA0M2QyOGEyYWRjMzYzODNhMWRmN2QzYmVjODFjZThkMB4XDTIyMDEw
MTA5MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVmZGYzNmRiMTMx
YzA1NGM0Y2QzOWFjNTVjMDQ5NTI3NTE0YTlmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKzRCHeBZa1uS0LAVwc9FBVy0gCaW5v/lN40qw10fh+jkG+
tduWzz5xpq6SeGa+n80bmZnz7XYmJKtkItS7o0rHUgKr6u0UaQRQluQoa6jW7oD4
lvgpe9EwznPmMSAuY5kiLMSGuUbvAjhIYEZTsJzG/4SNHJPmQMze1QYWt5ON/9YE
PZPne1vF3N+LIMsdZ3ohzwM0Z+3nm57coqY0z1Uin0ZGKD7V6JnaBpv81vbbjygp
bESmS7h04hxbdKC32WX5/mNlrTUNkDolwlTi73xjcnb3ktte4TKILY72LNGTXo7f
dalYZ63EQD5ZacrWHNhx5I0WKbrU/Agd5NLFrEMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTl/fNtsTHAVMTNOaxVwElSdRSp+zAfBgNVHSMEGDAWgBQ5ylBlBD0ooq3D
Y4Oh33077IHOjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09jcFFaUVE5S0tLdHcyT0RvZDk5Ty15QnpvMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvMzQ3YzM0LTk2ZDgtNDE4NC1hNjY4LTg3MGFjZmVjYmNkZi8x
LzVmM3piYkV4d0ZURXpUbXNWY0JKVW5VVXFmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
MzQ3YzM0LTk2ZDgtNDE4NC1hNjY4LTg3MGFjZmVjYmNkZi8xL09jcFFaUVE5S0tL
dHcyT0RvZDk5Ty15QnpvMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXKyTANBgkqhkiG9w0BAQsFAAOC
AQEAr2qvNpOYnUiA04CNHkeXnsD90Iglfz70OZlKa2eSuP1Fxq0m6rOL5v8dofCj
KnCFuhaXCsyGE3BzhHDJa6EWnKE19x0IwOLC9Cnq0C3WqfnSTVBstkU7pktdZge+
dA8MWbdmJfcyABw4sVLRmF6W61jPv2Kgtf7dsDo5AJoZQtM80H0tkrpKjBvix5fm
/cGcDvZHcyI3JaaR4D5QfpocpFioLF7aC72C6dJY+RxpYwVj9x3f2/yNoNCkz8Pf
cYp7BdRiouh0Fl5duNFL3wSuBsX6GkBvYE7+gknycjnK+lMvQdlyAwRluOVu2GZt
F4Y5MyDcTWSHhE2nS2RNG4eBUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:05 2024 by rpki-client on console-ams.rpki-client.org